fix: don't refresh session if autoRefreshToken setting is set to false

[thomasconner]

What kind of change does this PR introduce?

Bug fix - Supabase client will obey autoRefreshToken setting when setting a session with an expired access token

What is the current behavior?

When a Supabase client is initialized with { auth: { autoRefreshToken: false } }

const client = createClient(options.supabaseUrl, options.supabaseKey, {
    auth: { autoRefreshToken: false }
});

but a session is set with client.setSession() and the access token has expired the client will disregard the autoRefreshToken setting and attempt to refresh the session.

What is the new behavior?

The client will not attempt to refresh an expired session when it is set with client.setSession() and autoRefreshToken is set to false.