* Replace browser-encrypt-attachment with matrix-encrypt-attachment
matrix-encrypt-attachment is maintained and includes TS typings
* Upgrade matrix-encrypt-attachment to latest with default exports
* react-focus-lock to 2.5.1
Signed-off-by: Kerry Archibald <kerrya@element.io>
* use enzyme in ASSD test so focus lock finds active element
Signed-off-by: Kerry Archibald <kerrya@element.io>
* findById and flushPromises to test utils
Signed-off-by: Kerry Archibald <kerrya@element.io>
MSC: https://github.com/matrix-org/matrix-doc/pull/2918
Fixes https://github.com/vector-im/element-web/issues/18698
Fixes https://github.com/vector-im/element-web/issues/20648
**Requires https://github.com/matrix-org/matrix-js-sdk/pull/2178**
**Note**: There's a lot of logging in this PR. That is intentional to ensure that if/when something goes wrong we can chase the exact code path. It does not log any tokens - just where the code is going. Overall, it should be fairly low volume spam (and can be relaxed at a later date).
----
This approach uses indexeddb (through a mutex library) to manage which tab actually triggers the refresh, preventing issues where multiple tabs try to update the token. If multiple tabs update the token then the server might consider the account hacked and hard logout all the tokens.
If for some reason the timer code gets it wrong, or the user has been offline for too long and the token can't be refreshed, they should be sent to a soft logout screen by the server. This will retain the user's encryption state - they simply need to reauthenticate to get an active access token again.
This additionally contains a change to fix soft logout not working, per the issue links above.
Of interest may be the IPC approach which was ultimately declined in favour of this change instead: https://github.com/matrix-org/matrix-react-sdk/pull/7803