oauth: don't redirect browsers to urn:ietf:wg:oauth:2.0:oob if they are already logged in
I am writing a desktop client, and in the process of this, I noticed that we redirect browsers who are trying to obtain an OOB token if they are already logged in (say to the Mastodon Web Client).