OIDC: Attempt to refresh expired tokens

[kerryarchibald]

Inactive or unrecognised tokens will cause M_UNKNOWN_TOKEN error responses from the homeserver.

From the spec:

When a client receives an error code of M_UNKNOWN_TOKEN, it should:

• attempt to refresh the token, if it has a refresh token;
• if soft_logout is set to true, it can offer to re-log in the user, retaining any of the client’s persisted information;
  otherwise, consider the user as having been logged out.

AC:

• When the user has not authenticated using OIDC or does not have a refresh token, no change to behaviour
• When a possibly expired token is encountered, attempt to refresh the token and retry the request once
• When token refresh fails for any reason, continue with existing http-api handling of M_UNKNOWN_TOKEN errors (eg logout)
• When refreshing a token, the new access and refresh tokens are persisted in storage so the session can be restored
• When restoring a session from storage with an expired access token, attempt to refresh the token once