Add support for `aud` (audience) and `iss` (issuer) claims in tokens

[diegocastrum]

The Token class currently lacks support for setting and verifying the aud (audience) and iss (issuer) claims, which are part of the JWT standard as defined in RFC 7519. These claims are essential for validating tokens in multi-service/tenant environments where tokens are issued by one service and consumed by another.

Proposed Solution

• Add Methods to Set and Verify Claims:

  • Introduce methods like set_aud and set_iss to populate the aud and iss claims when creating tokens.
  • Add a verify_aud and verify_iss method to validate these claims during token verification.

• Configuration Options:

  • Add settings in api_settings to define default values for aud and iss claims.
  • Allow these settings to be overridden dynamically when creating tokens.

• Backward Compatibility:

  • Ensure that these changes are optional and do not break existing functionality for users who do not require aud and iss claims.