feat(auth): shared auth helper refactor

[robstax]

This pull request addresses

Internal refactor of auth helper functions for SSO OAuth

by making the following changes

Adds optional default-arg parameters to three private Authorization methods so a future flow (third-party login) can reuse them under its own sessionStorage key:

_generateSecurityToken(storageKey = OAUTH2_CSRF_TOKEN)
_verifySecurityToken(query, storageKey = OAUTH2_CSRF_TOKEN)
_cleanUrl(location, stateFieldsToStrip = ['csrf_token'])

Change Type

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update
• Tooling change
• Internal code refactor

The following scenarios were tested

< ENUMERATE TESTS PERFORMED, WHETHER MANUAL OR AUTOMATED >

The GAI Coding Policy And Copyright Annotation Best Practices

• GAI was not used (or, no additional notation is required)
• Code was generated entirely by GAI
• GAI was used to create a draft that was subsequently customized or modified
• Coder created a draft manually that was non-substantively modified by GAI (e.g., refactoring was performed by GAI on manually written code)
• Tool used for AI assistance (GitHub Copilot / Other - specify)
  • Github Copilot
  • Other - Please Specify
• This PR is related to
  • Feature
  • Defect fix
  • Tech Debt
  • Automation

I certified that

• I have read and followed contributing guidelines
• I discussed changes with code owners prior to submitting this pull request
• I have not skipped any automated checks
• All existing and new tests passed
• I have updated the documentation accordingly

---

Make sure to have followed the contributing guidelines before submitting.