test: add check token job

.github/workflows/build-release.yaml

@@ -20,9 +20,18 @@ env:
   SERVICE_NAME: java-maven-pipeline-example
 
 jobs:
+  check_token_expiration:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout token expiration
+        shell: bash
+        env:
+          BROKER_JWT: ${{ secrets.<%= brokerJwt %> }}
+        run: ./.github/workflows/check-token.sh
   build-release:
     name: Build and release
     runs-on: ubuntu-latest
+    needs: check_token_expiration
     permissions:
       contents: read
       packages: write

.github/workflows/check-token.sh

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+RESPONSE_CODE=$(curl -o /dev/null -s -w "%{http_code}" -X 'GET' \
+  https://broker.io.nrs.gov.bc.ca/v1/health/token-check \
+  -H 'accept: */*' \
+  -H 'Authorization: Bearer '"$BROKER_JWT"'' \
+  )
+
+if [ "$RESPONSE_CODE" -eq 401 ]; then
+  echo "Unauthorized (401)"
+  exit 1
+elif [ "$RESPONSE_CODE" -eq 403 ]; then
+  echo "Invalid JWT: Block list has match"
+  exit 1
+else
+  echo "Response code: $RESPONSE_CODE"
+fi