implement OAuth refresh tokens #2306
Description
We do not currently implement OAuth refresh tokens. Clients are supposed to get a refresh token and use that to obtain a new access token before their current access token expires. Refresh tokens are currently not needed because we also haven't implemented #2302. But we're presumably going to need that for MVP, and then I think we're going to want this.
reference:
omicron/nexus/types/src/external_api/views.rs
Line 419 in 9d1bd55
(edit: this comment was removed under #2417 but the issue remains)