Refactor JWT Vendor to take a claims builder and rename oboEnabled to enabled

[cwperks]

Description

This is a small refactor ahead of cwperks#56 to make the JWTVendor more flexible. Currently the JWTVendor is tailor made for On-Behalf-Of tokens, but will be re-used for API Tokens and needs more flexibility. This PR adds a notion of a JWTClaimsBuilder to build the claims set for different types of tokens issued by the security plugin. This PR adds an OBOJwtClaimsSetBuilder for building the claims set of an OBO token.

It also has a small refactor of onoEnabled -> enabled since its clear in context what the variable is enabling.

• Category (Enhancement, New feature, Bug fix, Test fix, Refactoring, Maintenance, Documentation)

Maintenance

Check List

• New functionality includes testing
• New functionality has been documented
• New Roles/Permissions have a corresponding security dashboards plugin PR
• API changes companion pull request created
• Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[codecov]

Codecov Report

Attention: Patch coverage is 92.53731% with 5 lines in your changes missing coverage. Please review.

Project coverage is 72.36%. Comparing base (eedd2a0) to head (da9ed81).
Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
...ecurity/authtoken/jwt/claims/JwtClaimsBuilder.java	90.00%	2 Missing ⚠️
...rity/authtoken/jwt/claims/OBOJwtClaimsBuilder.java	90.00%	0 Missing and 1 partial ⚠️
...search/security/identity/SecurityTokenManager.java	96.55%	0 Missing and 1 partial ⚠️
...search/security/securityconf/impl/v7/ConfigV7.java	66.66%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5436      +/-   ##
==========================================
- Coverage   72.40%   72.36%   -0.05%     
==========================================
  Files         393      395       +2     
  Lines       24299    24317      +18     
  Branches     3714     3713       -1     
==========================================
+ Hits        17593    17596       +3     
- Misses       4877     4892      +15     
  Partials     1829     1829              

Files with missing lines	Coverage Δ
...g/opensearch/security/authtoken/jwt/JwtVendor.java	83.33% <100.00%> (-5.76%)	⬇️
...nsearch/security/http/OnBehalfOfAuthenticator.java	85.71% <100.00%> (-0.13%)	⬇️
...rity/authtoken/jwt/claims/OBOJwtClaimsBuilder.java	90.00% <90.00%> (ø)
...search/security/identity/SecurityTokenManager.java	91.80% <96.55%> (+2.44%)	⬆️
...search/security/securityconf/impl/v7/ConfigV7.java	84.17% <66.66%> (ø)
...ecurity/authtoken/jwt/claims/JwtClaimsBuilder.java	90.00% <90.00%> (ø)

... and 5 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[RyanL1997]

LGTM!