Stale or partial sessions in localStorage can be missing the redirectUrl
field. The inrupt library's silentlyAuthenticate sends that value directly
into a dynamic client registration request as redirect_uris, and CSS rejects
the registration with 'redirect_uris must only contain strings' when the
value is undefined.

Fix: catch the failure in restoreSession, call session.logout() to clear
the bad state, and continue unauthenticated so the user can log in fresh.