Add bearer token-based authentication

[Kaliumhexacyanoferrat]

As the developer of a web service, I would like to secure my service by accepting and validating bearer tokens, so that I can integrate my service with the SSO system.

Example

var auth = BearerTokenAuthentication.Create()
                               .Endpoint("https://myserver/auth")
                               .ClientID(...)
                               // ...
                               .Authorization((token) => {
   // check permissions/roles here
   return new BearerTokenUser(token);
});

var securedContent = Layout.Create()
                           .Authentication(auth);

Acceptance criteria

• The functionality is provided by the Authentication module
• The functionality re-uses an existing library for parsing and validating a token
• Validation against a remote server is optional
• If the token is missing from the request, a 401 is returned
• If the token is invalid or the user lacks permission, a 403 is returned
• If no authorization logic is passed, the user is always considered authorized
• The secured content can access the token if needed
• The functionality is secured with acceptance tests