Correct response code on successful token refresh

This fixes a bug whereby a successful token refresh process would still return a 401 because the original access token generated a 401 status. Now the refresh process sets the status according to the response from the proxied server.

Author: lcrilly

frontend.conf

@@ -55,7 +55,7 @@ server {
         #auth_jwt_key_request /_jwks_uri; # Enable when using URL
 
         # Absent/invalid OpenID Connect token will (re)start auth process (including refresh)
-        error_page 401 @oidc_auth;
+        error_page 401 = @oidc_auth;
 
         # Successfuly authenticated users are proxied to the backend,
         # with 'sub' claim passed as HTTP header