fix(jwt): remove chances to base64 decode a rsa_public_key

[jizhilong]

Summary

never base64 decode a rsa public key

Checklist

• The Pull Request has tests
• A changelog file has been created under changelog/unreleased/kong or skip-changelog label added on PR if changelog is unnecessary. README.md
• [ ] There is a user-facing docs PR against https://github.com/Kong/docs.konghq.com - PUT DOCS PR HERE

Issue reference

Fix #13710

[CLAassistant]

All committers have signed the CLA.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[gszr]

Thanks for your contribution, @jizhilong! The fix looks good to me. @bungle could you also take a look?

[team-gateway-bot]

Successfully created cherry-pick PR for master:

• https://github.com/kong/kong-ee/pull/10755

[gszr]

@jizhilong please claim your Kong Contributor digital badge over here https://docs.google.com/forms/d/e/1FAIpQLSfacQHac-PYIDIrDOi_W2l7cWxBDRIVBs6xE5HnlojPvdhL9g/viewform.

[t-yuki]

I guess this PR breaks current running gateways already deployed with base64-encoded keys.

[jizhilong]

I guess this PR breaks current running gateways already deployed with base64-encoded keys.

@t-yuki

• for JWT plugins configured properly, and already running as expected, this patch will not change their behavior.
• for the original JWT plugins configured with asymmetric encryption and conf.secret_is_base64=true(just like [JWT plugin] RSA256 return message:Invalid key/secret #2891), the HTTP response codes may change from all 403 to partially 2xx. If the 403 was intentionally set by the administrator(relying a bug to block requests), this patch could indeed pose some security risks. I believe such scenario is quite rare in practice.