/**
  * {@inheritDoc}
  */
 public function createTokenResponse(ServerRequestInterface $request, Client $client = null, TokenOwnerInterface $owner = null) : ResponseInterface
 {
     $postParams = $request->getParsedBody();
     $refreshToken = $postParams['refresh_token'] ?? null;
     if (null === $refreshToken) {
         throw OAuth2Exception::invalidRequest('Refresh token is missing');
     }
     // We can fetch the actual token, and validate it
     /** @var RefreshToken $refreshToken */
     $refreshToken = $this->refreshTokenService->getToken((string) $refreshToken);
     if (null === $refreshToken || $refreshToken->isExpired()) {
         throw OAuth2Exception::invalidGrant('Refresh token is expired');
     }
     // We can now create a new access token! First, we need to make some checks on the asked scopes,
     // because according to the spec, a refresh token can create an access token with an equal or lesser
     // scope, but not more
     $scopes = $postParams['scope'] ?? $refreshToken->getScopes();
     if (!$refreshToken->matchScopes($scopes)) {
         throw OAuth2Exception::invalidScope('The scope of the new access token exceeds the scope(s) of the refresh token');
     }
     $owner = $refreshToken->getOwner();
     $accessToken = $this->accessTokenService->createToken($owner, $client, $scopes);
     // We may want to revoke the old refresh token
     if ($this->serverOptions->getRotateRefreshTokens()) {
         if ($this->serverOptions->getRevokeRotatedRefreshTokens()) {
             $this->refreshTokenService->deleteToken($refreshToken);
         }
         $refreshToken = $this->refreshTokenService->createToken($owner, $client, $scopes);
     }
     // We can generate the response!
     return $this->prepareTokenResponse($accessToken, $refreshToken, true);
 }
 /**
  * Validate the token scopes against the registered scope
  *
  * @param  array $scopes
  * @return void
  * @throws OAuth2Exception
  */
 protected function validateTokenScopes(array $scopes)
 {
     $registeredScopes = $this->scopeService->getAll();
     foreach ($registeredScopes as &$registeredScope) {
         $registeredScope = is_string($registeredScope) ? $registeredScope : $registeredScope->getName();
     }
     $diff = array_diff($scopes, $registeredScopes);
     if (count($diff) > 0) {
         throw OAuth2Exception::invalidScope(sprintf('Some scope(s) do not exist: %s', implode(', ', $diff)));
     }
 }