fix: resolve OIDC consent flow 500 errors on NC 32

Root cause: ConsentController::grant() only passed client_id and scope
in the post-consent redirect, relying on PHP session fallback for state,
response_type, redirect_uri etc. On NC 32 (PHP 8.4), session values
were intermittently lost between session->close() and the subsequent GET
request, causing 500 errors from trim(null) / matchRedirectUri(null).

OIDC app fixes:
- Pass all OAuth params in consent redirect URL (eliminates session race)
- Add null safety guard in authorize endpoint (400 instead of 500)

Test infra fixes:
- Wait for OIDC redirect chain to settle before handling consent screen
  (fixes "Execution context was destroyed" Playwright errors)
- Capture nextcloud.log in CI failure artifacts for PHP error debugging

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

.github/workflows/test.yml

@@ -206,7 +206,9 @@ jobs:
 
       - name: Collect service logs on failure
         if: failure()
-        run: docker compose --profile ${{ matrix.profile }} logs --tail=500 > /tmp/docker-compose-logs.txt 2>&1
+        run: |
+          docker compose --profile ${{ matrix.profile }} logs --tail=500 > /tmp/docker-compose-logs.txt 2>&1
+          docker compose exec -T app cat /var/www/html/data/nextcloud.log 2>/dev/null | tail -100 > /tmp/nextcloud-app.log 2>&1 || true
 
       - name: Upload debug artifacts
         if: failure()
@@ -216,5 +218,6 @@ jobs:
           path: |
             /tmp/*.png
             /tmp/docker-compose-logs.txt
+            /tmp/nextcloud-app.log
           retention-days: 7
           if-no-files-found: ignore