Consider passing scope validation function to starlette.authentication.require

[jlujan]

I am working on a more complex authorization mechanism and the only thing that is preventing me from using the starlette.authentication.require is that it hard codes starlette.authentication.require.has_required_scope to validate scopes against the request. I would like to propose adding a validate_scopes kwarg to require to allow passing in a user defined function. The default would be has_required_scopes. This would also provide a mechanism to better support #643. Will open a PR if this is acceptable.

Code to be modified https://github.com/encode/starlette/blob/678f87da74232a76feb7db9b273a6b23fa56d92d/starlette/authentication.py#L19-23

The suggested signature would be as follows with references to has_required_scopes replaced in the function body

def requires(
    scopes: typing.Union[str, typing.Sequence[str]],
    status_code: int = 403,
    redirect: str = None,
    validate_scopes=has_required_scope
) -> typing.Callable:

For #643 and my use case would enable something like

class ComplexAuthorization():
    def __init__(self, match_all=True):
        self.match_all = match_all

    def __call__(self, conn: HTTPConnection, scopes: typing.Sequence[str]) -> bool:
        if self.match_all:
            return all(scope in conn.auth.scopes for scope in scopes)
        else:
            return any(scope in conn.auth.scopes for scope in scopes)

authorize = ComplexAuthorization(match_all=False)
@requires(['DataScience', 'Manager', 'Sales'], validate_scopes=authorize)
async def my_endpoint(request):
    ...