Add sunset banners guiding users to install Element X when registering against a server with MAS. (#7890)

RiotSwiftUI/Modules/Authentication/Common/Service/MatrixSDK/AuthenticationService.swift

@@ -148,8 +148,13 @@ class AuthenticationService: NSObject {
                 self.registrationWizard = registrationWizard
             } catch {
                 guard homeserver.preferredLoginMode.hasSSO, error as? RegistrationError == .registrationDisabled else {
-                    throw error
+                    if homeserver.preferredLoginMode.providesDelegatedOIDCCompatibility {
+                        throw RegistrationError.delegatedOIDCRequiresReplacementApp
+                    } else {
+                        throw error
+                    }
                 }
+                
                 // Continue without throwing when registration is disabled but SSO is available.
             }
         }
@@ -281,10 +286,13 @@ class AuthenticationService: NSObject {
         // Get the login flow
         let loginFlowResponse = try await client.getLoginSession()
         
-        let identityProviders = loginFlowResponse.flows?.compactMap { $0 as? MXLoginSSOFlow }.first?.identityProviders ?? []
+        let firstSSOFlow = loginFlowResponse.flows?.compactMap { $0 as? MXLoginSSOFlow }.first
+        let identityProviders = firstSSOFlow?.identityProviders ?? []
+        let providesDelegatedOIDCCompatibility = firstSSOFlow?.delegatedOIDCCompatibility ?? false
         return LoginFlowResult(supportedLoginTypes: loginFlowResponse.flows?.compactMap { $0 } ?? [],
                                ssoIdentityProviders: identityProviders.sorted { $0.name < $1.name }.map(\.ssoIdentityProvider),
-                               homeserverAddress: client.homeserver)
+                               homeserverAddress: client.homeserver, 
+                               providesDelegatedOIDCCompatibility: providesDelegatedOIDCCompatibility)
     }
     
     /// Perform a well-known request on the specified homeserver URL.

RiotSwiftUI/Modules/Authentication/Common/Service/MatrixSDK/LoginModels.swift

@@ -12,13 +12,15 @@ struct LoginFlowResult {
     let supportedLoginTypes: [MXLoginFlow]
     let ssoIdentityProviders: [SSOIdentityProvider]
     let homeserverAddress: String
+    let providesDelegatedOIDCCompatibility: Bool
     
     var loginMode: LoginMode {
         if supportedLoginTypes.contains(where: { $0.type == kMXLoginFlowTypeSSO }),
-           supportedLoginTypes.contains(where: { $0.type == kMXLoginFlowTypePassword }) {
+           supportedLoginTypes.contains(where: { $0.type == kMXLoginFlowTypePassword }),
+           !providesDelegatedOIDCCompatibility {
             return .ssoAndPassword(ssoIdentityProviders: ssoIdentityProviders)
         } else if supportedLoginTypes.contains(where: { $0.type == kMXLoginFlowTypeSSO }) {
-            return .sso(ssoIdentityProviders: ssoIdentityProviders)
+            return .sso(ssoIdentityProviders: ssoIdentityProviders, providesDelegatedOIDCCompatibility: providesDelegatedOIDCCompatibility)
         } else if supportedLoginTypes.contains(where: { $0.type == kMXLoginFlowTypePassword }) {
             return .password
         } else {
@@ -34,7 +36,7 @@ enum LoginMode {
     /// The homeserver supports login with a password.
     case password
     /// The homeserver supports login via one or more SSO providers.
-    case sso(ssoIdentityProviders: [SSOIdentityProvider])
+    case sso(ssoIdentityProviders: [SSOIdentityProvider], providesDelegatedOIDCCompatibility: Bool)
     /// The homeserver supports login with either a password or via an SSO provider.
     case ssoAndPassword(ssoIdentityProviders: [SSOIdentityProvider])
     /// The homeserver only allows login with unsupported mechanisms. Use fallback instead.
@@ -42,7 +44,7 @@ enum LoginMode {
     
     var ssoIdentityProviders: [SSOIdentityProvider]? {
         switch self {
-        case .sso(let ssoIdentityProviders), .ssoAndPassword(let ssoIdentityProviders):
+        case .sso(let ssoIdentityProviders, _), .ssoAndPassword(let ssoIdentityProviders):
             // Provide a backup for homeservers that support SSO but don't offer any identity providers
             // https://spec.matrix.org/latest/client-server-api/#client-login-via-sso
             return ssoIdentityProviders.count > 0 ? ssoIdentityProviders : [SSOIdentityProvider(id: "", name: "SSO", brand: nil, iconURL: nil)]
@@ -60,6 +62,15 @@ enum LoginMode {
         }
     }
     
+    var providesDelegatedOIDCCompatibility: Bool {
+        switch self {
+        case .sso(_, providesDelegatedOIDCCompatibility: true):
+            return true
+        default:
+            return false
+        }
+    }
+    
     var supportsPasswordFlow: Bool {
         switch self {
         case .password, .ssoAndPassword: