feat(auth): Complete OIDC security refactor and modernize test suite

- Refactored OIDC flow to implement PKCE, state/nonce validation, and BFF pattern.
- Centralized configuration in Settings class (DEV_MODE, FRONTEND_URL, OIDC_REDIRECT_URI).
- Updated auth routers to use conditional secure cookie flags based on DEV_MODE.
- Modernized and cleaned up test suite by removing legacy Streamlit tests.
- Fixed linting errors and unused imports across the backend.

backend/src/ea_chatbot/utils/database_inspection.py

@@ -1,6 +1,5 @@
-from typing import Optional, Dict, Any, List, TYPE_CHECKING
+from typing import Optional, Dict, Any, TYPE_CHECKING
 import yaml
-import json
 import os
 from ea_chatbot.utils.db_client import DBClient
 if TYPE_CHECKING:

backend/src/ea_chatbot/utils/helpers.py

@@ -20,7 +20,8 @@ def to_yaml(json_str: str, indent: int = 2) -> str:
     """
     Attempts to convert a JSON string (potentially malformed from LLM) to a YAML string.
     """
-    if not json_str: return ""
+    if not json_str:
+        return ""
     
     try:
         # Try direct parse

backend/src/ea_chatbot/utils/llm_factory.py

@@ -1,4 +1,4 @@
-from typing import Optional, cast, TYPE_CHECKING, Literal, Dict, List, Tuple, Any
+from typing import Optional, List
 from langchain_core.language_models.chat_models import BaseChatModel
 from langchain_openai import ChatOpenAI
 from langchain_google_genai import ChatGoogleGenerativeAI