refactor(access-control-service): reuse SecurityContext to skip duplicate JWT parse

[Yicong-Huang]

What changes were proposed in this PR?

In AccessControlResource, when SecurityContext.getUserPrincipal is already a SessionUser populated by JwtAuthFilter (the Authorization-header path), reuse it instead of calling JwtParser.parseToken on the same token again. Falls back to parsing the query/body token only when no principal is available, preserving WebSocket (?access-token=) and form-POST (body token) flows that the filter does not see.

Why are the changes needed?

Related issues: Closes #5559

How was this PR tested?

Added unit test covering the SecurityContext-reuse path; existing AccessControlResourceSpec cases continue to exercise the query/body fallback.

Was this patch authored or co-authored using generative AI tooling?

Generated-by: Claude Opus 4.7

[codecov-commenter]

Codecov Report

❌ Patch coverage is 88.23529% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 52.17%. Comparing base (75b4619) to head (03c6326).

Files with missing lines	Patch %	Lines
...exera/service/resource/AccessControlResource.scala	88.23%	0 Missing and 2 partials ⚠️

Additional details and impacted files

@@            Coverage Diff            @@
##               main    #5560   +/-   ##
=========================================
  Coverage     52.16%   52.17%           
  Complexity     2482     2482           
=========================================
  Files          1067     1067           
  Lines         41273    41276    +3     
  Branches       4437     4439    +2     
=========================================
+ Hits          21532    21534    +2     
  Misses        18479    18479           
- Partials       1262     1263    +1     

Flag	Coverage Δ		*Carryforward flag
access-control-service	64.64% <88.23%> (+0.03%)	⬆️
agent-service	33.76% <ø> (ø)		Carriedforward from e37a8f4
amber	53.23% <ø> (ø)		Carriedforward from e37a8f4
computing-unit-managing-service	1.65% <ø> (ø)
config-service	56.06% <ø> (ø)
file-service	38.32% <ø> (ø)
frontend	46.47% <ø> (ø)		Carriedforward from e37a8f4
pyamber	90.69% <ø> (ø)		Carriedforward from e37a8f4
python	90.83% <ø> (ø)		Carriedforward from e37a8f4
workflow-compiling-service	58.69% <ø> (ø)

*This pull request uses carry forward flags. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.