Currently, we have claims_namespace which takes a string value. This represents the top-level key in JWT payload inside of which hasura claims are to be found. This is an optional field and if not provided, the default https://hasura.io/jwt/claims is used. See: https://hasura.io/docs/1.0/graphql/manual/auth/authentication/jwt.html#claims-namespace

The problem with this is that this is not customizable i.e. we cannot look for hasura claims either at the top level or even at a more nested level.

Hence, introduce a new optional field called claims_namespace_path which takes a JSON path value to the hasura claims. So a value of $ would mean top-level, $.other.hasura would mean 2-levels of nesting and so on.

If both claims_namespace_path and claims_namespace are given, then throw error.

Example:

{
  "sub": "1234567890",
  "name": "John Doe",
  "admin": true,
  "iat": 1516239022,
  "x-hasura-allowed-roles": ["editor","user", "mod"],
  "x-hasura-default-role": "user",
  "x-hasura-user-id": "1234567890",
  "x-hasura-org-id": "123",
  "x-hasura-custom": "custom-value"
}