[code-desktop] Align on a way to ensure Gitpod API compatibility between IDE clients and SH installations.

[akosyakov]

• We decided to change how ouath2 endpoint works. It should ignore unknown scopes, verify and return only subset of known scopes. Clients should use returned scopes as source of truth to check whether features are present. It is for instance how GitHub auth works.
• We will still need to adhere to api/version for 2 SH releases which has changes to ouath2 endpoint. After this check can be removed.

Internal RFC [1]

[loujaybee]

Current update: The PR Is up...

• Add /oauth/inspect endpoint #12446

But we need to resolve some of the outstanding discussions, would be good to get @geropl and WebApp teams help to unblock this one 🙏

[jeanp413]

Closing this as it got deployed