feat: add support for app-level oauth whitelist file

[djedditt]

Follow-up to #817.

Added TINYAUTH_APPS_name_OAUTH_WHITELISTFILE support for loading app-specific OAuth whitelist entries from a file, merged with the existing inline TINYAUTH_APPS_name_OAUTH_WHITELIST config.

(Also corrected the app OAuth whitelist description from "groups" to "emails")

Summary by CodeRabbit

• New Features
  • Added support for loading OAuth email whitelists from external configuration files alongside inline settings
  • System now merges email whitelists from both inline and file-based sources

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR extends OAuth whitelist configuration to support file-based entries per app. The AppOAuth type gains a WhitelistFile field, access controls service resolves whitelist files into merged comma-separated strings, and tests validate both successful file loading and error handling.

Changes

OAuth Whitelist File Configuration

Layer / File(s)	Summary
Configuration schema and environment example internal/model/config.go, .env.example	AppOAuth type adds a WhitelistFile string field and the Whitelist field description is updated to refer to "allowed OAuth emails" instead of "allowed OAuth groups". Example environment variables are updated to document the new whitelist file configuration option.
Whitelist file resolution in access controls service internal/service/access_controls_service.go	GetAccessControls is updated to call resolveAppOAuthWhitelist after selecting static ACLs and after retrieving labels, with error propagation from the label provider. The new resolveAppOAuthWhitelist helper loads whitelist entries from app.OAuth.WhitelistFile via utils.GetStringList, joins them into a comma-separated string, and updates a copy of the app's OAuth.Whitelist field.
Service and decoder tests for whitelist file handling internal/service/access_controls_service_test.go, internal/utils/decoders/label_decoder_test.go	TestGetAccessControls includes new subtests for OAuth whitelist file merging (combining inline and file-provided emails into a single comma-separated string) and error handling (returning nil and a file-not-found error when the whitelist file does not exist). Decoder test fixtures are updated to include the WhitelistFile field in expected and input structures.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• tinyauthapp/tinyauth#826: Both PRs implement OAuth whitelist file support and share the same underlying parsing mechanism (utils.GetStringList); the main PR extends it for per-app access-control whitelist resolution while the retrieved PR adds the core whitelist-file plumbing.

Suggested labels

size:M, lgtm

Suggested reviewers

• steveiliop56
• Rycochet
• scottmckendry

Poem

🐰 A whitelist file joins the dance,
Where OAuth emails get their chance,
Load from disk, merge with care,
Access controls everywhere! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately and concisely describes the main change: adding support for app-level OAuth whitelist file configuration. It is specific, clear, and matches the primary objective of the changeset.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@internal/service/access_controls_service_test.go`:
- Line 249: Replace the OS-specific substring assertion on err with a semantic
existence check: instead of assert.ErrorContains(t, err, "no such file or
directory"), assert that the error is os.ErrNotExist (e.g. assert.ErrorIs(t,
err, os.ErrNotExist) or assert.True(t, errors.Is(err, os.ErrNotExist))). Update
imports to include "os" (and "errors" if using errors.Is) and keep the same err
variable and test context in access_controls_service_test.go.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 761cac64-5163-4b56-94a5-9163c814830a

📥 Commits

Reviewing files that changed from the base of the PR and between c346113 and 19c0294.

📒 Files selected for processing (5)

• .env.example
• internal/model/config.go
• internal/service/access_controls_service.go
• internal/service/access_controls_service_test.go
• internal/utils/decoders/label_decoder_test.go

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Avoid OS-specific error-string assertions.

Line 249 matches "no such file or directory", which is platform-dependent. Prefer semantic error checks.

Suggested fix

-		assert.ErrorContains(t, err, "no such file or directory")
+		assert.ErrorIs(t, err, os.ErrNotExist)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	assert.ErrorContains(t, err, "no such file or directory")
	assert.ErrorIs(t, err, os.ErrNotExist)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@internal/service/access_controls_service_test.go` at line 249, Replace the
OS-specific substring assertion on err with a semantic existence check: instead
of assert.ErrorContains(t, err, "no such file or directory"), assert that the
error is os.ErrNotExist (e.g. assert.ErrorIs(t, err, os.ErrNotExist) or
assert.True(t, errors.Is(err, os.ErrNotExist))). Update imports to include "os"
(and "errors" if using errors.Is) and keep the same err variable and test
context in access_controls_service_test.go.