Drop omniauth for openid_connect gem

config/routes.rb

@@ -4,9 +4,9 @@ Rails.application.routes.draw do
   resource :session
   resource :password
 
-  # OIDC authentication routes
-  get "/auth/failure", to: "omniauth_callbacks#failure"
-  get "/auth/:provider/callback", to: "omniauth_callbacks#oidc"
+  # OIDC authentication routes (explicit, no middleware)
+  post "/auth/oidc", to: "oidc_auth#authorize"
+  get "/auth/oidc/callback", to: "oidc_auth#callback"
 
   # Admin user management (admin only)
   resources :users, only: [:index, :show, :edit, :update]