Bump Microsoft.AspNetCore.Authentication.JwtBearer and System.IdentityModel.Tokens.Jwt in /src/backend

[dependabot[bot]]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps Microsoft.AspNetCore.Authentication.JwtBearer and System.IdentityModel.Tokens.Jwt. These dependencies needed to be updated together. Updates Microsoft.AspNetCore.Authentication.JwtBearer from 6.0.31 to 6.0.36

Release notes

Sourced from Microsoft.AspNetCore.Authentication.JwtBearer's releases.

.NET 6.0.36

Release

What's Changed

• Update branding to 6.0.36 by @​vseanreesermsft in dotnet/aspnetcore#58197
• [release/6.0] (deps): Bump src/submodules/MessagePack-CSharp from ecc4e18 to 9511905 by @​dependabot in dotnet/aspnetcore#58186
• [release/6.0] (deps): Bump src/submodules/googletest from ff233bd to 6dae7eb by @​dependabot in dotnet/aspnetcore#58185
• [release/6.0] Enable TSA/Policheck by @​github-actions in dotnet/aspnetcore#58125
• [release/6.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in dotnet/aspnetcore#57844
• [Backport] Http.Sys: Clean up Request parsing errors by @​BrennanConroy in dotnet/aspnetcore#57812
• Merging internal commits for release/6.0 by @​vseanreesermsft in dotnet/aspnetcore#58299
• [release/6.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in dotnet/aspnetcore#58346

Full Changelog: https://github.com/dotnet/aspnetcore/compare/v6.0.35...v6.0.36

.NET 6.0.35

Release

.NET 6.0.33

Release

.NET 6.0.32

Release

Commits

• 64ea410 Merged PR 43795: [internal/release/6.0] Update dependencies from dnceng/inter...
• c2a9255 Merged PR 43792: [internal/release/6.0] Update dependencies from dnceng/inter...
• c9a7efb Merge commit '25ef79e96f407cb1e2ab5acecd568aed0845e955'
• 25ef79e Update dependencies from https://github.com/dotnet/arcade build 20241008.2 (#...
• 9f07080 Merge commit 'fab2f44310817151ceecfd992bdbcf70b65750ce'
• fab2f44 Merge pull request #58299 from vseanreesermsft/internal-merge-6.0-2024-10-08-...
• 1384054 Update baseline, SDK
• 6c99752 Merge commit '827b96040e62e5aa47d829bfa61c000d315d4f2e' into internal-merge-6...
• 6353f3e Merge commit '723b0ab24e01cb1360008cc1300d9940bdd7815a'
• 723b0ab [Backport] Http.Sys: Clean up Request parsing errors (#57812)
• Additional commits viewable in compare view

Updates System.IdentityModel.Tokens.Jwt from 8.1.2 to 6.35.0

Changelog

Sourced from System.IdentityModel.Tokens.Jwt's changelog.

See the releases for details on bug fixes and added features.

8.2.0

Fundamentals

• Update System.Text.Json to 8.0.5 CVE-2024-43485. See 2892.
• Using FixedTimeEquals in NETCore targets. See 2857.
• Updated .NET 9 to RC 2 2898.
• Adds ability to create token without kid 2968
• Enables code coverage in PRs 2946
• Various test improvements:
• #2953
• #2955
• #2951
• #2952
• #2947

Work related to redesign of IdentityModel's token validation logic #2711

• Validates Audience for SAML2TokenHandler with New Model 2863
• Improvements to AudienceValidation 2902
• Added properties to ValidationResult 2923
• Implements Audience and Lifetime validations in SamlSecurityTokenHandler 2925
• Implements Issuer validation in SamlSecurityTokenHandler 2948

Commits

• c94c7fc rmv preview
• 522bc41 Merged PR 10814: Two fixes, AadIssuerValidator slash, AppContext
• 74cc160 Merged PR 10242: Update Dev6x to fix the release build
• 4845cf1 Merged PR 10239: Commenting out a constant which is not used
• e06dc84 Merged PR 10213: Set MaximumDeflateSize
• 0b2f269 Merged PR 10182: Don't resolve jku claim by default
• c3e99cd update build config version (#2350)
• 8ea36a8 Update CHANGELOG.md (#2348)
• 9d9925e [Log Scrubbing] Clean up log messages in Wilson (#2339) (#2344)
• c2fa102 Decouple JsonElements from JsonDocument.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)