Removes 'iat' from required claims

Author: jvanderhoof

app/domain/authentication/authn_jwt/v2/strategy.rb

@@ -83,13 +83,15 @@ def callback(request_body:, parameters: nil)
             raise Errors::Authentication::AuthnJwt::MissingToken
           end
 
+          # TODO: Should `iat` be required?
+          #
           # The check for audience "should" go away if we force audience to be
           # required
           manditory_claims = if @authenticator.audience.present?
-            %w[exp aud iat]
+            %w[exp aud]
           else
             # Lots of tests pass because we don't set audience :( ...
-            %w[exp iat]
+            %w[exp]
           end
           if (missing_claim = (manditory_claims - token.keys).first)
             raise Errors::Authentication::AuthnJwt::MissingMandatoryClaim, missing_claim