Hi all,
I was looking at doing this, and was wondering if there was any particular reason why it hasn’t been done.
Is there any particular reason to keep access tokens around if they are expired?
Looking at the code, it looks like they can just be checked and deleted in auth_store.py async_create_refresh_token(). It’s not a huge change, and I was going to submit a PR for it.
I can optionally put a 7 day period or something to not delete if that’s more reasonable.