What is the point of all the extra attributes returned in token response for PKCE

This is a sample response from Azure B2C token endpoint

{
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ilg1ZVhrN...",
    "token_type": "Bearer",
    "not_before": 1549647431,
    "expires_in": 3600,
    "expires_on": 1549651031,
    "resource": "f2a76e08-93f2-4350-833c-965c02483b11",
    "profile_info": "eyJ2ZXIiOiIxLjAiLCJ0aWQiOiJjNjRhNGY3ZC0zMDkxLTRjNzMtYTcyMi1hM2YwNjk0Z..."
}

What is the point of not_before, expires_in, and expires_on? The token is already time limited.

Bonus points for figuring out resource and profile_info which are probably some MSFT specific crud that they didn't even care to explain.

Solution

Expires_in is OAuth specific and is recommended in the RFC RFC 6749

expires_on seems to be the same as a unix-timestamp

Resource is probably the ClientId? and Profile-Info an IdToken? But I am just guessing these two.

Chrome identity launchWebAuthFlow only opens empty callback page
Limiting the scopes of an OAuth 2.0 flow
Is Endpoint Security Authentication in WSO2 APIM Done per API or per request?
Why do i need to specify redirect_uri if i am authenticating from server side?
Error 400: invalid_scope with Postman and Google OAuth2
Issues Adding SMTP.Send Permission to Azure Application for Office 365 SMTP
PHP - How to get OAuth 2.0 Token
UPS Outh Rating API return Invalid Authentication Information
How to store sensitive data in React Native or expo code ? ( with Keychain and Keystore )
How to get Optum sandbox to authenticate with OAuth 2.0 using Java and okhttp
Spring Boot redirection back to login page
New Google place api using google OAuth, ask failed to refresh token
Authentication Problems using Google's ARCore API
Getting OAuth code challenge on loopback server
How do I solve audience (aud) invalid claim error for downstream api service?
oauth 2 parameters can only have a single value: scope
#oauth2 security expressions on method level
Calling spring authorization server OAuth2 REST endpoints
Google AdWords API authorization raising AdsCommon::Errors::AuthError
Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console
Passport - Node.js not returning Refresh Token
AWS Cognito: Missing Scopes in Access Token with Custom UI and Device Remember Functionality for MFA
Cross-client Google OAuth: Get auth code on iOS and access token on server
How to generate GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET without a domain?
Spring Gateway and OAuth
OAuth Client Credential Flow - Refresh Tokens
Django OAuth2 Authentication Failing in Unit Tests - 401 'invalid_client' Error
Add OAuth authentication for HTTP request triggers
OAuth2 implementation and user management Django
How to enable a submit button if form fields are auto-filled by the browser using saved credentials on page load?