From e3f202f574912ecafd3952669524d544dc1e0d1a Mon Sep 17 00:00:00 2001
From: Dan Milne <d@nmilne.com>
Date: Fri, 24 Oct 2025 16:17:56 +1100
Subject: [PATCH] Fix and cleanup

---
 app/controllers/oidc_controller.rb | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/app/controllers/oidc_controller.rb b/app/controllers/oidc_controller.rb
index 5e19d71..b5787db 100644
--- a/app/controllers/oidc_controller.rb
+++ b/app/controllers/oidc_controller.rb
@@ -98,10 +98,6 @@ class OidcController < ApplicationController
 
   # POST /oauth/authorize/consent
   def consent
-    Rails.logger.info "=== CONSENT METHOD STARTED ==="
-    Rails.logger.info "Session data: #{session.inspect}"
-    Rails.logger.info "OAuth params from session: #{session[:oauth_params].inspect}"
-
     # Get OAuth params from session
     oauth_params = session[:oauth_params]
     unless oauth_params
@@ -112,8 +108,8 @@ class OidcController < ApplicationController
     # User denied consent
     if params[:deny].present?
       session.delete(:oauth_params)
-      error_uri = "#{oauth_params[:redirect_uri]}?error=access_denied"
-      error_uri += "&state=#{oauth_params[:state]}" if oauth_params[:state]
+      error_uri = "#{oauth_params['redirect_uri']}?error=access_denied"
+      error_uri += "&state=#{oauth_params['state']}" if oauth_params['state']
       redirect_to error_uri, allow_other_host: true
       return
     end
@@ -141,8 +137,8 @@ class OidcController < ApplicationController
     session.delete(:oauth_params)
 
     # Redirect back to client with authorization code
-    redirect_uri = "#{oauth_params[:redirect_uri]}?code=#{code}"
-    redirect_uri += "&state=#{oauth_params[:state]}" if oauth_params[:state]
+    redirect_uri = "#{oauth_params['redirect_uri']}?code=#{code}"
+    redirect_uri += "&state=#{oauth_params['state']}" if oauth_params['state']
 
     redirect_to redirect_uri, allow_other_host: true
   end