Comment 24 for bug 1215627

This seems like the wrong approach. If a token is meant to be re-used the client (be it the python-*client OS provides or something else) should use it. New authentication should result in a new token (regardless of storage of said token on the backend). Re-issuance of the same token is a bad idea and breaks with the general direction we are trying to go with having truly ephemeral tokens.