feat: implement token encryption and state management for OAuth connectors

- Added encryption for sensitive tokens (access token, refresh token, client secret) in Google Calendar, Google Drive, Gmail, Linear, and Notion connectors to enhance security.
- Introduced OAuthStateManager for secure state parameter generation and validation, improving the integrity of OAuth flows.
- Updated callback routes to handle state validation and error management, ensuring robust handling of authorization processes.
- Enhanced indexers to support decryption of tokens for backward compatibility, maintaining functionality with existing encrypted credentials.
- Improved validation for date parameters in connector routes to ensure proper input handling.

surfsense_backend/app/utils/validators.py

@@ -514,16 +514,6 @@ def validate_connector_config(
             "validators": {},
         },
         "SLACK_CONNECTOR": {"required": ["SLACK_BOT_TOKEN"], "validators": {}},
-        "NOTION_CONNECTOR": {
-            "required": ["access_token"],  # OAuth-based only
-            "optional": [
-                "workspace_id",  # OAuth fields
-                "workspace_name",
-                "workspace_icon",
-                "bot_id",
-            ],
-            "validators": {},
-        },
         "GITHUB_CONNECTOR": {
             "required": ["GITHUB_PAT", "repo_full_names"],
             "validators": {