fix: authorize session null handling in authorizeSession callback and setResultUrl

[grvgoel81]

Motivation and Context

Jira Link:

Description

• Fix: authorize session null handling in authorizeSession callback and setResultUrl

How has this been tested?

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

• My code follows the code style of this project. (run lint)
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• All new and existing tests passed.
• My code requires a db migration.

---

Note

Medium Risk
Touches the login/session authorization path and adds early-return behavior when session/store payloads are missing, which could change when callbacks fire in edge cases but is limited to null/invalid-response handling.

Overview
Improves robustness of session authorization and redirect processing by adding defensive null/empty checks and safer JSON parsing.

Web3AuthApi.authorizeSession now treats missing/empty response bodies or deserialization failures as null responses instead of throwing. Web3Auth.setResultUrl and authorizeSession now validate sessionId, store message, required ShareMetadata fields, decrypted JSON, and userInfo fields before proceeding, logging warnings/errors and returning early when data is incomplete (e.g., passwordless flows where the session may not be ready yet).

^{Written by Cursor Bugbot for commit c2d76a2. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}