Update Rust crate oauth2 to v5

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
oauth2	dependencies	major	=4.4.2 -> =5.0.0

---

Release Notes

ramosbugs/oauth2-rs (oauth2)

v5.0.0

Compare Source

Refer to the Upgrade Guide for tips on how to upgrade from 4.x.

Changes since 5.0.0-rc.1

Bug Fixes

• Improve HttpClientError::Reqwest error message (9a2b746)

Full Changelog: ramosbugs/oauth2-rs@5.0.0-rc.1...5.0.0

Summary of changes since 4.4.2

Breaking Changes

• Replace TokenResponse generic with associated type (30ced32)
• Return impl Future instead of Pin<Box<dyn Future>> to fix Send/Sync bounds (6e583bd)
• Bump http to 1.0 and reqwest to 0.12 (408ecab)
• Add conditional typestates (replacing Boolean typestates from 5.0.0-alpha.1) (85ea470)
• Consolidate HTTP client errors into oauth2::HttpClientError and flatten exports (e.g., oauth2::reqwest instead of oauth2::reqwest::reqwest) (4391eed)
• reqwest: Migrate to shared Error type and use thiserror's From impl by @​MarijnS95 (#​238)
• Bump MSRV to 1.65 and institute a policy supporting Rust releases going back at least 6 months (same policy as openidconnect crate) (576f809)
• Improve Display output of RequestTokenError::ServerResponse (96c6f9b)
• Track Client endpoints statically via typestates (1d1f4d1)
• Refactor crate into smaller private modules and make devicecode and revocation modules private (9d8f11a)
• Add reqwest-blocking feature (da7d1c5)
• Rename URI/URL getters and setters (4d55c26)
• Add AsyncHttpClient and SyncHttpClient traits (23b952b)

New Features

• Implement SecretType::into_secret (#​272)
• Add timing-resistant-secret-traits feature for PartialEq/Hash by @​kate-shine (https://github.com/ramosbugs/oauth2-rs/pull/232)
• Derive Eq for types that already derive PartialEq (b19ad89)
• Implement From instead of Into for newtypes (d9402c4)
• Implement Display trait for URL types (8bd0ff1)

Bug Fixes

• Improve HttpClientError::Reqwest error message (9a2b746)
• Accept null device code interval (#​278)
• Ignore async token revocation response body (#​282)
• Derive Clone and Debug for EndpointState types (#​263)

Other Changes

• Inline format args (#​270)
• Update dev dependencies (#​285)
• Remove defunct sponsorship from README
• Remove client secret from implicit flow example (#​286)
• Use --locked on MSRV build in CI
• Allow base64 0.21 or 0.22 (#​261)
• Bump base64 to 0.21 (db0ea44)
• Set minimum version of chrono to 0.4.31 (7b667fc)
• Mention openidconnect crate in README (7b667fc)
• Add note about spawn_blocking to docs (1fc8188)
• Re-export curl as oauth2::curl and ureq as oauth2::ureq when the corresponding Cargo features are enabled (aff7471)
• Replace map_err() conversions with a From call via the Try operator by @​MarijnS95 (#​239)
• Fix comments about csrf_state by @​ikehz (#​245)
• Add documentation about comparing secrets securely by @​ikehz (#​246)
• Remove unused imports in examples by @​frewsxcv (#​207)
• Make private prepare_request() methods infallible (8ef74ac)
• Address clippy lints and clean up examples (d675e81)
• Remove empty leading and trailing lines from doc comments (a8b5cf8)
• Reorder and clean up imports (92c491a)
• Add Upgrade Guide

Full Changelog: ramosbugs/oauth2-rs@4.4.2...5.0.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.