Expose token value

Use Entity PersonalAccessTokenWithToken
to expose token value on creation,
add specs for create and get api endpoints

doc/api/resource_access_tokens.md

@@ -78,7 +78,8 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
    "created_at" : "2021-01-21T19:35:37.921Z",
    "user_id" : 166,
    "id" : 58,
-   "expires_at" : "2021-01-31"
+   "expires_at" : "2021-01-31",
+   "token" : "D4y...Wzr"
 }
 ```
 

lib/api/resource_access_tokens.rb

@@ -69,7 +69,7 @@ module API
           ).execute
 
           if token_response.success?
-            present token_response.payload[:access_token], with: Entities::PersonalAccessToken
+            present token_response.payload[:access_token], with: Entities::PersonalAccessTokenWithToken
           else
             bad_request!(token_response.message)
           end

spec/requests/api/resource_access_tokens_spec.rb

@@ -30,6 +30,18 @@ RSpec.describe API::ResourceAccessTokens do
           expect(token_ids).to match_array(access_tokens.pluck(:id))
         end
 
+        it "exposes the correct token information", :aggregate_failures do
+          get_tokens
+
+          token = access_tokens.last
+          api_get_token = json_response.last
+
+          expect(api_get_token["name"]).to eq(token.name)
+          expect(api_get_token["scopes"]).to eq(token.scopes)
+          expect(api_get_token["expires_at"]).to eq(token.expires_at.to_date.iso8601)
+          expect(api_get_token["token"]).to be_nil
+        end
+
         context "when using a project access token to GET other project access tokens" do
           let_it_be(:token) { access_tokens.first }
 
@@ -203,6 +215,7 @@ RSpec.describe API::ResourceAccessTokens do
               expect(json_response["name"]).to eq("test")
               expect(json_response["scopes"]).to eq(["api"])
               expect(json_response["expires_at"]).to eq(expires_at.to_date.iso8601)
+              expect(json_response["token"]).not_to be_nil
             end
           end