Update JWT token feature to use OIDC key

[thenav56]

Related to

• Add token authorization for STAC API montandon-etl#142

Changes

Right now, we use a separate ES256 key for the user managed JWT tokens.
For consistency, We need to switch using the RSA keys from OIDC for consistency.

Caution

We need to update the JWT token's headers and payload.

We need to make sure the tokens can't be for other applications (eg: SDT, Alerthub) as these tokens have larger expiry period

After this change, client apps can get the key and algorithm info from:
https://goadmin-stage.ifrc.org/o/.well-known/openid-configuration

Breaking changes

• New tokens won't work with the old Montandon endpoint: https://monty-api.ifrc.org/__docs__/
• Old tokens won't work with the new Montandon eoAPI endpoint: https://montandon-eoapi-stage.ifrc.org/stac

Important

NOTE: We need to make sure this is provided to the user in the JWT token management page?

[batpad]

@thenav56 we should have something to test with on the eoAPI side soon. Will be nice to keep this lined up. Thanks!

[batpad]

NOTE: We need to make sure this is provided to the user in the JWT token management page?

Do we need a separate frontend ticket for this? Or will it get the token from the same back-end endpoint or so that can just give the new tokens?

And, do we need to do anything to clear out existing user tokens or anything?

[udaynwa]

cc @frozenhelium @subinasr