upgrade github.com/go-jose/go-jose and github.com/coreos/go-oidc

[cfryanr]

Also standardize some related imports and fix some whitespace in a test.

There was one line of code where we still need to use github.com/go-jose/go-jose/v3, so I could not entirely remove it as a direct dependency yet. But it is only used on that one line of code now. All other code uses github.com/go-jose/go-jose/v4.

Upgrading github.com/coreos/go-oidc/v3 to the latest version forced a change to our production code in jwtcachefiller.go (see diffs) because that library did not like our unsigned JWT anymore. I changed it to be a signed JWT to make the library happy. Our functionality should be unchanged, as proved by the unit tests for that file.

Release note:

None, Golang dependency upgrade only.

NONE

[codecov[bot]]

Codecov Report

Attention: Patch coverage is 90.00000% with 1 line in your changes missing coverage. Please review.

Project coverage is 30.70%. Comparing base (1069931) to head (0380a9c).

Files	Patch %	Lines
...tiondomain/downstreamsession/downstream_session.go	0.00%	1 Missing :warning:

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #1997 +/- ## ========================================== + Coverage 30.68% 30.70% +0.02% ========================================== Files 365 365 Lines 60617 60616 -1 ========================================== + Hits 18600 18615 +15 + Misses 41481 41466 -15 + Partials 536 535 -1 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.