update authlib from 0.15.5 to 1.1.0

[ffaex]

There are 2 source files which use the authlib package:

• synapse/synapse/handlers/oidc.py
• synapse/synapse/rest/client/login.py

Breaking changes happend in authlib version 1.0.0 https://github.com/lepture/authlib/releases/tag/v1.0.0 .
Imports from authlib which are being used:

• JsonWebToken, JWTClaims, generate_token, jwt, ClientAuth, OpenIDProviderMetadata, get_well_known_url, CodeIDToken, UserInfo, prepare_grant_uri

None of those seem to be changed in version 1.1.0

this commit fixes #13747

Pull Request Checklist

• Pull request is based on the develop branch
• Pull request includes a changelog file. The entry should:
  • Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from EventStore to EventWorkerStore.".
  • Use markdown where necessary, mostly for code blocks.
  • End with either a period (.) or an exclamation mark (!).
  • Start with a capital letter.
  • Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry.
• Pull request includes a sign off
• Code style is correct
  (run the linters)

Signed-off-by: Fyodor Fomichev [email protected]

[richvdh]

Imports from authlib which are being used:

JsonWebToken, JWTClaims, generate_token, jwt, ClientAuth, OpenIDProviderMetadata, get_well_known_url, CodeIDToken, UserInfo, prepare_grant_uri

This is not a complete list: synapse.rest.client.login has from authlib.jose.errors import BadSignatureError, InvalidClaimError, JoseError. However, I don't think any of these are changing either.

[richvdh]

This looks plausible to me. If it's not plausible, then we have a problem with the dependency range in pyproject.toml.