//Validate scopes
if(secureAnnotation.validateAllScopes()){
oauthToken = oauthClient.validateToken(token);
if(oauthToken != null){
for(String scope:scopes){
if(!oauthToken.validateScope(scope)){
throw new AuthException(401, String.format("Expected scope: %s not found on the token", scope));
}
}
}
}else{