refactor: use struct types for claim related types (#283)

* oidc: add regression tests for token claim json

this helps to verify that the same JSON is produced,
after these types are refactored.

* refactor: use struct types for claim related types

BREAKING CHANGE:
The following types are changed from interface to struct type:

- AccessTokenClaims
- IDTokenClaims
- IntrospectionResponse
- UserInfo and related types.

The following methods of OPStorage now take a pointer to a struct type,
instead of an interface:

- SetUserinfoFromScopes
- SetUserinfoFromToken
- SetIntrospectionFromToken

The following functions are now generic, so that type-safe extension
of Claims is now possible:

- op.VerifyIDTokenHint
- op.VerifyAccessToken
- rp.VerifyTokens
- rp.VerifyIDToken

- Changed UserInfoAddress to pointer in UserInfo and
IntrospectionResponse.
This was needed to make omitempty work correctly.
- Copy or merge maps in IntrospectionResponse and SetUserInfo

* op: add example for VerifyAccessToken

* fix: rp: wrong assignment in WithIssuedAtMaxAge

WithIssuedAtMaxAge assigned its value to v.maxAge, which was wrong.
This change fixes that by assiging the duration to v.maxAgeIAT.

* rp: add VerifyTokens example

* oidc: add standard references to:

- IDTokenClaims
- IntrospectionResponse
- UserInfo

* only count coverage for `./pkg/...`

pkg/op/token.go

@@ -129,7 +129,7 @@ func CreateJWT(ctx context.Context, issuer string, tokenRequest TokenRequest, ex
 		if err != nil {
 			return "", err
 		}
-		claims.SetPrivateClaims(privateClaims)
+		claims.Claims = privateClaims
 	}
 	signingKey, err := storage.SigningKey(ctx)
 	if err != nil {
@@ -169,7 +169,7 @@ func CreateIDToken(ctx context.Context, issuer string, request IDTokenRequest, v
 		if err != nil {
 			return "", err
 		}
-		claims.SetAccessTokenHash(atHash)
+		claims.AccessTokenHash = atHash
 		if !client.IDTokenUserinfoClaimsAssertion() {
 			scopes = removeUserinfoScopes(scopes)
 		}
@@ -178,26 +178,26 @@ func CreateIDToken(ctx context.Context, issuer string, request IDTokenRequest, v
 	tokenExchangeRequest, okReq := request.(TokenExchangeRequest)
 	teStorage, okStorage := storage.(TokenExchangeStorage)
 	if okReq && okStorage {
-		userInfo := oidc.NewUserInfo()
+		userInfo := new(oidc.UserInfo)
 		err := teStorage.SetUserinfoFromTokenExchangeRequest(ctx, userInfo, tokenExchangeRequest)
 		if err != nil {
 			return "", err
 		}
-		claims.SetUserinfo(userInfo)
+		claims.SetUserInfo(userInfo)
 	} else if len(scopes) > 0 {
-		userInfo := oidc.NewUserInfo()
+		userInfo := new(oidc.UserInfo)
 		err := storage.SetUserinfoFromScopes(ctx, userInfo, request.GetSubject(), request.GetClientID(), scopes)
 		if err != nil {
 			return "", err
 		}
-		claims.SetUserinfo(userInfo)
+		claims.SetUserInfo(userInfo)
 	}
 	if code != "" {
 		codeHash, err := oidc.ClaimHash(code, signingKey.SignatureAlgorithm())
 		if err != nil {
 			return "", err
 		}
-		claims.SetCodeHash(codeHash)
+		claims.CodeHash = codeHash
 	}
 	signer, err := SignerFromKey(signingKey)
 	if err != nil {