Use old id_token if new id_token not in refresh response (#629)

Co-authored-by: Kushal <[email protected]>
Co-authored-by: Ankush kumar <[email protected]>

Author: 3 people

lib/context.js

@@ -49,8 +49,9 @@ async function refresh({ tokenEndpointParams } = {}) {
   // Update the session
   const session = req[config.session.name];
   Object.assign(session, {
-    id_token: newTokenSet.id_token,
     access_token: newTokenSet.access_token,
+    // If no new ID token assume the current ID token is valid.
+    id_token: newTokenSet.id_token || oldTokenSet.id_token,
     // If no new refresh token assume the current refresh token is valid.
     refresh_token: newTokenSet.refresh_token || oldTokenSet.refresh_token,
     token_type: newTokenSet.token_type,