I stumbled across that behavior when testing bearer tokens expiration
from swh-web API tokens Web UI (D5445).
The first time a user sends an expired token previously used to
perform authenticated Web API calls, Keycloak will return the
following error message: "Offline session not active".
Keycloak will then remove the offline session from its database
and future calls to a Web API with the expired token will
return the following error message: "Offline user session not found".
So handle that error message too for indicating a token has expired.
Related to T3121