JWKS support for JWT verification

[logan-hcg]

Instead of requiring a hard coded shared secret for verifying JWT, it would be ideal if the tokens could (optionally) use a JSON Web Key Set to use a public key algorithm (eg RS256) instead.

This would: A. reduce the places where the "secret" material would have to be available; and B. allow rotation of the secrets (ie private key) without changes or interruptions to Lakefs