Add application-scoped access tokens for reactive OAuth2 client

[jyx-07]

Closes #17129

Problem

The Spring Security documentation explains how to use application-scoped
access tokens (Client Credentials grant) for servlet applications, but
there was no equivalent documentation for reactive applications.

Solution

Add a new section to the reactive OAuth2 client authorization-grants
documentation that shows how to configure WebClient with
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager for
application-scoped (non-user-scoped) access tokens.

Changes

• docs: Add new section "Use the Client Credentials Grant for
  Application-Scoped Access Tokens" to authorization-grants.adoc
• test: Add ApplicationScopedAccessTokenConfiguration.java
• test: Add ApplicationScopedAccessTokenTests.java

[thladsb]

I believe ServerOAuth2AuthorizedClientExchangeFilterFunction is not application-scoped, as mentioned in issue #17218.

[jyx-07]

Thanks for pointing this out.

In this example, the WebClient is configured with
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager
and a clientCredentials() provider, which means the access token
is obtained using the Client Credentials grant.

Since this grant type does not involve a user, the token is
application-scoped.

ServerOAuth2AuthorizedClientExchangeFilterFunction is used here
only as a WebClient filter that delegates authorization to the
configured ReactiveOAuth2AuthorizedClientManager.

[FryingHellfish]

I agree with @thladsb. I was hoping for an example similar to Use the Client Credentials Grant, specifically the part demonstrating OAuth2ClientHttpRequestInterceptor and RequestAttributePrincipalResolver.