Draft: Support OAuth2 token introspection #157

[nrmaridu]

fixes #157

Signed-off-by: Nageswara Rao Maridu <maridu.nageswararao@gmail.com

[nrmaridu]

The Introspection Endpoint was implemented as per below guidelines. The introspection response contains a json property called 'active', which can be used to determine whether the token is active or not.

For supporting various use cases, the introspection response returns all the claims found in the provided token along with active property.

Introspection Endpoint : POST {baseUrl}/realms/{issuer}/protocol/openid-connect/token/introspect

• https://datatracker.ietf.org/doc/html/rfc7662
• https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_protection_token_introspection