Adobe ims v2 (#4)

[anemonaaa13]

Add a new detector for Adobe IMS (Identity Management System) OAuth2 tokens. Adobe IMS issues JWT-based access tokens and refresh tokens for user authentication across Adobe services. This detector identifies tokens by decoding the JWT payload and checking for the "as" field prefixed with "ims-" (e.g. ims-na1, ims-eu1). Verification is done via POST /ims/validate_token/v1.

Closes #4908

[x] Tests passing (make test-community)?
[x] Lint passing (make lint this requires golangci-lint)?

---

Note

Medium Risk
Introduces a new JWT-based detector and an external verification call to Adobe IMS, which can affect scan performance/behavior and relies on a third-party API surface despite basic SSRF hardening.

Overview
Adds a new AdobeIMS detector that identifies Adobe IMS OAuth2 access/refresh tokens by regex-matching JWTs and decoding the payload to require IMS-specific fields (token type, client_id, and as). When verification is enabled, it POSTs to Adobe’s /ims/validate_token/v1 endpoint (with region-derived base URL validation) to mark tokens as verified/unverified and records verification errors.

Wires the detector into the default detector set and registers the new DetectorType_AdobeIMS in protobufs, with unit tests for matching/verification behavior and an integration test using stored real/expired secrets.

^{Reviewed by Cursor Bugbot for commit 2d6045d. Bugbot is set up for automated code reviews on this repo. Configure here.}

[CLAassistant]

All committers have signed the CLA.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit d868eb9. Configure here.}