Enhance OAuth security and state validation

- Implemented stricter OAuth security measures, including CSRF protection via state parameter validation and redirect_uri checks.
- Updated OAuth models to support timezone-aware datetime comparisons, replacing deprecated `utcnow`.
- Enhanced logging for malformed Basic auth headers during token, introspect, and revoke requests.
- Added allowlist validation for OAuth provider domains to prevent open redirect attacks.
- Improved nonce validation for OpenID Connect tokens, ensuring token integrity during Google provider flows.
- Updated E2E and unit tests to cover new security features and expanded OAuth state handling scenarios.

backend/tests/e2e/conftest.py

@@ -214,9 +214,6 @@ async def e2e_superuser(e2e_client):
     """
     from uuid import uuid4
 
-    from app.crud.user import user as user_crud
-    from app.schemas.users import UserCreate
-
     email = f"admin-{uuid4().hex[:8]}@example.com"
     password = "SuperAdmin123!"