Add client credentials Private Key JWT auth for management API

[ErwinSteffens]

🔧 Changes

Add client credentials Private Key JWT auth for management API.

The x/oauth2 package allows for adding extra EndpointParams to client credentials config which allows for Private Key JWT to be used without implementation in the library. If we use AuthStyleInParams, but do not add client ID or Secret, they will not get added to the request params.

There is an open issue for implementing this in the library, but there seems to be no traction anymore for a long time. Therefore I wanted to suggest this solution.

If ok, I can start adding tests for it.

📚 References

• Issue: Add support of Private JWT Token auth in management API #494
• Related issue in x/oauth2 package: proposal: x/oauth2: support private_key_jwt client authentication golang/go#57186

🔬 Testing

• Generate key pair with:
  • openssl genrsa -out private.pem 2048
  • openssl rsa -in private.pem -pubout > public.pub
• Add new application in Auth0
• Setup Private Key JWT auth for the application and add the public key

Run following main.go program:

package main

import (
	"context"
	"log"
	"os"

	"github.com/auth0/go-auth0/management"
)

func main() {
	signingAlg := "RS256"
	auth0Domain := "auth0Domain"
	clientID := "clientId"

	key, err := os.ReadFile("private.pem")
	if err != nil {
		panic(err)
	}

	auth0API, err := management.New(
		auth0Domain,
		management.WithClientCredentialsPrivateKeyJwt(context.TODO(), signingAlg, string(key), clientID),
	)
	if err != nil {
		panic(err)
	}

	test, err := auth0API.Client.List(context.TODO(), management.Page(0), management.PerPage(10))
	if err != nil {
		panic(err)
	}

	log.Println("Auth0 clients: %+v", test)
}

📝 Checklist

• All new/changed/fixed functionality is covered by tests (or N/A)
• I have added documentation for all new/changed functionality (or N/A)