We should show a unique error when all credentials are spent

[bsclifton]

Test plan

See brave/brave-core#26272

Description

With the time limited v2 credentials system, folks are getting 2 credentials per day.

Even with the caching and safeguards we have in place, sometimes the person is running out of credentials. In the code, we are showing a session expired for that scenario, which looks like this:

If you examine the SKU state, you'll notice it looks like this (notice both spent):

{
    "unblinded_creds":
    [
        {
            "unblinded_cred": "qr0cfZ9lPKFf7vXGkQSVXRxWHet94zIAqeCmQCR5JqG0X4RwD+yAC/D7ppmIAp64BzmpdccP+fT+9xsXcCvNfhKBusQrGT686iWFGzqTkSxVSky6khajmXlt3w5EMwAp",
            "spent": true
        },
        {
            "unblinded_cred": "SgtpnG6QJhmLUTjYCYA62271zjYwU4lNI0GX3W686zlyiUKU0ZfPveZF/xHbBFBkRE6UNMusyHtdDUjRXg89Ub7gsaN9ORFOwurhuoFhv4Kea0gIzW1V8dsHIRg2J64v",
            "spent": true
        }
    ],
    "issuer_id": "8dc09cb0-a69b-4695-8288-7bf716615385",
    "valid_from": "2023-09-11T19:31:40",
    "valid_to": "2023-09-12T19:31:40"
}

We should show an error message which indicates that we're out of credentials.
Per Slack thread (for Brave employees - https://bravesoftware.slack.com/archives/C021S0FN3V1/p1730140219576869?thread_ts=1729197731.366099&cid=C021S0FN3V1), we should be showing an error:
Having trouble authenticating to the VPN server. Please contact support or try again later.

Help is needed to create a state inside the browser (ex: in the VPN panel, like session expired) to let folks know they've ran out of credentials. In an ideal world, this shouldn't happen - and if a user hits this situation, they will get a new set of credentials within 24 hours.

Figma for VPN (has most everything we've done so far):
https://www.figma.com/file/qtMYwoj3JWJO5xzwLt6j2f/Desktop-VPN?type=design&node-id=0-1&mode=design&t=eHDcKZkSPRxI60Se-0

[bsclifton]

cc: @mattmcalister @aguscruiz - help needed (including wording)

For code change, we could potentially create a new state and then check here:
https://github.com/brave/brave-core/blob/db5c6571fd2c4036ed47a0a7f95b46a1a0517edb/components/brave_vpn/browser/brave_vpn_service.cc#L533-L541

[bsclifton]

Bumping down to a P4 after recent changes on Guardian VPN side have made this error happen a LOT less

[bsclifton]

cc: @iambrianfung who recently ran into this

Bumping from P4 => P3

[mattmcalister]

we could potentially create a new state

good idea. then we could change the messaging and available actions. cc @pavelbrm @clD11

[MadhaviSeelam]

Verification PASSED using

Brave | 1.74.5 Chromium: 131.0.6778.69 (Official Build) beta (64-bit)
-- | --
Revision | fbd7c390a7daa54f1aac2c769076d3fecf7c7fc7
OS | Windows 11 Version 23H2 (Build 22631.4460)

Existing user (account.brave.com) - PASSED

1. Installed 1.74.5
2. launched Brave
3. logged into account.brave.com with an existing VPN
4. clicked Refreshed Firewall + VPN button on the subscription page
5. connected VPN via VPN panel and disconnected
6. closed Brave
7. opened Brave-Browser-Beta profile folder >> Local State file in the notepad
8. searched for the sku > state area
9. searched credentials that were just used - searched for "spent: true"
10. searched second credential for that same day (below line) and changed "spent: false" to "spent: true"
11. verified both be "true" (meaning you are out of credentials for the time window you're in (if code asks for new credentials)).
12. searched for brave_vpn > subscriber_credential
13. set "credential" to empty string "" (This will force the next launch to try to get new credentials)
14. saved and closed the file
15. relaunched Brave
16. clicked VPN button to open VPN panel
17. confirmed error message shown as per the screenshot
18. confirmed the error message is dismissed and VPN panel shown disconnected state (~3 hours later)
19. enabled the VPN and successfully connected
20. opened whatismyipaddress.com and correct region shown.

step 3	step 4	step 5	step 10	step 11	step 13	step 14	step 16	step 17	step 18	step 19	step 20

New user (account.bravesoftware.com) - PASSED

1. Installed 1.74.5
2. launched Brave
3. logged into account.brave.com with basic auth
4. subscribed to new VPN using [email protected]
5. clicked VPN button in the toolbar
6. connected to VPN successfully
7. disconnected and closed Brave
8. opened Brave-Browser-Beta profile folder >> Local State file in the notepad
9. searched for the sku > state area
10. searched credentials that were just used - searched for "spent: true"
11. searched second credential for that same day (below line) and changed "spent: false" to "spent: true"
12. verified both be "true" (meaning you are out of credentials for the time window you're in (if code asks for new credentials)).
13. searched for brave_vpn > subscriber_credential
14. set "credential" to empty string "" (This will force the next launch to try to get new credentials)
15. saved and closed the file
16. relaunched Brave
17. clicked VPN button to open VPN panel
18. confirmed error message shown as per the screenshot
19. confirmed the error message is dismissed and VPN panel shown disconnected state (~48 hours later)
20. enabled the VPN and successfully connected
21. opened whatismyipaddress.com and correct region shown.

step 4	step 5	step 6	step 10	step 11	step 13	step 14	step 18	step 19	step 20	step 21

[GeetaSarvadnya]

Verification PASSED on

Brave | 1.74.20 Chromium: 131.0.6778.108 (Official Build) beta (arm64)
-- | --
Revision | 6f52e170fb1611fc69347fb24bca600ed052f7b3
OS | macOS Version 12.5 (Build 21G72)

Verified the test plan from brave/brave-core#26272

Existing user (account.brave.com) - PASSED

1. Installed 1.74.20
2. launched Brave
3. logged into account.brave.com with an existing VPN
4. clicked Refreshed Firewall + VPN button on the subscription page
5. connected VPN via VPN panel and disconnected
6. closed Brave
7. opened Brave-Browser-Beta profile folder >> Local State file in the notepad
8. searched for the sku > state area
9. searched credentials that were just used - searched for "spent: true"
10. searched second credential for that same day (below line) and changed "spent: false" to "spent: true"
11. verified both be "true" (meaning you are out of credentials for the time window you're in (if code asks for new credentials)).
12. searched for brave_vpn > subscriber_credential
13. set "credential" to empty string "" (This will force the next launch to try to get new credentials)
14. saved and closed the file
15. relaunched Brave
16. clicked VPN button to open VPN panel
17. confirmed error message shown as per the screenshot

step 3	step 4	step 5	step 10	step 11	step 13	step 14	step 16 and step 17

New user (account.bravesoftware.com) - PASSED

1. Installed 1.74.20
2. launched Brave
3. logged into account.brave.com with basic auth
4. subscribed to new VPN using [email protected]
5. clicked VPN button in the toolbar
6. connected to VPN successfully
7. disconnected and closed Brave
8. opened Brave-Browser-Beta profile folder >> Local State file in the notepad
9. searched for the sku > state area
10. searched credentials that were just used - searched for "spent: true"
11. searched second credential for that same day (below line) and changed "spent: false" to "spent: true"
12. verified both be "true" (meaning you are out of credentials for the time window you're in (if code asks for new credentials)).
13. searched for brave_vpn > subscriber_credential
14. set "credential" to empty string "" (This will force the next launch to try to get new credentials)
15. saved and closed the file
16. relaunched Brave
17. clicked VPN button to open VPN panel
18. confirmed error message shown as per the screenshot

step 6	step 7	step 10	step 11	step 13	step 14	step 18

[GeetaSarvadnya]

@MadhaviSeelam: For both cases above (existing user and new user), for the step 19 the error message is not dismissed from the panel although the VPN status is Disconnected in the panel, I am not sure why I am getting this, are you setting the sys clock ahead by 3 hour and 2 days manually for case 1 and 2 ?

[MadhaviSeelam]

@MadhaviSeelam: For both cases above (existing user and new user), for the step 19 the error message is not dismissed from the panel although the VPN status is Disconnected in the panel, I am not sure why I am getting this, are you setting the sys clock ahead by 3 hour and 2 days manually for case 1 and 2 ?

@GeetaSarvadnya it was a natural wait as the testplan didn't mention these additional steps, I didn't know how long it takes for the error message to get dismissed. I was curious to see the timeframe it takes to dismiss the error message and as you can see, for existing user testcase, it took ~3 hours and for new user testcase, it took about ~48 hours.