feat: token revocation and OP certification (#2594)

* fix: try using only user session if no user is set (id_token_hint) on prompt none

* fix caos errors As implementation

* implement request mode

* return explicit error on invalid refresh token use

* begin token revocation

* token revocation

* tests

* tests

* cleanup

* set op config

* add revocation endpoint to config

* add revocation endpoint to config

* migration version

* error handling in token revocation

* migration version

* update oidc lib to 1.0.0

internal/user/repository/view/token_view.go

@@ -67,6 +67,11 @@ func DeleteUserTokens(db *gorm.DB, table, userID string) error {
 	return delete(db)
 }
 
+func DeleteTokensFromRefreshToken(db *gorm.DB, table, refreshTokenID string) error {
+	delete := repository.PrepareDeleteByKey(table, usr_model.TokenSearchKey(model.TokenSearchKeyRefreshTokenID), refreshTokenID)
+	return delete(db)
+}
+
 func DeleteApplicationTokens(db *gorm.DB, table string, appIDs []string) error {
 	delete := repository.PrepareDeleteByKey(table, usr_model.TokenSearchKey(model.TokenSearchKeyApplicationID), pq.StringArray(appIDs))
 	return delete(db)