Don't force relogin on expired token, when anonymous user has enough permissions. #425
Description
Another issue related to the OIDC flows - right now, when:
- user logs in once
- then their token expires
- the user visits any page
The user will always be redirected to a login flow. Even if the page is accessible by an anonymous user. So this is not just logging the user out, this is always forcing the relogin.
When token expires, user should just be regularly logged out, and have permissions like any other anonymous user would.