fix: fix OAuth PKCE verifier overwrite and transport authProvider lookup

[Vishal2002]

Issue for this PR

Closes #17822

Type of change

• Bug fix
• New feature
• Refactor / code improvement
• Documentation

What does this PR do?

Fixes an issue where OAuth remained stuck in needs_auth after a successful login.

• Prevent duplicate saveCodeVerifier calls causing invalid_grant
• Fix incorrect authProvider access (_authProvider)
• Ensure transport is stored after redirect regardless of error type
• Add support for non-standard OAuth error responses

How did you verify your code works?

Tested locally with Notion MCP and Atlassian MCP.
OAuth flow completes successfully, tokens persist, and client is reused across runs.

Screenshots / recordings

N/A

Checklist

• I have tested my changes locally
• I have not included unrelated changes in this PR

[github-actions]

The following comment was made by an LLM, it may be inaccurate:

Found one potentially related PR:

PR #18674 - "fix: vendor Anthropic OAuth plugin and fix PKCE state security issue (fixes #18652)"
#18674

This PR also addresses PKCE-related security issues in the OAuth flow, though it focuses on a different issue (#18652 vs #17822). Both PRs involve OAuth PKCE fixes, so there's a chance of overlap in the areas being modified.

[github-actions]

Thanks for updating your PR! It now meets our contributing guidelines. 👍