feat: Return token claims on OIDC validation

[pavel-jares-bcm]

Description

In the preivous version OIDC validation return only response code (204, 401, or 500). The user calling this endpoint needs to parse the token to obtain the response. There is a potential risk that because of misconfiguration could call another endpoint and obtain always 200. It could lead to open the OIDC validation. When APIML returns claims the user can use them. It increases confidentality.

Linked to # (issue)
Part of the # (epic)

Type of change

• feat: New feature (non-breaking change which adds functionality)

Checklist:

• My code follows the style guidelines of this project
• PR title conforms to commit message guideline ## Commit Message Structure Guideline
• I have commented my code, particularly in hard-to-understand areas. In JS I did provide JSDoc
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• The java tests in the area I was working on leverage @nested annotations
• Any dependent changes have been merged and published in downstream modules

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud