feat: Fetch project roles from introspection

[aDogCalledSpot]

Allows fetching the project roles from the returned JWT token when using the introspection endpoint.

Is generic over a type for the roles so that users can do something like:

#[derive(Debug, Serialize, Deserialize, PartialEq, Eq, Hash, Clone, Copy)]
#[serde(rename_all = "kebab-case")]
enum MyRole  {
    Admin,
    User,
}

fn my_endpoint(user: Introspected<MyRole>) -> Result<impl IntoResponse> {
    if !user.project_roles.get(MyRole::Admin).is_some_and(|r| r.contains(ORG_ID)) {
         return StatusCode::FORBIDDEN;
    }
}

[buehler]

Thanks for the addition! :-)

One question though: why do you think the key of the roles map are something else than strings? This adds a lot of complexity with traits to the code.

Wouldn't it be simpler if you just used "String"?

[aDogCalledSpot]

Roles are perfect for being displayed as enums and how I would assume that most people are going to implement the roles in their backends. Adding a few trait bounds here leads to a lot of boilerplate being removed where the strings are constantly converted from and to an enum instance on which all the logic is based.

I added String as the default type, so if no handling in particular is specified then you can always fall back to using String. This also means that this change is backwards compatible.

[github-actions]

🎉 This PR is included in version 4.3.0 🎉

The release is available on:

• v4.3.0
• GitHub release

Your semantic-release bot 📦🚀