Add validation claims to the upload JWT tokens

Current situation

In the current implementation, uploads will generate two JWT tokens (one is set in the headers, the other is set in the request parameter)

• https://gitlab.com/gitlab-org/gitlab-workhorse/-/blob/master/internal/filestore/file_handler.go#L91
• https://gitlab.com/gitlab-org/gitlab-workhorse/-/blob/master/internal/upload/saved_file_tracker.go#L44

Improvements

Rails will only verify the signature. It could be worthwhile to limit the validity of these tokens using these claims

• exp
• nbf
• iat

This way, Rails can implement an additional layer of validations:

• Checking exp
• Checking nbf
• Checking iat