to clarify some terminology nits. eg. the document seems to use interchangably the words "identify" and "authenticate", or "AS", "authorization server" and "Authorization Server" eg.
The authorization server
MUST first verify the identity of the resource owner. The way in
which the authorization server authenticates the resource owner
If this is the case, I'd pick one, eg.
The AS MUST authenticate the Resource Owner. The way the AS authenticates the Resource Owner ...
I expect
If this is the case, I'd pick one, eg.