fix(pkce): 20111 PKCE auth flow does not return user to previous path like dex auth flow

[austin5219]

Fixes #20111
Fixes #18045

This stores the users path during a PKCE auth flow and returns the user to the saved path on the PKCE callback in order to mirror the behavior that dex auth has. With the exception of the login path, the users path is stored in session storage during pkcelogin and retrieved during pkcecallback, defaulting to '/applications' when not present. This mirrors Dex's behavior with the return_url query parameter.

This fix should be cherry-picked to 2.12

Below is a screenshot of a pkce token expiry triggering a reauth that now redirects the user to their previous path. Certain sections have been redacted to not leak confidential or sensitive information.

Checklist:

• Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
• The title of the PR states what changed and the related issues number (used for the release note).
• The title of the PR conforms to the Toolchain Guide
• I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
• I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
• [n/a] Does this PR require documentation updates?
• [n/a] I've updated documentation as required by this PR.
• I have signed off all my commits as required by DCO
• I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
• My build is green (troubleshooting builds).
• My new feature complies with the feature status guidelines.
• I have added a brief description of why this PR is necessary and/or what this PR solves.
• [n/a] Optional. My organization is added to USERS.md.
• Optional. For bug fixes, I've indicated what older releases this fix should be cherry-picked into (this may or may not happen depending on risk/complexity).

[bunnyshell]

❌ Preview Environment deleted from Bunnyshell

Available commands (reply to this comment):

• 🚀 /bns:deploy to deploy the environment

[bunnyshell]

❌ Preview Environment deleted from Bunnyshell

Available commands (reply to this comment):

• 🚀 /bns:deploy to deploy the environment

[reggie-k]

It is better to move this into the if that handles the error handling, cause needed only in case of error.

[reggie-k]

@austin5219 regarding the error handling upon pkce-relogin and using the React context, please make sure to test the error use case to see the notification in action, I am not confident that using the React context there goes smooth.

[reggie-k]

Also had a session with Austin where he showed the behavior before and after the change, LGTM.

[pasha-codefresh]

Thank you @austin5219 , amazing work

[pasha-codefresh]

@austin5219 will it be big issue if we release it in 2.14 in next 3 months? it is available under latest tag, but because this bug fix is also affecting other components, i would consider it to release as part of 2.14 RC

[austin5219]

@pasha-codefresh given it is a bug fix, is there any way it could be at least backported to 2.13?
also can this issue be closed as well as the changes for the fix were in this pr: #18045

[pasha-codefresh]

Yes, issue can be closed. Okay, we are doing 2.13 release on Monday, Can we cherry-pick it as part of 2.13.1? For example in 1 week after release

[pasha-codefresh]

/cherry-pick release-2.13

[gcp-cherry-pick-bot]

Cherry-pick failed with Merge error 092bb7328cc7aeeb75460fc25fafa575418cacd3 into temp-cherry-pick-49da72-release-2.13