nexus/partials/landingpages/auth/login.php

<?php
use App\OidcClient;

$config = app()->config();
if (!$config->authEnabled) {
    echo '<div class="card">Auth ist deaktiviert.</div>';
    return;
}

$session = app()->session();
$session->start();

$state = bin2hex(random_bytes(16));
$nonce = bin2hex(random_bytes(16));
$_SESSION['oidc_state'] = $state;
$_SESSION['oidc_nonce'] = $nonce;

$client = new OidcClient($config);
redirect($client->authUrl($state, $nonce));