oauth2: debug logging toggled by INSECURE_OAUTH2_LOG_TRACES
Created by: beyang
Logs will look like this, when INSECURE_OAUTH2_LOG_TRACES=true in the frontend environment:
18:06:37 frontend | >>>>> HTTP Request: POST https://github.com/login/oauth/access_token
18:06:37 frontend | Header: map[Authorization:[Basic xxxxxxxxxxxxxxxxxxxxxx] Content-Type:[application/x-www-form-urlencoded]]
18:06:37 frontend | Body: code=xxxxxxxxxxx&grant_type=authorization_code
18:06:37 frontend | >>>>> HTTP Request: POST https://github.com/login/oauth/access_token
18:06:37 frontend | Header: map[Content-Type:[application/x-www-form-urlencoded]]
18:06:37 frontend | Body: client_id=xxxxxxxxxxxxx&client_secret=xxxxxxxxxxxxxxxxxxxxxxx&code=xxxxxxxxxxxxxxxxxxxxxxx&grant_type=authorization_code
Also added validation for the GitHub client ID and secret to ensure no hidden or non-alphanumeric characters are used.