Merge pull request #4760 from open-formulieren/backport-2.7.x/4528-di…

…sable-oidc-session-refresh

[2.7.x backport] 🐛 [#4528] Disable OIDC SessionRefresh middleware

src/openforms/conf/base.py

@@ -265,7 +265,6 @@
     "openforms.translations.middleware.AdminLocaleMiddleware",
     "hijack.middleware.HijackUserMiddleware",
     "openforms.middleware.SessionTimeoutMiddleware",
-    "mozilla_django_oidc_db.middleware.SessionRefresh",
     "maykin_2fa.middleware.OTPMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
@@ -1030,15 +1029,6 @@
 # Access token required for performing the Token exchange
 OIDC_STORE_ACCESS_TOKEN = True
 
-# Paths that are exempt from the SessionRefresh middleware
-# these must be explicitly added to avoid infinite redirects from happening (#4435)
-if _USE_LEGACY_OIDC_ENDPOINTS:
-    OIDC_EXEMPT_URLS = [
-        "legacy_oidc:oidc_authentication_init",
-        "legacy_oidc:oidc_authentication_callback",
-        "legacy_oidc:oidc_logout",
-    ]
-
 # TODO: remove once 2.7 is released, this is required for data migration(s)
 MOZILLA_DJANGO_OIDC_DB_CACHE = "solo"