The problem I'm having is that the strategy breaks if it gets an error response from Wikipedia, but instead of redirecting the user to /auth/failure, it ends up serving a 500 error. I've looked at many other OAuth strategies, but they don't seem to have nearly as much going on as this strategy, and I'm stuck.