Do not ignore all JWKS parsing errors

[morigs]

Preflight Checklist

• I could not find a solution in the existing issues, docs, nor discussions
• I have joined the ZITADEL chat

Describe your problem

Currently, jsonWebKeySet.UnmarshalJSON ignores all parsing errors. Comment says that this is done to ignore "unknown key types (kty)" but in fact it ignores all errors (for instance, invalid base64). This makes debugging such errors extremely hard

Describe your ideal solution

Returning error describing why key verification really failed instead of "missing keys".
Or at least log occurring errors somewhere as warnings

Version

3.11.1

Environment

Self-hosted

Additional Context

No response

[livio-a]

Hey @morigs

Thanks for the issue. We'll look into it.

[livio-a]

Need to recheck if github.com/go-jose/go-jose/v4's latest release has an impact / would fix this

[muhlemmer]

@livio-a it seems that the error fix you were looking for got reverted upstream, because it became a breaking change: #625