feat(auth): add abuse protection for login and OIDC flows with consent-based authorization handling

ts/reception/classes.housekeeping.ts

@@ -74,6 +74,26 @@ export class ReceptionHousekeeping {
       '2 * * * * *'
     );
 
+    this.taskmanager.addAndScheduleTask(
+      new plugins.taskbuffer.Task({
+        name: 'expiredAbuseWindows',
+        taskFunction: async () => {
+          const expiredAbuseWindows =
+            await this.receptionRef.abuseProtectionManager.CAbuseWindow.getInstances({
+              data: {
+                validUntil: {
+                  $lt: Date.now(),
+                } as any,
+              },
+            });
+          for (const abuseWindow of expiredAbuseWindows) {
+            await abuseWindow.delete();
+          }
+        },
+      }),
+      '2 * * * * *'
+    );
+
     this.taskmanager.start();
     logger.log('info', 'housekeeping started');
   }