Refactor proxy builder

internal/authz/default_policy_engine.go

@@ -0,0 +1,20 @@
+package authz
+
+import (
+	"net/http"
+)
+
+type TokenClaims struct {
+	Scopes []string
+}
+
+type DefaulPolicyEngine struct{}
+
+func (d *DefaulPolicyEngine) Evaluate(r *http.Request, claims *TokenClaims, requiredScope string) PolicyResult {
+	for _, scope := range claims.Scopes {
+		if scope == requiredScope {
+			return PolicyResult{DecisionAllow, ""}
+		}
+	}
+	return PolicyResult{DecisionDeny, "missing scope '" + requiredScope + "'"}
+}