diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm
index ded496402..fa5b7e8ac 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm
@@ -7,7 +7,6 @@ package Lemonldap::NG::Portal::IssuerDBOpenIDConnect;
 
 use strict;
 use Lemonldap::NG::Portal::Simple;
-use URI::Escape;
 use base qw(Lemonldap::NG::Portal::_OpenIDConnect);
 
 our $VERSION = '2.00';
@@ -431,16 +430,9 @@ sub issuerForAuthUser {
                 }
             }
 
-            # Prepare response
-            my $response_url = $oidc_request->{'redirect_uri'};
-
-            $response_url .=
-              ( $oidc_request->{'redirect_uri'} =~ /\?/ ? '&' : '?' );
-
             # Generate code
             my $codeSession = $self->getOpenIDConnectSession();
             my $code        = $codeSession->id();
-            $response_url .= "code=" . uri_escape($code);
 
             $self->lmLog( "Generated code: $code", 'debug' );
 
@@ -454,10 +446,11 @@ sub issuerForAuthUser {
                 }
             );
 
-            if ( $oidc_request->{state} ) {
-                $response_url .=
-                  "&state=" . uri_escape( $oidc_request->{'state'} );
-            }
+            # Build Response
+            my $response_url =
+              $self->buildAuthorizationCodeAuthnResponse(
+                $oidc_request->{'redirect_uri'},
+                $code, $oidc_request->{'state'} );
 
             $self->lmLog( "Redirect user to $response_url", 'debug' );
             $self->{'urldc'} = $response_url;
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
index 3b850aedc..4ebf1fdea 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
@@ -251,6 +251,28 @@ sub buildAuthorizationCodeAuthnRequest {
     return $authn_uri;
 }
 
+## @method String buildAuthorizationCodeAuthnResponse(String redirect_uri, String code, String state)
+# Build Authentication Response URI for Authorization Code Flow
+# @param redirect_uri Redirect URI
+# @param code Code
+# @param state State
+# return String Authentication Response URI
+sub buildAuthorizationCodeAuthnResponse {
+    my ( $self, $redirect_uri, $code, $state ) = splice @_;
+
+    my $response_url = $redirect_uri;
+
+    $response_url .= ( $redirect_uri =~ /\?/ ? '&' : '?' );
+
+    $response_url .= "code=" . uri_escape($code);
+
+    if ($state) {
+        $response_url .= "&state=" . uri_escape($state);
+    }
+
+    return $response_url;
+}
+
 ## @method String getAuthorizationCodeAccessToken(String op, String code, String auth_method)
 # Get Token response with autorization code
 # @param op OpenIP Provider configuration key
@@ -978,6 +1000,10 @@ Compute callback URI
 
 Build Authentication Request URI for Authorization Code Flow
 
+=head2 buildAuthorizationCodeAuthnResponse
+
+Build Authentication Response URI for Authorization Code Flow
+
 =head2 getAuthorizationCodeAccessToken
 
 Get Token response with autorization code