Spring Security Add BearerTokenErrors

Because Bearer Token Error handling is based on a spec, there are only a few things that end up changing, depending on the kind of error.

For example, if we have an invalid_request, by default, we will always have a status code of 400, a uri pointing to that reference in the spec, and no scopes listed. Only the description is likely to change.

If we have an invalid_token, then the same is true, just changing the status code.

It would be nice to have a simple class like:

public final class BearerTokenErrors {
    public static BearerTokenError invalidRequest(String message) {
        return new BearerTokenError(
            BearerTokenErrorCode.INVALID_REQUEST,
            HttpStatus.BAD_REQUEST,
            message,
            "https://tools.ietf.org/html/rfc6750#section-3.1");
    }

    public static BearerTokenError invalidToken(String message) { .... }

    public static BearerTokenError insufficientScope(String message, String scope) {
        return new BearerTokenError(
            BearerTokenErrorCode.INSUFFICIENT_SCOPE,
            HttpStatus.FORBIDDEN, 
            message
            "https://tools.ietf.org/html/rfc6750#section-3.1",
            scope);
    }
}

This would clean up code in JwtAuthenticationProvider, DefaultBearerTokenResolver, and several others. Generally, it would also help users to create spec compliant errors.