Summary
Found during fine-grained code-quality review (second pass) at commit 14fbf3e (develop). Severity: low — bug.
ornn-web/src/pages/OAuthCallbackPage.tsx:32-47,57-58 — OAuth servers signal denial via ?error=access_denied&error_description=… with no code; the page never reads the error param and shows the misleading "Missing authorization code". Additionally login_redirect is only cleared on success, so a failed login leaves a stale redirect that applies to an unrelated future login.
Suggested fix
Branch on searchParams.get("error") first (showing error_description when present) and clear login_redirect on the error path too.
Related to #1006 (this page's strings are also in the i18n batch).
Summary
Found during fine-grained code-quality review (second pass) at commit
14fbf3e(develop). Severity: low — bug.ornn-web/src/pages/OAuthCallbackPage.tsx:32-47,57-58— OAuth servers signal denial via?error=access_denied&error_description=…with nocode; the page never reads theerrorparam and shows the misleading "Missing authorization code". Additionallylogin_redirectis only cleared on success, so a failed login leaves a stale redirect that applies to an unrelated future login.Suggested fix
Branch on
searchParams.get("error")first (showingerror_descriptionwhen present) and clearlogin_redirecton the error path too.Related to #1006 (this page's strings are also in the i18n batch).