Remove openid_client dependency

[thePeras]

Remove the dependency and implement the flow by hand.

Originally posted by @thePeras in https://github.com/NIAEFEUP/uni/pull/1196#discussion_r1647462908

[LuisDuarte1]

We should not make the flow by hand. OpenID Connect authentication flow is a bit complex and might be non-trivial to implement. We can search for other packages though.

As I've commented on the PR, this is a non-trivial task, that might have some compromises not only in terms of security but also on implementation time. We should try to find other packages first, and even if we don't find a new replacement, at most, we should fork openid_client for our purposes.

[bartekpacia]

I'm not at all familiar with OpenID Connect, so can't comment, but @LuisDuarte1's concerns sound valid.

Alternatively, we could fork off openid_client, take very good care of it, and publish that own version to pub.dev. Then NI would maintain a popular, important open-source project in the Flutter world:) stonks

alternatively: message the maintainer of openid_client package and propose to take over maintenance of that package.

[limwa]

Picking this up again because openid_client is causing troubles for us regarding updating dependencies.

I found this alternative, looks promising 🙂 https://pub.dev/packages/flutter_appauth

[limwa]

After some more discussions, and taking into account that having a dependency that can run on a server might become useful, the transition to flutter_appauth is not viable, at the moment.

https://pub.dev/packages/oidc sounds like a promising alternative for the distant future. For now, we'll maintain our fork and keep it up-to-date with the upstream package.