Add client-certificate when fetching client-jwks

[edwinrozendom]

Expected Behavior

We would like to add a client-certificate to the outbound request when fetching a JwkSetUrl from a configured client.

Current Behavior

RestTemplate is a static final variable in JwtClientAssertionDecoderFactory.java. It would be nice to expose Resttemplate, in order to configure it with the authorizationServerConfigurer. (same suggestion as in #1413)

The exposed method could be used in the authorizationServerConfigurer.AuthenticationProvider, e.g.

authenticationProviders.forEach((authenticationProvider) -> {
			if (authenticationProvider instanceof JwtClientAssertionAuthenticationProvider) {
				// Customize JwtClientAssertionDecoderFactory
				JwtClientAssertionDecoderFactory jwtDecoderFactory = new JwtClientAssertionDecoderFactory();
                                jwtDecoderFactory.setRestTemplate(...).

}
}

Context

This issue only affects oAuth flows with private_key_jwt client authentication.

I would be able to create a PR if the suggestion of exposing RestTemplate is acceptable!

[jgrandja]

@edwinrozendom I'm not sure we want to expose JwtClientAssertionDecoderFactory.setRestTemplate(). I'll need to give this some further thought.

In the meantime, you can provide a custom JwtClientAssertionAuthenticationProvider.setJwtDecoderFactory() similar to JwtClientAssertionDecoderFactory but scaled down to only support jwk-set-url lookup.