Support adding `issuer` claim to the access token JWT

[Pchelolo]

The JWT iss claim is a registered claim name for the JWT standard. Some validator implementations, most notably envoyproxy require the issuer claim to be set in various circumstances, however there's no way right now to specify the claim in the access token emitted by the library.

[Sephster]

Hi @Pchelolo. Thanks for your PR. The ISS claim is not required as per the JWT spec so the JWTs issued by the server are valid.

I believe the reason we haven't included the claim initially is because our access token entities are converted to JWTs when they are issued using the AccessTokenTrait.

If you want to add an issuer, you could replace the AccessTokenTrait's convertToJWT call with code that sets the issuer you wish. For this reason, I don't think we will progress with this PR at this time but thank you very much for your efforts here.

I hope this resolves your issue but please do get back in touch if you have further problems or comments. Many thanks.

[tgr]

@Sephster wouldn't RFC 9068 be the relevant spec here? (Now, anyway... I think it did not exist yet when this conversation started.) That does make iss required.