Token introspection can respond {"active": false} for a valid token when losing DB connection

[konstantin-baidin-y42]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe the bug

When Hydra has some problems with DB connection, it can respond with {"active": false} instead of responding with an error status or being unavailable.

Reproducing the bug

I managed to reproduce it in k8s. I requested the hydra introspection endpoint multiple times with a valid token. At the same time, I scaled down the database deployment to 0. At some moment, hydra responded with {"active": false} several times, and after that, it stopped responding to requests.
When I scaled DB deployment back to 1, hydra responded with active: true.

So, from the client's perspective, Hydra can randomly respond with false negatives. I expect Hydra to return an error status or not respond at all if it can not access the database.

Relevant log output

No response

Relevant configuration

No response

Version

v2.2.0

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Kubernetes with Helm

Additional Context

No response

[aeneasr]

Dupe #3671