Port the JWT & AAD middleware from Katana

[Tratcher]

Depends on #39 (OAuth) and System.IdentityModel.Tokens.Jwt.

We'll need to re-work the IIssuerSecurityTokenProvider to use the new ConfigurationManager for retrieving metadata (See WsFederation).

For AAD, also fix #25

[ThatRendle]

What is the status of System.IdentityModels.Tokens.Jwt (and indeed System.IdentityModels) wrt vNext?

[Tratcher]

They're still costing the work. Check with Vittorio for details.

[kevinchalet]

@brentschmaltz started working on a (lightweight) aspnetcore50 port of System.IdentityModel: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/tree/K

The nightly builds are available on the Azure AD team MyGet repository: https://www.myget.org/gallery/azureadwebstacknightly

The weird thing is that this package also provides an implementation for aspnet50, that replaces the one provided in the full .NET Framework 4.5 (both are incompatible). I'm not sure it's a great idea (you can't use a project built with .NET 4.5 and using types from System.IdentityModel with the new NuGet package).

@brentschmaltz I already miss the GetAsymmetricAlgorithm method on AsymmetricSecurityKey (and its counterpart on SymmetricSecurityKey). Is this something you could add?

That would be great if we could chat a few minutes on JabbR 😄

[Tratcher]

Done. See 49e66f0
Note this was merged with the OAuth Bearer middleware.