Introduce Reactive OAuth2Authorization success/failure handlers

[philsttr]

All ReactiveOAuth2AuthorizedClientManagers now have authorization success/failure handlers.
Default success handlers will save authorized clients for future requests.
Default failure handlers will remove previously saved authorized clients.

ServerOAuth2AuthorizedClientExchangeFilterFunction also makes use of a
failure handler in the case of unauthorized or forbidden http status code.

The main use cases now handled are

• remove authorized client when an authorization server indicates that a refresh token is no longer valid (when authorization server returns invalid_grant)
• remove authorized client when a resource server indicates that an access token is no longer valid (when resource server returns invalid_token)

Introduced ClientAuthorizationException to capture details needed when removing an authorized client.
All ReactiveOAuth2AccessTokenResponseClients now throw a ClientAuthorizationException on failures.

Created AbstractWebClientReactiveOAuth2AccessTokenResponseClient to unify common logic between all ReactiveOAuth2AccessTokenResponseClients.

Fixes gh-7699

[jgrandja]

Thanks for the PR @philsttr ! I left some feedback for you. Also, can you change the copyright header 2019 -> 2020.

[jgrandja]

Thanks for the updates @philsttr. I left a couple more minor comments.

[philsttr]

Not sure what is causing that ci failure. Help appreciated. Seems unrelated to my changes.

* What went wrong:
Execution failed for task ':spring-security-data:compileJava'.
> Could not resolve all files for configuration ':spring-security-data:detachedConfiguration8'.
   > Could not resolve org.jetbrains.kotlinx:kotlinx-coroutines-bom:1.3.3.
     Required by:
         project :spring-security-data
      > Cannot choose between the following variants of org.jetbrains.kotlinx:kotlinx-coroutines-bom:1.3.3:
          - enforcedRuntimeElements
          - runtimeElements
        All of them match the consumer attributes:
          - Variant 'enforcedRuntimeElements' capability org.jetbrains.kotlinx:kotlinx-coroutines-bom:1.3.3:
              - Unmatched attributes:
                  - Found org.gradle.category 'enforced-platform' but wasn't required.
                  - Found org.gradle.status 'release' but wasn't required.
                  - Found org.gradle.usage 'java-runtime' but wasn't required.
          - Variant 'runtimeElements' capability org.jetbrains.kotlinx:kotlinx-coroutines-bom:1.3.3:
              - Unmatched attributes:
                  - Found org.gradle.category 'platform' but wasn't required.
                  - Found org.gradle.status 'release' but wasn't required.
                  - Found org.gradle.usage 'java-runtime' but wasn't required.

[jgrandja]

@philsttr The CI failure is not related to your updates. We're working on it.

[jgrandja]

@philsttr Thanks again for all your great work on this feature. I applied some minor javadoc edits and also moved SaveAuthorizedClientReactiveOAuth2AuthorizationSuccessHandler and RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler to the ...client.web package. This is now in master.

FYI, I logged #7840 for the Servlet implementation.

[philsttr]

Thanks Joe! And thanks for all the brainstorming and reviews.

Also, I'm unfortunately not going to be able to work on the servlet implementation. I wish I could, but my company doesn't have an immediate need for the servlet impl (unlike the reactive impl), and I have more pressing stuff on my plate in the new year.

[jgrandja]

@philsttr No worries Phil. I totally understand. I'll take care of it. Thanks again.