fix: User is cleared when access token expires even if it can be refreshed

[albertmoravec]

Description

In certain cases, for example when application is in background the access token can expire and upon waking up the "expired" event is thrown. Expired event handler in turn calls forgetUser() even though the user has valid refresh token and the access token can be refreshed just fine.

Steps To Reproduce

Reproduction rate is not necessarily 100% due to circumstances I'm not too sure of.

1. Authenticate successfully using any method
2. Send the application to background
3. Wait for access token to expire
4. Open the application again - both expiring and expired events might get triggered at the same time
5. User might be logged out as forgetUser() is called unconditionally

Expected Behavior

User is not logged out and access token is refreshed using existing valid refresh token.

Also there should be no need for any kind of timer, access token can be refreshed on-demand.

Event Tracing

Here's a sequence of events that we recorded when this error happened (newest to oldest):

Event	Timestamp	Note
ApplicationOpened	2024-12-20T16:44:11.256
OIDCRefreshFailed(CurrentUserNull)	2024-12-20T16:44:11.021	Refresh triggered from application code
OIDCUserEvent(null)	2024-12-20T16:44:11.009
OIDCEvent(Prelogout)	2024-12-20T16:44:11.007
OIDCEvent(TokenExpired)	2024-12-20T16:44:10.988
OIDCEvent(TokenExpiring)	2024-12-20T16:44:10.986
ApplicationBackgrounded	2024-12-20T16:36:35.291