Add hasScope for authorization rules

[jzheaux]

AuthorizationManager makes the following possible in the DSL:

http
    .authorizeHttpRequests((authorize) -> authorize
        .anyRequest().access(hasRole("USER"))
    )

It would be nice to be able to do the same with scopes, like so:

http
    .authorizeHttpRequests((authorize) -> authorize
        .anyRequest().access(hasScope("resource:read"))
    )

This could be done in a static factory class like OAuth2AuthorizationManagers in oauth2-core. It could have hasScope and hasAnyScope. They might be implemented by delegating to AuthorityAuthorizationManager like this:

public static <T> AuthorityAuthorizationManager<T> hasScope(String scope) {
    return AuthorityAuthorizationManager.hasAuthority("SCOPE_" + scope);
}

[petrovskimario]

Hello @jzheaux
I would like to contribute for this one. Is this open ?

Question regarding the implementation
Should we just create a class like OAuth2AuthorizationManagers with hasScope and hasAnyScope and just that ?

[petrovskimario]

Hey @jzheaux

I know this wasn't assigned to me yet, but i have already created the PR.
Can you please review if this is what we want ?
#13769
Thanks