Updating base64 to 0.12

[mettke]

I had to split them. I underestimated the changes made to base64.

base64 removed the whitespace stripping. However the
auther provides a code snippet on the RELEASE Page
which fixes that [1]
filter(|b| !b" \n\t\r\x0b\x0c".contains(b).

Unfortunatly that introduces an additional allocation
which, however, also exited before but was inside
base64.

The change to the test is necessary as the error
detection was improved. Now it is necessary that the
invalid signature is made out of valid base64

[mettke]

Ok I had a look at the test failures and they only happen sometimes as rp sometimes returns base64 which does not conform to canonical encoding that requires flexible parsing to accept.

I did create an issue upstream openid-certification/oidctest#227 and we may either wait for that to get in or use Config::decode_allow_trailing_bits to get rid of this error and make the base64 decoding a bit more forgiving (as it currently is)

[ramosbugs]

thanks for looking into this! my assumption is that if the OIDC certification tests are producing invalid trailing bits, then other libraries and implementations probably will as well. to ensure compatibility, I think we should maintain the current permissive parsing behavior (i.e., decode_allow_trailing_bits with the new version). I don't think there are any security implications from doing that.

[mettke]

I added decode_allow_trailing_bits only to the methods for decoding. The encoding methods don't bother with it anyways

[codecov]

Codecov Report

Merging #21 into master will decrease coverage by 0.00%.
The diff coverage is 78.12%.

@@            Coverage Diff             @@
##           master      #21      +/-   ##
==========================================
- Coverage   79.55%   79.55%   -0.01%     
==========================================
  Files          16       16              
  Lines        3512     3531      +19     
==========================================
+ Hits         2794     2809      +15     
- Misses        718      722       +4     

Impacted Files	Coverage Δ
src/types.rs	78.02% <40.00%> (+0.09%)	⬆️
src/jwt.rs	87.24% <78.57%> (-1.24%)	⬇️
src/core/jwk.rs	84.28% <90.90%> (+0.15%)	⬆️
src/core/mod.rs	51.13% <100.00%> (+0.44%)	⬆️
src/registration.rs	72.36% <0.00%> (+0.11%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0ac753f...124d56c. Read the comment docs.

[ramosbugs]

great work, thanks!