[RFC] AccessToken / RefreshToken -> Scope relation

[darckking]

Hi
Can you pls explain your motivation to use ManyToMany between AccessToken and Scope ?
This differs from laminas-api-tools/api-tools-oauth2 database structure. There scope is space-separated list of restricted scopes and is baked into AccessToken / RefreshToken.
Imo the ManyToMany brings tiny overhead:

1. it will trigger DB call to get all token's scopes;
2. you will need join scopes to pull all you need from DB with one query;
3. extra insertions when create token with bunch of scopes;