Strip namespace prefix from custom claims

[gguillemas]

Thank you for submitting this pull request! We really appreciate you spending the time to work on these changes.

What is the motivation?

To behave similarly with custom JWT claims as with default JWT claims expected by SurrealDB. With default claims, names are aliased to support namespace prefixes. With custom claims, namespace prefixes will be stripped so that the canonical claim names can be directly accessible using the token parameter.

What does this change do?

Strips namespace prefixes from custom claims before adding it to the token object unless the claim already exists to prevent overwriting a public claim with a private one. Keeps the original claims accessible through the $token parameter in order to preserve backward compatibility in 1.X. This will not be the case in 2.X.

What is your testing strategy?

Add a test to ensure that namespaced custom claims are correctly extracted.

Is this related to any issues?

• May resolve Bug: HTTP CREATE not working when using TOKEN auth #4058.

Does this change need documentation?

No.

Have you read the Contributing Guidelines?

• I have read the Contributing Guidelines

[gguillemas]

Let's hold off on this PR for a bit more. It addresses the issue, but I would like to implement a proper solution. Any small fixes like this one will either cause private claims (i.e. custom claims) to overwrite public ones or cause private claims to not be processed if there is already a public one with the same name, which is what namespacing is intended to prevent.