Expected Behavior Google should support standard token introspection.
Current Behavior Google's tokeninfo returns a nonstandard result, which means that the default opaque token introspection doesn't work.
Context Found out through a pet project. Started working on a solution and hoping to get some feedback. Please check this out and let me know if a contribution is appropriate!
Comment From: sjohnr
Hello, @segevmalool. Unfortunately, I'm not able to deduce the summary of your suggested enhancement from your comment or sample. What is lacking in the default introspector that you are providing your own? Is there an issue with providing your own introspector that Spring Security is not handling or makes difficult to customize?
If the issue is that a claim or status code in an error scenario etc. is not implemented per spec on Google's side, providing your own custom introspector may be needed. Though I'm not clear on what Google isn't doing according to spec, based on your request. Either way, unless you're running into an issue customizing, it seems a contribution is not needed at this time, as Spring Security intends to implement according to spec, and provide hooks for customization where needed.
I'm going to close this issue for now, as I'm not seeing anything in the sample that stands out to me. But feel free to reply with any clarifying details, and I'll be happy to re-open if something turns up in discussion.