fix(line): validate oauth state on callback

[nijel]

Validate the returned LINE OAuth state before exchanging authorization codes to prevent login CSRF. Add regression coverage for LINE state handling and redirect URI consistency.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.88%. Comparing base (841e936) to head (4d96bdb).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1829      +/-   ##
==========================================
+ Coverage   85.54%   85.88%   +0.33%     
==========================================
  Files         345      346       +1     
  Lines       13052    13075      +23     
  Branches      627      627              
==========================================
+ Hits        11165    11229      +64     
+ Misses       1654     1612      -42     
- Partials      233      234       +1     

Flag	Coverage Δ
unittests	85.88% <100.00%> (+0.33%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[thientd]

enforce CSRF state is good