Support set roles using OAuth claims

[oneonestar]

Currently, we authenticate an user and get the userId from OAuth provider.
The mapping between userId and role is done by setting the presetUsers.
If userId exists in presetUsers, we'll use the privileges set for the user and match it in authorization.

It's inconvenient to set every account in presetUsers in order to perform a userId to role mapping.
We can improve this by getting the info from OAuth claims.

A similar feature already exist in LDAP (lbLdapClient.getMemberOf(username)).
This feature also exists in Trino (trinodb/trino#15669), although it's discouraged due to the conflict with impersonation. We don't have impersonation in gateway, so this won't be a concert.

Ref:

authentication:
  defaultType: "oauth"
  oauth:
    issuer: ....

authorization:
  admin: (.*)ADMIN(.*)
  user: (.*)USER(.*)
  api: (.*)API(.*)

presetUsers:
  alice:
    privileges: ADMIN_USER_API

trino-gateway/gateway-ha/src/main/java/io/trino/gateway/ha/security/AuthorizationManager.java

Lines 40 to 53 in 6fb8346

	public Optional<String> getPrivileges(String username)
	{
	//check the preset users
	String privs = "";
	UserConfiguration user = presetUsers.get(username);
	if (user != null) {
	privs = user.privileges();
	}
	else if (lbLdapClient != null) {
	privs = lbLdapClient.getMemberOf(username);
	}
	return Optional.ofNullable(privs);
	}