chore(oidc): remove legacy storage methods (#10061)

# Which Problems Are Solved

Stabilize the optimized introspection code and cleanup unused code.

# How the Problems Are Solved

- `oidc_legacy_introspection` feature flag is removed and reserved.
- `OPStorage` which are no longer needed have their bodies removed.
- The method definitions need to remain in place so the interface
remains implemented.
  - A panic is thrown in case any such method is still called

# Additional Changes

- A number of `OPStorage` methods related to token creation were already
unused. These are also cleaned up.

# Additional Context

- Closes #10027 
- #7822

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>

internal/api/oidc/auth_request.go

@@ -24,7 +24,6 @@ import (
 	"github.com/zitadel/zitadel/internal/domain/federatedlogout"
 	"github.com/zitadel/zitadel/internal/query"
 	"github.com/zitadel/zitadel/internal/telemetry/tracing"
-	"github.com/zitadel/zitadel/internal/user/model"
 	"github.com/zitadel/zitadel/internal/zerrors"
 )
 
@@ -216,11 +215,11 @@ func (o *OPStorage) SaveAuthCode(ctx context.Context, id, code string) (err erro
 	return o.repo.SaveAuthCode(ctx, id, code, userAgentID)
 }
 
-func (o *OPStorage) DeleteAuthRequest(ctx context.Context, id string) (err error) {
+func (o *OPStorage) DeleteAuthRequest(context.Context, string) error {
 	panic(o.panicErr("DeleteAuthRequest"))
 }
 
-func (o *OPStorage) CreateAccessToken(ctx context.Context, req op.TokenRequest) (string, time.Time, error) {
+func (o *OPStorage) CreateAccessToken(context.Context, op.TokenRequest) (string, time.Time, error) {
 	panic(o.panicErr("CreateAccessToken"))
 }
 
@@ -492,34 +491,6 @@ func (o *OPStorage) GetRefreshTokenInfo(ctx context.Context, clientID string, to
 	return refreshToken.UserID, refreshToken.ID, nil
 }
 
-func (o *OPStorage) assertProjectRoleScopes(ctx context.Context, clientID string, scopes []string) ([]string, error) {
-	for _, scope := range scopes {
-		if strings.HasPrefix(scope, ScopeProjectRolePrefix) {
-			return scopes, nil
-		}
-	}
-
-	project, err := o.query.ProjectByOIDCClientID(ctx, clientID)
-	if err != nil {
-		return nil, zerrors.ThrowPreconditionFailed(nil, "OIDC-w4wIn", "Errors.Internal")
-	}
-	if !project.ProjectRoleAssertion {
-		return scopes, nil
-	}
-	projectIDQuery, err := query.NewProjectRoleProjectIDSearchQuery(project.ID)
-	if err != nil {
-		return nil, zerrors.ThrowInternal(err, "OIDC-Cyc78", "Errors.Internal")
-	}
-	roles, err := o.query.SearchProjectRoles(ctx, true, &query.ProjectRoleSearchQueries{Queries: []query.SearchQuery{projectIDQuery}}, nil)
-	if err != nil {
-		return nil, err
-	}
-	for _, role := range roles.ProjectRoles {
-		scopes = append(scopes, ScopeProjectRolePrefix+role.Key)
-	}
-	return scopes, nil
-}
-
 func (o *OPStorage) assertProjectRoleScopesByProject(ctx context.Context, project *query.Project, scopes []string) ([]string, error) {
 	for _, scope := range scopes {
 		if strings.HasPrefix(scope, ScopeProjectRolePrefix) {
@@ -543,22 +514,6 @@ func (o *OPStorage) assertProjectRoleScopesByProject(ctx context.Context, projec
 	return scopes, nil
 }
 
-func (o *OPStorage) assertClientScopesForPAT(ctx context.Context, token *model.TokenView, clientID, projectID string) error {
-	token.Audience = append(token.Audience, clientID)
-	projectIDQuery, err := query.NewProjectRoleProjectIDSearchQuery(projectID)
-	if err != nil {
-		return zerrors.ThrowInternal(err, "OIDC-Cyc78", "Errors.Internal")
-	}
-	roles, err := o.query.SearchProjectRoles(ctx, true, &query.ProjectRoleSearchQueries{Queries: []query.SearchQuery{projectIDQuery}}, nil)
-	if err != nil {
-		return err
-	}
-	for _, role := range roles.ProjectRoles {
-		token.Scopes = append(token.Scopes, ScopeProjectRolePrefix+role.Key)
-	}
-	return nil
-}
-
 func setContextUserSystem(ctx context.Context) context.Context {
 	data := authz.CtxData{
 		UserID: "SYSTEM",