Instead of using the expiry of the token which can collide (is non
unique in some/many cases) use the new Audit ID for the tokens when
revoking a single token via the token revocation events.
Support for revoking by the audit_chain_id has been added to the
token provider, however, the REST API has not been updated to
accept an argument to revoke the chain. Support for revoking
the entire chain is in place to allow Keystone to internally
revoke an entire chain in certain circumstances. Exposing the
ability to revoke the entire chain via the REST API may occur
based upon further design discussions.
Change-Id: I840355ccd9bcfcd88aa139184731c056808c2c8f
bp: non-persistent-tokens
Closes-Bug: 1292283