fix: handle numeric timezone offsets in oauth2_expiry_date parsing

Kai Armstrongrequested to merge
karmstrong/fix-oauth2-expiry-date-timezone into main

What does this MR do and why?

Fixes a bug where oauth2_expiry_date values written with a numeric UTC offset (e.g. +0530) instead of a named timezone abbreviation caused all commands to fail with:

ERROR: parsing time "03 Apr 25 21:50 +0530" as "02 Jan 06 15:04 MST": cannot parse "+0530" as "MST"

This happens because time.RFC822 only accepts named timezone abbreviations. Go formats timezones as numeric offsets for zones that don't have a standard abbreviation (such as IST, +0530). The date was written using RFC822 but in those timezones Go produces an RFC822Z value, which cannot be parsed back.

The fix:

  • Writes new oauth2_expiry_date values in RFC3339 format, consistent with how timestamps are stored everywhere else in glab
  • Falls back to parsing RFC822 and RFC822Z on read, for backwards compatibility with configs written by older versions

Existing users self-heal silently after the next token refresh.

Closes #7810 (closed)

Merge request reports