bug: When we use the jwt-auth plugin, no matter how much the exp in the payload is set to, the actual token expiration time will be the current time + the default expiration time (1 day)

[fanyu-byte]

Current Behavior

When we use the jwt-auth plugin, no matter how much the exp in the payload is set to, the actual token expiration time will be the current time + the default expiration time (1 day)

Expected Behavior

the token expiretime should same as which i configed in the payload

Error Logs

No response

Steps to Reproduce

1. start apisix and jwt-plugin

2. generage jwt-token and write payload contains exp , such as
   curl -G --data-urlencode 'payload={"uid":10000,"uname":"test","exp":1728976481}' http://127.0.0.1:9080/apisix/plugin/jwt/sign?key=merchant-key

3. Parse the token to check the exp and see if it is consistent with the expectation.

Environment

• APISIX version (run apisix version): 3.10.0
• Operating system (run uname -a): wsl2.0
• OpenResty / Nginx version (run openresty -V or nginx -V):
• etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info):
• APISIX Dashboard version, if relevant:
• Plugin runner version, for issues related to plugin runners:
• LuaRocks version, for installation issues (run luarocks --version):

[fanyu-byte]

please review this pr
#11653

[moonming]

The exp used in the API for issuing tokens on the data plane comes from the plugin configuration, not specified in the payload, so this issue is expected.
In the latest code of Apache APISIX, the JWT signature function has been removed. You can use a third-party tool to generate a signature and verify it in the API gateway.