Juju 3.2 doesn't accept token login

Hi,

In Juju 3.2 there was work done to enable token login where Juju would verify a JWT as part of the login flow when the controller was configured with `--config login-token-refresh-url`. This intended for JAAS to act as the auth layer for Juju. Currently when using JAAS, when a user logs into a JIMM controller we authenticate the user, authorise them and craft a JWT that we attach to their login request and forward that login request to Juju. This seems to work with the Juju CLI, with flow looking like CLI -> JIMM -> Juju controller.

A problem has surfaced with the Juju dashboard where a similar flow is performed as above except the Juju controller is responding with a "bakery-discharge-required" error. Seemingly the only difference between the CLI login request and the Juju dashboard login request is that the macaroon on the dashboard request is discharged with macaroon-bakery v2 while the CLI is using macaroon-bakery v3, but in both cases the Juju controller should be ignoring the macaroons since token login should take preference.

This was attempted to be addressed in JIMM, where we are now attempting to strip the macaroon from the login request but now instead, even CLI requests fail with the error "ERROR no credentials provided (no credentials provided)". I think this warrants further investigation.

Juju controller version: 3.2.3.1 and 3.2.0

To reproduce:
- Install juju from 3.2/edge (currently using 3.2.3-409e58a)
- juju bootstrap --config login-token-refresh-url=https://jimm.comsys-internal.v2.staging.canonical.com/.well-known/jwks.json localhost test-controller
- juju add-model test
- juju show-model test (grab model uuid)

Now using Postman connect to wss://<controller-ip>/model/<test-model-uuid>/api and send the following JSON
{
    "request-id": 1,
    "type": "Admin",
    "version": 3,
    "request": "Login",
    "params": {
        "auth-tag": "",
        "credentials": "",
        "nonce": "",
        "macaroons": null,
        "bakery-version": 3,
        "cli-args": "/snap/juju/23878/bin/juju status",
        "user-data": "",
        "client-version": "3.2.3",
        "token": "test"
    }
}

Or via CLI using wscat
- wscat -n -c wss://<controller-ip>/model/<test-model-uuid>/api
- {"request-id":1,"type":"Admin","version":3,"request":"Login","params":{"auth-tag":"","credentials":"","nonce":"","macaroons":null,"bakery-version":3,"cli-args":"/snap/juju/23878/bin/jujustatus","user-data":"","client-version":"3.2.3","token":"test"}}

The controller returns {"request-id":1,"error":"no credentials provided","error-code":"no credentials provided","response":{}}
but I expect an error about an invalid JWT token.