feat: support token rotation in ID token mutator

[aeneasr]

Previously, only one JWK may be returned by the JWKS URL. This made token rotation impossible. This patch allows for multiple keys to be returned by the JWKS URL and the first key found will be used for signing.

Related issue(s)

Checklist

• [ ] I have read the contributing guidelines.
• [ ] I have referenced an issue containing the design document if my change introduces a new feature.
• [ ] I am following the contributing code guidelines.
• [ ] I have read the security policy.
• [ ] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security vulnerability, I confirm that I got the approval (please contact security@ory.sh) from the maintainers to push the changes.
• [ ] I have added tests that prove my fix is effective or that my feature works.
• [ ] I have added or changed the documentation.

Further Comments

[codecov[bot]]

Codecov Report

Merging #1119 (51be901) into master (91ae714) will not change coverage. The diff coverage is 0.00%.

:exclamation: Current head 51be901 differs from pull request most recent head 8605cc1. Consider uploading reports for the commit 8605cc1 to get more accurate results

@@           Coverage Diff           @@
##           master    #1119   +/-   ##
=======================================
  Coverage   78.17%   78.17%           
=======================================
  Files          80       80           
  Lines        3853     3853           
=======================================
  Hits         3012     3012           
  Misses        566      566           
  Partials      275      275           

Impacted Files	Coverage Δ
credentials/signer_default.go	63.26% <0.00%> (ø)