This pull request fix the isolation of login flows when Using Multiple AuthProvider Instances. The changes ensure that authentication flows and storage are correctly scoped to each instance, preventing conflicts when multiple auth clients are used in the same application. The update also adds utilities to detect if the current URL is intended for a specific instance.

Key changes include:

Multi-auth instance support in authClient:

• Updated the legacy AsgardeoAuthClient to use an instance property for instanceID instead of a static class property, ensuring each client instance is independent. Storage keys and state parameters now include the correct instanceId. [1] [2] [3] [4]

URL utilities and authentication flow:

• Added the hasCalledForThisInstanceInUrl utility to check if the current URL's state parameter matches the expected instance, and exported it from the browser SDK. [1] [2]
• Updated the useBrowserUrl React hook and AsgardeoProvider to use the new utility, ensuring authentication callbacks are processed only by the correct client instance. [1] [2] [3] [4] [5]

Related Issues

• Fixes bug: Fail to isolate login flows when Using Multiple Nested AuthProvider Instances with unique instanceID #326

Related PRs

• Add support for multiple Asgardeo Provider instances via optional instanceID #325

Checklist

• Followed the CONTRIBUTING guidelines.
• Manual test round performed and verified.
• Documentation provided. (Add links if there are any)
• Unit tests provided. (Add links if there are any)

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines?
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets?