fix: final review comments

frontend/src/pages/authorize-page.tsx

@@ -109,10 +109,6 @@ export const AuthorizePage = () => {
     },
   });
 
-  if (!isLoggedIn) {
-    return <Navigate to={`/login?${compiledOIDCParams}`} replace />;
-  }
-
   if (missingParams.length > 0) {
     return (
       <Navigate
@@ -122,6 +118,10 @@ export const AuthorizePage = () => {
     );
   }
 
+  if (!isLoggedIn) {
+    return <Navigate to={`/login?${compiledOIDCParams}`} replace />;
+  }
+
   if (getClientInfo.isLoading) {
     return (
       <Card className="min-w-xs sm:min-w-sm">

frontend/src/pages/login-page.tsx

@@ -90,7 +90,9 @@ export const LoginPage = () => {
     mutationKey: ["login"],
     onSuccess: (data) => {
       if (data.data.totpPending) {
-        window.location.replace(`/totp?${compiledOIDCParams}`);
+        window.location.replace(
+          `/totp?redirect_uri=${encodeURIComponent(props.redirect_uri)}`,
+        );
         return;
       }
 

internal/controller/oidc_controller.go

@@ -233,14 +233,14 @@ func (controller *OIDCController) Token(c *gin.Context) {
 		entry, err := controller.oidc.GetCodeEntry(c, controller.oidc.Hash(req.Code))
 		if err != nil {
 			if errors.Is(err, service.ErrCodeNotFound) {
-				tlog.App.Warn().Str("code", req.Code).Msg("Code not found")
+				tlog.App.Warn().Msg("Code not found")
 				c.JSON(400, gin.H{
 					"error": "invalid_grant",
 				})
 				return
 			}
 			if errors.Is(err, service.ErrCodeExpired) {
-				tlog.App.Warn().Str("code", req.Code).Msg("Code expired")
+				tlog.App.Warn().Msg("Code expired")
 				c.JSON(400, gin.H{
 					"error": "invalid_grant",
 				})