ResourceOwnerResourceOwnerClientApplicationClientApplicationAuthorization ServerAMAuthorization ServerAMResource ServerIGResource ServerIG1Authorization request2Authorization grant3Authorization grant4Access token5Access token6Grab the token from therequest header7Ask for token information8Validate that the token isactive and has sufficient scopes9Create new context for theauthorization server response,at ${contexts.oauth2}10Protected resources