Idea: Allow for AuthoritiesProvider to be used for Resource Servers

[bdemers]

NOTE: This doesn't work, I was just putting thoughts down, and it ended up being a be more complicated:

TODO:

• There is probably a better Spring Security abstraction for all of this
• Need to check to see if returning a Converter bean will inject correctly everywhere (including with native images)
• Need to implement something similar for opaque tokens
• Need to add tests that will make sure scope authorities and claim/group authorities are merged correctly
• The new method in AuthoritiesProvder's return type doesn't match the other very related method in this interface (and it still doesn't cover the opaque token use case)

Related: #160

[bdemers]

NOTE: Test fail, see comment above this needs some work, It's mostly here to get the conversation going about how we want to handle this (and to see if there is a better way to implement this with newer versions of Spring Sec)