(OIDC) Store the 'returnTo' url in a query param instead of session

[dmitrizagidulin]

(Applies to the OIDC integration branch)
Currently, if a user is not signed in and tries to access a protected page, they get redirected to signin with a 401 Unauthorized. And the page they were trying to access gets stored in the user's session (which gets stored in a session cookie).
Need to store it in a query param instead (to be preserved through the OIDC exchange either as a query param to the redirect_uri, or stored in the opaque state).

[dmitrizagidulin]

Fixed, closing.