Sid and Kid swapped when importing jwt from CLI

[sktan18]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• This issue affects my Ory Network project.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Describe the bug

I was trying to overwrite "hydra.jwt.access-token" by importing a set of jwt from command line. The sid and kid were swapped when stored in the database. Looking at the source code, the caller of the JwkApi.SetJsonWebKey is passing in the arguments in the wrong order.
Function: func (a *JwkApiService) SetJsonWebKey(ctx context.Context, set string, kid string)

Caller: m.JwkApi.SetJsonWebKey(cmd.Context(), k.Kid, set).JsonWebKey(k).Execute()

Reproducing the bug

1. Run hydra docker
2. Import jwt to overwrite sid "hydra.jwt.access-token"
   hydra import jwk "hydra.jwt.access-token" --skip-tls-verify --use sig /etc/ssl/certs/ecdsakey.json /etc/ssl/certs/ecdsapub.json --alg ES384 -e $HYDRA_ADMIN_URL

"hydra.jwt.access-token" will be safe as the kid. Sid will be auto-generated.

Relevant log output

No response

Relevant configuration

No response

Version

v2.0.1

On which operating system are you observing this issue?

Windows

In which environment are you deploying?

Docker Compose

Additional Context

Possible workaround (not ideal), set the kid as "hydra.jwt.access-token" so that the arguments are swapped back...