In 3.0.0, the switch `oauth2.enforce_jwt_scopes` was removed, which
starts checking is_restricted in JWTs. This works fine for JWTs created
with the LMS, but uncovered a pre-existing bug that will only show
itself in the Ecommerce Service for certain JWTs which were meant to be
decoded with a custom jwt_decode_handler. In the Ecommerce Service only,
this custom jwt_decode_handler is set using the JWT_DECODE_HANDLER
setting.
This fix updates the JWT code to respect the JWT_DECODE_HANDLER setting
of JWT_AUTH, and uses the configured handler rather than assuming the
edx-drf-extensions version will always be used.
Additionally, the fix accounts for JWTs that are missing certain
claims in the payload (e.g 'is_restricted' and 'filters'), by using
appropriate defaults.
ARCHBOM-1036