refactor(auth): use API base URL directly for OIDC endpoints

Remove SECUIRD_OIDC constant that stripped /api/v1 from the base URL.
OIDC endpoints are now served under the API path directly.

src/pages/auth/LoginPage.tsx

@@ -28,7 +28,6 @@ import { OAuthProvider } from "@/lib/oauth";
 type LoginStep = 'credentials' | 'totp' | 'webauthn' | 'passkey-email' | 'mfa-enrollment' | 'mfa';
 
 const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1';
-const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
 
 /**
  * Complete an OIDC authorization flow after the user has authenticated.
@@ -36,7 +35,7 @@ const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
  * the auth code and returns the redirect URL for the calling application.
  */
 async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> {
-  const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, {
+  const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
     method: 'POST',
     headers: { 'Content-Type': 'application/json' },
     body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),

src/pages/auth/OAuthCallbackPage.tsx

@@ -10,10 +10,9 @@ import { useToast } from "@/hooks/use-toast";
 type CallbackState = 'loading' | 'success' | 'error';
 
 const SECUIRD_API = (import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1') as string;
-const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
 
 async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> {
-  const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, {
+  const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
     method: 'POST',
     headers: { 'Content-Type': 'application/json' },
     body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),

src/pages/auth/OIDCConsentPage.tsx

@@ -7,7 +7,6 @@ import { Separator } from "@/components/ui/separator";
 import { tokenManager } from "@/lib/api";
 
 const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1';
-const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
 
 const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = {
   openid: { icon: Shield, label: "OpenID", description: "Verify your identity" },
@@ -41,7 +40,7 @@ export default function OIDCConsentPage() {
 
     (async () => {
       try {
-        const res = await fetch(`${SECUIRD_OIDC}/oidc/begin`, {
+        const res = await fetch(`${SECUIRD_API}/oidc/begin`, {
           method: "POST",
           headers: { "Content-Type": "application/json" },
           body: JSON.stringify({ oidc_session_id: oidcSessionId }),
@@ -67,7 +66,7 @@ export default function OIDCConsentPage() {
         navigate(`/login?oidc_session_id=${context.oidc_session_id}`);
         return;
       }
-      const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, {
+      const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         body: JSON.stringify({ oidc_session_id: context.oidc_session_id, token }),

src/pages/auth/OIDCLoginPage.tsx

@@ -37,8 +37,7 @@ import { useAuth } from "@/contexts/AuthContext";
 import { ApiError, tokenManager } from "@/lib/api";
 
 // ── Configuration ─────────────────────────────────────────────────────────────
-const SECUIRD_OIDC = (import.meta.env.VITE_API_BASE_URL ?? "http://localhost:5000/api/v1")
-  .replace(/\/api\/v1\/?$/, "");
+const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? "http://localhost:5000/api/v1";
 
 // ── Scope display metadata ────────────────────────────────────────────────────
 const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = {
@@ -62,7 +61,7 @@ type PageStep = "loading" | "login" | "consent" | "error";
 
 // ── API helpers ───────────────────────────────────────────────────────────────
 async function fetchOIDCContext(oidcSessionId: string): Promise<OIDCContext> {
-  const res = await fetch(`${SECUIRD_OIDC}/oidc/begin`, {
+  const res = await fetch(`${SECUIRD_API}/oidc/begin`, {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({ oidc_session_id: oidcSessionId }),
@@ -75,7 +74,7 @@ async function fetchOIDCContext(oidcSessionId: string): Promise<OIDCContext> {
 }
 
 async function completeOIDCFlow(oidcSessionId: string, token: string): Promise<string> {
-  const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, {
+  const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),