From 43406a2e6d44277a9d681a7b9afb1335449bc4dd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Vit=C3=B3ria=20Silva?=
 <joao.vitoria.silva@pm.me>
Date: Mon, 22 Dec 2025 10:15:38 +0000
Subject: [PATCH] Fix timezone handling in OAuth state expiry check

Ensures that the expires_at field is compared as a UTC-aware datetime to prevent errors when checking if an OAuth state has expired.
---
 backend/app/auth/oauth_state/crud.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/app/auth/oauth_state/crud.py b/backend/app/auth/oauth_state/crud.py
index 7fedd67f2..3b15d9ebf 100644
--- a/backend/app/auth/oauth_state/crud.py
+++ b/backend/app/auth/oauth_state/crud.py
@@ -33,7 +33,7 @@ def get_oauth_state_by_id(
         return None
 
     # Check expiry
-    if datetime.now(timezone.utc) > oauth_state.expires_at:
+    if datetime.now(timezone.utc) > oauth_state.expires_at.replace(tzinfo=timezone.utc):
         core_logger.print_to_log(f"OAuth state expired: {state_id[:8]}...", "warning")
         return None