Update dependencies

vendor/github.com/coreos/go-oidc/jose/doc.go

@@ -1,2 +0,0 @@
-// Package jose is DEPRECATED. Use gopkg.in/square/go-jose.v2 instead.
-package jose

vendor/github.com/coreos/go-oidc/jose/jwk.go

@@ -104,7 +104,7 @@ func encodeExponent(e int) string {
 			break
 		}
 	}
-	return base64.RawURLEncoding.EncodeToString(b[idx:])
+	return base64.URLEncoding.EncodeToString(b[idx:])
 }
 
 // Turns a URL encoded modulus of a key into a big int.
@@ -119,7 +119,7 @@ func decodeModulus(n string) (*big.Int, error) {
 }
 
 func encodeModulus(n *big.Int) string {
-	return base64.RawURLEncoding.EncodeToString(n.Bytes())
+	return base64.URLEncoding.EncodeToString(n.Bytes())
 }
 
 // decodeBase64URLPaddingOptional decodes Base64 whether there is padding or not.

vendor/github.com/coreos/go-oidc/jose/sig_hmac.go

@@ -0,0 +1,67 @@
+package jose
+
+import (
+	"bytes"
+	"crypto"
+	"crypto/hmac"
+	_ "crypto/sha256"
+	"errors"
+	"fmt"
+)
+
+type VerifierHMAC struct {
+	KeyID  string
+	Hash   crypto.Hash
+	Secret []byte
+}
+
+type SignerHMAC struct {
+	VerifierHMAC
+}
+
+func NewVerifierHMAC(jwk JWK) (*VerifierHMAC, error) {
+	if jwk.Alg != "" && jwk.Alg != "HS256" {
+		return nil, fmt.Errorf("unsupported key algorithm %q", jwk.Alg)
+	}
+
+	v := VerifierHMAC{
+		KeyID:  jwk.ID,
+		Secret: jwk.Secret,
+		Hash:   crypto.SHA256,
+	}
+
+	return &v, nil
+}
+
+func (v *VerifierHMAC) ID() string {
+	return v.KeyID
+}
+
+func (v *VerifierHMAC) Alg() string {
+	return "HS256"
+}
+
+func (v *VerifierHMAC) Verify(sig []byte, data []byte) error {
+	h := hmac.New(v.Hash.New, v.Secret)
+	h.Write(data)
+	if !bytes.Equal(sig, h.Sum(nil)) {
+		return errors.New("invalid hmac signature")
+	}
+	return nil
+}
+
+func NewSignerHMAC(kid string, secret []byte) *SignerHMAC {
+	return &SignerHMAC{
+		VerifierHMAC: VerifierHMAC{
+			KeyID:  kid,
+			Secret: secret,
+			Hash:   crypto.SHA256,
+		},
+	}
+}
+
+func (s *SignerHMAC) Sign(data []byte) ([]byte, error) {
+	h := hmac.New(s.Hash.New, s.Secret)
+	h.Write(data)
+	return h.Sum(nil), nil
+}