Currently, when the Auth Code Flow part of OIDC succeeds, we accept the redirect back to the local HTTP server, re-redirect the user to a success landing page, and close the server once that is done.

However, this success landing page can be misleading if the token endpoint request fails. We should wait before rendering the success page until the token request (client.callback() call) has actually succeeded.