Currently, a user whose session has expired or no longer can be refreshed (for example, RT itself is no longer valid) is redirected to the OIDC provider to re-authenticate which can offer a poor UX. For example, imagine a user who has authenticated is accessing an application page after some idle time and is seeing an authentication challenge screen, instead of a friendly page which informs the user, your session has expired, follow this link to re-authenticate.

This is exactly what this PR does, lets users configure a session expired page where a user whose session has expired or no longer can be refreshed is redirected to this page from where the user can again re-login, but in a normal interactive way.
One of the tests has been updated to confirm a redirect to such a page is initiated. Docs have been updated.

• Fixes: #40289

CC @calvernaz