JWT: support public keys caching

[BaurzhanSakhariev]

Problem Statement

JWK endpoints expose keys which typically are not frequently rotated.
Currently CrateDB requests public keys on each authentication request which might be too expensive.

We could add support of Cache-Control: max-age header (value in seconds) to control caching policy per authentication provider.

Some details:
https://github.com/auth0/java-jwt already supports caching, but we need to cache JwkProvider instances on our own (instead of creating it per request in jwkProvider) to actually utilize caching.

[proddata]

Isn't this considered a bug, as the caching mechanism was mentioned in the original issue #14238 ?

[seut]

Isn't this considered a bug, as the caching mechanism was mentioned in the original issue #14238 ?

Why would this justify to treat this as a bug? AFAIK this is not related to a functional part but rather an optimization. Or is something breaking without a cache in place?

[proddata]

Why would this justify to treat this as a bug? AFAIK this is not related to a functional part but rather an optimization. Or is something breaking without a cache in place?

Sorry, should have been more clear. When we were providing feedback on this feature the assumption was that caching is part of the initial scope and there was maybe just as slight issue why it was not working properly. What is unclear from the documentation: Would the current behavior for every query / POST to /_sql fetch the public key from the remote server? That seems excessive and potentially slow down querying by quite a lot.

So not a bug, but rather a non-functional requirement for the initial feature request.