chore(deps): update oauth2 requirement from 4.4.2 to 5.0.0

[dependabot]

Updates the requirements on oauth2 to permit the latest version.

Release notes

Sourced from oauth2's releases.

5.0.0

Refer to the Upgrade Guide for tips on how to upgrade from 4.x.

Changes since 5.0.0-rc.1

Bug Fixes

• Improve HttpClientError::Reqwest error message (9a2b746)

Full Changelog: ramosbugs/oauth2-rs@5.0.0-rc.1...5.0.0

Summary of changes since 4.4.2

Breaking Changes

• Replace TokenResponse generic with associated type (30ced325da24312c4e6b9d802adcb36a88594353)
• Return impl Future instead of Pin<Box<dyn Future>> to fix Send/Sync bounds (6e583bd03203e42ef712fc90edb57cf5a389f9b7)
• Bump http to 1.0 and reqwest to 0.12 (408ecab500158145bf249e78a73a8010933bb0e2)
• Add conditional typestates (replacing Boolean typestates from 5.0.0-alpha.1) (85ea4700e1ad8a3efef7aa78660fd0056d9b46e6)
• Consolidate HTTP client errors into oauth2::HttpClientError and flatten exports (e.g., oauth2::reqwest instead of oauth2::reqwest::reqwest) (4391eed01c26c3e9e9fd5a14d90f111a02636a4c)
• reqwest: Migrate to shared Error type and use thiserror's From impl by @​MarijnS95 (#238)
• Bump MSRV to 1.65 and institute a policy supporting Rust releases going back at least 6 months (same policy as openidconnect crate) (576f8096914c7da82a5cd8c2253d47541697aa6a)
• Improve Display output of RequestTokenError::ServerResponse (96c6f9b17b5fdea98a6a7b84bec8e420671342eb)
• Track Client endpoints statically via typestates (1d1f4d17ecdf2a3feb565eb1789cc8649cac7705)
• Refactor crate into smaller private modules and make devicecode and revocation modules private (9d8f11addf819134f15c6d7f03276adb3d32e80b)
• Add reqwest-blocking feature (da7d1c51ccfac95b25af67d2e725ae510d185f5b)
• Rename URI/URL getters and setters (4d55c26ad6e233d8f23b4514fe743d365a5a432f)
• Add AsyncHttpClient and SyncHttpClient traits (23b952b23e6069525bc7e4c4f2c4924b8d28ce3a)

New Features

• Implement SecretType::into_secret (#272)
• Add timing-resistant-secret-traits feature for PartialEq/Hash by @​kate-shine (ramosbugs/oauth2-rs#232)
• Derive Eq for types that already derive PartialEq (b19ad89262af501f53c1b82015046506834c98e9)
• Implement From instead of Into for newtypes (d9402c42767b35a4c05bc4db3780b1df115b7b24)
• Implement Display trait for URL types (8bd0ff1e0339c0945871552210b300c05e89c519)

Bug Fixes

• Improve HttpClientError::Reqwest error message (9a2b746)
• Accept null device code interval (#278)
• Ignore async token revocation response body (#282)
• Derive Clone and Debug for EndpointState types (#263)

Other Changes

• Inline format args (#270)
• Update dev dependencies (#285)
• Remove defunct sponsorship from README
• Remove client secret from implicit flow example (#286)
• Use --locked on MSRV build in CI
• Allow base64 0.21 or 0.22 (#261)
• Bump base64 to 0.21 (db0ea44657bd6c1130b83ce135ac2691ba091fad)
• Set minimum version of chrono to 0.4.31 (7b667fc29b52392f4c47c07f0923c88847951b50)
• Mention openidconnect crate in README (7b667fc29b52392f4c47c07f0923c88847951b50)

... (truncated)

Commits

• f3424b4 Update Cargo-1.65.lock
• 61ec227 Bump version to 5.0.0
• 9a2b746 Improve HttpClientError::Reqwest error message
• 2492d69 Bump version to 5.0.0-rc.1
• c599c12 Use --locked on MSRV build in CI
• 03cb079 Remove client secret from implicit flow example
• 9c41286 Update dev dependencies (#285)
• c74aec9 Remove sponsorship from README
• 459811d Accept null device code interval
• 5b2ab88 Ignore token revocation response body
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)