Make JWT available on the backend

[pbastia]

Description:

As a developer, I want the backend to have access to the entire JWT claims, so that I can perform additional security and access validations.

This will allow the backend (and existing middlewares) to also validate roles and implement RBAC

Acceptance Criteria:

Given When Then

Development Checklist:

• [ ] Checklist item
• [ ] Checklist item
• [ ] Checklist item
• [ ] Meets the DOD

Definition of Ready (Note: If any of these points are not applicable, mark N/A)

• [ ] User story is included
• [ ] User role and type are identified
• [ ] Acceptance criteria are included
• [ ] Wireframes are included (if required)
• [ ] Design / Solution is accepted by Product Owner
• [ ] Dependencies are identified (technical, business, regulatory/policy)
• [ ] Story has been estimated (under 13 pts)

·Definition of Done (Note: If any of these points are not applicable, mark N/A)

• [ ] Acceptance criteria are tested by the CI pipeline
• [ ] UI meets accessibility requirements
• [ ] Configuration changes are documented, documentation and designs are updated
• [ ] Passes code peer-review
• [ ] Passes QA of Acceptance Criteria with verification in Dev and Test
• [ ] Ticket is ready to be merged to main branch
• [ ] Can be demoed in Sprint Review
• [ ] Bugs or future work cards are identified and created
• [ ] Reviewed and approved by Product Owner

Notes:

Dependencies

• Blocked by
• Blocking

[Sepehr-Sobhani]

To consider when implementing this: https://python-keycloak.readthedocs.io/en/latest/modules/openid_client.html

[dleard]

@pbastia @Sepehr-Sobhani Is this related to or potentially part of #268?