refactor(auth): replace untyped JWT claims with typed Claims struct

Introduced a typed Claims struct in core/auth to replace the raw
map[string]any approach used for JWT claims throughout the codebase.
This provides compile-time safety and better readability when creating,
validating, and extracting JWT tokens. Also upgraded lestrrat-go/jwx
from v2 to v3 and go-chi/jwtauth to v5.4.0, adapting all callers to
the new API where token accessor methods now return tuples instead of
bare values. Updated all affected handlers, middleware, and tests.

Signed-off-by: Deluan <deluan@navidrome.org>

server/public/handle_shares.go

@@ -97,12 +97,10 @@ func (pub *Router) mapShareToM3U(r *http.Request, s model.Share) *model.Share {
 }
 
 func encodeMediafileShare(s model.Share, id string) string {
-	claims := map[string]any{"id": id}
-	if s.Format != "" {
-		claims["f"] = s.Format
-	}
-	if s.MaxBitRate != 0 {
-		claims["b"] = s.MaxBitRate
+	claims := auth.Claims{
+		ID:      id,
+		Format:  s.Format,
+		BitRate: s.MaxBitRate,
 	}
 	token, _ := auth.CreateExpiringPublicToken(V(s.ExpiresAt), claims)
 	return token