create a JwtVerifyHandler based on handler.yml

[stevehu]

As we know, we have JwtVerifyHandlers in each individual frameworks and they are responsible for verifying the JWT token in the request header to authorize the request. As the security requirement is defined in the specifications and each framework has its own spec format, that is why we have several implementations.

When light-router is used to secure backend services, it is very hard to create a combined specification for the router instance especially when backend services are implemented in different frameworks. Given there are a lot of extra works to bring the spec to the router instance, we have to find a simpler way to enforce security on the light-router instance.

With the handler module introduced recently to support multiple chains in the same instance and all the endpoints are defined in the handler.yml config file. We can enhance the handler module to put the JWT token scope in the path/method definition in the handler.yml and pass the info to the subsequent JwtVerifyHandler to verify it. This enables security at light-router without specification and makes the light-router more flexible in terms of usage.

What do you think?

[stevehu]

Although this issue is opened here in the light-router repo, I think it should be implemented in light-4j so that the same handler can be shared between the light-proxy and the light-router.