Added
- Per-IP rate limiting on the token introspection (RFC 7662) and revocation
(RFC 7009) endpoints. Both are credential-guessable; the throttle runs
before client authentication (30/15min by IP, override with
RATE_LIMIT_INTROSPECT_PER_IP/RATE_LIMIT_REVOKE_PER_IP). Reuses the
standard_idengine's rate-limit store and JSON 429 handler.