support for local stored JWK files added

[kpacha]

This PR introduces a FileKeyCacher initialized at startup time. The content is generated by reading a local file (passed as LocalPath).

The file referenced by LocalPath can contain a plain JWK file (security alert) or an encrypted version of the plain JWK file.
In the second scenario, these two config properties are required: CipherKey and SecretURL.

The CipherKey is the encoded version of the actual cypher key and requires a gocloud.dev url for the secrets package (SecretURL)

extra_config ex:

{
 "local_path":"./jwk.txt",
 "secret_url":"base64key://smGbjm71Nxd1Ig5FS0wj9SlbzAIrnolCz9bQQ6uAhl4=",
 "cypher_key":"gCERmfqHMoEu3+utqBa/R1oMZYIvh0OOKtJmnX/hDPDxbXCGXGvO3SF7B5FWxrJnRW7rnjGIV4eP2VLrYX2q9pJM49BpP+A9"
}

this config will use the key smGbjm71Nxd1Ig5FS0wj9SlbzAIrnolCz9bQQ6uAhl4= for decrypting de cypher_key and then. decrypting the content of the file ./jwt.txt

Check the test in order to know how to generate such encrypted payloads

Supported providers:

• awskms
• azurekeyvault
• gcpkms
• hashivault
• localsecrets

[github-actions]

This pull request was marked as resolved a long time ago and now has been automatically locked as there has not been any recent activity after it. You can still open a new issue and reference this link.