JWT-serialized access token
OptionaldpopDPoP key to which the access token, and potentially the refresh token, are bound.
OptionalexpiresExpiration of the access token.
OptionalexpiresExpiresAt should be computed from expiresIn when receiving the token.
OptionalidJWT-serialized id token
OptionalrefreshRefresh token (not necessarily a JWT)
OptionaltokenUsually "Bearer"
OptionalwebURL identifying the subject of the ID token.
Based on openid-client's TokenSetParameters. Re-creating the type allows not to depend on the Node-specific library at the environment-agnostic level.