Replace transitive dependencies to dgrijalva/jwt-go

[Tomasz-Smelcerz-SAP]

Is your feature request related to a problem? Please describe.

The go build tools report many transitive dependencies to a no longer maintained project: https://github.com/dgrijalva/jwt-go.
There are high-ranked security vulnerabilities in the dgrijalva/jwt-go, e.g: https://nvd.nist.gov/vuln/detail/CVE-2020-26160
Security scanning tools are complaining about the issue and it's hard to estimate it's impact - too many dependencies overall.

Describe the solution you'd like

For the time being, add this to go.mod:

replace github.com/dgrijalva/jwt-go => github.com/form3tech-oss/jwt-go v3.2.1+incompatible

Then, when fixed releases are available, bump the versions for projects that now still link to dgrijalva/jwt-go.
Once there are no longer any dependencies to dgrijalva/jwt-go, the "replace" line can be removed.

Describe alternatives you've considered

Additional context

This is security-related, but it's kind-of a version bump, that's why I am creating an open issue for that instead of contacting the security team.

[aeneasr]

PRs welcomed!