In DefaultAuthoritiesMapper remove possible leading part
when comparing scopes which is a case with jwt/azure.
Azure will force to add prefix like api://dataflow-server/
to a scope while jwt token itself contains permissions which
are latter part of a api://dataflow-server/dataflow.create from
permissions of an exposed api.
api://dataflow-server/to a scope while jwt token itself contains permissions which are latter part of aapi://dataflow-server/dataflow.createfrom permissions of an exposed api.