Support multiple JWKS URL in oathkeeper config rather than environment variable

[ProMPT120]

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

[ProMPT120]

Problem :

In a kubernetes deployment with a north-south microservice gateway (such as ambassador) referencing an authentication service (such as oathkeeper), the authentication service usually references multiple token emitters (one for system and one for users at least).
Oathkeeper in the current config only references the JWT url via environment variable (AUTHENTICATOR_JWT_JWKS_URL).

Solution

We should make it configurable in the oathkeeper configuration to support multiple IdP (with different JWKS_URL) such as multiple Hydra for the same oathkeeper. Such as :

"authenticators": [{
        "handler": "jwt",
        "config": {
            "jwks_url":"https://hydra1/.well-known/jwks.json", # On purpose not an array
            "required_scope": ["scope-a", "scope-b"],
            "target_audience": ["aud-1"],
            "trusted_issuers": ["iss-1"],
        }

This feature would allow not to force to have one oathkeeper per JWKS_URL emitter in a Kubernetes environment.
Ambassador doesn't currently support multiple authentication services for the same ambassador, which makes it worse (can't even reference multiple oathkeepers to have a functional but slightly more ressource intensive solution):
emissary-ingress/emissary#216

[aeneasr]

Yeah sounds great! Happy to accept PRs!