[Feature Request] Support JWE (with rollover)

[jmprieur]

Is your feature request related to a problem? Please describe.
As 1P partners move to Microsoft Identity Platform they need Ms.Id.W to support JWE, passing certificate, possibly with two certificates to support the rollover

Describe the solution you'd like

See See also https://github.com/AzureAD/microsoft-identity-web/wiki/Spec-certificates

[abatishchev]

Hi Jean-Marc,
Yes, please! Right now JWE validation which is mandatory for 1PA is pain since one and only one certificate (registered by thumbprint) can be used.
Once it's rolled over, tokens encrypted with the previous version continue to be valid for 60 minutes.
Please prioritize the work to support a pair of certificates instead.

[jmprieur]

Thanks for the feedback @abatishchev
Currently Microsoft.Identity.Web is in alpha preview. Are you ok to use it in a 1PA ? (If you do, I'm ok to priortize the work after the work needed to make this part of the ASP.NET Core templates)

[abatishchev]

Yes, I know it's an alpha. But if it'll simplify using 1PA with JWE then we'd be happy to try it out.

[jmprieur]

Closing as duplicate of #165, which is in progress.