in app/controllers/Application.scala [18:24]
def login(returnUrl: String) = AuthAction { implicit request =>
if (LoginConfig.isValidUrl(config.domain, returnUrl)) {
Redirect(returnUrl)
} else {
Ok("Please redirect to a valid, secure url on the relevant stage")
}
}