refresh_token request to /oauth/token not possible

[bratelefant]

Describe the bug
According to RFC 6749, a refresh of an access token only requires the grant_type and the refresh_token. However, an incoming request fails with the message [validation error]: key <code> => expected <[object Object]>, got <undefined>.

To Reproduce
Steps to reproduce the behavior:

1. Setup a oauth2 according to the docs, enable debug.
2. request an access token (eg. via postman)
3. place a refresh token request, with a body like {refresh_token: "12345xyz", grant_type: "refresh_token"}
4. check the logs

Expected behavior
Refresh request should provide a fresh access token

[jankapunkt]

Thank you @bratelefant this is indeed missing 😵 maybe I can add this in the next days

[bratelefant]

I already did some work on this on a local copy, maybe if we can fix #17 I could contribute a PR. Ran across several other issues and possible improvements (eg. implement a meteor 3.0 compatible model). Would also really like to address this enhancement.