fix(realtime_client): suppress InvalidJWTToken from setAuth in joinPush 'ok' handler

[theprantadutta]

Summary

Fixes #1363.

RealtimeChannel.subscribe() registers an async 'ok' callback on joinPush that calls socket.setAuth(socket.accessToken) without a try/catch. When the cached access token has expired by the time the server replies 'ok' (e.g. the device woke from a long background sleep and the channel rejoined before the auth refresh fired), setAuth throws:

FormatException: InvalidJWTToken: Invalid value for JWT claim "exp" with value …

Because Push.trigger invokes the callback as a void-returning function, the resulting Future's error is discarded and surfaces in the zone error handler. Sentry / Crashlytics report it as a fatal even though the app keeps running and the next tokenRefreshed event recovers normally.

SupabaseClient._handleTokenChanged already filters this exact exception on the auth-state-change path:

https://github.com/supabase/supabase-flutter/blob/main/packages/supabase/lib/src/supabase_client.dart#L379-L389

This PR mirrors that filter on the rejoin path so the two re-auth code paths behave consistently.

Change

packages/realtime_client/lib/src/realtime_channel.dart — wrap the rejoin setAuth call in the same FormatException / InvalidJWTToken filter that SupabaseClient._handleTokenChanged uses. Other FormatExceptions still propagate.

if (socket.accessToken != null) {
  try {
    await socket.setAuth(socket.accessToken);
  } on FormatException catch (e) {
    if (!e.message.contains('InvalidJWTToken')) {
      rethrow;
    }
  }
}

Tests

Added two unit tests in packages/realtime_client/test/channel_test.dart:

1. Positive case — when setAuth throws FormatException('InvalidJWTToken: …') on rejoin, the 'ok' handler still runs to completion and emits RealtimeSubscribeStatus.subscribed. Without the fix this test fails (the callback aborts at setAuth and the subscribed status is never emitted), confirming it genuinely validates the fix.
2. Rethrow case — non-InvalidJWTToken FormatExceptions still abort the rejoin handler (subscribed is not emitted).

Both tests use a RealtimeClient subclass that overrides setAuth to throw a controlled exception and overrides connect to a no-op so transport-level async errors do not pollute the test runner zone.

Test plan

• dart test packages/realtime_client/test/channel_test.dart — both new tests pass; pre-existing tests unchanged
• dart analyze clean for realtime_client, supabase, and supabase_flutter
• Verified the positive test fails when the source change is reverted (confirming it tests the right thing)

Note: httpSend throws error on non-202 status is flaky on main independently of this change (~40% fail rate locally on a clean checkout). Out of scope for this PR.

[Vinzent03]

If you could fix the formatting issue, I think this looks great. Thanks!

[theprantadutta]

Thanks for the review @Vinzent03! Formatting fixed in 34c2f35 — re-ran dart format lib test -l 80 --set-exit-if-changed locally to match CI, clean now. Tests still pass.