Fixed the issue where JWT authentication was silently bypassed when an invalid public key (or invalid public key file path) was used.