Absorb the matrix-react-sdk repository (#28192)

Co-authored-by: github-merge-queue <118344674+github-merge-queue@users.noreply.github.com>
Co-authored-by: github-merge-queue <github-merge-queue@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Florian Duros <florian.duros@ormaz.fr>
Co-authored-by: Kim Brose <kim.brose@nordeck.net>
Co-authored-by: Florian Duros <florianduros@element.io>
Co-authored-by: R Midhun Suresh <hi@midhun.dev>
Co-authored-by: dbkr <986903+dbkr@users.noreply.github.com>
Co-authored-by: ElementRobot <releases@riot.im>
Co-authored-by: dbkr <dbkr@users.noreply.github.com>
Co-authored-by: David Baker <dbkr@users.noreply.github.com>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: David Langley <davidl@element.io>
Co-authored-by: Michael Weimann <michaelw@matrix.org>
Co-authored-by: Timshel <Timshel@users.noreply.github.com>
Co-authored-by: Sahil Silare <32628578+sahil9001@users.noreply.github.com>
Co-authored-by: Will Hunt <will@half-shot.uk>
Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
Co-authored-by: Robin <robin@robin.town>
Co-authored-by: Tulir Asokan <tulir@maunium.net>

playwright/plugins/oauth_server/README.md

@@ -0,0 +1,24 @@
+# oauth_server
+
+A very simple OAuth identity provider server.
+
+The following endpoints are exposed:
+
+-   `/oauth/auth.html`: An OAuth2 [authorization endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).
+    In a proper OAuth2 system, this would prompt the user to log in; we just give a big "Submit" button (and an
+    auth code that can be changed if we want the next step to fail). It redirects back to the calling application
+    with a "code".
+
+-   `/oauth/token`: An OAuth2 [token endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).
+    Receives the code issued by "auth.html" and, if it is valid, exchanges it for an OAuth2 access token.
+
+-   `/oauth/userinfo`: An OAuth2 [userinfo endpoint](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo).
+    Returns details about the owner of the offered access token.
+
+To start the server, do:
+
+```javascript
+cy.task("startOAuthServer").then((port) => {
+    // now we can configure Synapse or Element to talk to the OAuth2 server.
+});
+```

playwright/plugins/oauth_server/index.ts

@@ -0,0 +1,64 @@
+/*
+Copyright 2024 New Vector Ltd.
+Copyright 2023 The Matrix.org Foundation C.I.C.
+
+SPDX-License-Identifier: AGPL-3.0-only OR GPL-3.0-only
+Please see LICENSE files in the repository root for full details.
+*/
+
+import http from "http";
+import express from "express";
+import { AddressInfo } from "net";
+
+export class OAuthServer {
+    private server?: http.Server;
+
+    public start(): number {
+        if (this.server) this.stop();
+
+        const app = express();
+
+        // static files. This includes the "authorization endpoint".
+        app.use(express.static(__dirname + "/res"));
+
+        // token endpoint (see https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint)
+        app.use("/oauth/token", express.urlencoded({ extended: true }));
+        app.post("/oauth/token", (req, res) => {
+            // if the code is valid, accept it. Otherwise, return an error.
+            const code = req.body.code;
+            if (code === "valid_auth_code") {
+                res.send({
+                    access_token: "oauth_access_token",
+                    token_type: "Bearer",
+                    expires_in: "3600",
+                });
+            } else {
+                res.send({ error: "bad auth code" });
+            }
+        });
+
+        // userinfo endpoint (see https://openid.net/specs/openid-connect-core-1_0.html#UserInfo)
+        app.get("/oauth/userinfo", (req, res) => {
+            // TODO: validate that the request carries an auth header which matches the access token we issued above
+
+            // return an OAuth2 user info object
+            res.send({
+                sub: "alice",
+                name: "Alice",
+            });
+        });
+
+        this.server = http.createServer(app);
+        this.server.listen();
+        const address = this.server.address() as AddressInfo;
+        console.log(`Started OAuth server at ${address.address}:${address.port}`);
+        return address.port;
+    }
+
+    public stop(): void {
+        console.log("Stopping OAuth server");
+        const address = this.server.address() as AddressInfo;
+        this.server.close();
+        console.log(`Stopped OAuth server at ${address.address}:${address.port}`);
+    }
+}

playwright/plugins/oauth_server/res/oauth/auth.html

@@ -0,0 +1,34 @@
+<!--
+Copyright 2024 New Vector Ltd.
+Copyright 2023 The Matrix.org Foundation C.I.C.
+
+SPDX-License-Identifier: AGPL-3.0-only OR GPL-3.0-only
+Please see LICENSE files in the repository root for full details.
+-->
+
+<!--
+A dummy OAuth2 authorization endpoint (see https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint)
+
+Mostly, it just redirects back to the `redirect_uri` in the query params.
+-->
+
+<html lang="en">
+    <body>
+        <h1>Test OAuth page</h1>
+
+        <form id="auth_form">
+            <input type="hidden" id="state" name="state" />
+            <label for="code">Auth Code:</label>
+            <input type="text" id="code" name="code" value="valid_auth_code" />
+            <input type="submit" value="Submit" />
+        </form>
+
+        <script>
+            // process the query params, and set up the form
+            const urlParams = new URLSearchParams(window.location.search);
+            console.log("Test OAuth page: query params:", new Map(urlParams.entries()));
+            document.getElementById("auth_form").action = urlParams.get("redirect_uri");
+            document.getElementById("state").value = urlParams.get("state");
+        </script>
+    </body>
+</html>