Migrate to github.com/golang-jwt/jwt/v4 to address CVE-2020-26160

[JorritSalverda]

github.com/golang-jwt/jwt is a drop-in replacement for github.com/dgrijalva/jwt-go.

Version 4 - see https://github.com/golang-jwt/jwt/blob/main/MIGRATION_GUIDE.md - fixes vulnerability CVE-2020-26160 and does away with checking the issued at time, which is not supposed to be checked according to the JWT spec but can lead to Token used before issued errors.