adding extra option to msal guard to be stricter, check if active user token is not expired

[alexgoeman]

Currently the MsalGuard will not redirect to login when there is an active user which has an expired token. So if you use the guard to be sure that no login will be needed going further, then this current implementation of MsalGuard is not enough.

The only check in the guard currently is: !this.authService.instance.getAllAccounts().length

so only if getAllAccounts().length is falsey it will redirect to login. But this allows for a account with an expired token.

An extra option is added to MsalGuardConfiguration: enableCheckForExpiredToken?: boolean;

So if enableCheckForExpiredToken is false or does not exist then behavior is as before. When enableCheckForExpiredToken true then we do a check if the token is not expired on the "this.authService.instance.getActiveAccount()". If expired or no active user a login will be done Extra option is included so that when token is expired, a silentRefresh is attempted and if succesfull then route activation can continue

[alexgoeman]

@microsoft-github-policy-service agree

[alexgoeman]

@tnorling @peterzenz @jo-arroyo

Would you have any time to have a look at the pull request. I have added tests and documentation. If any question please let me know. Thx

[microsoft-github-policy-service[bot]]

Reminder: This PR appears to be stale. If this PR is still a work in progress please mark as draft.