Supabase static keys - simplified config

[rkistner]

This adds a new supabase_jwt_secret config option. This can be set to the same value as the deprecated app.settings.jwt_secret value, without any additional config.

Specifically, this does:

1. Avoid needing boilerplate for key type and alg.
2. Avoid needing to specify the audience "authenticated".
3. Increase the max key lifetime to match Supabase (1 week),
4. Automatically base64-url-encode the key.

The idea is this would allow just copying the Supabase JWT key from the Supabase project dashboard, without any more complications.

As soon as Supabase rolls out asymmetric keys, we can deprecate this workflow.

[changeset-bot]

🦋 Changeset detected

Latest commit: 9c21009

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 8 packages

Name	Type
@powersync/service-core	Minor
@powersync/service-types	Minor
@powersync/service-image	Minor
@powersync/service-module-mongodb	Patch
@powersync/service-module-mysql	Patch
@powersync/service-module-postgres	Patch
test-client	Patch
@powersync/service-jpgwire	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[stevensJourney]

Looks good to me. Tested and verified this works.