Option to configure leeway for claims validation

[1zg12]

Is your feature request related to a problem? Please describe.

At the moment, the existing validate method allows a passed in parameter to set the leeway.

For example:

authlib/authlib/oidc/core/claims.py

Line 26 in 36e2236

def validate(self, now=None, leeway=0):

However, this has been hardcoded to 2 minutes in the invocation method.

For example:

authlib/authlib/integrations/base_client/remote_app.py

Line 200 in 36e2236

claims.validate(leeway=120)

This will leave developers stuck at 2 minutes leeway, which could be very critical for some highly sensitive applications.

Describe the solution you'd like

A solution to give developers an option to pass in the leeway as designated.

For example, when we call the parse_id_token, in addition to the existing option

        try:
           # this has a default leeway of 2 minutes
            userinfo = oauth.keycloak.parse_id_token(token) 
        except Exception as e:
            log.error(f"Got a malformed response", e)

we can also set up

        try:
           # this has a configured leeway of 0 minutes
            userinfo = oauth.keycloak.parse_id_token(token, leeway=0) 
        except Exception as e:
            log.error(f"Got a malformed response", e)

Describe alternatives you've considered

A clear and concise description of any alternative solutions or features you've considered.

Additional context

Add any other context or screenshots about the feature request here.