ES256 Support in OIDC

[Adiack06]

Describe the feature you'd like

ES256 implementation for OIDC

Describe the benefits this would bring to existing BookStack users

It would allow the use of the far more secure and up-to-date signing format which is preferable for security especially as RS256 is generally on the way out.
It would also work better for people who use Lets Encrypt for signing certs as that is what they typically provide.

Can the goal of this request already be achieved via other means?

No

Have you searched for an existing open/closed issue?

• I have searched for existing issues and none cover my fundamental request

How long have you been using BookStack?

Under 3 months

Additional context

No response

[ssddanbrown]

ES256, following the spec, is ECDSA using P-256 and SHA-256.
Looks like it should be supported by the lib we're already using to verify signatures: https://phpseclib.com/
Would need to check/validate the process/format for certs provided via config, as well as autodiscovery.

Tricky to find any useful information out there regarding widespread use/plans/changes in ES256 use for OIDC.
The JWA spec does mark it as recommended+, hinting at being required in future, so may be a good indicator at specifically supporting ES256 over any other potential algorithm, but not sure about timings around that or realistic use in the OIDC landscape.