Get id_token in response in when refreshing token

[joshuajiniran]

So, I have this challenge to figure out, where I had to limit the expiration time of the token. When I call /oauth2/token endpoint and pass in the refresh_token grant_type, it returned a new access_token but not with id_token. any guide or help on how to implement this?

class RefreshTokenGrant(_RefreshTokenGrant):
    TOKEN_ENDPOINT_AUTH_METHODS = [
        'client_secret_basic', 'client_secret_post'
    ]

    def authenticate_refresh_token(self, refresh_token):
        item = OAuth2Token.query.filter_by(refresh_token=refresh_token).first()
        # define is_refresh_token_expired by yourself
        if item and not item.is_refresh_token_expired():
            return item

    def authenticate_user(self, credential):
        try:
            return User.query.filter_by(pkey=credential.user_id).one()
        except:
            return credential.user_id

    def revoke_old_credential(self, credential):
        # pass
        credential.revoked = True
        db.session.add(credential)
        db.session.commit()
   
    # I've tried overwriting create_token_response but with no success

Any help with guide will be appreciated

[lepture]

I don't think there should be a id_token with refresh_token grant type. But if you really want to add that, you can add an extension for refresh token:

server.register_grant(RefreshTokenGrant, [OpenIDToken()])

You need to subclass authlib.oidc.core.grants.OpenIDToken.