PRE-3442: Fix Oauth when acc is unboarded and redirect

[adumont-payplug]

Description

PRE-3442: Fix Oauth when acc is unboarded and redirect

Motivation:

• Fix redirect after Oauth login : When the "Back" button was clicked, we were redirected to the Portal instead of the list of payment methods
• Fix the Oauth login when an account isn't onboarded : the payment mehod is deactivated and it shows an error message

Related issue(s): Closes # PRE-3442

---

Type of Change

• 🐛 Bug fix (non-breaking change that fixes an issue) [x]
• ✨ New feature (non-breaking change that adds functionality) [ ]
• 💥 Breaking change (fix or feature that causes existing functionality to change and that could impact other libs) [ ]
• 🔧 Refactor (no functional changes, code improvement only) [ ]
• 📦 Dependency update [ ]
• 🔒 Security fix [ ]
• 📝 Documentation update [ ]

---

Checklist

Code Quality

• Code is linted and formatted
• No unnecessary commented-out code or debug logs
• No hardcoded values (use env variables or config)

Testing

• Unit tests added / updated

Security & Ops

• No sensitive data or secrets introduced
• Logging and error handling are appropriate

[Copilot]

Pull request overview

This PR aims to improve the admin OAuth flow for PayPlug payment methods by fixing the “Back” navigation in the payment method UI and making the OAuth callback more resilient when the PayPlug account isn’t fully onboarded.

Changes:

• Adds an admin “Back” button (cancel action) to payment method create/update headers via Twig hooks.
• Adjusts OAuth callback credential persistence to avoid undefined index errors when SDK responses don’t include httpResponse.
• Updates Composer metadata/scripts (but currently introduces a Composer configuration regression).

1. What's Good

• The admin back-navigation is implemented via Twig hooks (low-impact, avoids controller changes).
• The OAuth callback change prevents PHP notices when the SDK response doesn’t contain httpResponse.

---

2. Summary table

Dimension	Rating
Security	✅ Fine
Correctness	❌ High (Composer config regression; misleading OAuth success flash on partial failure)
Performance	✅ Fine
Maintainability	⚠️ Low (PHPStan suppression can be replaced with a precise type annotation)

---

3. Closing one-liner

Fix the Composer.json regression (restore extra and remove hardcoded version) and adjust OAuth callback flash messaging so failures don’t still report success.

---

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
templates/admin/payment_method/actions/cancel.html.twig	Adds an admin “Back” button action template for payment method screens.
config/twig_hooks/admin.yaml	Hooks the new cancel action into create/update payment method header actions.
src/Action/Admin/Auth/UnifiedAuthenticationController.php	Makes OAuth callback credential assignment null-safe (but needs better success/error feedback).
src/Controller/CompleteInfoController.php	Adds a PHPStan suppression for dynamic form field types (can be made type-safe instead).
composer.json	Adds a hardcoded version and rewrites script/extra config (currently breaks expected Symfony Flex extra config).