Allow AuthenticationProviderToken to be configured to accept different claims #3810
Description
Is your feature request related to a problem? Please describe.
I would like to use the AuthenticationProviderToken plugin with tokens that conform to the OAuth standard, but not necessarily the JWT standard, and identify the client by an arbitrary claim, not necessarily the "subject" claim (which is taken from line 109 of AuthenticationProviderToken.java : return jwt.getBody().getSubject();).
Describe the solution you'd like
Add a configurable field to AuthenticationProviderToken (which defaults to "subject"), and use jwt.getBody().get(tokenField); instead of .getSubject(). This way, I can specify which claim to use.
Describe alternatives you've considered
I could set the subject claim in my token issuer, but I don't use that claim anywhere else in the system and would like to use the same token
I could make my own AuthenticationProvider with the above changes, but I think that this feature may be useful to other users in similar situations, and the changes are very minor.
Additional context
N/a