Another issue related to the OIDC flows - right now, when:
user logs in once
then their token expires
the user visits any page
The user will always be redirected to a login flow. Even if the page is accessible by an anonymous user. So this is not just logging the user out, this is always forcing the relogin.
When token expires, user should just be regularly logged out, and have permissions like any other anonymous user would.
Another issue related to the OIDC flows - right now, when:
The user will always be redirected to a login flow. Even if the page is accessible by an anonymous user. So this is not just logging the user out, this is always forcing the relogin.
When token expires, user should just be regularly logged out, and have permissions like any other anonymous user would.