Dependency on vulnerable version of jsonwebtoken

[rossgp]

node-sp-auth is currently using jsonwebtoken v 8.5.1

jsonwebtoken has recently addressed several CVE's and release v9.0.0
See details of breaking changes here: https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md

npm audit
....
jsonwebtoken  <=8.5.1
Severity: high
jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC - https://github.com/advisories/GHSA-hjrf-2m68-5959
jsonwebtoken unrestricted key type could lead to legacy keys usage  - https://github.com/advisories/GHSA-8cf7-32gw-wr33
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify() - https://github.com/advisories/GHSA-qwph-4952-7xr6
jsonwebtoken has insecure input validation in jwt.verify function - https://github.com/advisories/GHSA-27h2-hvpr-p74q
..

Can submit a PR for this but I don't have all the differently configured SharePoint endpoints to run the full set of integration tests so might need some help here.

[rossgp]

Thanks for adding the PR lucaselb. @s-KaiNet would you be happy to merge this and release updated package?