Add allowRefreshToken #19
Description
Add an allowRefreshToken function to token service for determining if a refresh token should be generated based on client, user, and scope. This could be useful for granting temporary authorization that will end when the access token expires. Keep allowRefreshToken option on the grants so that it can still be easily disabled for all token requests to a grant type. If allowed for the grant, then call allowRefreshToken for the service. Default new function to resolving to true since it already requires refresh tokens be enabled at the grant level.