[o2] If an o2 auth refresh reply contains an error message, then

the refresh was NOT successful and we need to unlink the auth so
that a new login will be prompted

Fixes connections to ESRI portal fail after refresh token expires
on the server

external/o2/src/o2.cpp

@@ -440,16 +440,23 @@ void O2::onRefreshFinished() {
     if (refreshReply->error() == QNetworkReply::NoError) {
         QByteArray reply = refreshReply->readAll();
         QVariantMap tokens = parseTokenResponse(reply);
-        setToken(tokens.value(O2_OAUTH2_ACCESS_TOKEN).toString());
+        if ( tokens.contains(QStringLiteral("error")) ) {
-        setExpires(QDateTime::currentMSecsSinceEpoch() / 1000 + tokens.value(O2_OAUTH2_EXPIRES_IN).toInt());
+          qDebug() << " Error refreshing token" << tokens.value(QStringLiteral("error")).toMap().value(QStringLiteral("message")).toString().toLocal8Bit().constData();
-        const QString refreshToken = tokens.value(O2_OAUTH2_REFRESH_TOKEN).toString();
+          unlink();
-        if ( !refreshToken.isEmpty() )
+        }
-          setRefreshToken(refreshToken);
+        else
+        {
+          setToken(tokens.value(O2_OAUTH2_ACCESS_TOKEN).toString());
+          setExpires(QDateTime::currentMSecsSinceEpoch() / 1000 + tokens.value(O2_OAUTH2_EXPIRES_IN).toInt());
+          const QString refreshToken = tokens.value(O2_OAUTH2_REFRESH_TOKEN).toString();
+          if ( !refreshToken.isEmpty() )
+            setRefreshToken(refreshToken);
+          setLinked(true);
+          qDebug() << " New token expires in" << expires() << "seconds";
+          Q_EMIT linkingSucceeded();
+        }
         timedReplies_.remove(refreshReply);
-        setLinked(true);
-        Q_EMIT linkingSucceeded();
         Q_EMIT refreshFinished(QNetworkReply::NoError);
-        qDebug() << " New token expires in" << expires() << "seconds";
     }
     else
     {