====== JSON Web Keys ======

The OpenID specification requires a JWKs endpoint to list public keys that can verify ID tokens.

Current thinking is to store them in the filesystem either in PEM or JSON format. A Flask command can be created to rotate these on a schedule. These should be stored with the correct file permissions (''o-rwx'' at a minimum).

We should support the EC and RSA algorithms (EC is preferred, RSA is still required by the spec).