Consolidate login timeout settings
We have too many different timeout for "waiting for the user to do something"
All these timeout have different, sometimes inconsistent values (samlRelayStateTimeout vs issuersTimeout in SAML-to-SAML scenario) of values that are too short by default (formTimeout, #2544 (closed))
We should consolidate all these timeouts into broader categories.
- "User action that should be done quickly" => validating an info message, etc, could be 2 minutes by default
- "User action that takes some time" => filling a complex form, installing an OTP app, remembering their password => could be 5 or even 10 minutes by default
As an example, this is how Keycloak does it: