fix: don't use TOFU for logout callback URLs (#588)

frontend/messages/en-US.json

@@ -341,6 +341,7 @@
 	"send_email": "Send Email",
 	"show_code": "Show Code",
 	"callback_url_description": "URL(s) provided by your client. Will be automatically added if left blank. Wildcards (*) are supported, but best avoided for better security.",
+	"logout_callback_url_description": "URL(s) provided by your client for logout. Wildcards (*) are supported, but best avoided for better security.",
 	"api_key_expiration": "API Key Expiration",
 	"send_an_email_to_the_user_when_their_api_key_is_about_to_expire": "Send an email to the user when their API key is about to expire.",
 	"authorize_device": "Authorize Device",

frontend/src/routes/settings/admin/oidc-clients/oidc-callback-url-input.svelte

@@ -9,11 +9,13 @@
 
 	let {
 		label,
+		description,
 		callbackURLs = $bindable(),
 		error = $bindable(null),
 		...restProps
 	}: HTMLAttributes<HTMLDivElement> & {
 		label: string;
+		description: string;
 		callbackURLs: string[];
 		error?: string | null;
 		children?: Snippet;
@@ -21,7 +23,7 @@
 </script>
 
 <div {...restProps}>
-	<FormInput {label} description={m.callback_url_description()}>
+	<FormInput {label} {description}>
 		<div class="flex flex-col gap-y-2">
 			{#each callbackURLs as _, i}
 				<div class="flex gap-x-2">

frontend/src/routes/settings/admin/oidc-clients/oidc-client-form.svelte

@@ -84,12 +84,14 @@
 		<div></div>
 		<OidcCallbackUrlInput
 			label={m.callback_urls()}
+			description={m.callback_url_description()}
 			class="w-full"
 			bind:callbackURLs={$inputs.callbackURLs.value}
 			bind:error={$inputs.callbackURLs.error}
 		/>
 		<OidcCallbackUrlInput
 			label={m.logout_callback_urls()}
+			description={m.logout_callback_url_description()}
 			class="w-full"
 			bind:callbackURLs={$inputs.logoutCallbackURLs.value}
 			bind:error={$inputs.logoutCallbackURLs.error}