feat: add analytics tracking for social login failures (#22182)

<!--

Please submit this PR as a draft initially.

Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.

-->

## **Description**

This PR adds analytics tracking for social login failures to help
identify where and why failures occur during the OAuth login flow.

The implementation tracks failures at three stages:
1. **Provider login failures** - When users cancel or encounter errors
during the OAuth provider authentication step
2. **Token exchange failures** - When errors occur during the
authorization code to JWT token exchange
3. **Seedless authentication failures** - When errors occur during the
seedless authentication step

Each failure event includes contextual metadata:
- `account_type` - The type of account being created (e.g.,
`default_google`, `default_apple`)
- `is_rehydration` - Whether this is a rehydration flow (existing user
returning)
- `failure_type` - Whether the failure was due to user cancellation or
an error
- `error_category` - The specific stage where the failure occurred

## **Changelog**

CHANGELOG entry: null

## **Related issues**

Fixes: https://consensyssoftware.atlassian.net/browse/SL-257

## **Manual testing steps**

1. Start a social login flow (Google or Apple)
2. Cancel the OAuth provider authentication dialog
3. Verify that a `SocialLoginFailed` event is tracked with
`failure_type: 'user_cancelled'` and `error_category: 'provider_login'`
4. Attempt a social login and simulate a network error during token
exchange
5. Verify that a `SocialLoginFailed` event is tracked with
`failure_type: 'error'` and `error_category: 'get_auth_tokens'`
6. Attempt a social login and simulate an error during seedless
authentication
7. Verify that a `SocialLoginFailed` event is tracked with
`failure_type: 'error'` and `error_category: 'seedless_auth'`

## **Screenshots/Recordings**

<!-- Not applicable - this is an analytics-only change with no UI
changes -->

### **Before**

<!-- N/A -->

### **After**

<!-- N/A -->

## **Pre-merge author checklist**

- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I've included tests if applicable
- [x] I've documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I've applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [x] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [x] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.


<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Adds SOCIAL_LOGIN_FAILED tracking with rehydration context across
provider login, token exchange, and seedless auth; updates OAuth login
API and tests accordingly.
> 
> - **Analytics**:
> - Add `SOCIAL_LOGIN_FAILED` event in
`core/Analytics/MetaMetrics.events.ts` and export mapping.
> - **OAuth** (`core/OAuthService/OAuthService.ts`):
> - Add `userClickedRehydration` to local state and
`#trackSocialLoginFailure` to emit `SOCIAL_LOGIN_FAILED` with
`account_type`, `is_rehydration`, `failure_type`, and `error_category`.
> - Invoke tracking on failures in `provider_login`, `get_auth_tokens`,
and `seedless_auth` stages; validate `id_token` earlier.
> - Change `handleOAuthLogin(loginHandler, userClickedRehydration)`
signature and wire usage.
> - **Onboarding** (`components/Views/Onboarding/index.js`):
>   - Pass rehydration flag to `handleOAuthLogin` (`!createWallet`).
> - **Tests**:
> - Update unit tests in `OAuthService.test.ts` and
`Onboarding/index.test.tsx` to reflect new `handleOAuthLogin` param and
event behavior.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
37e8b08. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Author: huggingbot

app/components/Views/Onboarding/index.js

@@ -625,6 +625,7 @@ class Onboarding extends PureComponent {
       const loginHandler = createLoginHandler(Platform.OS, provider);
       const result = await OAuthLoginService.handleOAuthLogin(
         loginHandler,
+        !createWallet,
       ).catch((error) => {
         this.props.unsetLoading();
         this.handleLoginError(error, provider);

app/components/Views/Onboarding/index.test.tsx

@@ -744,6 +744,7 @@ describe('Onboarding', () => {
       expect(mockCreateLoginHandler).toHaveBeenCalledWith('ios', 'google');
       expect(mockOAuthService.handleOAuthLogin).toHaveBeenCalledWith(
         'mockGoogleHandler',
+        false,
       );
       expect(mockNavigate).toHaveBeenCalledWith(
         Routes.ONBOARDING.SOCIAL_LOGIN_SUCCESS_NEW_USER,
@@ -794,6 +795,7 @@ describe('Onboarding', () => {
       expect(mockCreateLoginHandler).toHaveBeenCalledWith('android', 'google');
       expect(mockOAuthService.handleOAuthLogin).toHaveBeenCalledWith(
         'mockGoogleHandler',
+        false,
       );
       // On Android, should navigate directly to ChoosePassword, not SocialLoginSuccessNewUser
       expect(mockNavigate).toHaveBeenCalledWith(
@@ -847,6 +849,7 @@ describe('Onboarding', () => {
       expect(mockCreateLoginHandler).toHaveBeenCalledWith('ios', 'apple');
       expect(mockOAuthService.handleOAuthLogin).toHaveBeenCalledWith(
         'mockAppleHandler',
+        false,
       );
       // On iOS with Apple login, should navigate to SocialLoginSuccessNewUser
       expect(mockNavigate).toHaveBeenCalledWith(
@@ -897,6 +900,7 @@ describe('Onboarding', () => {
       expect(mockCreateLoginHandler).toHaveBeenCalledWith('ios', 'apple');
       expect(mockOAuthService.handleOAuthLogin).toHaveBeenCalledWith(
         'mockAppleHandler',
+        true,
       );
       expect(mockNavigate).toHaveBeenCalledWith(
         Routes.ONBOARDING.SOCIAL_LOGIN_SUCCESS_EXISTING_USER,

app/core/Analytics/MetaMetrics.events.ts

@@ -138,6 +138,7 @@ enum EVENT_NAME {
   WALLET_SETUP_FAILURE = 'Wallet Setup Failure',
   WALLET_SETUP_COMPLETED = 'Wallet Setup Completed',
   SOCIAL_LOGIN_COMPLETED = 'Social Login Completed',
+  SOCIAL_LOGIN_FAILED = 'Social Login Failed',
   ACCOUNT_ALREADY_EXISTS_PAGE_VIEWED = 'Account Already Exists Page Viewed',
   ACCOUNT_NOT_FOUND_PAGE_VIEWED = 'Account Not Found Page Viewed',
   REHYDRATION_PASSWORD_ATTEMPTED = 'Rehydration Password Attempted',
@@ -756,6 +757,7 @@ const events = {
   WALLET_SETUP_FAILURE: generateOpt(EVENT_NAME.WALLET_SETUP_FAILURE),
   WALLET_SETUP_COMPLETED: generateOpt(EVENT_NAME.WALLET_SETUP_COMPLETED),
   SOCIAL_LOGIN_COMPLETED: generateOpt(EVENT_NAME.SOCIAL_LOGIN_COMPLETED),
+  SOCIAL_LOGIN_FAILED: generateOpt(EVENT_NAME.SOCIAL_LOGIN_FAILED),
   ACCOUNT_ALREADY_EXISTS_PAGE_VIEWED: generateOpt(
     EVENT_NAME.ACCOUNT_ALREADY_EXISTS_PAGE_VIEWED,
   ),

app/core/OAuthService/OAuthService.test.ts

@@ -131,7 +131,10 @@ describe('OAuth login service', () => {
 
   it('return a type success', async () => {
     const loginHandler = mockCreateLoginHandler();
-    const result = (await OAuthLoginService.handleOAuthLogin(loginHandler)) as {
+    const result = (await OAuthLoginService.handleOAuthLogin(
+      loginHandler,
+      false,
+    )) as {
       type: string;
       existingUser: boolean;
     };
@@ -154,7 +157,10 @@ describe('OAuth login service', () => {
       .spyOn(Engine.context.SeedlessOnboardingController, 'authenticate')
       .mockImplementation(mockAuthenticate);
 
-    const result = await OAuthLoginService.handleOAuthLogin(loginHandler);
+    const result = await OAuthLoginService.handleOAuthLogin(
+      loginHandler,
+      false,
+    );
     expect(result).toBeDefined();
 
     expect(mockLoginHandlerResponse).toHaveBeenCalledTimes(1);
@@ -172,7 +178,7 @@ describe('OAuth login service', () => {
       .mockImplementation(mockAuthenticate);
 
     await expectOAuthError(
-      OAuthLoginService.handleOAuthLogin(loginHandler),
+      OAuthLoginService.handleOAuthLogin(loginHandler, false),
       OAuthErrorType.LoginError,
     );
 
@@ -188,7 +194,7 @@ describe('OAuth login service', () => {
     const loginHandler = mockCreateLoginHandler();
 
     await expectOAuthError(
-      OAuthLoginService.handleOAuthLogin(loginHandler),
+      OAuthLoginService.handleOAuthLogin(loginHandler, false),
       OAuthErrorType.AuthServerError,
     );
 
@@ -209,7 +215,7 @@ describe('OAuth login service', () => {
     });
 
     await expectOAuthError(
-      OAuthLoginService.handleOAuthLogin(loginHandler),
+      OAuthLoginService.handleOAuthLogin(loginHandler, false),
       OAuthErrorType.UserDismissed,
     );
 
@@ -225,7 +231,7 @@ describe('OAuth login service', () => {
     });
 
     await expectOAuthError(
-      OAuthLoginService.handleOAuthLogin(loginHandler),
+      OAuthLoginService.handleOAuthLogin(loginHandler, false),
       OAuthErrorType.LoginError,
     );
 

app/core/OAuthService/OAuthService.ts

@@ -20,6 +20,9 @@ import {
 import { OAuthError, OAuthErrorType } from './error';
 import { BaseLoginHandler } from './OAuthLoginHandlers/baseHandler';
 import { Platform } from 'react-native';
+import { MetaMetrics } from '../Analytics';
+import { MetricsEventBuilder } from '../Analytics/MetricsEventBuilder';
+import { MetaMetricsEvents } from '../Analytics/MetaMetrics.events';
 
 export interface MarketingOptInRequest {
   opt_in_status: boolean;
@@ -48,6 +51,7 @@ interface OAuthServiceLocalState {
   loginInProgress: boolean;
   oauthLoginSuccess: boolean;
   oauthLoginError: string | null;
+  userClickedRehydration?: boolean;
 }
 export class OAuthService {
   public localState: OAuthServiceLocalState;
@@ -140,8 +144,44 @@ export class OAuthService {
     }
   };
 
+  #trackSocialLoginFailure = ({
+    authConnection,
+    errorCategory,
+    error,
+  }: {
+    authConnection: AuthConnection;
+    errorCategory: 'provider_login' | 'get_auth_tokens' | 'seedless_auth';
+    error: unknown;
+  }) => {
+    const isUserCancelled =
+      error instanceof OAuthError &&
+      (error.code === OAuthErrorType.UserCancelled ||
+        error.code === OAuthErrorType.UserDismissed);
+
+    let userClickedRehydration: 'true' | 'false' | 'unknown' = 'unknown';
+    if (this.localState.userClickedRehydration !== undefined) {
+      userClickedRehydration = this.localState.userClickedRehydration
+        ? 'true'
+        : 'false';
+    }
+
+    MetaMetrics.getInstance().trackEvent(
+      MetricsEventBuilder.createEventBuilder(
+        MetaMetricsEvents.SOCIAL_LOGIN_FAILED,
+      )
+        .addProperties({
+          account_type: `default_${authConnection}`,
+          is_rehydration: userClickedRehydration,
+          failure_type: isUserCancelled ? 'user_cancelled' : 'error',
+          error_category: errorCategory,
+        })
+        .build(),
+    );
+  };
+
   handleOAuthLogin = async (
     loginHandler: BaseLoginHandler,
+    userClickedRehydration: boolean,
   ): Promise<HandleOAuthLoginResult> => {
     const web3AuthNetwork = this.config.web3AuthNetwork;
 
@@ -151,6 +191,7 @@ export class OAuthService {
         OAuthErrorType.LoginInProgress,
       );
     }
+    this.updateLocalState({ userClickedRehydration });
     this.#dispatchLogin();
 
     try {
@@ -174,6 +215,12 @@ export class OAuthService {
         });
         endTrace({ name: TraceName.OnboardingOAuthProviderLoginError });
 
+        this.#trackSocialLoginFailure({
+          authConnection: loginHandler.authConnection,
+          errorCategory: 'provider_login',
+          error,
+        });
+
         throw error;
       } finally {
         endTrace({
@@ -196,6 +243,9 @@ export class OAuthService {
             { ...result, web3AuthNetwork },
             this.config.authServerUrl,
           );
+          if (!data.id_token) {
+            throw new OAuthError('No token found', OAuthErrorType.LoginError);
+          }
           getAuthTokensSuccess = true;
         } catch (error) {
           const errorMessage =
@@ -210,6 +260,12 @@ export class OAuthService {
             name: TraceName.OnboardingOAuthBYOAServerGetAuthTokensError,
           });
 
+          this.#trackSocialLoginFailure({
+            authConnection,
+            errorCategory: 'get_auth_tokens',
+            error,
+          });
+
           throw error;
         } finally {
           endTrace({
@@ -218,10 +274,6 @@ export class OAuthService {
           });
         }
 
-        if (!data.id_token) {
-          throw new OAuthError('No token found', OAuthErrorType.LoginError);
-        }
-
         const jwtPayload = JSON.parse(
           loginHandler.decodeIdToken(data.id_token),
         ) as Partial<OAuthUserInfo>;
@@ -257,6 +309,12 @@ export class OAuthService {
             name: TraceName.OnboardingOAuthSeedlessAuthenticateError,
           });
 
+          this.#trackSocialLoginFailure({
+            authConnection,
+            errorCategory: 'seedless_auth',
+            error,
+          });
+
           throw error;
         } finally {
           endTrace({