Deploy tokens list APIs should permit filtering for active tokens

Release notes

List deploy token APIs allow filtering for only active tokens.

Problem to solve

The Deploy Tokens API endpoints for listing tokens (project/group/etc. levels) return all database stored entries, including revoked and expired tokens.

Furthermore, the revoke state is not added to the returned entity, so an end-user cannot perform a client-side filter removing revoked tokens from the list returned.

The feature proposed here will resolve the need to list only active tokens from the REST API.

Intended users

User experience goal

The user should be able to use the API to retrieve only, or properly filter for, currently active tokens.

Proposal

Two changes:

Add a filter params revoked and expired, of boolean types, that filter the returned response of all tokens.
- revoke being true will return only revoked tokens
- revoke being false will return only un-revoked tokens
- expired being true will return only expired tokens
- expired being false will return only un-expired tokens
- Both filters as true will return actual active tokens, matching list shown on the Web UI
Add revoked state key-values to the returned DeployToken entity to allow end-users to differentiate between revoked and un-revoked tokens in any response.

Further details

Came up in a Premium plan customer's support request https://gitlab.zendesk.com/agent/tickets/183005 (internal)

Permissions and Security

Existing permissions over the Deploy Tokens API endpoints remain sufficient.

Documentation

Deploy Tokens API documentation for list actions will require updates: https://docs.gitlab.com/ee/api/deploy_tokens.html

Availability & Testing

Existing API tests will require changes to cover filters for list queries, and for the new revoked field returned in the response.