feat: Expose http status code on request_async / request methods

[c-thiel]

I am using oauth2 under the hood to authenticate clients.
If an authentication request fails, I don't want to exit immediately, but potentially retry.

Retries should only happen on 5XX error codes, not 4XX.

Currently RequestTokenError does not expose the status code of the underlying request, which makes it hard to categorize the root cause of the failure.

It would be really helpful if RequestTokenError would expose the underlying status code for all error variants.

I ran into this issue specificly for the client credential flow, but I am sure other flows will benefit too.

[LorenzoLeonardo]

You can implement a custom HttpClient that implements an AsyncHttpClient or SyncHttpClient so that you can have more control of the return status codes. Just set the defaults to false.

[attilaolah]

I was looking through the default implementation today, and hoping I don't have to implement that trait myself. But I couldn't figure out an efficient way to send tokens to the introspect endpoint without rolling a custom client.

My issue is somewhat different though (sorry for hijacking this thread), but what I'm trying to do seems very simple: I exchange my client ID & secret for an access token, then I'd like to use that access token to aouthorise calls I make to the introspect URL (sending client tokens).

Now, I could create a long-lived client that holds the "Authorization: Bearer …" header that I got, but eventually my token will expire, and I'll need to renew it, and at that point it seems silly to have to re-create the whole client just for the sake of injecting a new header.

It would be much nicer to inject the Authorization header into the request we get from the IntrospectionRequest itself, but there doesn't seem to be an obvious way to do that, or at least I haven't found one.