Implement RFC 9701 to Return JWT Response from Introspection Endpoint

[bhazen]

What issue does this PR address?
Updates the token introspection endpoint to support the behavior for returning the response as a JWT as defined in RFC 9701

Important: Any code or remarks in your Pull Request are under the following terms:

If You provide us with any comments, bug reports, feedback, enhancements, or modifications proposed or suggested by You for the Software, such Feedback is provided on a non-confidential basis (notwithstanding any notice to the contrary You may include in any accompanying communication), and Licensor shall have the right to use such Feedback at its discretion, including, but not limited to the incorporation of such suggested changes into the Software. You hereby grant Licensor a perpetual, irrevocable, transferable, sublicensable, nonexclusive license under all rights necessary to incorporate and use your Feedback for any purpose, including to make and sell any products and services.

(see our license, section 7)

[josephdecock]

Looks great! My only concern is that we should verify that an access token's claims get serialized correctly if they are complex or nested values. Can we add a test to prove that that arrays and nested objects work?

[bhazen]

Looks great! My only concern is that we should verify that an access token's claims get serialized correctly if they are complex or nested values. Can we add a test to prove that that arrays and nested objects work?

@josephdecock I added a couple more tests at the end of the introspection endpoint tests file. Let me know if that is not what you were looking for with this comment.