Allow configuring an SSLBundle to use when making JWKS requests

[OrangeDog]

A Boot application can be configured to make JWKS requests to get the keys with which to verify JWS tokens:

spring.security.oauth2.resourceserver.jwt.jwk-set-uri

However, there is no way to configure the SSL context for these requests.
Adding the standard .ssl.enabled and .ssl.bundle properties would be very useful.

[wilkinsona]

However, there is no way to configure the SSL context for these requests.

You can do so by providing a custom RestOperations instance through a JwkSetUriJwtDecoderBuilderCustomizer:

@Bean
JwkSetUriJwtDecoderBuilderCustomizer jwkSetSslCustomizer(SslBundles sslBundles, RestTemplateBuilder restTemplateBuilder) {
    return (builder) -> builder.restOperations(restTemplateBuilder.sslBundle(sslBundles.getBundle("your-bundle")).build());
}

We could consider property support for this, but it would probably require deprecation of jwk-set-uri to group things together. Something like:

spring.security.oauth2.resourceserver.jwt.jwkset.uri
spring.security.oauth2.resourceserver.jwt.jwkset.ssl.bundle
spring.security.oauth2.resourceserver.jwt.jwkset.ssl.enabled

We'll discuss it as a team to see if we think it's worth it.