Open
Description
While manually testing the school verification functionality in staging we discovered that we'd occassionally see it fail with 401 errors being reported in Sentry. This happens when the user's access token has expired. Ideally we'd automatically refresh the access token to avoid this problem.
We currently use User.from_auth to instantiate and store a user in the session in AuthController#callback. At present we only store the access token for this user so I think we'll also need to store the refresh token and work out how/when to use that to refresh the access token.