Removed whitelist of JWT errors

refs https://linear.app/tryghost/issue/ENG-712/

I don't think we ever need to respond with a 500 here, if the verify call
fails, we know that the token is unauthorized for use.

ghost/core/core/server/services/auth/api-key/admin.js

@@ -159,7 +159,6 @@ const authenticateWithToken = async function apiKeyAuthenticateWithToken(req, re
         try {
             jwt.verify(token, secret, options);
         } catch (err) {
-            if (err.name === 'TokenExpiredError' || err.name === 'JsonWebTokenError' || err.name === 'NotBeforeError') {
             return next(new errors.UnauthorizedError({
                 message: tpl(messages.invalidTokenWithMessage, {message: err.message}),
                 code: 'INVALID_JWT',
@@ -167,10 +166,6 @@ const authenticateWithToken = async function apiKeyAuthenticateWithToken(req, re
             }));
         }
 
-            // unknown error
-            return next(new errors.InternalServerError({err}));
-        }
-
         // authenticated OK
 
         if (apiKey.get('user_id')) {