fix: ssoCallback return format

[ulemons]

Problem

When a new user logged in via SSO on a fresh database, the auth flow would create
a default tenant and trigger createProjectGroup, which internally called
createCollection without logoUrl, imageUrl, and color fields. Since the
SQL query referenced those parameters via pg-promise's $(field) syntax, their
absence caused pg-promise to throw, propagating the error all the way up to
ssoCallback.ts where it was caught and returned as a 401.

The issue was invisible in staging/prod because existing users already have a
tenant, so the createCollection code path is never hit on login.

Fix

Added explicit null defaults for logoUrl, imageUrl, and color before
passing the data object to the pg-promise query, so all expected parameters are
always present.

---

Note

Low Risk
Low risk: small data-layer change that only affects createCollection parameter binding by ensuring optional fields are always present; main risk is unintended null insertion if callers relied on DB defaults.

Overview
Fixes createCollection to always supply SQL parameters for optional collection fields by merging in explicit null defaults (description, slug, logoUrl, imageUrl, color) before executing the INSERT.

This prevents pg-promise $(field) binding errors when those properties are omitted (e.g., during first-time SSO provisioning on a fresh database).

^{Reviewed by Cursor Bugbot for commit bff175c. Bugbot is set up for automated code reviews on this repo. Configure here.}

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[github-actions]

⚠️ Jira Issue Key Missing

Your PR title doesn't contain a Jira issue key. Consider adding it for better traceability.

Example:

• feat: add user authentication (CM-123)
• feat: add user authentication (IN-123)

Projects:

• CM: Community Data Platform
• IN: Insights

Please add a Jira issue key to your PR title.

[github-actions]

⚠️ Jira Issue Key Missing

Your PR title doesn't contain a Jira issue key. Consider adding it for better traceability.

Example:

• feat: add user authentication (CM-123)
• feat: add user authentication (IN-123)

Projects:

• CM: Community Data Platform
• IN: Insights

Please add a Jira issue key to your PR title.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

[Copilot]

Pull request overview

Fixes an SSO-login edge case where creating a default tenant could trigger createCollection with missing optional fields, causing pg-promise named-parameter formatting to throw and bubble up as an auth failure.

Changes:

• Ensure logoUrl, imageUrl, and color parameters are always present (defaulting to null) when inserting a collection.
• Pass the normalized insert params object to the pg-promise query instead of the raw collection input.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

⚠️ Jira Issue Key Missing

Your PR title doesn't contain a Jira issue key. Consider adding it for better traceability.

Example:

• feat: add user authentication (CM-123)
• feat: add user authentication (IN-123)

Projects:

• CM: Community Data Platform
• IN: Insights

Please add a Jira issue key to your PR title.

[github-actions]

⚠️ Jira Issue Key Missing

Your PR title doesn't contain a Jira issue key. Consider adding it for better traceability.

Example:

• feat: add user authentication (CM-123)
• feat: add user authentication (IN-123)

Projects:

• CM: Community Data Platform
• IN: Insights

Please add a Jira issue key to your PR title.