chore: Refactor OAuthHydration screen with unlockWallet

[Cal-L]

Description

This is part of the effort to consolidate and refactor areas calling userEntryAuth or appTriggeredAuth. This PR refactors the OAuthHydration screen to replace appTriggeredAuth with unlockWallet.

Changelog

CHANGELOG entry:

Related issues

Fixes:

Manual testing steps

While using seedless onboarding and global password is outdated

• On extension, change seedless password
• On mobile, attempt login with old password
• Should get navigated to OAuthRehydration
• Upon correct password entry, navigates to wallet screen

While first onboarding with seedless onboarding on mobile, with existing account on extension

• Seedless onboarding wallet should already be created on extension
• On fresh mobile install, use seedless onboarding with the same account
• Should get navigated to OAuthRehydration
• Upon correct password entry, navigates to wallet screen

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I’ve followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Modernizes authentication flows and centralizes logic via useAuthentication.

• Replace Authentication.userEntryAuth/appTriggeredAuth with useAuthentication.unlockWallet in Login and OAuthRehydration
• Update auth preference resolution to componentAuthenticationType; remove password requirement pre-checks and resetPassword side effects
• Improve error handling: use containsErrorMessage, treat SeedlessOnboardingControllerError via navigation to REHYDRATE, handle biometric cancellations, vault corruption, passcode-not-set, and seedless-specific errors (incorrect password, too many attempts, password recently updated)
• Initialize OAuthRehydration error state from isSeedlessPasswordOutdated and streamline loading/biometry flags
• Adjust analytics/tracing calls and navigation (e.g., defer login attempts to rehydration flow)
• Overhaul tests to mock useAuthentication, cover new seedless cases, offline handling, and error sanitization

^{Written by Cursor Bugbot for commit c7d3a69. This will update automatically on new commits. Configure here.}

[Cal-L]

Add unit test for ensuring that Login will navigate to OAuthRehydration whenever it encounters seedless onboarding errors

[Cal-L]

Since isSeedlessPasswordOutdated is available, we can just set the error message by default

[Cal-L]

Since the purpose of this is to log in, we do not want to show users a password requirement error

[Cal-L]

Replace userEntryAuth with unlockWallet

[Cal-L]

unlockWallet navigates to home automatically

[Cal-L]

Same comment on removing the password requirement message

[Cal-L]

Replace userEntryAuth with unlockWallet

[Cal-L]

Remove the need to auto clear credentials. We want to avoid clearing credentials by itself unless absolutely needed since this risks throwing the credential dependencies out of sync. If we need to clear credentials, it's safer to ensure that all necessary states are being reset together. In a happy path, by removing this reset, UX would remain the same and the credentials will eventually be reset by successfully unlocking the wallet.

[Cal-L]

Synced with CW (@ieow) on this flow and agreed on sending users to the OAuthRehydration screen when any seedless onboarding error is encountered. I also mentioned that we removed the reset password here

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

[cursor]

Test passes for wrong reason after validation removal

Low Severity

The test "prevents login when password is too short" now passes for the wrong reason. The PR removed the passwordRequirementsMet validation, so short passwords are now allowed to be submitted to unlockWallet. The test asserts mockReplace is not called, which is true - but only because the component no longer calls navigation.replace() directly (navigation is now handled by unlockWallet). Login actually proceeds with the short password; the test title is misleading and should be removed or updated to reflect the new behavior.

 

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: SmokeAccounts
• Risk Level: medium
• AI Confidence: 75%

click to see 🤖 AI reasoning details

The changes modify the Login and OAuthRehydration views, which handle authentication flows. The key changes are:

1. Login/index.tsx: Changed error detection for seedless onboarding errors from string matching (containsErrorMessage(loginError, SeedlessOnboardingControllerErrorMessage.IncorrectPassword)) to using instanceof SeedlessOnboardingControllerError. This is a more robust error handling approach.

2. OAuthRehydration/index.tsx: Refactored to use the useAuthentication hook instead of directly calling Authentication.userEntryAuth() and Authentication.componentAuthenticationType(). Also removed password requirements validation before login attempt, and improved error message handling.

These are internal refactoring changes that don't modify UI elements or test IDs. The E2E tests that interact with the Login screen (change-password.spec.ts, auto-lock.spec.ts) use the SmokeAccounts tag. Running SmokeAccounts tests will verify that:

• Password entry and login still work correctly
• App locking and unlocking behavior is preserved
• Account management after login works as expected

The risk is medium because while the changes are refactoring, they touch core authentication logic that could affect login behavior. The unit tests have been updated to cover the new behavior, but E2E validation of the login flow is prudent.

View GitHub Actions results

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
85.1% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[metamaskbot]

Missing release label release-7.64.0 on PR. Adding release label release-7.64.0 on PR and removing other release labels(release-7.65.0), as PR was added to branch 7.64.0 when release was cut.