pac4j extension does not handle logouts/session expirations

[andrewm-aero]

Affected Version

v0.22.0

Description

The pac4j extension does not gracefully handle login expirations in the unified console. The first request to the unified console HTML endpoint correctly redirects to the OIDC login page, which then correctly redirects back to the console. The plugin seems to assume that the original token will always work, and if it doesn't, will get into a loop of attempting a background request (e.g. /druid/v2/sql), which fails due to CORS, instead of redirecting the user to the login page. This breaks the functionality of the console, and can only be fixed by manually refreshing the page. This behavior is not observed with any other application we have connected to this same OIDC provide with identical configurations.

[github-actions]

This issue has been marked as stale due to 280 days of inactivity.
It will be closed in 4 weeks if no further activity occurs. If this issue is still
relevant, please simply write any comment. Even if closed, you can still revive the
issue at any time or discuss it on the dev@druid.apache.org list.
Thank you for your contributions.

[github-actions]

This issue has been closed due to lack of activity. If you think that
is incorrect, or the issue requires additional review, you can revive the issue at
any time.