diff --git a/cmd/rdpgw/web/oidc.go b/cmd/rdpgw/web/oidc.go
index 927f855c0f1c44fbec94e8087ca6c694cde44a8b..03cece1891713b0a535fc99909a70905b5b1cd75 100644
--- a/cmd/rdpgw/web/oidc.go
+++ b/cmd/rdpgw/web/oidc.go
@@ -3,12 +3,10 @@ package web
 import (
 	"encoding/hex"
 	"encoding/json"
-	"errors"
 	"github.com/bolkedebruin/rdpgw/cmd/rdpgw/identity"
 	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/patrickmn/go-cache"
 	"golang.org/x/oauth2"
-	"log"
 	"math/rand"
 	"net/http"
 	"time"
@@ -85,9 +83,7 @@ func (h *OIDC) HandleCallback(w http.ResponseWriter, r *http.Request) {
 
 	userName := findUsernameInClaims(data)
 	if userName == "" {
-		err = errors.New("no odic claim for username found")
-		log.Print(err)
-		http.Error(w, err.Error(), http.StatusInternalServerError)
+		http.Error(w, "no oidc claim for username found", http.StatusInternalServerError)
 	}
 
 	id.SetUserName(userName)
diff --git a/cmd/rdpgw/web/oidc_test.go b/cmd/rdpgw/web/oidc_test.go
new file mode 100644
index 0000000000000000000000000000000000000000..37eb90853d6c65ac4204d326690850dc6a7771ad
--- /dev/null
+++ b/cmd/rdpgw/web/oidc_test.go
@@ -0,0 +1,49 @@
+package web
+
+import "testing"
+
+func TestFindUserNameInClaims(t *testing.T) {
+	cases := []struct {
+		data map[string]interface{}
+		ret  string
+		name string
+	}{
+		{
+			data: map[string]interface{}{
+				"preferred_username": "exists",
+			},
+			ret:  "exists",
+			name: "preferred_username",
+		},
+		{
+			data: map[string]interface{}{
+				"upn": "exists",
+			},
+			ret:  "exists",
+			name: "upn",
+		},
+		{
+			data: map[string]interface{}{
+				"unique_name": "exists",
+			},
+			ret:  "exists",
+			name: "unique_name",
+		},
+		{
+			data: map[string]interface{}{
+				"fail": "exists",
+			},
+			ret:  "",
+			name: "fail",
+		},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			s := findUsernameInClaims(tc.data)
+			if s != tc.ret {
+				t.Fatalf("expected return: %v, got: %v", tc.ret, s)
+			}
+		})
+	}
+}