[FEATURE][PLUGIN]: Create JWT claims and metadata extraction plugin

[araujof]

Description
JWT tokens can include public claims (e.g., identity) and private claims (e.g., roles, attributes, groups, permissions, etc.). Private claims can also include fine-grained permissions for tool calls as documented in RFC 9396 (rich authorization requests). These claims need to be extracted from JWT tokens and added to the context to be leveraged by downstream plugins for making authorization requests, such as in the OPA or Cedar plugins implementing RBAC and ABAC.

This plugin will implements and register to auth hooks in the gateway to extract claims metadata from access tokens and map that auth metadata into a reserved context key that can be used by downstream access control/policy enforcement plugins (such as Cedar and OPA plugins).

Tasks

• hook implementation for the auth hooks in the gateway
• extract the claims and any metadata
• map that to a reserved context object that can be used in downstream plugins for custom enforcement
• document RBAC and ABAC flows using these claims with Cedar and OPA plugins

cc: @monshri @terylt @imolloy