feat: support RFC 8693 token exchange

[jasonraimondi]

Description

Support OAuth 2.0 Token Exchange specification (RFC 8693). This allows clients to exchange one type of token for another, facilitating more complex authorization scenarios and secure delegation.

Usage

Enable the grant with a processTokenExchangeFn.

authorizationServer.enableGrant({
  grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
  processTokenExchangeFn: (args: ProcessTokenExchangeArgs): Promise<OAuthUser | undefined> => {
    const { 
      resource,
      audience,
      scopes,
      requestedTokenType,
      subjectToken,
      subjectTokenType,
      actorToken,
      actorTokenType,
    } = args;
    // handle token exchange with third party service
    const user = getUser();
    return user;
  };
})

Issue

Resolves #111

[Jazcash]

Have checked this out locally and tested against my server and it works a treat 👍

[jasonraimondi]

Have checked this out locally and tested against my server and it works a treat 👍

Awesome thank you for testing. I'll write some docs later this evening and I'll post an official release.