Fix #715 Fix expression validator

[alebianco]

Escape identity validator expression;
Do not require grouping and return original token;

[dherault]

Thanks for the PR @alebianco
The new behavior is too divergent from the old one I think,
Before the authorization was matchedAuthorization[1] and after simply authorization
What about the parts in authorization we don't want, trimmed by the regex selector?

[alebianco]

Yes it is a noticeable change, I didn't find any test that specifically cover this behaviour but I suspect there will be users out there leveraging it.

I double checked the AWS documentation (I don't know much of the other cloud providers serverless covers) and nowhere it says that the expression is/can be used to manipulate the token. It only verifies that the token matches the expression and then forwards the full token to the handler, if any modification is needed it can be done there.

I guess the point is to being the offline experience as close as possible to what will happen online once the authenticator is deployed.

Obviously I'm open to discussion and suggestions

[dherault]

v5.4.4