As everyone is aware you don't need JWTs for OAuth. However, OIDC
requires them which is a main target, alongside almost every non-OIDC
(unfortunately) using JWT.
Furthermore, despite being labeled under "signatures" in the standard,
MACs aren't a goal in this library.
Moving algorithm specific jwk code to an internal module.
Not caring about it should be fine(?) to the end user as long
as the library remains vigilantic about it. Also, the crypto.PublicKey
in JWK isn't meant to be used directly anyway.