feat: allow custom access token ttl

[love-bhardwaj]

Related Issue or Design Document

Hi team,

Please pardon me if I misunderstood the code. I have been trying to configure OAuth2.0 access_token which has a configurable TTL or expiration time. After trying different methods which didn't work. I stumbled upon this issue the hotfix provided does work. But I thought it would be better to add this.

The PR adds logic to override the default configured access token lifespan if a value for expiresAt is provided (SetExpiresAt) through the request session.

Happy to have your input on this and make changes based of feedback. Thanks!

Checklist

• I have read the contributing guidelines
  and signed the CLA.
• I have referenced an issue containing the design document if my change
  introduces a new feature.
• I have read the security policy.
• [ x I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security vulnerability, I
  confirm that I got green light (please contact
  [email protected]) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature
  works.
• I have added necessary documentation within the code base (if
  appropriate).

Further comments

[aeneasr]

Thank you for this change! In general, I think we can probably go down this route. Could you please add an integration test for this in https://github.com/ory/fosite/blob/master/integration/authorize_code_grant_test.go ? :)

[aeneasr]

While the PR is being worked on I will mark it as a draft. That declutters our review backlog :)

Once you're done with your changes and would like someone to review them, mark the PR as ready and request a review from one of the maintainers.

Thank you!

[aeneasr]

#684 :)