implementing authorization in the gateway

[SuheylZ]

I'm using express-gateway for a cloud based project. I have a requirement where I have to implement authorization as given below:

1. validate the JWT token to make sure that the request is authenticated
2. extract the claims from the token
3. based on requested endpoint and the extracted claims, perform authorization
4. if the request is authorized, put the extracted claims into header and forward the request to downstream
5. if the request is not authorized, send 403 Forbidden

this is a very key functionality that is needed in the gateway.
Is it possible with express-gateway? Is there any documentation or any guidance available on how can this be achieved?