Guardpost

- Raises a more specific exception `ForbiddenError` when the user of an
operation is authenticated properly, but authorization fails.
This enables better handling of authorization error, differentiating when the
user context is missing or invalid, and when the context is valid but the
user has no rights to do a certain operation. See [371](https://github.com/Neoteroi/BlackSheep/issues/371).

- Improves the automatic rotation of `JWKS`: when validating `JWTs`, `JWKS` are
refreshed automatically if an unknown `kid` is encountered, and `JWKS` were
last fetched more than `refresh_time` seconds ago (by default 120 seconds).
- Corrects an inconsistency in how `claims` are read in the `User` class.

- Adds built-in support for dependency injection, using the new `ContainerProtocol`
in `rodi` v2.
- Removes the synchronous code API, maintaining only the asynchronous code API
for `AuthenticationStrategy.authenticate` and `AuthoreoizationStrategy.authorize`.
- Replaces `setup.py` with `pyproject.toml`.
- Reduces imports verbosity.
- Improves the `identity_getter` code API.
- Corrects `Identity.__getitem__` to raise `KeyError` if a claim is missing.

- Workflow maintenance.

- Adds `sub`, `access_token`, and `refresh_token` properties to the `Identity`.
class
- Adds `py.typed` file.

- Adds classes to handle `JWT`s validation, but only for `RSA` keys.
- Fixes issue (wrong arrangement in test) 5.
- Includes `Python 3.10` in the CI/CD matrix.
- Enforces `black` and `isort` in the CI pipeline.