Replace OAuth2 Authentication Provider with OPA

[lkadalski]

We need a functionality where OPA will be responsible for filling security context in Spring.
We should assume JWT token as input and response should be somehow mapped to Authentication object.

[anderseknert]

The question is if whether we want this to be the only option. Perhaps for the first iteration, but it seems we'd probably want to support using this library without providing a JWT or using OAuth2.

[lkadalski]

Actually we want to rid off OAuth2. I would leave "input" for user to choose.

[anderseknert]

Exactly - this library should not depend on OAuth2. My concern was around this:

We should assume JWT token as input

[lkadalski]

yea, I meant some generic input :) jwt token is rather our case