feat(card): move Card authentication verification out of CardSDK context

[Brunonascdev]

To be merged after #21390

Description

This PR moves the Card authentication verification logic out of the CardSDK context.
With this change, the app can determine whether a user is authenticated with Card even before they open the Card screen.

This enables us to:

• Dynamically show or hide the Card button based on authentication state.
• Automatically log out users when their refresh token expires.

Changelog

CHANGELOG entry: Refactored Card authentication to enable pre-screen checks

Related issues

Fixes:

Manual testing steps

Feature: my feature name

  Scenario: user [verb for user action]
    Given [describe expected initial app state]

    When user [verb for user action]
    Then [describe expected outcome]

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I’ve followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Moves Card auth verification out of the SDK context into app-level hooks/thunks, adds token refresh/storage utilities, updates SDK and Redux state/selectors for auth and user location.

• Card Auth Verification (App-level):
  • New useCardAuthenticationVerification hook dispatches verifyCardAuthentication on login/flag changes.
  • CardVerification now invokes both useCardholderCheck and useCardAuthenticationVerification.
• Redux (card slice):
  • Added verifyCardAuthentication thunk; new state isAuthenticated flow and userCardLocation with selectors/actions (selectIsAuthenticatedCard, selectUserCardLocation, setUserCardLocation).
  • Extended selectors to support authenticated cache; kept display button logic considering authentication.
• Token Storage/Refresh:
  • New utils: handleLocalAuthentication, refreshCardToken.
  • cardTokenVault now stores accessTokenExpiresAt/refreshTokenExpiresAt (ms conversion), validates data, and returns null when absent.
• SDK Changes (CardSDK):
  • Accepts userCardLocation; auto-sets x-us-env header internally; removed per-call location params and refreshLocalToken.
  • Auth endpoints updated accordingly; tests adjusted.
• Provider/Auth Hook:
  • CardSDKProvider simplified to SDK init only; logout clears auth state.
  • useCardProviderAuthentication stores new token fields and dispatches setUserCardLocation.
• Priority Token Hook:
  • Cache validity requires both recent lastFetched and a token; effect early-returns consolidated.
• UI:
  • Login button now disabled while loading.
• Tests:
  • Comprehensive updates/additions across hooks, SDK, token utils, and Redux to cover new flows.

^{Written by Cursor Bugbot for commit 175a2a4. This will update automatically on new commits. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[codecov-commenter]

Codecov Report

❌ Patch coverage is 97.14286% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 77.21%. Comparing base (d68cc52) to head (b9104a4).
⚠️ Report is 20 commits behind head on main.

Files with missing lines	Patch %	Lines
app/components/UI/Card/util/refreshCardToken.ts	91.89%	1 Missing and 2 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #21399      +/-   ##
==========================================
+ Coverage   77.11%   77.21%   +0.10%     
==========================================
  Files        3615     3641      +26     
  Lines       89144    89498     +354     
  Branches    16861    16947      +86     
==========================================
+ Hits        68745    69108     +363     
+ Misses      15721    15709      -12     
- Partials     4678     4681       +3     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
98.2% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[metamaskbot]

Missing release label release-7.58.0 on PR. Adding release label release-7.58.0 on PR and removing other release labels(release-7.59.0), as PR was added to branch 7.58.0 when release was cut.