Cleaned up whitelist

* Added: /oauth
* Added: favicon.ico
* Stricten up /login to be either exactly "/login" or under the
"/login/" namespace
* Used latest google-java-format

Change-Id: Ie3614d33d7d8627f4c6eb9d358640380357784a8
diff --git a/src/main/java/com/googlesource/gerrit/plugins/loginredirect/LoginRedirectFilter.java b/src/main/java/com/googlesource/gerrit/plugins/loginredirect/LoginRedirectFilter.java
index 51779e2..4073e85 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/loginredirect/LoginRedirectFilter.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/loginredirect/LoginRedirectFilter.java
@@ -40,12 +40,15 @@
     if (!httpReq.getContextPath().isEmpty()) {
       path = path.substring(httpReq.getContextPath().length());
     }
-    if (path.startsWith("/login") ||
-        path.startsWith("/a/") ||
-        path.startsWith("/Documentation/") ||
-        path.startsWith("/static/") ||
-        path.equals("/ssh_info") ||
-        sessionProvider.get().isSignedIn()) {
+    if (path.equals("/login")
+        || path.startsWith("/login/")
+        || path.equals("/oauth")
+        || path.equals("/favicon.ico")
+        || path.startsWith("/a/")
+        || path.startsWith("/Documentation/")
+        || path.startsWith("/static/")
+        || path.equals("/ssh_info")
+        || sessionProvider.get().isSignedIn()) {
       chain.doFilter(request, response);
     } else {
       ((HttpServletResponse) response).sendRedirect(getLoginRedirectUrl(httpReq));