Add QR code login

[clins1994]

Summary

Adds LINE QR code login as the primary login path while keeping email/password available as a secondary flow.

The QR flow follows the LINE Chrome extension v3.7.2 shape: create QR session, append secret=<public key>&e2eeVersion=1, wait for scan/PIN as needed, complete with qrCodeLoginV2, and persist the returned tokens, certificate, MID, and E2EE keychain metadata.

Also keeps email login compatibility with the old flow ID, scopes QR E2EE key unwrap state to the login attempt, and tightens token/decrypt recovery around the new login path.

Fixes #94.

Before

sequenceDiagram
    participant U as User
    participant B as Bridge
    participant L as LINE

    U->>B: login
    B-->>U: email/password flow only
    U->>B: submit email and password
    B->>L: loginV2 with email/password
    L-->>B: PIN or verifier flow
    B-->>U: enter PIN on LINE mobile
    U->>L: approve login
    B->>L: complete login
    L-->>B: tokens and keychain metadata

Loading

After

sequenceDiagram
    participant U as User
    participant B as Bridge
    participant M as LINE mobile
    participant L as LINE

    U->>B: login
    B-->>U: login qr or login email
    U->>B: login qr
    B->>L: create QR session and QR code
    B-->>U: QR callback with secret and e2eeVersion=1
    U->>M: scan QR code
    M->>L: approve login
    B->>L: verify certificate or request PIN
    alt PIN required
        B-->>U: show PIN
        U->>M: enter PIN
        B->>L: check PIN verified
    end
    B->>L: qrCodeLoginV2
    L-->>B: tokens, certificate, MID, keychain metadata

Loading

Verification

• go test ./pkg ./pkg/e2ee ./pkg/connector ./pkg/line
• git diff --check
• docker compose build matrix-line
• Manual QR login with rebuilt Docker image
• Verified bridge connected, stayed healthy, and bridged rooms/messages/media after QR login

[clins1994]

Follow-up QR login verification notes:

• Ran go test ./pkg ./pkg/e2ee ./pkg/connector ./pkg/line successfully.
• Ran git diff --check successfully.
• Rebuilt and restarted Docker service with docker compose up -d --build matrix-line.
• Verified container health after QR login: running, not restarting, exit=0, oom=false, restarts=0.
• Verified logs after fresh QR login showed CONNECTED, LINE client connected, Starting LINE SSE loop, and Seeded local revision.
• Verified logs showed rooms/messages and media being bridged to Matrix successfully.
• Checked for regressions in logs: no BAD_CREDENTIALS, no no stored credentials, no missing peer public key, no decrypt placeholder failures, and no panic/restart loop.
• Observed one transient Matrix appservice websocket EOF followed by reconnect and CONNECTED state resend; not a LINE login/decrypt failure.

[clins1994]

@highesttt ready for your review