Added retry logic to token refresh to deal with

[thijs-nijhuis]

Changes

The logic that fetches an initial access_token has a fall back/retry path for SPA applications which need an 'origin' header. For the part that fetches a refresh token, this fall back was not there. Instead, an 'origin' would always be set for Azure endpoints but this causes issues with application that use the 'Mobile and desktop applications' platform authentication which will throw an error if an 'origin' header is set. This change should fix this issue by tackling both paths in the same way.

Tests

• [x] make test run locally
• [x] make fmt applied
• [x] relevant integration tests applied

[sertacosh]

We need this change implemented!