See merge request !3

See merge request !2

This only is an info, and no error (as it would be if we did not catch the exception and would let it bubble up), because: We are in the Security Handler. We do expect here that the identity provider (keycloak) does not respond with a valid token for a multitude of reasons:

- IDP session terminated
- IDP session logged out
- IDP session expired
- IDP login failed
- IDP unreachable
- ...

Most of these scenarios are legit and only the IDP having an actual error, would cause us to error out too (such as in the last example "IDP unreachable"). But when catching an OidcTokenException, we can be sure that the IDP did its job, but just did decide not to give us a token: which is no error state for us!

check empty profiles

See merge request !1

Copy relevant files from https://gitlab.timtrense.com/tim/gitlab-project-template