This commit will redirect the user to the _els URL in Kibana 3 when the elasticsearch answer is not as expected. This causes the user to be forced to use 2FA, but he will be redirected to an _els endpoint cointaining nothing but JSON data.
This is not an acceptable final solution, but an improvement over the current situation as an interim solution, where 2FA simply yields a redirect to https://kibana3.laas.uninett.no/#/connectionFailed
A better solution would be to override the connectionFailed.html file, to present a link to the user he can use to re-authenticate using 2FA, in the same fashion as the portal. However, this would take more time and requires a reliable way to generate a 2FA link.
Please note that this pull request will NOT actually solve 2FA, because there is a problem with the authentication proxy as well, where the consumption of the OIDC answer simply yields "state did not match". A prior fix to the authentication proxy is therefore needed, and may obsolete this pull request by allowing a reliable way to put a link in connectionFailed.html.