providers/oauth2: fix missing nonce in token endpoint not being saved (#8073)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

authentik/providers/oauth2/views/token.py

@@ -490,12 +490,13 @@ class TokenView(View):
             auth_time=self.params.authorization_code.auth_time,
             session_id=self.params.authorization_code.session_id,
         )
-        access_token.id_token = IDToken.new(
+        access_id_token = IDToken.new(
             self.provider,
             access_token,
             self.request,
         )
-        access_token.id_token.nonce = self.params.authorization_code.nonce
+        access_id_token.nonce = self.params.authorization_code.nonce
+        access_token.id_token = access_id_token
         access_token.save()
 
         response = {