diff --git a/lib/cli.js b/lib/cli.js
index 220eb105..e40c34cb 100644
--- a/lib/cli.js
+++ b/lib/cli.js
@@ -603,12 +603,12 @@ program
     }
 
     require('./units/auth/openid')({
-      port: options.port,
-      secret: options.secret,
-      appUrl: options.appUrl,
-      openid: {
+      port: options.port
+    , secret: options.secret
+    , appUrl: options.appUrl
+    , openid: {
         identifierUrl: options.openidIdentifierUrl
-      },
+      }
     })
   })
 
diff --git a/lib/units/auth/openid.js b/lib/units/auth/openid.js
index 6ec891b2..88b799dd 100644
--- a/lib/units/auth/openid.js
+++ b/lib/units/auth/openid.js
@@ -1,8 +1,6 @@
 var http = require('http')
-var url = require('url');
-var querystring = require('querystring');
 
-var openid = require('openid');
+var openid = require('openid')
 var express = require('express')
 var urljoin = require('url-join')
 
@@ -12,17 +10,19 @@ var urlutil = require('../../util/urlutil')
 
 module.exports = function(options) {
   var extensions = [new openid.SimpleRegistration({
-    "email" : true,
-    "fullname" : true,
-  })];
+    email: true
+  , fullname: true
+  })]
+
   var relyingParty = new openid.RelyingParty(
-    urljoin(options.appUrl, "/auth/openid/verify"),
-    null,  // Realm (optional, specifies realm for OpenID authentication)
-    false, // Use stateless verification
-    false, // Strict mode
-    extensions)
-  var log = logger.createLogger('auth-openid');
-  var app = express();
+    urljoin(options.appUrl, '/auth/openid/verify')
+  , null  // Realm (optional, specifies realm for OpenID authentication)
+  , false // Use stateless verification
+  , false // Strict mode
+  , extensions)
+
+  var log = logger.createLogger('auth-openid')
+  var app = express()
 
   app.set('strict routing', true)
   app.set('case sensitive routing', true)
@@ -33,40 +33,42 @@ module.exports = function(options) {
 
   app.get('/auth/openid/', function(req, res) {
     log.info('openid identifier url: %s', options.openid.identifierUrl)
-    relyingParty.authenticate(options.openid.identifierUrl, false, function(err, authUrl){
-      if (err){
-        res.send("auth failed");
-      } else if(!authUrl){
-        res.send("auth failed");
-      } else {
-        log.info("redirect to authUrl: %s", options.openid.identifierUrl);
-        res.redirect(authUrl);
+    relyingParty.authenticate(options.openid.identifierUrl, false, function(err, authUrl) {
+      if (err) {
+        res.send('Authentication failed')
       }
-    });
+      else if (!authUrl) {
+        res.send('Authentication failed')
+      }
+      else {
+        log.info('redirect to authUrl: %s', options.openid.identifierUrl)
+        res.redirect(authUrl)
+      }
+    })
   })
 
-  app.get('/auth/openid/verify', function(req, res){
+  app.get('/auth/openid/verify', function(req, res) {
     log.setLocalIdentifier(req.ip)
 
-    relyingParty.verifyAssertion(req, function(err, result){
-      log.info("openid verify assertion");
+    relyingParty.verifyAssertion(req, function(err, result) {
+      log.info('openid verify assertion')
       if (err || !result.authenticated) {
-        res.send("Auth failed");
+        res.send('Authentication failed')
         return
       }
-      var email = req.query['openid.sreg.email'];
-      var name = req.query['openid.sreg.fullname'];
+      var email = req.query['openid.sreg.email']
+      var name = req.query['openid.sreg.fullname']
       log.info('Authenticated "%s:%s"', name, email)
       var token = jwtutil.encode({
         payload: {
-          email: email,
-          name: name
-        },
-        secret: options.secret
+          email: email
+        , name: name
+        }
+      , secret: options.secret
       })
-      res.redirect(urlutil.addParams(options.appUrl, {jwt: token}));
+      res.redirect(urlutil.addParams(options.appUrl, {jwt: token}))
     })
-  });
+  })
 
   http.createServer(app).listen(options.port)
   log.info('Listening on port %d', options.port)