Edx-drf-extensions

---------------------

Fixed
~~~~~
* Bug fix for when both ENABLE_SET_REQUEST_USER_FOR_JWT_COOKIE and the JWT cookie user vs session user check behind ENABLE_FORGIVING_JWT_COOKIES were enabled at the same time.

Added
~~~~~
* Added custom attributes set_user_from_jwt_status and skip_jwt_vs_session_check.

Updated
~~~~~~~
* ADR for removing HTTP_USE_JWT_COOKIE, which explains forgiven JWT cookies, was updated to explain the cases where the JWT cookie user and session user do not match.

Removed
~~~~~~~
* Toggle EDX_DRF_EXTENSIONS[ENABLE_JWT_VS_SESSION_USER_CHECK] has been removed. This check is now a default part of the ENABLE_FORGIVING_JWT_COOKIES functionality. ENABLE_JWT_VS_SESSION_USER_CHECK was just a temporary roll-out toggle that was already proven out everywhere ENABLE_FORGIVING_JWT_COOKIES was already enabled.

---------------------

Changed
~~~~~~~
* Made changes to the recent ENABLE_JWT_VS_SESSION_USER_CHECK custom attributes. Although this is technically a breaking change, skipping major release because of limited use of these attributes.

* The jwt_auth_session_user_id attribute has been renamed to clarify that this attribute only appears in the case of a mismatch.
* Dropped jwt_auth_and_session_user_mismatch, which is redundant to simply checking for the existence of jwt_auth_mismatch_session_user_id.
* Updated annotations for jwt_auth_request_user_not_found, because it has proven to be a real case in Production and not just in testing.

---------------------

Added
~~~~~
* Added support for Django 4.2

---------------------

Added
~~~~~
* Added toggle EDX_DRF_EXTENSIONS[ENABLE_JWT_VS_SESSION_USER_CHECK] to enable the following:

* New custom attributes is_jwt_vs_session_user_check_enabled, jwt_auth_session_user_id, jwt_auth_and_session_user_mismatch, and invalid_jwt_cookie_user_id for monitoring and debugging.
* When forgiving JWT cookies are also enabled, user mismatches will now result in a failure, rather than a forgiving JWT.

Changed
~~~~~~~
* BREAKING CHANGE: For tests only, the test utility method generate_unversioned_payload now requires that the user argument contains an id attribute. In the case of a Mock user, you must set user.id.

---------------------

Added
~~~~~
* (`354 <https://github.com/openedx/edx-drf-extensions/pull/354>`_) Implemented ``verify_jwk_signature_using_keyset`` function.
This function allows for easy verification of JSON Web Key (JWK) signatures using a provided keyset.

--------------------

Fixed
~~~~~

* Added more useful exception logging when JWT auth fails. The exception we
get for that did not have enough detail about how the auth check failed so we
dig deeper to an exception that is more useful and log that.