Fixes #21396

To allow an overview of all existing access-tokens and their owners, there's a new searchable, paginated endpoint providing all necessary data.

Description

The endpoint returns the following fields per existing token:

• ID of the token
• User-name
• ID of the owning user
• Name of the token
• Timestamp of the creation of the token
• Timestamp of last access of the token
• If the user is external or not
• For external users, the name of the authentication-back-end.

Motivation and Context

An admin can create auth tokens for token access for a user. If this user is a user from OIDC/LDAP (e.g. keycloak) and that user is disabled later in the auth server, the auth tokens still remain valid, because the user still has the "enabled" flag in the Graylog Database. There is no sync process which will subsequently remove the enabled flag on the record, regardless of the status of the external account. As a result, an API token belonging to a disabled or deleted user can potentially be used to perform actions.
This PR provides all required information for an overview-page across al users and tokens, so the admin doesn't need to check all tokens user by user manually, but gets all of them in one place.

How Has This Been Tested?

There are some unit-tests for the newly created classes, but the functionality was also tested locally using curl.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Refactoring (non-breaking change)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have added tests to cover my changes.