fix(oauth): trim GitHub OAuth client id and secret from env

[jony376]

Summary

Trim GITHUB_OAUTH_CLIENT_ID and GITHUB_OAUTH_CLIENT_SECRET before OAuth authorize and token exchange.

Related Issues

Closes #179

Type of Change

• Bug fix
• New feature
• Refactor
• Documentation
• Other (describe below)

Testing

• Tests added/updated
• Manually tested

Checklist

• Code follows project style guidelines
• Self-review completed
• Changes are documented (if applicable)

Summary by CodeRabbit

• Bug Fixes
  • Enhanced GitHub OAuth authentication configuration handling to properly manage whitespace in settings, improving validation reliability during login and callback processes.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 671af8b7-1678-42aa-809b-16ac1a2d91bc

📥 Commits

Reviewing files that changed from the base of the PR and between 22ab15d and 9ce571b.

📒 Files selected for processing (2)

• src/app/api/auth/github/callback/route.ts
• src/app/api/auth/github/login/route.ts

---

📝 Walkthrough

Walkthrough

This PR adds .trim() calls to GitHub OAuth credential environment variables in two routes: the callback handler now trims both GITHUB_OAUTH_CLIENT_ID and GITHUB_OAUTH_CLIENT_SECRET before validation, and the login route trims GITHUB_OAUTH_CLIENT_ID before use. This prevents accidental trailing whitespace in .env files from causing authentication failures.

Changes

GitHub OAuth Environment Variable Trimming

Layer / File(s)	Summary
Trim OAuth environment variables in login and callback routes src/app/api/auth/github/callback/route.ts, src/app/api/auth/github/login/route.ts	Both OAuth routes now strip whitespace from credential environment variables: the callback handler trims GITHUB_OAUTH_CLIENT_ID and GITHUB_OAUTH_CLIENT_SECRET in the configuration validation, and the login route trims GITHUB_OAUTH_CLIENT_ID before OAuth URL construction.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A trailing space caused such dismay,
OAuth credentials led astray!
Now .trim() keeps them clean and bright,
No more whitespace causing plight! 🎉

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely summarizes the main change: trimming GitHub OAuth credentials from environment variables to fix OAuth configuration issues.
Linked Issues check	✅ Passed	The pull request fully addresses issue #179 requirements by adding .trim() to GITHUB_OAUTH_CLIENT_ID and GITHUB_OAUTH_CLIENT_SECRET in both specified files (login and callback routes).
Out of Scope Changes check	✅ Passed	All changes are strictly focused on the linked issue #179; only two files were modified to trim OAuth environment variables as required, with no extraneous modifications.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

src/app/api/auth/github/callback/route.ts

ESLint skipped: missing config or dependency (missing-dependency). The ESLint configuration references a package that is not available in the sandbox.

src/app/api/auth/github/login/route.ts

ESLint skipped: the ESLint configuration for this file references a package that is not available in the sandbox.

Warning

Billing warning: we have not been able to collect payment for this subscription for more than 72 hours. Please update the payment method or pay any pending invoices in Billing to avoid service interruption.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[MkDev11]

Thanks for your contribution! I am closing the PR since the issue is not currently happening. It is just a small defensive hardening fix for future copy/paste or quoted-env mistake.