secure attachments manual + own logo breaks oicd

[DunklerPhoenix]

Describe the Bug

If I set a custom logo, the attachments to local_secure_restricted or local_secure, move all images from public/uploads/images to storage/upload/images then the logo doesn't get loaded anymore. This breaks the oicd, because the oicd provider (authelia) says that the request was invalid because it was sent twice. ("the client is using the explicit consent mode and this consent session has already been responded to") If I move the images back to public, oicd is working again.

Steps to Reproduce

1. Use authelia as oicd
2. Set a custom bookstack logo
3. Set up oicd in bookstack
4. (Optional) set auto login in bookstack oicd settings
5. Set the attachments configuration to local_secure_restricted
6. Move the whole content from public/uploads/images to storage/uploads/images
7. Try to log in
8. The first 1 or 2 logins works (maybe because of the cached logo)
9. If the logo isnt in the cache anymore it cant be loaded and the oicd request get into a endless loop because of:
10. "the client is using the explicit consent mode and this consent session has already been responded to"

Expected Behaviour

The logo gets always loaded or the manual mentions an explicit exception of the folder with the logo image while moving from public to storage

Screenshots or Additional Context

No response

Browser Details

No response

Exact BookStack Version

23.12.2

Edit: No additional error logs are generated by authelia or bookstack. Just the error message above.

[ssddanbrown]

Hi @DunklerPhoenix, After migrating to a "secure" storage option, re-upload any app-icons so they get placed into the public storage space again. Alternatively you could selectively leave these specific images in the public space, but that may be more fiddly.

[ssddanbrown]

Since this was answered with no further follow-up I'll go ahead and close this off.