Upgrade doorkeeper and doorkeeper-openid_connect gems

What does this MR do and why?

This merge request updates doorkeeper and doorkeeper-openid_connect for a number of reasons:

1. It is needed to fix an issue with caching: https://gitlab.com/gitlab-org/gitlab/-/issues/383288
2. Ruby 3.1 requires a fix in doorkeeper v5.6.3: https://github.com/doorkeeper-gem/doorkeeper/commit/5f044f6532859824fac9f1a420ed397becf6a412
3. doorkeeper-openid_connect needs to be upgraded with doorkeeper because of https://github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/184, which is fixed via https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/185.

This upgrade attempted in !116142 (merged), but reverted later. We had a production incident in gitlab-com/gl-infra/production#8664 (closed) when !116142 (merged) updated doorkeeper-openid_connect from v1.8.3 to v1.8.5.

In v1.8.4, https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/177 swapped json-jwt in favor of ruby-jwt.

The OpenID kid is an opaque value that is supposed to identify public keys. However, json-jwt and ruby-jwt implement the kid slightly differently: the former generates a thumbprint as described in RFC7638 (https://www.rfc-editor.org/rfc/rfc7638), while the latter generates a SHA256 digest based on the key itself.

We could preserve the previous behavior by setting JWT.configuration.jwk.kid_generator_type to :rfc7638_thumbprint. However, this would be a global setting that might affect other users of the jwt gem.

For now, just patch doorkeeper-openid_connect to pull in https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/194 to use a RFC7638 thumbprint.

Relates to #406649 (closed)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.