OAuth 2 – The refresh token generated before a scope expansion will remain valid after it (with the original scopes)? Consider the following scenario: