feat: support OIDC claim validator (#8772)

[beardnick]

Description

Fixes #8772

Checklist

• I have explained the need for this PR and the problem it solves
• I have explained the changes or the new features added to this PR
• I have added tests corresponding to this change
• I have updated the documentation to reflect this change
• I have verified that this change is backward compatible (If not, please discuss on the APISIX mailing list first)

[github-actions]

This pull request has been marked as stale due to 60 days of inactivity. It will be closed in 4 weeks if no further activity occurs. If you think that's incorrect or this pull request should instead be reviewed, please simply write any comment. Even if closed, you can still revive the PR at any time or discuss it on the [email protected] list. Thank you for your contributions.

[Baoyuantop]

Hi @beardnick, please make the test pass

[beardnick]

Hi @beardnick, please make the test pass

Ok, I'll take a look

[Baoyuantop]

need to add documentation for this

[Baoyuantop]

Hi @beardnick, do you have time to continue working on this PR?

[beardnick]

Hi @beardnick, do you have time to continue working on this PR?

Sorry, I'm busy last few days. I'll continue work on it tomorrow.

[beardnick]

@Baoyuantop I took a more detailed look at the code. Seems this pr(#11987) did something similar to my pr. Do you think my pr is still necessary?

[jmaasing]

@Baoyuantop I took a more detailed look at the code. Seems this pr(#11987) did something similar to my pr. Do you think my pr is still necessary?

I'm not an apisix-developer but a user so I can't say anything about the implementation details. But I am looking to your PR to have the ability to configure the plugin to only allow requests through if the user has a "roles" claim containing one or more specific roles.

The PR you are referencing seems similar but geared towards checking the 'aud' claim only, which is nice but does not cover my use case.