auth: Implement access token renewal in OIDC Authorization Code backend
Previously when an access token has expired, the OIDC session was attempted
to be silently refreshed through the use of the OIDCSessionRefreshMiddleware
class.
But silent refresh should only be performed with the OIDC Implicit flow as no
refresh token gets issued in that case.
swh-web uses OIDC Authorization Code flow to login users so that commit
implements access token renewal directly in the django auth backend through
the use of a refresh token.
Currently, refresh token have a living period of 30 minutes, meaning a user
can have its authenticated session in idle state during that period.
If he visits a new web page during that idle period, its authenticated
session will then be renewed for another 30 minutes.
Also rename OIDCSessionRefreshMiddleware to OIDCSessionExpiredMiddleware.
The middleware will now simply redirects to the logout page if it detects
the OIDC session has expired.