sync repo + add endpoint changes
Esaco should not hide token introspection results claims
The current approach relies on a fixed model object, while ESACO should be flexible enough to allow the validation of required claims and expose any other claim returned by the upstream introspection endpoint.
Solution:
-
Splitted TokenInfoController into TokenInfoController, TokenIntrospectController and TokenControllerUtils (to prevent duplicated code)
-
Re-arranged the logic on Services and Controllers in order to not disserialize the introspection response into a json object, yet simply pass it as json string to avoid restriction of parameters by the fixed model object (IamInstrospection)
-
Adapt the tests to run with the new logic
- Jenkinsfile chenged
Co-authored-by: Marcelo Vilaca Pinheiro Soares marcelo.soares@cnaf.infn.it