Upgrade golang.org/x/net to v0.17.0 (CVE-2023-44487)

[maysunfaisal]

I noticed that #674 to upgrade golang.org/x/net to v0.17.0 was closed without any reason provided.

The golang.org/x/net version should be upgraded to v0.17.0 to mitigate CVE-2023-44487 and either have a new patch or a new release of golang.org/x/oauth2 with this update.

[rolandshoemaker]

We don't accept PRs via the GitHub UI for the golang.org/x/oauth2 repository, so all PRs are automatically closed (additionally, I thought we'd disabled dependabot for this repository).

oauth2 doesn't actually using golang.org/x/net/http2 directly, so it isn't impacted, and we typically don't do dependency updates in these cases since they cause unnecessary churn. This repository, along with most of the golang.org/x/ repos are automatically tagged on a ~monthly basis, so at some point in the future this will magically disappear.