Upgrade Omniauth and JWT gems to switch away from Google+ API

* omniauth-google-oauth2: Google will be deprecating its support for the
Google+ API, which currently omniauth-google-oauth2 uses to retrieve
user info. The bump in omniauth-google-oauth2 requires an upgrade to
ruby-jwt v2+ to support the verification of multiple issue providers
(https://github.com/zquestz/omniauth-google-oauth2/pull/345).

* jwt: This has the most number of changes that need to be
reviewed: https://github.com/jwt/ruby-jwt/blob/master/CHANGELOG.md

* oauth2: Needed to support ruby-jwt v2+:
https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md

* omniauth-azure-oauth2 needs a version bump to support ruby-jwt v2+.

* omniauth: This version bump only involves backstage improvements:
https://github.com/omniauth/omniauth/releases

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/55668

Gemfile

@@ -34,7 +34,7 @@ gem 'omniauth-cas3', '~> 1.1.4'
 gem 'omniauth-facebook', '~> 4.0.0'
 gem 'omniauth-github', '~> 1.3'
 gem 'omniauth-gitlab', '~> 1.0.2'
-gem 'omniauth-google-oauth2', '~> 0.5.3'
+gem 'omniauth-google-oauth2', '~> 0.6.0'
 gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
 gem 'omniauth-oauth2-generic', '~> 0.2.2'
 gem 'omniauth-saml', '~> 1.10'
@@ -43,7 +43,7 @@ gem 'omniauth-twitter', '~> 1.4'
 gem 'omniauth_crowd', '~> 2.2.0'
 gem 'omniauth-authentiq', '~> 0.3.3'
 gem 'rack-oauth2', '~> 1.2.1'
-gem 'jwt', '~> 1.5.6'
+gem 'jwt', '~> 2.1.0'
 
 # Spam and anti-bot protection
 gem 'recaptcha', '~> 3.0', require: 'recaptcha/rails'

Gemfile.lock

@@ -403,7 +403,7 @@ GEM
       bindata
     json-schema (2.8.0)
       addressable (>= 2.4)
-    jwt (1.5.6)
+    jwt (2.1.0)
     kaminari (1.0.1)
       activesupport (>= 4.1.0)
       kaminari-actionview (= 1.0.1)
@@ -483,24 +483,24 @@ GEM
       nokogiri
     numerizer (0.1.1)
     oauth (0.5.4)
-    oauth2 (1.4.0)
-      faraday (>= 0.8, < 0.13)
-      jwt (~> 1.0)
+    oauth2 (1.4.1)
+      faraday (>= 0.8, < 0.16.0)
+      jwt (>= 1.0, < 3.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 3)
     octokit (4.9.0)
       sawyer (~> 0.8.0, >= 0.5.3)
-    omniauth (1.8.1)
-      hashie (>= 3.4.6, < 3.6.0)
+    omniauth (1.9.0)
+      hashie (>= 3.4.6, < 3.7.0)
       rack (>= 1.6.2, < 3)
     omniauth-auth0 (2.0.0)
       omniauth-oauth2 (~> 1.4)
     omniauth-authentiq (0.3.3)
       jwt (>= 1.5)
       omniauth-oauth2 (>= 1.5)
-    omniauth-azure-oauth2 (0.0.9)
-      jwt (~> 1.0)
+    omniauth-azure-oauth2 (0.0.10)
+      jwt (>= 1.0, < 3.0)
       omniauth (~> 1.0)
       omniauth-oauth2 (~> 1.4)
     omniauth-cas3 (1.1.4)
@@ -515,8 +515,8 @@ GEM
     omniauth-gitlab (1.0.3)
       omniauth (~> 1.0)
       omniauth-oauth2 (~> 1.0)
-    omniauth-google-oauth2 (0.5.3)
-      jwt (>= 1.5)
+    omniauth-google-oauth2 (0.6.0)
+      jwt (>= 2.0)
       omniauth (>= 1.1.1)
       omniauth-oauth2 (>= 1.5)
     omniauth-kerberos (0.3.0)
@@ -527,9 +527,9 @@ GEM
     omniauth-oauth (1.1.0)
       oauth
       omniauth (~> 1.0)
-    omniauth-oauth2 (1.5.0)
+    omniauth-oauth2 (1.6.0)
       oauth2 (~> 1.1)
-      omniauth (~> 1.2)
+      omniauth (~> 1.9)
     omniauth-oauth2-generic (0.2.2)
       omniauth-oauth2 (~> 1.0)
     omniauth-saml (1.10.0)
@@ -1041,7 +1041,7 @@ DEPENDENCIES
   jquery-atwho-rails (~> 1.3.2)
   js_regex (~> 2.2.1)
   json-schema (~> 2.8.0)
-  jwt (~> 1.5.6)
+  jwt (~> 2.1.0)
   kaminari (~> 1.0)
   knapsack (~> 1.17)
   kubeclient (~> 4.0.0)
@@ -1070,7 +1070,7 @@ DEPENDENCIES
   omniauth-facebook (~> 4.0.0)
   omniauth-github (~> 1.3)
   omniauth-gitlab (~> 1.0.2)
-  omniauth-google-oauth2 (~> 0.5.3)
+  omniauth-google-oauth2 (~> 0.6.0)
   omniauth-kerberos (~> 0.3.0)
   omniauth-oauth2-generic (~> 0.2.2)
   omniauth-saml (~> 1.10)

changelogs/unreleased/sh-bump-omniauth-google-gem.yml

@@ -0,0 +1,5 @@
+---
+title: Upgrade Omniauth and JWT gems to switch away from Google+ API
+merge_request: 24068
+author:
+type: changed