When returning the SSO payload to Discourse, what exactly happens with
- Does Discourse truly download it every time or only if the URL is different?
- What happens if
avatar_urlis missing or empty on a subsequent authentication? Is the Discourse avatar cleared or left untouched?
- Is there a recommended size to return the avatar image at, or at least a maximum one (in pixels or bytes)?