refactor(auth-qrcode): Use oauth2 crate instead of openidconnect

[zecakeh]

The "next-gen auth" MSCs are now only based on OAuth 2.0, which is simpler than OpenID Connect.

This sholdn't break anything but I haven't tested it in production.

[codecov]

Codecov Report

Attention: Patch coverage is 95.34884% with 2 lines in your changes missing coverage. Please review.

Project coverage is 85.79%. Comparing base (9c9944a) to head (c6d2ab4).
Report is 8 commits behind head on main.

Files with missing lines	Patch %	Lines
...ates/matrix-sdk/src/authentication/qrcode/login.rs	83.33%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4604      +/-   ##
==========================================
- Coverage   85.79%   85.79%   -0.01%     
==========================================
  Files         293      293              
  Lines       33774    33768       -6     
==========================================
- Hits        28976    28970       -6     
  Misses       4798     4798              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[bnjbvr]

Is there some context to this change, some Github issue with a rationale maybe?

[zecakeh]

There is a bit of rationale in #4593 and #4550.

One of the main differences between OAuth 2.0 and OIDC is that the latter requires the use of an id_token, which is something that is NOT in OAuth 2.0. So the openidconnect crate will require fields related to it in responses from the server, but it is not something that is mandated anymore by the MSCs.

[bnjbvr]

I skimmed the changes and they seem pretty simple, thanks a bunch. In terms of requirements before landing, I'd like to make sure this is tested in some of the EX apps before we merge this.

[bnjbvr]

2025

[bnjbvr]

can this be type OauthClientInner = BasicClient<EndpointNotSet, ...> to avoid the generics? And if OauthClientInner is used only a single time, we can even inline the type declaration into its one use, likely?

[zecakeh]

Indeed, let's inline this, I was hesitating whether to do it or not.

[zecakeh]

FWIW, I tested this via the qr-login example with beta.matrix.org and it works.

[poljar]

I tested this with the qr-login example as well. Can confirm that it works.

[poljar]

Could you please resolve the merge conflict, then we can go ahead and merge.

[zecakeh]

Done

[zecakeh]

Actually the changelog is in the wrong place, let me fix that

[zecakeh]

And done.