Use old `id_token` if new `id_token` not in refresh response

Description

In the case where a new id_token is not present in a refresh response, let's avoid setting id_token to undefined and instead use the old id_token!

References

Issue: #628

Testing

Make a refresh request (req.oidc.accessToken.refresh()) where the response is missing an id_token
Confirm subsequent accesses of req.oidc.idToken and req.oidc.user are NOT undefined

[ ] This change adds test coverage for new/changed/fixed functionality

Checklist

[ ] I have added documentation for new/changed functionality in this PR or in auth0.com/docs
[ ] All active GitHub checks for tests, formatting, and security are passing
[ ] The correct base branch is being used, if not the default branch

auth0 / express-openid-connect

Use old `id_token` if new `id_token` not in refresh response #629

Description

References

Testing

Checklist