From a36431903e94ca669e0d4958d63516a581ab5874 Mon Sep 17 00:00:00 2001
From: Nathan Flurry <developer@nathanflurry.com>
Date: Thu, 12 Mar 2026 23:59:06 -0700
Subject: [PATCH] Add temporary header dump on GitHub OAuth callback

Log all request headers on the callback endpoint to diagnose
the source of duplicate requests (Railway proxy, Cloudflare, browser).
Remove once root cause is identified.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 foundry/packages/backend/src/index.ts | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/foundry/packages/backend/src/index.ts b/foundry/packages/backend/src/index.ts
index b6fe3e2..17acb4a 100644
--- a/foundry/packages/backend/src/index.ts
+++ b/foundry/packages/backend/src/index.ts
@@ -282,6 +282,15 @@ export async function startBackend(options: BackendStartOptions = {}): Promise<v
   });
 
   const handleGithubAuthCallback = async (c: any) => {
+    // TEMPORARY: dump all request headers to diagnose duplicate callback requests
+    // (Railway nginx proxy_next_upstream? Cloudflare retry? browser?)
+    // Remove once root cause is identified.
+    const allHeaders: Record<string, string> = {};
+    c.req.raw.headers.forEach((value: string, key: string) => {
+      allHeaders[key] = value;
+    });
+    logger.info({ headers: allHeaders, url: c.req.url }, "github_callback_headers");
+
     const code = c.req.query("code");
     const state = c.req.query("state");
     if (!code || !state) {