Support for JWKSet backed by a URL

[sazzer]

In situations where a third-party service is providing JWTs that the resource service is authenticating, it can often be necessary to obtain the JWKSet from the same third-party that is providing the JWTs. For example, if using Auth0 to handle authentication then the JWKSet comes from https://tenant.xx.auth0.com/.well-known/jwks.json.

Currently I've built a wrapper around https://docs.rs/reqwest/latest/reqwest/ and JWKSet that handles this, so my code will go and fetch the JWKSet, parse it into a JWKSet and then use that to authorize the incoming token.

This works, but it feels that it would be better handled by the library itself. For example:

let jwkset = JWKSet::from_url(jwkset_url);
let encoded = Compact::<ClaimsSet<()>, ()>::new_encoded(token);
let decoded = encoded.decode_with_jwks(&jwkset, None).unwrap();

Even better if the JWKSet can then automatically cache keys and fetch new ones on demand, to handle key rotation and similar cases.

Cheers