CDK: SingleUseRefreshTokenOauth2Authenticator refreshes tokens when necessary

[pedroslopez]

Tell us about the problem you're trying to solve

Currently, the SingleUseRefreshTokenOauth2Authenticator is set up to always perform a refresh when it's initialized. This is because the expiration and initial access tokens are not set on initialization.

The GitLab connector's implementation in #7506 tries to implement a smarter refresh by checking the token's validity and setting the expiration accordingly:

airbyte/airbyte-integrations/connectors/source-gitlab/source_gitlab/source.py

Lines 54 to 59 in 5000dfb

	token_valid, access_token_info = self.get_access_token_info(api_url, access_token)
	if not token_valid:
	return
	now = pendulum.now()
	self.access_token = access_token
	self.set_token_expiry_date(now.add(seconds=access_token_info["expires_in"]))

However, this only works the first time around and when the authenticator itself performs a refresh, the new access token is not persisted in the config.

This is an issue because we can't fully support eagerly refreshing tokens at the moment due to platform limitations. Connectors that always perform a refresh and invalidate the old tokens during check are not able to be set up (see https://github.com/airbytehq/airbyte-internal-issues/issues/1260) so we should make it easy for connectors to implement "smarter" refresh flows that only refresh when necessary.

Describe the solution you’d like

The authenticator should have a way of getting the expiration time and only refresh when necessary. It should also persist the access token in the config (in addition to the refresh token) so that it can be re-used.