Skip unknown JWKS Variants in JWK Store refresh

[jdreichmann]

jwt-authorizer fails with a AuthErrors::JwksRefreshError: error decoding response body: unknown variant 'RSA-OAEP' when the JWKS URL contains a key where alg is RSA-OAEP.

It seems that https://github.com/cduvray/jwt-authorizer/blob/main/jwt-authorizer/src/jwks/key_store_manager.rs#L182 attempts to ignore a JWK if it's not decodable, but if a serialized JWK is unable to be cast into a JWK in https://github.com/cduvray/jwt-authorizer/blob/main/jwt-authorizer/src/jwks/key_store_manager.rs#L172 (which is the case if it's algorithm is not in https://github.com/Keats/jsonwebtoken/blob/master/src/algorithms.rs#L16), the entire method returns the AuthError.

[aotimme]

FYI there may be a fix to this coming up in jsonwebtoken as per Keats/jsonwebtoken#252 (comment). Hopefully 🤞 that comes in soon and then this library can make use of it.

For posterity, I ran into this when using Keycloak. Disabling RSA-OAEP in the realm per this comment helped unblock me: Keats/jsonwebtoken#252 (comment)

[jdreichmann]

I also had this problem with Keycloak 20 with default settings. When disabling RSA-OAEP in the realm, it did not seem to update the JWKS endpoint, and i did not find a way to force the endpoint to rebuild it's answer.