Authentication docs could do with a note around .NET 8 changes

[devsbryan]

Docs Update Suggestion

The section in the authentication docs that deals with overriding the mapping of the 'scp' claim no longer applies in .net 8.

https://ocelot.readthedocs.io/en/latest/features/authentication.html#auth0-by-okta

The JwtSecurityTokenHandler is no longer the default, and has been replaced by JsonWebTokenHandler

The example in the docs will work in .net 8 by simply replacing the reference to the JwtSecurityTokenHandler.

i.e.

JsonWebTokenHandler.DefaultInboundClaimTypeMap.Remove("scp");
JsonWebTokenHandler.DefaultInboundClaimTypeMap.Add("scp", "scope");

It is perhaps also worth mentioning in the docs that this does not solely apply to using Okta (in my case it also applies to Azure AD)

References:

• https://github.com/dotnet/AspNetCore.Docs/issues/30935
• https://learn.microsoft.com/en-us/aspnet/core/security/authentication/claims?view=aspnetcore-8.0#claims-namespaces-default-namespaces
• https://github.com/aspnet/Announcements/issues/508

Motivation for New Feature

Avoid confusion for anyone attempting to configure ocelot authentication on .net 8.

Without this change, scopes do not work.

Steps to Reproduce the Problem

n/a

Specifications

n/a

[raman-m]

Hi Bryan! Welcome to Ocelot world! 🐯

Thanks for reporting this issue and letting us know about these changes in claims mapping! Will you contribute to update the docs?

Ideally, this issue ticket can be closed by a PR with acceptance tests or develop a sample to merge. Writing acceptance tests is not easy. Create a sample is a bit easier. But I believe simple updating of our docs will be fine too.

Do you have an intention to work on this issue being created by you?