Tokens can be cached beyond the lifetime of the (http) transport.

[halllo]

I added the possibility to plugin a token cache, so that the client can be made to reuse its access token beyond the lifetime of the transport. By default tokens are only cached for the lifetime of the transport.

Motivation and Context

When the client acquires an access token and a refresh token, it should be able to utilze them to make authenticated requests to the server even after it was restarted. The client should not need to go through the OAuth dance again and again every time it is initialised (unless the access token is no longer valid and no refresh token was acquired or the refresh token was revoked).

How Has This Been Tested?

I tested it via a proof of concept application without a token cache (using the default InMemoryTokenCache) and with a custom implementation of a file-based token cache.

Breaking Changes

The introduction of the ITokenCache is backwards compatible. If no custom token cache is provided, it falls back to an InMemoryTokenCache with the same lifetime as the (oauth enabled http) transport (like before).

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update

Checklist

• I have read the MCP Documentation
• My code follows the repository's style guidelines
• New and existing tests pass locally
• I have added appropriate error handling
• I have added or updated documentation as needed

Additional context

• I made TokenContainer public, so that it can be passed into custom token caches.
• I also made its ObtainedAt property serialisable, because it needs to remember when it was obtained after serialization to calculate the expiration.
  These two changes seemed more reasonable than introducing another token type for cache serialization only. I didn't find usages that could be disrupted by this.