Add request body content to OPA request

[massenz]

It would often be useful, to evaluate an authorization policy, to inspect the body of the request and make assertions against certain fields' values.

Adding a body element to the OPA request (the relevant code is in the OpaReactiveAuthorizationManager class) is not as straightforward as it would appear.

There are a couple of issues:

• the size of the request's body contents may be fairly large, multi-part, or even a full binary file upload;
• converting arbitrary content to JSON in a way that could be evaluated in a Rego policy is not trivial.

While the former problem could be solved naively (just ignore any request whose Content-Length is greater than a given, configurable threshold) and the latter could be left as a "problem for the reader" (in this case, the Rego policy author(s)), we choose here a different approach:

• we add a body element (object) to the TokenBasedAuthorizationRequest if the ContentType is application/json;
• we add a body string if ContentType is text/*;
• we ignore anything else (for now anyway);
• the ContentType will be added to the headers section (see Add request Headers to OPA authorization request #36).