Support mapping JWT claims to general-purpose NGINX variables.

[mgilham]

This change adds a new auth_jwt_extract_claims directive to extract claims to dedicated NGINX variables, which can be used generally in response bodies, the map module, etc. It preserves backwards compatibility with the existing header-based claim extraction.

The flow is different. Previously, the JWT was parsed, validated, and had claims extracted in nginx's "access" phase (NGX_HTTP_ACCESS_PHASE). With this PR, those JWT operations potentially happen earlier in the request lifecycle. We introduce a module context struct to hold the JWT validation status and the values of any claim variables. The JWT is processed and this context created on-demand, and it is cached by nginx for later use in the lifecycle of the request. This JWT processing happens at the latest during the access phase (as before), and at the earliest when a the value of a variable is requested via its "getter". The access-phase handler uses the validation status cached in the context, to preserve existing auth logic.

Note that "if" statements are still confusing due to nginx's design, but they can still be employed with some care to fill gaps for some use cases.

[mgilham]

:+1: Functionality checks out after re-formatting.