Incorrect checking iat for revocation

[0xc22b]

Describe the bug After set revocation by calling revoke-all, can't sign in anymore

To Reproduce Steps to reproduce the behavior:

1. Post a request to revoke-all
2. Sign out and sign in

Expected behavior All existing auth tokens cannot be used anymore. A new auth token should be able to work.

Additional context

• There is no iat in auth token but in authentication.ts:302, if there is oldestValidTokenTimestamp, iat is required in the token. So every auth token will all be invalid.
• It's already correct that iat should not be in the auth token as the token can be created again and again by an app i.e. if a request fails, @stacks/storage will try again with a new auth token.
• If there is iat in an auth token, revocation will be useless i.e. an app just creates a new auth token with a newer timestamp for iat.
• iat should be in an association token which it already is. With this, user needs to sign out and sign in again with a new association token.
• So in authentication.ts, checking for revocations should not be in isAuthenticationValid (line 301-316), but should be in checkAssociationToken instead.

PS. I know you all are busy. I just leave a message here that can't use revoke right now or won't be able to access data in that account again. 😭