implemented getting new access tokens from refresh tokens

rest.js

@@ -386,6 +386,9 @@ module.exports.create = function (bigconf, deps, app) {
       if (req.body.grant_type === 'issuer_token') {
         return Accounts.restful.createToken.issuerToken(req);
       }
+      if (req.body.grant_type === 'refresh_token') {
+        return Accounts.restful.createToken.refreshToken(req);
+      }
 
       throw new OpErr("unknown or un-implemented grant_type '"+req.body.grant_type+"'");
     }).then(function (token_info) {
@@ -448,7 +451,11 @@ module.exports.create = function (bigconf, deps, app) {
         result.scope = token_info.scope;
         result.access_token = jwt.sign(payload, pem, Object.assign({expiresIn: req.body.exp || '1d'}, opts));
         if (req.body.refresh_token) {
-          result.refresh_token = jwt.sign(payload, pem, Object.assign({expiresIn: req.body.refresh_exp}, opts));
+          if (token_info.refresh_token) {
+            result.refresh_token = token_info.refresh_token;
+          } else {
+            result.refresh_token = jwt.sign(payload, pem, Object.assign({expiresIn: req.body.refresh_exp}, opts));
+          }
         }
         return result;
       });
@@ -494,6 +501,23 @@ module.exports.create = function (bigconf, deps, app) {
       };
     });
   };
+  Accounts.restful.createToken.refreshToken = function (req) {
+    return PromiseA.resolve().then(function () {
+      if (!req.body.refresh_token) {
+        throw new OpErr("missing refresh token");
+      }
+
+      return req.oauth3.verifyAsync(req.body.refresh_token).then(function (token) {
+        return {
+          sub: token.sub,
+          aud: token.aud,
+          azp: token.azp,
+          exp: token.exp,
+          refresh_token: req.body.refresh_token,
+        };
+      });
+    });
+  };
 
 
   app.get(   '/jwks/:sub/:kid.json', Jwks.restful.get);