upstream dex release: v2.35.0

**⚠️ This release fixes a [major vulnerability](GHSA-vh7g-p26c-j2cw) in Dex. We advise everyone to upgrade as soon as possible! ⚠️**

The official container image for this release can be pulled from
```
ghcr.io/dexidp/dex:v2.35.0
```

<!-- Release notes generated using configuration in .github/release.yml at v2.35.0 -->

## What's Changed
### Enhancements 🚀
* Reduce HTTP client creations in the Keystone connector by @erwinvaneyk in dexidp#2659
### Bug Fixes 🐛
* fix for issue 2670; check for no serviceAccountFilePath and no email by @bobcallaway in dexidp#2679
* supply HMACKey in test case by @bobcallaway in dexidp#2683
* fix: refresh token only once for all concurrent requests by @nabokihms in dexidp#2692
### Dependency Updates ⬆️
* build(deps): bump google.golang.org/api from 0.95.0 to 0.97.0 by @dependabot in dexidp#2677
* build(deps): bump go.etcd.io/etcd/client/v3 from 3.5.4 to 3.5.5 by @dependabot in dexidp#2666
* build(deps): bump google.golang.org/api from 0.97.0 to 0.98.0 by @dependabot in dexidp#2682
* build(deps): bump helm/kind-action from 1.3.0 to 1.4.0 by @dependabot in dexidp#2681
* build(deps): bump entgo.io/ent from 0.11.2 to 0.11.3 by @dependabot in dexidp#2684
* Update golang.org/x packages by @sagikazarmark in dexidp#2688

## New Contributors
* @jannfis made their first contribution in dexidp#2691

**Full Changelog**: dexidp/dex@v2.34.0...v2.35.0