[Feature Request] Add more certificate options for AddJWTBearerAuth Asymmetric

[SpaceOgre]

Hi,

When switching from Symmetric to Asymmetric signing we ran into a problem that our public key that we first created could not be used by FastEndpoints since it only supports RSA public keys (so PKCS1 I think), meaning keys that starts with:

-----BEGIN RSA PUBLIC KEY-----

We created a PEM key (PKCS8) that have this header:

-----BEGIN PUBLIC KEY-----

Since then we have solved it and was able to convert the key to PKCS1, using this if anyone else finds this issue searching for a solution:

openssl rsa -pubin -in public.key -RSAPublicKey_out -out public_pkcs1.pem

It is posible to import a PEM key using the RSA class like this:

var rsaPublicKey = RSA.Create();
rsaPublicKey.ImportFromPem(publicKeyString);

So adding an option for specifying the key type would be great, I could look into it if you feel like this is something that would fit for FE.

Otherwise just adding some more information to the documentation about what type of key that is required would be good.

[dj-nitehawk]

starting v5.22.0.18-beta you can now do this:

builder.Services.AddAuthenticationJwtBearer(
       s =>
       {
           s.SigningKey = "public key pem data";
           s.SigningStyle = TokenSigningStyle.Asymmetric;
           s.KeyIsPemEncoded = true;
       })

token creation can also specify pem:

var token = JwtBearer.CreateToken(
    o =>
    {
        o.SigningKey = "private key pem data";
        o.SigningStyle = TokenSigningStyle.Asymmetric;
        o.KeyIsPemEncoded = true;
        o.AsymmetricKeyAlgorithm = SecurityAlgorithms.Sha256;
        o.ExpireAt = DateTime.UtcNow.AddDays(1);
        o.User.Permissions.Add("Some_Permission");
        o.User.Roles.Add("Admin");
        o.User.Claims.Add(("UserId", "001"));
    });

check it out and let me know if you encounter any issues.

thanks!