* upgrade to go v1.24
* add a macOS-specific //nolint comment too
---------
Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>
Currently, the Session proto id_token field is populated with Pomerium
session data during initial login, but with IdP ID token data after an
IdP session refresh.
Instead, store only IdP ID token data in this field.
Update the existing SetRawIDToken method to populate the structured data
fields based on the contents of the raw ID token. Remove the other code
that sets these fields (in the authenticateflow package and in
manager.sessionUnmarshaler).
Add a test for the identity manager, exercising the combined effect of
session claims unmarshaling and SetRawIDToken(), to verify that the
combined behavior is preserved unchanged.
Per the OIDC spec, section 2:
> NOTE: The ID Token expiration time is unrelated [to] the lifetime of
> the authenticated session between the RP and the OP.
A Pomerium session should remain valid for as long as the underlying
OAuth2 session.
