feat: support token rotation in ID token mutator

[aeneasr]

Previously, only one JWK may be returned by the JWKS URL. This made token rotation impossible. This patch allows for multiple keys to be returned by the JWKS URL and the first key found will be used for signing.

Related issue(s)

Checklist

• I have read the contributing guidelines.
• I have referenced an issue containing the design document if my change
  introduces a new feature.
• I am following the
  contributing code guidelines.
• I have read the security policy.
• I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security vulnerability, I
  confirm that I got the approval (please contact
  security@ory.sh) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature
  works.
• I have added or changed the documentation.

Further Comments

[codecov]

Codecov Report

Merging #1119 (51be901) into master (91ae714) will not change coverage.
The diff coverage is 0.00%.

❗ Current head 51be901 differs from pull request most recent head 8605cc1. Consider uploading reports for the commit 8605cc1 to get more accurate results

@@           Coverage Diff           @@
##           master    #1119   +/-   ##
=======================================
  Coverage   78.17%   78.17%           
=======================================
  Files          80       80           
  Lines        3853     3853           
=======================================
  Hits         3012     3012           
  Misses        566      566           
  Partials      275      275           

Impacted Files	Coverage Δ
credentials/signer_default.go	63.26% <0.00%> (ø)