fix: Normalize GithubOAuth to GitHubOAuth in identity deserialization

[gjtorikian]

Summary

• The API returns GithubOAuth from getUserIdentities but getAuthorizationUrl expects GitHubOAuth — normalizes the casing during deserialization so the value can be passed directly between the two
• Adds IdentityResponse type coverage for the raw API value (GithubOAuth)
• Adds serializer unit test and integration-style test verifying the full workflow (get identity → pass provider to getAuthorizationUrl)
• Documents the behavior change in the V9 migration guide

Closes #1227

Test plan

• Serializer unit test: GithubOAuth → GitHubOAuth, other providers unchanged
• Integration test: identity provider value flows through to getAuthorizationUrl URL
• Existing getUserIdentities test updated to expect normalized value

🤖 Generated with Claude Code

[coderabbitai]

Warning

Rate limit exceeded

@gjtorikian has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 5 minutes and 52 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 5 minutes and 52 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 0ace350a-bf4e-4d53-aeb7-f98e0aa46314

📥 Commits

Reviewing files that changed from the base of the PR and between c31736d and e1b9ff9.

📒 Files selected for processing (7)

• docs/V9_MIGRATION_GUIDE.md
• src/user-management/interfaces/identity-response.interface.ts
• src/user-management/interfaces/identity.interface.ts
• src/user-management/serializers/identity.serializer.spec.ts
• src/user-management/serializers/identity.serializer.ts
• src/user-management/user-management.spec.ts
• src/user-management/user-management.ts

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/normalize-github-oauth-casing

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR fixes a casing mismatch between the WorkOS API (GithubOAuth) and the getAuthorizationUrl parameter (GitHubOAuth) by normalizing the provider value during deserialization in the identity serializer. The fix is contained to the serializer layer via a normalizeProvider helper, keeps the raw API shape in an unexported RawIdentityResponse type, and updates the public Identity interface to use only the normalized casing.

Confidence Score: 5/5

Safe to merge — the normalization is type-safe, well-tested, and correctly scoped to the serializer layer.

The change is small, targeted, and all types check out: the normalizeProvider return type is a strict subset of Identity['provider'] after narrowing GithubOAuth away. Unit tests cover the normalization case and passthrough for other providers. The integration test validates the end-to-end flow from getUserIdentities into getAuthorizationUrl. Migration guide is accurate. No security or data-integrity concerns.

No files require special attention.

Important Files Changed

Filename	Overview
src/user-management/serializers/identity.serializer.ts	Adds a normalizeProvider helper that maps GithubOAuth → GitHubOAuth; type-safe and correctly handles passthrough for all other providers.
src/user-management/interfaces/identity-response.interface.ts	New unexported RawIdentityResponse type captures both GithubOAuth and GitHubOAuth in the provider union to future-proof against the API fixing its casing.
src/user-management/interfaces/identity.interface.ts	Public Identity interface now only exposes GitHubOAuth (correct casing), with GithubOAuth removed from the union.
src/user-management/serializers/identity.serializer.spec.ts	Unit tests cover both the GithubOAuth normalization case and passthrough for other providers; clear and complete.
src/user-management/user-management.spec.ts	Existing identity test updated to expect normalized GitHubOAuth; new integration-style test validates the full identity → getAuthorizationUrl flow.
src/user-management/user-management.ts	Imports RawIdentityResponse for the get<> type annotation and deserializeIdentities for the deserialization step in getUserIdentities; no behavioral changes elsewhere.
docs/V9_MIGRATION_GUIDE.md	Adds a clear migration note with before/after examples documenting the GithubOAuth → GitHubOAuth normalization change.

_{Reviews (3): Last reviewed commit: "hide bad casing in a non-reexported raw ..." | Re-trigger Greptile}