MCP Inspector Not Using Refresh Token for Token Validation

[rinormaloku]

The MCP Inspector should utilize the refresh_token to properly validate the token refresh flow.

Steps to Reproduce:

• Use a short-lived access token
• Log in and wait for the token to expire
• Send a request (e.g., list/tools)

Expected Behavior:
The token should be automatically refreshed when expired.

Actual Behavior:
The request fails with the following error:

MCP error -32001: Error POSTing to endpoint (HTTP 401): {"message":"Invalid or expired access token","error":"Unauthorized","statusCode":401}

Additional Issues:

• Clicking "reconnect" also fails to use the refresh_token
• A code search confirms that refresh_token is not implemented anywhere in the codebase

Impact:
This prevents proper evaluation of the Authorization specification, as the refresh token flow cannot be tested.