chore(runway): cherry-pick feat(card): cp-7.64.0 create card-kyc-notification deep link handler (#25703)

- feat(card): cp-7.64.0 create card-kyc-notification deep link handler
(#25607)

<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->

## **Description**

<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->

This PR implements a deeplink handler for Card KYC push notifications,
allowing users to be routed to the appropriate screen based on their KYC
verification status when tapping on a notification about their
verification result.

**Motivation**: When users complete their KYC verification process, they
receive push notifications about the result. Previously, there was no
handler to deep link users directly to the relevant screen based on
their verification status.

**Solution**: 
- Added a new `card-kyc-notification` deeplink action that checks the
user's KYC verification state and navigates accordingly
- Handles two scenarios:
1. **Onboarding flow** (user has onboardingId): Routes to KYCFailed,
Complete (→ PersonalDetails), or KYCPending
2. **Authenticated flow** (user is already logged in): Routes to
KYCFailed, Complete (→ CardHome via SpendingLimit), or CardHome
- Updated the `Complete` screen to accept a `nextDestination` route
param for proper navigation after KYC approval
- Added logic to suppress the "keep going" modal when users are
deeplinked directly to the Complete screen
- Added `logout` method to CardSDK for proper session cleanup
- Refactored `useCardProviderAuthentication` to get location from Redux
selector instead of function parameters

## **Changelog**

<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`

If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`

(This helps the Release Engineer do their job more quickly and
accurately)
-->

CHANGELOG entry: Added deeplink handler for Card KYC push notifications
to route users to appropriate screens based on verification status

## **Related issues**

Fixes:

## **Manual testing steps**

```gherkin
Feature: Card KYC Notification Deeplink Handler

  Scenario: User taps KYC approved notification during onboarding
    Given user is in the Card onboarding flow with a pending KYC verification
    And user has an onboardingId stored in Redux

    When user taps on a push notification with the card-kyc-notification deeplink
    And the KYC status is VERIFIED
    Then user is navigated to the Complete screen
    And tapping Continue navigates to PersonalDetails

  Scenario: User taps KYC approved notification when authenticated
    Given user is authenticated with the Card provider
    And user has completed KYC verification

    When user taps on a push notification with the card-kyc-notification deeplink
    And the KYC status is VERIFIED
    Then user is navigated to the Complete screen
    And tapping Continue navigates to SpendingLimit screen

  Scenario: User taps KYC rejected notification
    Given user has submitted KYC verification
    
    When user taps on a push notification with the card-kyc-notification deeplink
    And the KYC status is REJECTED
    Then user is navigated to the KYCFailed screen

  Scenario: User taps notification while KYC is still pending
    Given user has submitted KYC verification
    
    When user taps on a push notification with the card-kyc-notification deeplink
    And the KYC status is PENDING
    Then user is navigated to the KYCPending screen (onboarding) or CardHome (authenticated)
```

## **Screenshots/Recordings**

<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->

### **Before**

<!-- [screenshots/recordings] -->

### **After**

<!-- [screenshots/recordings] -->

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding

Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I've applied the right labels on the PR (see [labeling

guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Medium Risk**
> Adds a new deeplink entry point and changes navigation/auth state
handling, which could misroute users or regress card onboarding/auth
flows if state/params aren’t set as expected.
> 
> **Overview**
> Adds a new `card-kyc-notification` universal link action that inspects
Card feature flags plus the user’s onboarding/auth state, fetches KYC
verification status (via `CardSDK`), and deep-navigates to the
appropriate Card screen (e.g., `KYC_FAILED`, `KYC_PENDING`, or
`COMPLETE` with a `nextDestination` param).
> 
> Refactors Card authentication to source `location` from Redux
(`selectUserCardLocation`) rather than passing it through login/OTP
APIs, and updates UI to persist location selection in state.
> 
> Improves session cleanup by introducing `CardSDK.logout()` (server
logout + always-clear local token) and wiring `logoutFromProvider()` to
call it while still clearing Redux state on failures; `CardHome` now
shows a toast when an authentication error forces logout/redirect. Also
tweaks onboarding navigation (skip “keep going” modal when deeplinked to
`COMPLETE`), adjusts close-button behavior to `reset` to Card Home, and
updates related copy/SSN helper text and tests.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
d043390. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------

Co-authored-by: Alejandro Machado <alejandro@macha.do>
Co-authored-by: Kevin Le Jeune <kevin.le-jeune@consensys.net>
[826b8b5](826b8b5)

Co-authored-by: Bruno Nascimento <brunonascimentodev@gmail.com>
Co-authored-by: Alejandro Machado <alejandro@macha.do>
Co-authored-by: Kevin Le Jeune <kevin.le-jeune@consensys.net>

Author: 4 people

app/components/UI/Card/Views/CardAuthentication/CardAuthentication.test.tsx

@@ -3,7 +3,6 @@ import { renderScreen } from '../../../../../util/test/renderWithProvider';
 import CardAuthentication from './CardAuthentication';
 import Routes from '../../../../../constants/navigation/Routes';
 import { CardAuthenticationSelectors } from './CardAuthentication.testIds';
-import { CardLocation } from '../../types';
 import { backgroundState } from '../../../../../util/test/initial-root-state';
 
 // Mock whenEngineReady to prevent async polling after test teardown
@@ -282,7 +281,7 @@ describe('CardAuthentication Component', () => {
   });
 
   describe('Login Step - Login Functionality', () => {
-    it('calls login with correct parameters for international location', async () => {
+    it('calls login with correct parameters', async () => {
       render();
       const emailInput = screen.getByTestId('email-field');
       const passwordInput = screen.getByTestId('password-field');
@@ -296,14 +295,13 @@ describe('CardAuthentication Component', () => {
 
       await waitFor(() => {
         expect(mockLogin).toHaveBeenCalledWith({
-          location: 'international',
           email: 'test@example.com',
           password: 'password123',
         });
       });
     });
 
-    it('calls login with US location when selected', async () => {
+    it('calls login after selecting US location', async () => {
       render();
       const usBox = screen.getByTestId('us-location-box');
       const emailInput = screen.getByTestId('email-field');
@@ -319,7 +317,6 @@ describe('CardAuthentication Component', () => {
 
       await waitFor(() => {
         expect(mockLogin).toHaveBeenCalledWith({
-          location: 'us' as CardLocation,
           email: 'test@example.com',
           password: 'password123',
         });
@@ -383,7 +380,6 @@ describe('CardAuthentication Component', () => {
 
       await waitFor(() => {
         expect(mockLogin).toHaveBeenCalledWith({
-          location: 'international',
           email: 'test@example.com',
           password: 'password123',
         });

app/components/UI/Card/Views/CardAuthentication/CardAuthentication.tsx

@@ -24,12 +24,12 @@ import { useTheme } from '../../../../../util/theme';
 import useCardProviderAuthentication from '../../hooks/useCardProviderAuthentication';
 import { CardAuthenticationSelectors } from './CardAuthentication.testIds';
 import Routes from '../../../../../constants/navigation/Routes';
-import { CardLocation } from '../../types';
 import { strings } from '../../../../../../locales/i18n';
 import Logger from '../../../../../util/Logger';
 import { MetaMetricsEvents, useMetrics } from '../../../../hooks/useMetrics';
-import { useDispatch } from 'react-redux';
+import { useDispatch, useSelector } from 'react-redux';
 import {
+  selectUserCardLocation,
   setOnboardingId,
   setUserCardLocation,
 } from '../../../../../core/redux/slices/card';
@@ -53,7 +53,7 @@ const CardAuthentication = () => {
   const [password, setPassword] = useState('');
   const [isPasswordVisible, setIsPasswordVisible] = useState(false);
   const [loading, setLoading] = useState(false);
-  const [location, setLocation] = useState<CardLocation>('international');
+  const location = useSelector(selectUserCardLocation);
   const [otpData, setOtpData] = useState<{
     userId: string;
     maskedPhoneNumber?: string;
@@ -116,7 +116,6 @@ const CardAuthentication = () => {
         try {
           await sendOtpLogin({
             userId: otpData.userId,
-            location,
           });
           // Reset countdown when OTP is sent
           setResendCooldown(60);
@@ -127,7 +126,7 @@ const CardAuthentication = () => {
 
       sendOtp();
     }
-  }, [step, otpData?.userId, sendOtpLogin, location]);
+  }, [step, otpData?.userId, sendOtpLogin]);
 
   // Cooldown timer effect
   useEffect(() => {
@@ -173,7 +172,6 @@ const CardAuthentication = () => {
       try {
         setLoading(true);
         const loginResponse = await login({
-          location,
           email,
           password,
           ...(otpCode ? { otpCode } : {}),
@@ -190,7 +188,6 @@ const CardAuthentication = () => {
         }
 
         if (loginResponse?.phase) {
-          dispatch(setUserCardLocation(location));
           dispatch(setOnboardingId(loginResponse.userId));
           navigation.reset({
             index: 0,
@@ -217,7 +214,6 @@ const CardAuthentication = () => {
     },
     [
       email,
-      location,
       login,
       password,
       step,
@@ -253,13 +249,12 @@ const CardAuthentication = () => {
     try {
       await sendOtpLogin({
         userId: otpData.userId,
-        location,
       });
       setResendCooldown(60);
     } catch (err) {
       Logger.log('CardAuthentication::Resend OTP failed', err);
     }
-  }, [resendCooldown, otpData?.userId, sendOtpLogin, location, otpLoading]);
+  }, [resendCooldown, otpData?.userId, sendOtpLogin, otpLoading]);
 
   const handleBackToLogin = useCallback(() => {
     setStep('login');
@@ -367,7 +362,7 @@ const CardAuthentication = () => {
         <>
           <Box twClassName="flex-row justify-between gap-2">
             <TouchableOpacity
-              onPress={() => setLocation('international')}
+              onPress={() => dispatch(setUserCardLocation('international'))}
               style={tw.style(
                 `flex flex-col items-center justify-center flex-1 bg-background-muted rounded-lg ${location === 'international' ? 'border border-text-default' : ''}`,
               )}
@@ -386,7 +381,7 @@ const CardAuthentication = () => {
               </Box>
             </TouchableOpacity>
             <TouchableOpacity
-              onPress={() => setLocation('us')}
+              onPress={() => dispatch(setUserCardLocation('us'))}
               style={tw.style(
                 `flex flex-col items-center justify-center flex-1 bg-background-muted rounded-lg ${location === 'us' ? 'border border-text-default' : ''}`,
               )}
@@ -465,14 +460,15 @@ const CardAuthentication = () => {
       handlePasswordChange,
       handleResendOtp,
       isPasswordVisible,
-      location,
       otpError,
       otpLoading,
       password,
       performLogin,
       resendCooldown,
       step,
       tw,
+      dispatch,
+      location,
     ],
   );
   const actions = useMemo(

app/components/UI/Card/Views/CardHome/CardHome.test.tsx

@@ -2529,6 +2529,43 @@ describe('CardHome Component', () => {
         ]);
       });
     });
+
+    it('completes full auth error cleanup flow including toast display', async () => {
+      // Given: authenticated user with authentication error
+      setupMockSelectors({ isAuthenticated: true });
+      mockIsAuthenticationError.mockReturnValue(true);
+      mockRemoveCardBaanxToken.mockResolvedValue(undefined);
+      setupLoadCardDataMock({
+        error: 'Token expired',
+        isAuthenticated: true,
+      });
+
+      // When: component renders with authentication error
+      render();
+
+      // Then: should complete full cleanup flow:
+      // 1. Remove token
+      await waitFor(() => {
+        expect(mockRemoveCardBaanxToken).toHaveBeenCalled();
+      });
+
+      // 2. Dispatch Redux actions
+      await waitFor(() => {
+        expect(mockDispatch).toHaveBeenCalledWith(
+          expect.objectContaining({ type: 'card/resetAuthenticatedData' }),
+        );
+        expect(mockDispatch).toHaveBeenCalledWith(
+          expect.objectContaining({ type: 'card/clearAllCache' }),
+        );
+      });
+
+      // 3. Navigate to authentication screen (this happens after toast is shown)
+      await waitFor(() => {
+        expect(StackActions.replace).toHaveBeenCalledWith(
+          Routes.CARD.AUTHENTICATION,
+        );
+      });
+    });
   });
 
   describe('KYC Status Verification', () => {

app/components/UI/Card/Views/CardHome/CardHome.tsx

@@ -763,6 +763,14 @@ const CardHome = () => {
         dispatch(resetAuthenticatedData());
         dispatch(clearAllCache());
 
+        toastRef?.current?.showToast({
+          variant: ToastVariants.Icon,
+          labelOptions: [
+            { label: strings('card.card_home.authentication_error') },
+          ],
+          hasNoTimeout: false,
+          iconName: IconName.Warning,
+        });
         navigation.dispatch(StackActions.replace(Routes.CARD.AUTHENTICATION));
       } catch (error) {
         if (!isComponentUnmountedRef.current) {
@@ -776,7 +784,7 @@ const CardHome = () => {
     };
 
     handleAuthenticationError();
-  }, [cardError, dispatch, isAuthenticated, navigation]);
+  }, [cardError, dispatch, isAuthenticated, navigation, toastRef]);
 
   useEffect(() => {
     if (isSDKLoading) {

app/components/UI/Card/components/Onboarding/Complete.test.tsx

@@ -1,6 +1,10 @@
 import React from 'react';
 import { render, fireEvent, waitFor } from '@testing-library/react-native';
-import { StackActions, useNavigation } from '@react-navigation/native';
+import {
+  StackActions,
+  useNavigation,
+  useRoute,
+} from '@react-navigation/native';
 import { useDispatch } from 'react-redux';
 import Complete from './Complete';
 import Routes from '../../../../../constants/navigation/Routes';
@@ -14,6 +18,7 @@ const mockStackReplace = jest.fn((routeName: string) => ({
 
 jest.mock('@react-navigation/native', () => ({
   useNavigation: jest.fn(),
+  useRoute: jest.fn(),
   StackActions: {
     replace: jest.fn((routeName: string) => ({
       type: 'REPLACE',
@@ -217,6 +222,11 @@ describe('Complete Component', () => {
       dispatch: mockNavigationDispatch,
     });
 
+    // Default: no route params
+    (useRoute as jest.Mock).mockReturnValue({
+      params: {},
+    });
+
     (useDispatch as jest.Mock).mockReturnValue(mockDispatch);
 
     const { useMetrics } = jest.requireMock('../../../../hooks/useMetrics');
@@ -517,4 +527,120 @@ describe('Complete Component', () => {
       });
     });
   });
+
+  describe('Deep Link Navigation (nextDestination param)', () => {
+    it('navigates to PersonalDetails when nextDestination is personal_details', async () => {
+      (useRoute as jest.Mock).mockReturnValue({
+        params: { nextDestination: 'personal_details' },
+      });
+
+      const { getByTestId } = render(<Complete />);
+      const button = getByTestId('complete-confirm-button');
+      fireEvent.press(button);
+
+      await waitFor(() => {
+        expect(mockStackReplace).toHaveBeenCalledWith(
+          Routes.CARD.ONBOARDING.PERSONAL_DETAILS,
+        );
+        expect(mockNavigationDispatch).toHaveBeenCalledWith(
+          expect.objectContaining({
+            routeName: Routes.CARD.ONBOARDING.PERSONAL_DETAILS,
+          }),
+        );
+      });
+    });
+
+    it('does not reset onboarding state when navigating to PersonalDetails', async () => {
+      (useRoute as jest.Mock).mockReturnValue({
+        params: { nextDestination: 'personal_details' },
+      });
+
+      const { resetOnboardingState } = jest.requireMock(
+        '../../../../../core/redux/slices/card',
+      );
+
+      const { getByTestId } = render(<Complete />);
+      fireEvent.press(getByTestId('complete-confirm-button'));
+
+      await waitFor(() => {
+        expect(resetOnboardingState).not.toHaveBeenCalled();
+      });
+    });
+
+    it('navigates to SpendingLimit when nextDestination is card_home', async () => {
+      (useRoute as jest.Mock).mockReturnValue({
+        params: { nextDestination: 'card_home' },
+      });
+
+      const { getByTestId } = render(<Complete />);
+      const button = getByTestId('complete-confirm-button');
+      fireEvent.press(button);
+
+      await waitFor(() => {
+        expect(mockStackReplace).toHaveBeenCalledWith(
+          Routes.CARD.SPENDING_LIMIT,
+          { flow: 'onboarding' },
+        );
+        expect(mockNavigationDispatch).toHaveBeenCalledWith(
+          expect.objectContaining({ routeName: Routes.CARD.SPENDING_LIMIT }),
+        );
+      });
+    });
+
+    it('resets onboarding state when nextDestination is card_home', async () => {
+      (useRoute as jest.Mock).mockReturnValue({
+        params: { nextDestination: 'card_home' },
+      });
+
+      const { resetOnboardingState } = jest.requireMock(
+        '../../../../../core/redux/slices/card',
+      );
+
+      const { getByTestId } = render(<Complete />);
+      fireEvent.press(getByTestId('complete-confirm-button'));
+
+      await waitFor(() => {
+        expect(mockDispatch).toHaveBeenCalledWith(resetOnboardingState());
+      });
+    });
+
+    it('does not check token when nextDestination is provided', async () => {
+      (useRoute as jest.Mock).mockReturnValue({
+        params: { nextDestination: 'card_home' },
+      });
+
+      const { getCardBaanxToken } = jest.requireMock(
+        '../../util/cardTokenVault',
+      );
+
+      const { getByTestId } = render(<Complete />);
+      fireEvent.press(getByTestId('complete-confirm-button'));
+
+      await waitFor(() => {
+        expect(getCardBaanxToken).not.toHaveBeenCalled();
+      });
+    });
+
+    it('falls back to default behavior when nextDestination is undefined', async () => {
+      (useRoute as jest.Mock).mockReturnValue({
+        params: {},
+      });
+
+      const { getCardBaanxToken } = jest.requireMock(
+        '../../util/cardTokenVault',
+      );
+      getCardBaanxToken.mockResolvedValue({
+        success: true,
+        tokenData: { accessToken: 'mock-token' },
+      });
+
+      const { getByTestId } = render(<Complete />);
+      fireEvent.press(getByTestId('complete-confirm-button'));
+
+      await waitFor(() => {
+        expect(getCardBaanxToken).toHaveBeenCalled();
+        expect(mockStackReplace).toHaveBeenCalledWith(Routes.CARD.HOME);
+      });
+    });
+  });
 });