# `ExAzureCore.Auth.TokenServer` GenServer for managing individual credential tokens with proactive refresh. Each TokenServer instance manages a single credential's token lifecycle: - Fetches tokens from configured source - Stores tokens in Registry for efficient lookup - Proactively schedules refresh before expiry - Implements exponential backoff retry logic on failures ## Options * `:name` (required) - Unique name for this credential instance * `:source` (required) - Token source configuration tuple * `:refresh_before` - Seconds before expiry to refresh (default: 300) * `:prefetch` - Initial token fetch strategy (`:async` or `:sync`, default: `:async`) * `:max_retries` - Maximum retry attempts (default: 10) * `:retry_delay` - Custom backoff function (default: exponential backoff) ## Examples {:ok, _pid} = ExAzureCore.Auth.TokenServer.start_link( name: :my_credential, source: {:client_assertion, %{ tenant_id: "...", client_id: "...", scope: "https://graph.microsoft.com/.default", provider: :aws_cognito, provider_opts: [identity_id: "..."] }}, prefetch: :sync ) {:ok, token} = ExAzureCore.Auth.TokenServer.fetch(:my_credential) # `state` ```elixir @type state() :: %{ name: term(), source: term(), refresh_before: non_neg_integer(), max_retries: non_neg_integer(), retry_delay: (non_neg_integer() -> non_neg_integer()), retry_count: non_neg_integer() } ``` # `child_spec` Returns a specification to start this module under a supervisor. See `Supervisor`. # `fetch` ```elixir @spec fetch(term()) :: {:ok, map()} | {:error, term()} ``` Fetches the current token from the token server. Returns the cached token if available, otherwise fetches a new one. # `start_link` ```elixir @spec start_link(keyword()) :: GenServer.on_start() ``` Starts a token server for a credential. ## Options See module documentation for available options. --- *Consult [api-reference.md](api-reference.md) for complete listing*