Accept several endpoints for fetching JWKS from instead of just a single entry

Currently on the CTA Frontend side, we have a configuration entry :

grpc.jwks.uri: http://auth-keycloak:8080/realms/master/protocol/openid-connect/certs

This accepts a single trusted endpoint from which to fetch public keys used for signing tokens.

But, we will very likely need to have distinct endpoints for the physics workflow events and for the cta-admin commands. We need to update the config accordingly to support this.