@sohambasu963draftchecks…fix/trim-auth-config-credentials → master2 files · +64 −1updated 9h agoCustomers paste OAuth credentials from provider dashboards with stray edge whitespace, and we store them verbatim. The OAuth URL builder then URL-encodes the space into the authorization request and the provider rejects it at the consent page with an opaque error.
Live production evidence (Datadog, 2026-06-12): TikTok authorization URLs going out with client_key=+sbawggvixego0nq6wv, client_key=+awr58rza2lvcgiey, client_key=+awnj2m771kki7j65 — the leading + is a URL-encoded space, from three different stored credentials in one day. TikTok rejects these before the consent page.
trimCredentialEdgeWhitespace() applied at validateRequiredFieldsAndPopulateOptionalFields — the shared chokepoint all four auth-config create/update call sites flow through. String values get .trim(); arrays/booleans/numbers and interior whitespace untouched.
validateAuthConfig.unit.test.ts — trims edges, preserves non-strings and interior whitespace. ⚠️ Not run locally (fresh worktree, no deps) — relying on CI.
🤖 Generated with Claude Code