As a user I want to be authenticated with a JWT that conforms the FDSN AAI spec

Avy must be able to verify tokens issued by a list of identity providers.

The identity providers should be a list in the configuration along their public keys.

Public keys could be provided in a directory and the validation will try all public keys.

Pubkeys could also be provided as a configuration in the environment, but this can get cumbersome in the case we have to manage a lot of public keys.