TokenManager: Caching? Validate?

[srl295]

• There does not seem to be any caching performed on tm.getApplicationIdentityToken()
• the validateToken() function is not exported, making it hard to implement a cache on top of the library.
• The expiry length is given, but not an absolute time. It would be handy if the token came with something like this: expiresAt = new Date(Date.now()+(expiresIn*1000))