Azure KeyVault for signing sample

[leastprivilege]

• get public key from KV
• use KV for signing tokens

[amadard]

I have looked into how to use the KeyVault for signing tokens and I ran into a couple items:

1. KeyVault has a 2000 request per 10 second hard limit. My thought was to build a solution that allowed multiple KeyVaults to be hooked up to scale past the rate limit when approaching that request rate. It would require retrieving the public key from all connected KeyVaults. https://docs.microsoft.com/en-us/azure/key-vault/general/service-limits https://docs.microsoft.com/en-us/azure/key-vault/general/overview-throttling
2. All of the examples I found for using the KeyVault to sign tokens were based on the premise of only one signing algorithm, and that created potential difficulties if specific certificates were used for specific algorithms. There needs to be one implementation of ISigningCredentialStore per signing algorithm, and the DefaultTokenCreationService needs to know the correct certificate URL to use based on the requested signing algorithm.