Is there a way to handle scopes supplied in JWT and validate against the scope defined in the OpenAPI definition?

[sawilde]

It is possible to define what scopes are applicable for a route in the OpenAPI specification eg

const listRoute = createRoute({
  method: 'get',
  path: '/things',
  responses: {
    200: {
      description: 'things fetched successfully',
      content: {
        'application/json': {
          schema: ThingsSchema,
        },
      },
    },
  },
  security: [
    {
      Bearer: ['things/read'],
    },
  ],
});

app.openapi(listRoute, async (c) => {... });

But I don't see a way to enforce them using the current hono framework, am I missing something?