Handle user token alongside claim tokens in the JSON API

Reference design document for the overall user management service: https://docs.google.com/document/d/1o6gAgAVNji5-kR2xX82h4M0gINIJs3pgDj2IDGew-E0/edit

The user management service is described by the gRPC definition added in https://github.com/digital-asset/daml/pull/11818 and refined in https://github.com/digital-asset/daml/pull/11908.

A claim token is a JWT in the current form of tokens accepted by the Ledger API where claims are laid out explicitly in the token itself.

A user token is a JWT in the form expressed by the user management service design document linked above. The sub field (which is a default field in the JWT specification) specifies the user. The user is used to resolve the claims to fill in the necessary fields on the JSON API throught the user management service.

The user management service will need to be mocked until https://github.com/digital-asset/daml/issues/12014 is closed.

The user management service client already exists on the Scala bindings, added as part of https://github.com/digital-asset/daml/issues/12009.

Acceptance criteria

• The HTTP-JSON API accepts user tokens, resolve their claims and fill in the fields required
• When using the user tokens ~only the primary party of the user is filled in as the actAs party~ the full set of claims resolved for that user is filled in into the request
• The actAs and readAs party can otherwise be overridden by the existing mechanism
  • the streaming endpoints are not yet capable of overriding actAs and readAs, this is a known limitation and is out of scope as part of this ticket
• The old claim tokens are still accepted by the HTTP-JSON API