alunduil/auth0 JWK investigation

## auth0 JWK investigation
I did a bit more investigation. Adding two equals for padding on the end allows
the data to be decoded by base64 on the command line. I'm not sure if I'm
getting the correct data but it is base64 decoding with the padding.

Assuming that the data is correct, it's too many bytes to be a DER thumbprint
(should be 20 bytes but I get 40 bytes). This is probably due to a hex
conversion or string format operation entering the equation that shouldn't be
there. In fact, I did a little analysis (included for reference) and this is
exactly what is happening:

```bash
curl --silent https://alunduil.auth0.com/.well-known/jwks.json | jq -r '.keys[].x5t'
OUJDMzVDNkM5RUUyMUZBMEU5NkNCNzgyNUMwNzk1RTc1QzYxQ0JDOA

# Example of incorrect base64 encoding:
echo -n OUJDMzVDNkM5RUUyMUZBMEU5NkNCNzgyNUMwNzk1RTc1QzYxQ0JDOA | base64 -d
9BC35C6C9EE21FA0E96CB7825C0795E75C61CBC8base64: invalid input

# Correct base64 encoding:
echo -n OUJDMzVDNkM5RUUyMUZBMEU5NkNCNzgyNUMwNzk1RTc1QzYxQ0JDOA== | base64 -d
9BC35C6C9EE21FA0E96CB7825C0795E75C61CBC8%

# Key fingerprint:
curl --silent https://alunduil.auth0.com/.well-known/jwks.json | jq -r '.keys[0].x5c[0]' | base64 -d | openssl x509 -inform der -in - -sha1 -noout -fingerprint
SHA1 Fingerprint=9B:C3:5C:6C:9E:E2:1F:A0:E9:6C:B7:82:5C:07:95:E7:5C:61:CB:C8
```

Note that the hex bytes of the fingerprint align with the string we received
from base64 decoding. Of course, using the fact that Haskell's jose library
spits out a very particular error (which indicates base64 decoding is working
well enough by the way): "incorrect number of bytes". That function for
reference is:

```haskell
instance FromJSON Base64SHA1 where
  parseJSON = withText "base64url SHA-1" $ parseB64Url (\bytes ->
    case B.length bytes of
      20 -> pure $ Base64SHA1 bytes
      _  -> fail "incorrect number of bytes")
```

Which indicates we're not getting 20 bytes but some other value. My guess is
that it's 40 bytes due to the string interpretation of the fingerprint but to
answer that definitively we need to poke in parseB64Url first:

```haskell
parseB64Url :: (B.ByteString -> Parser a) -> T.Text -> Parser a
parseB64Url f = maybe (fail "Not valid base64url") f . preview base64url . E.encodeUtf8
```
	I did a bit more investigation. Adding two equals for padding on the end allows
	the data to be decoded by base64 on the command line. I'm not sure if I'm
	getting the correct data but it is base64 decoding with the padding.

	Assuming that the data is correct, it's too many bytes to be a DER thumbprint
	(should be 20 bytes but I get 40 bytes). This is probably due to a hex
	conversion or string format operation entering the equation that shouldn't be
	there. In fact, I did a little analysis (included for reference) and this is
	exactly what is happening:

	```bash
	curl --silent https://alunduil.auth0.com/.well-known/jwks.json \| jq -r '.keys[].x5t'
	OUJDMzVDNkM5RUUyMUZBMEU5NkNCNzgyNUMwNzk1RTc1QzYxQ0JDOA

	# Example of incorrect base64 encoding:
	echo -n OUJDMzVDNkM5RUUyMUZBMEU5NkNCNzgyNUMwNzk1RTc1QzYxQ0JDOA \| base64 -d
	9BC35C6C9EE21FA0E96CB7825C0795E75C61CBC8base64: invalid input

	# Correct base64 encoding:
	echo -n OUJDMzVDNkM5RUUyMUZBMEU5NkNCNzgyNUMwNzk1RTc1QzYxQ0JDOA== \| base64 -d
	9BC35C6C9EE21FA0E96CB7825C0795E75C61CBC8%

	# Key fingerprint:
	curl --silent https://alunduil.auth0.com/.well-known/jwks.json \| jq -r '.keys[0].x5c[0]' \| base64 -d \| openssl x509 -inform der -in - -sha1 -noout -fingerprint
	SHA1 Fingerprint=9B:C3:5C:6C:9E:E2:1F:A0:E9:6C:B7:82:5C:07:95:E7:5C:61:CB:C8
	```

	Note that the hex bytes of the fingerprint align with the string we received
	from base64 decoding. Of course, using the fact that Haskell's jose library
	spits out a very particular error (which indicates base64 decoding is working
	well enough by the way): "incorrect number of bytes". That function for
	reference is:

	```haskell
	instance FromJSON Base64SHA1 where
	parseJSON = withText "base64url SHA-1" $ parseB64Url (\bytes ->
	case B.length bytes of
	20 -> pure $ Base64SHA1 bytes
	_ -> fail "incorrect number of bytes")
	```

	Which indicates we're not getting 20 bytes but some other value. My guess is
	that it's 40 bytes due to the string interpretation of the fingerprint but to
	answer that definitively we need to poke in parseB64Url first:

	```haskell
	parseB64Url :: (B.ByteString -> Parser a) -> T.Text -> Parser a
	parseB64Url f = maybe (fail "Not valid base64url") f . preview base64url . E.encodeUtf8
	```