chore: Move Github OAuth to CustomOAuth

[yash-rajpal]

Proposed changes (including videos or screenshots)

Refactor Github OAuth away from Meteor packages to use custom OAuth implementation.

Issue(s)

Steps to test or reproduce

Further comments

PRES-2

Summary by CodeRabbit

• Chores
  • Refactored GitHub OAuth authentication implementation from legacy Meteor packages to a custom server-side OAuth configuration with a new client-side hook integration.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[dionisio-bot]

Looks like this PR is not ready to merge, because of the following issues:

• This PR is missing the required milestone or project

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

[changeset-bot]

⚠️ No Changeset found

Latest commit: 8b11815

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

This PR migrates GitHub OAuth from the built-in Meteor accounts-github package to a custom CustomOAuth implementation. The change removes server-side package dependencies, moves OAuth configuration to a new server-side module, and introduces a feature-flag-controlled React hook for client-side configuration.

Changes

Cohort / File(s)	Summary
Package Management apps/meteor/.meteor/packages, apps/meteor/.meteor/versions	Removed accounts-github@1.5.1 and github-oauth@1.4.2 package dependencies.
Server-Side GitHub OAuth Implementation apps/meteor/app/github/server/index.ts, apps/meteor/app/github/server/lib.ts	New modules implementing custom OAuth configuration using CustomOAuth. Defines GitHub-specific OAuth endpoints (serverURL, identityPath, tokenPath), scopes, and user fields. Exports Github service instance.
Client-Side OAuth Hook & Integration apps/meteor/client/views/root/hooks/customOAuth/useGithubOAuth.ts, apps/meteor/client/views/root/AppLayout.tsx	New React hook useGithubOAuth that configures GitHub OAuth service based on Accounts_OAuth_Github feature flag. Hook invocation added to AppLayout initialization.
Removal of Legacy GitHub Login apps/meteor/client/meteor/login/github.ts, apps/meteor/client/meteor/login/index.ts	Deleted 44-line client-side GitHub OAuth implementation including OAuth flow logic, credential handling, and TOTP wrapper. Removed corresponding import from login index.
TypeScript Declarations & Server Imports apps/meteor/definition/externals/meteor/github-oauth.d.ts, apps/meteor/server/importPackages.ts	Removed ambient module declaration for meteor/github-oauth. Added import statement to server package initialization.

Sequence Diagram(s)

sequenceDiagram
    participant Client as Client App
    participant Hook as useGithubOAuth Hook
    participant CustomOAuth as CustomOAuth Service
    participant Server as Server (lib.ts)
    participant GithubAPI as GitHub API

    Client->>Hook: AppLayout renders
    Hook->>Hook: Read Accounts_OAuth_Github flag
    alt Feature Enabled
        Hook->>CustomOAuth: configureOAuthService('github', config)
        CustomOAuth->>CustomOAuth: Configure with serverURL, endpoints, scopes
        CustomOAuth->>Server: Request OAuth configuration
        Server->>Server: Load Github config instance
        Server-->>CustomOAuth: Return config
    end
    Note over Client,Server: When user initiates GitHub login
    Client->>CustomOAuth: requestCredential()
    CustomOAuth->>GithubAPI: Launch OAuth flow with redirect
    GithubAPI-->>Client: User approves, returns code
    Client->>Server: Exchange code for token
    Server->>GithubAPI: POST token endpoint
    GithubAPI-->>Server: Return access token
    Server-->>Client: OAuth complete

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• chore: Move Meteor specific startup code #37199: Modifies the same GitHub login module being removed in this PR, making it directly related to the legacy implementation changes.
• chore: Move AppLayout hooks #37354: Adjusts AppLayout.tsx hooks similarly to this PR, which adds the useGithubOAuth hook invocation.

Suggested labels

stat: ready to merge, stat: QA assured

Suggested reviewers

• rodrigok
• tassoevan
• dougfabris

Poem

🐰 OAuth flows now custom-made,
No meteor packages to parade,
Hooks and configs dance on high,
While legacy login code says goodbye!
GitHub auth reimagined, hooray! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: moving GitHub OAuth from a deprecated Meteor package-based approach to CustomOAuth, which aligns with all the file modifications (removing Meteor packages, deleting old client-side GitHub login, adding new CustomOAuth-based server and client implementations).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/oauth-github

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

📦 Docker Image Size Report

➡️ Changes

Service	Current	Baseline	Change	Percent
sum of all images	0B	0B	0B
account-service	0B	0B	0B
authorization-service	0B	0B	0B
ddp-streamer-service	0B	0B	0B
omnichannel-transcript-service	0B	0B	0B
presence-service	0B	0B	0B
queue-worker-service	0B	0B	0B
rocketchat	0B	0B	0B

📊 Historical Trend

---
config:
  theme: "dark"
  xyChart:
    width: 900
    height: 400
---
xychart
  title "Image Size Evolution by Service (Last 30 Days + This PR)"
  x-axis ["11/18 22:53", "11/19 23:02", "11/21 16:49", "11/24 17:34", "11/27 22:32", "11/28 19:05", "12/01 23:01", "12/02 21:57", "12/03 21:00", "12/04 18:17", "12/05 21:56", "12/08 20:15", "12/09 22:17", "12/10 23:26", "12/11 21:56", "12/12 22:45", "12/13 01:34", "12/15 22:31", "12/16 22:18", "12/17 21:04", "12/18 23:12", "12/19 23:27", "12/20 21:03", "12/22 18:54", "12/23 16:16", "12/24 19:38", "12/25 17:51", "12/26 13:18", "12/29 19:01", "12/30 20:52", "01/21 13:13 (PR)"]
  y-axis "Size (GB)" 0 --> 0.5
  line "account-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.00]
  line "authorization-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.00]
  line "ddp-streamer-service" [0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.00]
  line "omnichannel-transcript-service" [0.14, 0.14, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.00]
  line "presence-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.00]
  line "queue-worker-service" [0.14, 0.14, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.00]
  line "rocketchat" [0.35, 0.35, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.00]

Loading

Statistics (last 30 days):

• 📊 Average: 1.5GiB
• ⬇️ Minimum: 1.4GiB
• ⬆️ Maximum: 1.6GiB
• 🎯 Current PR: 0B

ℹ️ About this report

This report compares Docker image sizes from this build against the develop baseline.

• Tag: pr-37604
• Baseline: develop
• Timestamp: 2026-01-21 13:13:31 UTC
• Historical data points: 30

---

Updated: Wed, 21 Jan 2026 13:13:31 GMT

[codecov]

Codecov Report

❌ Patch coverage is 75.00000% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 70.75%. Comparing base (b2cd9b6) to head (8b11815).
⚠️ Report is 1 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #37604      +/-   ##
===========================================
+ Coverage    70.73%   70.75%   +0.01%     
===========================================
  Files         3142     3142              
  Lines       108927   108922       -5     
  Branches     19606    19630      +24     
===========================================
+ Hits         77052    77065      +13     
+ Misses       29864    29855       -9     
+ Partials      2011     2002       -9     

Flag	Coverage Δ
e2e	60.34% <75.00%> (+0.08%)	⬆️
e2e-api	48.05% <ø> (-1.04%)	⬇️
unit	71.88% <ø> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[cubic-dev-ai]

No issues found across 10 files