Implement an AccessChecker based on "SMART Backend Services".

[bashir2]

Our current sample access-checkers, i.e., patient and list are intended for app facing scenarios. Another common scenario is when a backend service needs to interact with the FHIR server (e.g., pipelines in fhir-data-pipes). We are going to adopt SMART Backend Services spec as the standard way for such scenarios and implement a sample AccessChecker based on that.

[bashir2]

A large part of supporting SMART Backend spec lies inside the IDP/Authorization server, e.g., Keycloak. To close this issue, we need to do the following:

• Implement a new SmartBackendAccessChecker similar to PatientAccessChecker to check SMART scopes when granting access. This should require fairly small amount of code and should heavily rely on SmartScopeChecker (which may require some refactoring).
• The sample/test Keycloak config here should be updated to support both client-confidential-asymmetric and client-confidential-symmetric authentication methods.
• The integration tests here should be updated to exercise both of these two authentication methods (to gain an access-token) and also the new SmartBackendAccessChecker.
• Feature Implement the option for having a list of access-checkers instead of just one. #201 should also be implemented and in the above e2e tests, this new AccessChecker should be used where it can delegate access-control to other AccessCheckers (including SmartBackendAccessChecker) based on the access-token claims.

[bashir2]

Once this feature is implemented we should also update fhir-data-pipes and add support for client-confidential-asymmetric flow, but we will track that in that repo. Note the client-confidential-symmetric flow was implemented in this PR.