Add expiration buffer to prevent credentials to expire earlier than request may finish.

[ozonep]

Description

Use 2x requestTimeout value as expiration_buffer_ms to make sure that whenever we make request credentials are valid for longer than request may be active and not time out (with added safety by using 2x value).

Issues Resolved

Fixes this:
#677

Check List

• [x ] New functionality includes testing.
  • [x ] All tests pass
• [ x] Linter check was successfull - yarn run lint doesn't show any errors
• [ x] Commits are signed per the DCO using --signoff
• [x ] Changelog was updated.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[dblock]

This looks good. I have some asks below.

I think we need to document this in https://github.com/opensearch-project/opensearch-js/blob/main/USER_GUIDE.md#authenticate-with-amazon-opensearch-service at the very least, please?

Does it make sense to add an option that lets you configure this value per client instance? Thinking of this *2 particularly.

If you feel super motivated we do want to extract authentication into a more detailed user guide similar to https://github.com/opensearch-project/opensearch-py/blob/main/guides/auth.md, so we could keep a short version in the main user guide and all the detailed options and options like this one in the detailed one.

[dblock]

It's not a constant, lowercase and maybe name it to something more specific, e.g. credentialsExpireIn?

[ozonep]

I will lowercase it, but personally I'd leave buffer in its name, so it could be, e.g. expiryBufferMs.
Because buffer gives instant understanding of what's the purpose of this variable, unlike credentialsExpireIn.

[dblock]

A buffer usually a space/memory thing. But not a hill I want to die on :)

[ozonep]

This looks good. I have some asks below.

I think we need to document this in main/USER_GUIDE.md#authenticate-with-amazon-opensearch-service at the very least, please?

Does it make sense to add an option that lets you configure this value per client instance? Thinking of this *2 particularly.

If you feel super motivated we do want to extract authentication into a more detailed user guide similar to opensearch-project/opensearch-py@main/guides/auth.md, so we could keep a short version in the main user guide and all the detailed options and options like this one in the detailed one.

I don't think it makes sense to allow altering this value - one can already do this by changing requestTimeout, plus that's the whole point - make sure credentials are valid until request is made.
I think I can remove 2x part - that was added simply for extra safety, I haven't tested 1x value (in production env), but should also be fine.

Updates:

• Removed 2x, so now using raw requestTimeout value.
• Renamed variable
• Added some explanations to User Guide in SDK v3 section :)

I could help with detailed user guide, but I think it should be done in a standalone PR, that I can work on during Holidays.

[nhtruong]

Looks great. Thank for making this :)