Improvements to validating incoming scitokens

This MR improves the validation of incoming auth scitokens, after some real-world testing.

The main functional changes are as follows

• don't use any custom validators, just set up scitokens.Encforcer and use it's default test() method.
• explicitly deserialize() tokens with aud:ANY, the enforcer will restrict the audience later