The Warden API should not check for refresh tokens, only access tokens. #1
Description
- Check if we can return the token type in the introspection response
- Check if refresh tokens can be introspected
- Document that upgrading from prior 0.8.0 requires to upgrade to 0.8.0 first and then upgrade to 1.0.x
- There was a security issue where introspection with a client id would not be checked against the database, actually