'additional_scopes_key' ignored when configuring multiple oauth2 resource servers

[Hathoute]

Describe the bug

When configuring multiple oauth2 resource servers, additional_scopes_key is not taken into account which leads to unauthorized access.

Reproduction steps

1. Register a resource server using auth_oauth2.resource_servers.$name.additional_scopes_key without specifying auth_oauth2.additional_scopes_key
2. Grant administrator tag for Management UI (or other RabbitMQ permissions) using this field in the resource server.
3. Attempting to login to the Management UI results in "Not authorized"

Expected behavior

RabbitMQ should correctly read additional scopes from the additional_scopes_key and grant access to the Management UI

Additional context

By looking at the code for rabbitmq_auth-backend_oauth2 it looks like it reads the property extra_scopes_source, which is correctly mapped for auth_oauth2.additional_scopes_key, but not for auth_oauth2.resource_servers.$name.additional_scopes_key