fix: [PDI-3249] - Potential fix for login loop on session timeout (option 1)

[pmakode-akamai]

Description 📝

A customer reported getting stuck in a login loop on Brave Browser - when their session timed out (or when logging in from a different IP than their last session), they'd log in successfully but immediately get redirected back to the login page. Again and again, with no error shown.

Load Cloud Manager -> 401 -> redirect to login server -> callback fails  -> redirect back to login page -> repeat

Couldn't reproduce it locally, but looking at the code two things stood out in handleError:

1. clearAuthDataFromLocalStorage only cleared the token - it left the nonce and codeVerifier in localStorage. If those were STALE from a previous failed login attempt, the OAuth callback would fail and kick back to login.
2. redirectToLogin() is async but wasn't being awaited - meaning if the PKCE key generation failed (which can happen silently in Brave), window.location.assign() never fired but the page had no way to recover.

Switching to clearAllAuthDataFromLocalStorage and awaiting redirectToLogin() should hopefully address both. Small change and low risk -- if this was indeed the cause, it should break the loop.

Changes 🔄

• Used clearAllAuthDataFromLocalStorage instead of clearAuthDataFromLocalStorage when handiling 401s, and awaiting redirectToLogin() so any failure in the PKCE key generation surfaces properly.

Scope 🚢

• All customers
• Some customers (e.g. in Beta or Limited Availability)
• No customers / Not applicable

Target release date 🗓️

N/A

How to test 🧪

Verification steps

• Log in to Cloud Manager locally -- confirm login works normally and you land on CM landing page
• Log out and log back in — confirm no loop
• While logged in, manually delete authentication/token from localStorage (Devtools -> Application -> Local Storage) and refresh the page -- confirm you should be redirected to the login page, log back in, and land on CM landing page normally

Author Checklists

As an Author, to speed up the review process, I considered 🤔

👀 Doing a self review
❔ Our contribution guidelines
🤏 Splitting feature into small PRs
➕ Adding a changeset
🧪 Providing/improving test coverage
🔐 Removing all sensitive information from the code and PR description
🚩 Using a feature flag to protect the release
👣 Providing comprehensive reproduction steps
📑 Providing or updating our documentation
🕛 Scheduling a pair reviewing session
📱 Providing mobile support
♿ Providing accessibility support

• I have read and considered all applicable items listed above.

As an Author, before moving this PR from Draft to Open, I confirmed ✅

• All tests and CI checks are passing
• TypeScript compilation succeeded without errors
• Code passes all linting rules

[linode-gh-bot]

Cloud Manager UI test results

🔺 1 failing test on test run #1 ↗︎

❌ Failing	✅ Passing	↪️ Skipped	🕐 Duration
1 Failing	901 Passing	11 Skipped	39m 34s

Details

Failing Tests
	Spec	Test
❌	object-storage.e2e.spec.ts	Cloud Manager Cypress Tests→object storage end-to-end tests » can update bucket access

Troubleshooting

Use this command to re-run the failing tests:

pnpm cy:run -s "cypress/e2e/core/objectStorage/object-storage.e2e.spec.ts"

[pmakode-akamai]

• Closing this PR in favour of: fix: [PDI-3249] - Use sessionStorage for codeVerifier and nonce: update OAuth and storage #13570