Nginx: verify OIDC token before rewrite
A while ago I managed to get Nginx and OpenID Connect working together. Obviously, there is a commercial plugin provided by Nginx authors, but for simpler cases we can use a a simpler way with `auth_request` which works nicely with OIDC token introspection served by for example Keycloak.