Handle OIDC error responses in visitor-auth callback

[SamyPesse]

Motivation

• Prevent an infinite loop when the OIDC provider redirects back with error/error_description instead of an authorization code by forwarding the error to the published site rather than attempting a token exchange.

Description

• Added early handling in router.get('/visitor-auth/response') to detect request.query.error and redirect to the published content URL with error and optional error_description query parameters.
• Preserve original state-derived location when building the redirect target so the user lands in the same location on the published site.
• Return a clear 500 Response when the site's published URL is missing.

Testing

• No automated tests were run for this change.

---

Codex Task

[linear]

RND-9548 OIDC integration loops if the `accessTokenEndpoint` returns an error

[changeset-bot]

⚠️ No Changeset found

Latest commit: 137ad2d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[pkg-pr-new]

Open in StackBlitz

bun add https://pkg.pr.new/GitbookIO/integrations/@gitbook/api@1109

commit: 137ad2d