Need to check if the client id are expired or not in authenticate method of ClientSecretAuthenticationProvider

[doctormacky]

trafficstars

Describe the bug When check the client id and secret which load from database, the jwt code are always be generated even the client id is expred.

To Reproduce set a expiration date for client id and secret, then try to call /oauth2/token with the predefined client id and secret.

Expected behavior return exception like 'the client id is expired'

Sample

A link to a GitHub repository with a minimal, reproducible sample.

Reports that include a sample will take priority over reports that do not. At times, we may require a sample, so it is good to try and include a sample up front.

I know we can customize the ClientSecretAuthenticationProvider by ourselves, but as a build-in/default one, We should check this attribute (expirate date) by default.