feat: refresh token (#1728)

* begin refresh tokens

* refresh tokens

* list and revoke refresh tokens

* handle remove

* tests for refresh tokens

* uniqueness and default expiration

* rename oidc token methods

* cleanup

* migration version

* Update internal/static/i18n/en.yaml

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fixes

* feat: update oidc pkg for refresh tokens

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

docs/docs/apis/proto/auth.md

@@ -47,6 +47,36 @@ Returns the user sessions of the authorized user of the current useragent
 
 
 
+### ListMyRefreshTokens
+
+> **rpc** ListMyRefreshTokens([ListMyRefreshTokensRequest](#listmyrefreshtokensrequest))
+[ListMyRefreshTokensResponse](#listmyrefreshtokensresponse)
+
+Returns the refresh tokens of the authorized user
+
+
+
+
+### RevokeMyRefreshToken
+
+> **rpc** RevokeMyRefreshToken([RevokeMyRefreshTokenRequest](#revokemyrefreshtokenrequest))
+[RevokeMyRefreshTokenResponse](#revokemyrefreshtokenresponse)
+
+Revokes a single refresh token of the authorized user by its (token) id
+
+
+
+
+### RevokeAllMyRefreshTokens
+
+> **rpc** RevokeAllMyRefreshTokens([RevokeAllMyRefreshTokensRequest](#revokeallmyrefreshtokensrequest))
+[RevokeAllMyRefreshTokensResponse](#revokeallmyrefreshtokensresponse)
+
+Revokes all refresh tokens of the authorized user
+
+
+
+
 ### UpdateMyUserName
 
 > **rpc** UpdateMyUserName([UpdateMyUserNameRequest](#updatemyusernamerequest))
@@ -636,6 +666,24 @@ This is an empty request
 
 
 
+### ListMyRefreshTokensRequest
+This is an empty request
+
+
+
+
+### ListMyRefreshTokensResponse
+
+
+
+| Field | Type | Description | Validation |
+| ----- | ---- | ----------- | ----------- |
+| details |  zitadel.v1.ListDetails | - |  |
+| result | repeated zitadel.user.v1.RefreshToken | - |  |
+
+
+
+
 ### ListMyUserChangesRequest
 
 
@@ -868,6 +916,40 @@ This is an empty request
 
 
 
+### RevokeAllMyRefreshTokensRequest
+This is an empty request
+
+
+
+
+### RevokeAllMyRefreshTokensResponse
+This is an empty response
+
+
+
+
+### RevokeMyRefreshTokenRequest
+
+
+
+| Field | Type | Description | Validation |
+| ----- | ---- | ----------- | ----------- |
+| id |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
+
+
+
+
+### RevokeMyRefreshTokenResponse
+
+
+
+| Field | Type | Description | Validation |
+| ----- | ---- | ----------- | ----------- |
+| details |  zitadel.v1.ObjectDetails | - |  |
+
+
+
+
 ### SetMyEmailRequest
 
 

docs/docs/apis/proto/user.md

@@ -241,6 +241,24 @@ this query is always equals
 
 
 
+### RefreshToken
+
+
+
+| Field | Type | Description | Validation |
+| ----- | ---- | ----------- | ----------- |
+| id |  string | - |  |
+| details |  zitadel.v1.ObjectDetails | - |  |
+| client_id |  string | - |  |
+| auth_time |  google.protobuf.Timestamp | - |  |
+| idle_expiration |  google.protobuf.Timestamp | - |  |
+| expiration |  google.protobuf.Timestamp | - |  |
+| scopes | repeated string | - |  |
+| audience | repeated string | - |  |
+
+
+
+
 ### SearchQuery