Spring Security Ensure ID Token is updated after refresh token (Reactive)

We need to implement the Reactive counterpart of gh-16589.

Comment From: evgeniycheban

Hi @jgrandja, can you assign this one to me?

Comment From: jgrandja

Thank you @evgeniycheban. I've assigned it to you.

Comment From: evgeniycheban

Hi @jgrandja, I have opened a PR, I have some doubts about the correct implementation of this.

I have added a RefreshTokenReactiveOAuth2AuthorizationSuccessHandler that handles a SecurityContext refresh, however it depends on a ServerSecurityContextRepository which requires a ServerWebExchange, it will work for use within the context of a ServerWebExchange, but if we want to refresh a SecurityContext for those clients that are used outside of a ServerWebExchange context, we might need to think about having a different abstraction here, one thing that comes to mind is to bind an Authentication object to ClientRequest similar how it's proposed to be done in gh-16284, what do you think?

Comment From: jgrandja

Thanks for the PR @evgeniycheban. I will do my best to review this soon. The team has a few high priority items for the upcoming major releases of Spring Security 7.0 and Spring Authorization Server 2.0 so we need to focus on those items first. Thank you for your patience.