fix(oauth): sync marketing opt-in and analytics after OAuth rehydration unlock cp-7.72.0

[ieow]

Description

After a seedless / social-account wallet unlock on the OAuth rehydration screen, local marketing consent and analytics could drift from the account’s server-side marketing opt-in. That meant user profile properties and preference events were not reliably aligned with getMarketingOptInStatus until some other flow ran.

This change calls OAuthService.getMarketingOptInStatus() immediately after a successful unlock on OAuthRehydration, then:

• Dispatches setDataCollectionForMarketing so Redux matches the server flag.
• Updates MetaMetrics identity with HAS_MARKETING_CONSENT.
• Fires ANALYTICS_PREFERENCE_SELECTED with updated_after_onboarding: true, location: 'oauth_rehydration', and account_type from the seedless auth connection.

Failures are logged and do not block unlock. Unit tests assert the marketing sync runs on the happy path and is skipped when navigation does not complete that path.

Changelog

CHANGELOG entry: null

Related issues

Fixes: #28249

Manual testing steps

Feature: OAuth rehydration marketing opt-in sync

  Scenario: Successful unlock syncs marketing preference and analytics
    Given the user completes social / seedless onboarding and reaches OAuth rehydration
    And the app can reach OAuth marketing opt-in APIs
    When the user enters a valid password and unlock succeeds
    Then local marketing data collection state should match the server opt-in response
    And analytics should record preference / identity updates for marketing consent (verify in debug / staging tooling if available)

  Scenario: Unlock path that does not complete rehydration navigation
    Given a flow where OAuth rehydration does not navigate to home after unlock (e.g. error or alternate path covered by tests)
    When unlock handling does not take the success path that replaces with onboarding home
    Then marketing opt-in sync should not run (no redundant or incorrect preference sync)

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Medium Risk
Touches the post-unlock path of OAuthRehydration by adding a background network call plus Redux/analytics side effects; failures are best-effort but bugs here could desync consent state or misfire analytics.

Overview
After a successful OAuth rehydration unlock, the app now fetches server-side marketing consent via OAuthService.getMarketingOptInStatus() and syncs it locally.

The unlock flow dispatches setDataCollectionForMarketing, updates MetaMetrics identity (HAS_MARKETING_CONSENT), and emits ANALYTICS_PREFERENCE_SELECTED with updated_after_onboarding, location: 'oauth_rehydration', and an account_type derived from the seedless authConnection; errors are logged and do not block unlock.

Tests were updated to mock analytics/getMarketingOptInStatus, assert the sync runs on the successful rehydration path, verify Redux + analytics payloads, and confirm the sync is skipped for the outdated password (non-oauth2) unlock path.

^{Written by Cursor Bugbot for commit 0738153. This will update automatically on new commits. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[github-actions]

✅ E2E Fixture Validation — Schema is up to date
18 value mismatches detected (expected — fixture represents an existing user).
View details

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: None (no tests recommended)
• Selected Performance tags: None (no tests recommended)
• Risk Level: low
• AI Confidence: 88%

click to see 🤖 AI reasoning details

E2E Test Selection:
The changes are confined to the OAuthRehydration component (app/components/Views/OAuthRehydration/index.tsx) and its unit test file. The modification adds a syncMarketingOptInAfterUnlock function that runs in the background after a successful OAuth wallet unlock to sync marketing consent status from OAuthService into Redux and analytics. Key observations:

1. Scope is narrow: Changes only affect the OAuthRehydration screen, which is shown exclusively to users with seedless onboarding (social login via Google/Apple OAuth). This is not a standard wallet unlock flow.

2. Additive change: The new function runs asynchronously in the background after the existing unlock flow completes - it doesn't modify the core unlock logic, navigation, or any shared components.

3. No E2E test coverage exists for this flow: The OAuthRehydration screen requires a seedless onboarding setup (OAuth social login), which is not covered by any of the available Detox E2E test tags. The FlaskBuildTests tag covers Snaps, not OAuth/seedless onboarding flows.

4. No shared component impact: The changes don't touch TabBar, Browser, Confirmations, modals, or any other components shared across E2E test flows.

5. Well-tested at unit level: The test file adds comprehensive unit tests covering the new marketing consent sync behavior, including Redux state updates and analytics calls.

6. Analytics/marketing consent only: The change is purely about syncing a marketing opt-in preference - it has no impact on wallet security, transaction processing, or user-facing UI.

No E2E test tags are warranted as this change is isolated to a specialized OAuth rehydration flow not covered by any available Detox test suite, and the risk to existing E2E flows is negligible.

Performance Test Selection:
The changes add a background async function that fetches marketing opt-in status after OAuth unlock. This is a lightweight network call that runs in the background and has no impact on UI rendering, list performance, app startup, or any of the measured performance flows (account list, login, swaps, launch, asset loading, predict, perps). No performance tests are warranted.

View GitHub Actions results

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
93.3% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud