Missing roles and group claims mapping in introspection

[cagriuzel]

Description: We are getting HTTP 403 error when I send a request with opaque token. It is a problem when I set spring.cloud.dataflow.task.useuseraccesstoken=true, CTR task use user token and send about request to dataflow server.

DataFlowTemplate.java - line 170

this.aboutOperations = new AboutTemplate(restTemplate, resourceSupport.getLink(AboutTemplate.ABOUT_REL).get());

Release versions: 2.11.4

Steps to reproduce:

1. Configure provider-role-mappings as follows

   provider-role-mappings:
     internal-auth:
       map-oauth-scopes: false
       map-group-claims: true
       group-mappings:
         ROLE_CREATE: CREATE
         ROLE_DEPLOY: DEPLOY
         ROLE_DESTROY: DESTROY
         ROLE_MANAGE: MANAGE
         ROLE_MODIFY: MODIFY
         ROLE_SCHEDULE: SCHEDULE
         ROLE_VIEW: VIEW
   

2. Login with oidc provider using openid scope. id_token that is in token response, contains following roles

{
    "sub": "MEHMETCAN",
    "roles": [
        "CREATE",
        "VIEW"
    ],

3. Send about request to dataflow using opaque token that obtained in step 2

curl --location --request GET 'http://localhost:8080/about' \
--header 'Authorization: Bearer opaque_token'

4. Got HTTP 403 error response because dataflow doesn't map groups and roles attributes in CustomAuthoritiesOpaqueTokenIntrospector.

Bearer error="insufficient_scope", error_description="The request requires higher privileges than provided by the access token.", error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"

Screenshots: Where applicable, add screenshots to help explain your problem.

Additional context: Add any other context about the problem here.