* * Authenticates JWT from headers for any requests wrapped in this middleware.

* * Generates and signs a JWT token with claims of either the "access" or "refresh" types.

* * RefreshToken validates a refresh token and generates a new access token if * valid.