This change updates to go-jose v4, which was a new major release.
jose.ParseSigned now expects the supported signing algorithms to be passed, on which we previously did our own check. As they use a dedicated type for this, the slice of string needs to be converted. The returned error also need to be handled in a non-standard way in order to stay compatible.
For OIDC v4 we should use the jose.SignatureAlgorithm type directly and wrap errors, instead of returned static defined errors.
Closes#583
* fix: improve JWS and key verification
* fix: get remote keys if no cached key matches
* fix: get remote keys if no cached key matches
* fix exactMatch
* fix exactMatch
* chore: change default branch name in .releaserc.js
