For token revocation testing - allow the tester to select which access token they are testing

[cooperthompson]

When doing g10 testing, there are two tokens issues to patient apps:

1. From the Standalone Patient App step (step #1)
2. From the Limited Access App (step #2)

Later, when demonstrating token revocation (step 9.3), Inferno assumes and pre-populates the token from step 1. However, systems may have revoked that token already when issuing the limited access app token (from what I can tell, auth servers are not prohibited from revoking access tokens if a subsequent auth code flow issues a more restricted token).

It would be useful if Inferno let the user select which of the two access tokens should be used when performing the revocation test.

There is a workaround, where the user can just re-run step 1 to stage the token for revocation testing, but that is a little awkward in the overall testing flow.

[Jammjammjamm]

We agree that this could be improved and are considering various options.