Update Rust crate oauth2 to v5

[oxide-renovate]

This PR contains the following updates:

Package	Type	Update	Change
oauth2	workspace.dependencies	major	4.4.2 -> 5.0.0

---

Release Notes

ramosbugs/oauth2-rs (oauth2)

v5.0.0

Compare Source

Refer to the Upgrade Guide for tips on how to upgrade from 4.x.

Changes since 5.0.0-rc.1

Bug Fixes

• Improve HttpClientError::Reqwest error message (9a2b746)

Full Changelog: ramosbugs/oauth2-rs@5.0.0-rc.1...5.0.0

Summary of changes since 4.4.2

Breaking Changes

• Replace TokenResponse generic with associated type (30ced32)
• Return impl Future instead of Pin<Box<dyn Future>> to fix Send/Sync bounds (6e583bd)
• Bump http to 1.0 and reqwest to 0.12 (408ecab)
• Add conditional typestates (replacing Boolean typestates from 5.0.0-alpha.1) (85ea470)
• Consolidate HTTP client errors into oauth2::HttpClientError and flatten exports (e.g., oauth2::reqwest instead of oauth2::reqwest::reqwest) (4391eed)
• reqwest: Migrate to shared Error type and use thiserror's From impl by @​MarijnS95 (#​238)
• Bump MSRV to 1.65 and institute a policy supporting Rust releases going back at least 6 months (same policy as openidconnect crate) (576f809)
• Improve Display output of RequestTokenError::ServerResponse (96c6f9b)
• Track Client endpoints statically via typestates (1d1f4d1)
• Refactor crate into smaller private modules and make devicecode and revocation modules private (9d8f11a)
• Add reqwest-blocking feature (da7d1c5)
• Rename URI/URL getters and setters (4d55c26)
• Add AsyncHttpClient and SyncHttpClient traits (23b952b)

New Features

• Implement SecretType::into_secret (#​272)
• Add timing-resistant-secret-traits feature for PartialEq/Hash by @​kate-shine (https://github.com/ramosbugs/oauth2-rs/pull/232)
• Derive Eq for types that already derive PartialEq (b19ad89)
• Implement From instead of Into for newtypes (d9402c4)
• Implement Display trait for URL types (8bd0ff1)

Bug Fixes

• Improve HttpClientError::Reqwest error message (9a2b746)
• Accept null device code interval (#​278)
• Ignore async token revocation response body (#​282)
• Derive Clone and Debug for EndpointState types (#​263)

Other Changes

• Inline format args (#​270)
• Update dev dependencies (#​285)
• Remove defunct sponsorship from README
• Remove client secret from implicit flow example (#​286)
• Use --locked on MSRV build in CI
• Allow base64 0.21 or 0.22 (#​261)
• Bump base64 to 0.21 (db0ea44)
• Set minimum version of chrono to 0.4.31 (7b667fc)
• Mention openidconnect crate in README (7b667fc)
• Add note about spawn_blocking to docs (1fc8188)
• Re-export curl as oauth2::curl and ureq as oauth2::ureq when the corresponding Cargo features are enabled (aff7471)
• Replace map_err() conversions with a From call via the Try operator by @​MarijnS95 (#​239)
• Fix comments about csrf_state by @​ikehz (#​245)
• Add documentation about comparing secrets securely by @​ikehz (#​246)
• Remove unused imports in examples by @​frewsxcv (#​207)
• Make private prepare_request() methods infallible (8ef74ac)
• Address clippy lints and clean up examples (d675e81)
• Remove empty leading and trailing lines from doc comments (a8b5cf8)
• Reorder and clean up imports (92c491a)
• Add Upgrade Guide

Full Changelog: ramosbugs/oauth2-rs@4.4.2...5.0.0

---

Configuration

📅 Schedule: Branch creation - "after 8pm,before 6am" in timezone America/Los_Angeles, Automerge - "after 8pm,before 6am" in timezone America/Los_Angeles.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[oxide-renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Cargo.lock

Command failed: cargo update --config net.git-fetch-with-cli=true --manifest-path Cargo.toml --package [email protected] --precise 5.0.0
    Updating crates.io index
error: failed to select a version for the requirement `oauth2 = "^4.4.2"`
candidate versions found which didn't match: 5.0.0
location searched: crates.io index
required by package `v-api v0.1.0 (https://github.com/oxidecomputer/v-api#befcb02d)`
    ... which satisfies git dependency `v-api` (locked to 0.1.0) of package `rfd-api v0.8.0 (/tmp/renovate/repos/github/oxidecomputer/rfd-api/rfd-api)`