Implement Token Revocation Endpoint

[jgrandja]

An authorization server should provide an endpoint that allows revoking an access token or refresh token.

The OAuth2TokenRevocationEndpointFilter should be implemented as a Filter.

Implementation Requirements

• the Filter should process POST requests for the (default) path /oauth2/revoke
• The client must be authenticated Implement Client Authentication #39 before the Revocation Request can be accepted
• the implementation must support the revocation of access tokens and refresh tokens
• the Filter should use the OAuth2AuthorizationService to invalidate the token
• javadoc class and public methods
• Unit tests

Specification References

OAuth 2.0 Token Revocation

[rorybyrne]

I like to have a go at this one @jgrandja if that's possible.

[jgrandja]

Thanks for your interest @synek. This has already been assigned to an internal team member. Please keep an eye out for other issues coming up.