Improve OIDC code flow tests

[sberyozkin]

I've tried to improve a bit and also simplify the two CodeFlowTest tests which are randomly failing :

• Updated test endpoints used in these tests to return a flag indicating if the token refresh has succeeded
• testTokenAutoRefresh: updated its configuration not to do a 2nd redirect dropping the code flow query parameters as it causes an immediate auto-refresh and updated the test code to check that no auto-refresh has happened during the 1st request, then auto-refresh has happened during the 2nd request (ID token is still valid but the configured refresh skew requires auto-refresh) - and I removed the code from this test checking the token refresh when ID token expires because it is also tested in another test
• testRPInitiatedLogout - this test is too complex, I've split in 2 tests, testRPInitiatedLogout where only the RP logout is tested, and testRefreshToken where it is tested that the token has been refreshed after the ID token has expired
• Removed unused code from ProtectedResource
• Also, minor update to CodeAuthenticationMechanism - currently, on main if the token auto-refresh is requested but it is not allowed via the configuration then 401 will be reported - which is wrong - the user should be reauthenticated instead, so changed the type of the exception thrown in this case

CC @pedroigor

[gsmet]

The big question: are they stable now? :)

[sberyozkin]

@gsmet :-), stable in my local branch, but I'm not trying to close the OIDC flaky test issue for now :-).
I've also updated a log level to error when reporting the refresh failures which I saw yesterday, this is what causes the random failures I think, but the test simplifications might indirectly address it.

[gsmet]

Please disable the tests on Monday if it’s not solved. It is polluting everyone. Thanks.

[sberyozkin]

@gsmet Sure

[sberyozkin]

1st run is good, lets see if it lasts :-)