refactor: impersonation token
- The impersonation token endpoints have been re-worked and made available to all CSP (it was a google only technology). A new set of endpoints have been created and the old endpoints (/imptoken) have been marked as obsolete in the documentation.
- The impersonation token is now generated by the auth provider specified in the authorization abstraction layer (each CSP can use its own auth provider)
- The impersonation token can be generated/refreshed/retired only by a trusted application