Stop requiring scope parameter for the token endpoint
Neither the OAuth 2.0 spec nor OpenID Connect 1.0 spec seem to require scope parameter to be present
Neither the OAuth 2.0 spec nor OpenID Connect 1.0 spec seem to require scope parameter to be present