Update AttestationVerifier api to Async

[iamcarbon]

In preparation to utilize the preferred Microsoft.IdendityModel.JsonWebTokens async API, this PR updates the methods that will need to also be made async.

This PR contains the following changes:

• Replaces a named tuple with a dedicated VerifyAttestationResult type
• Updates the AttestationVerifier.Verify methods to Async

[joegoldman2]

I'm not sure to understand this change. Why not continue to hash into a stackalloc byte[32] directly instead of allocating a byte array?

[iamcarbon]

ref structs (including Spans) aren't allowed inside of an async block.

[iamcarbon]

@abergs @aseigler Ready for review / feedback.

[joegoldman2]

LGTM

[abergs]

In preparation to utilize the preferred Microsoft.IdendityModel.JsonWebTokens async API, this PR updates the methods that will need to also be made async.

I'm not familiar, could help explain to me why our methods would need to be made async?

[iamcarbon]

Hey @abergs The new Microsoft.IdendityModel.JsonWebTokens obsoleted the synchronous API used to validate JSON web tokens, and replaced it with an async API

Here's the new method we'll need to use to swap out the library .

https://learn.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.jsonwebtokens.jsonwebtokenhandler.validatetokenasync?view=msal-web-dotnet-latest#microsoft-identitymodel-jsonwebtokens-jsonwebtokenhandler-validatetokenasync(microsoft-identitymodel-tokens-securitytoken-microsoft-identitymodel-tokens-tokenvalidationparameters)

The main benefits of switching to the new library are:

• It provides a simpler non-throwing API
• Improved performance (and way less allocations)
• Is fully trimmable [important for AOT builds]
• Is actively developed / maintained

[abergs]

Thanks for explaining @iamcarbon, I didn't catch that this was related to our calls to JwtSecurityTokenHandler.

Everything looks good, just some conflicts to resolve.

[iamcarbon]

@abergs Resolved.