Fixes #1318 by multiplying decreaseExpirationBySec with 1000. Also fixes returning true for calling hasValidAccessToken on tokens which are already expired

[IchbinkeinReh]

In the "expires_at" is set and its calculated with local clock (see https://github.com/manfredsteyer/angular-oauth2-oidc/blob/15.0.0/projects/lib/src/oauth-service.ts#L1698 ). Therefore there is no need to appy clockSkewInMsec in hasValidAccessToken

[IchbinkeinReh]

@manfredsteyer or @jeroenheijmans Could you please have a look at this PR, because i think the part with the "expires_at" is rather critical

[jeroenheijmans]

Heya! FYI: I'm no longer very active as a maintainer or community moderator (see #1280), so I will likely not be investigating or reviewing. But thanks for submitting a fix to this Open Source project, hopefully Manfred or another contributor can find time to help out!

[IchbinkeinReh]

@manfredsteyer sry for bumping, but i think this is a big issue and should be fixed asap

[bkrajendra]

Need to be merged.