Validate namespace and local name in require

[junhyeong9812]

Overview

AbstractXMLStreamReader (the base for XMLEventStreamReader, reachable via the public
StaxUtils.createEventStreamReader(XMLEventReader)) implements
require(int expectedType, String namespaceURI, String localName).

Problem

require only compared the event type; the namespaceURI and localName arguments were ignored
entirely:

public void require(int expectedType, String namespaceURI, String localName) throws XMLStreamException {
    int eventType = getEventType();
    if (eventType != expectedType) {
        throw new XMLStreamException("Expected [" + expectedType + "] but read [" + eventType + "]");
    }
}

So a mismatched name or namespace passed silently, contrary to the
XMLStreamReader#require(int, String, String) contract: when namespaceURI/localName are
non-null they must match the current event, otherwise an XMLStreamException is thrown. The method
has only ever validated the event type since the class was introduced, and there are no in-tree
callers, so it went unnoticed.

Fix

Validate localName and namespaceURI against the current event. A test is added to
XMLEventStreamReaderTests.

Note on scope

This reader exposes a name and namespace only for START_ELEMENT and END_ELEMENT
(getName() is defined only for those states). Accordingly, a non-null name or namespace on any
other event type is treated as a mismatch and reported via XMLStreamException. ENTITY_REFERENCE
local-name validation (permitted by the spec) is intentionally not attempted, because this reader
cannot expose entity names — getName() throws IllegalStateException outside of element events.
This keeps require honest (it never silently accepts a non-matching name) within what the reader
can actually observe; happy to adjust the scope if maintainers prefer a different boundary.