For some reason, people might want to save the generated access token in a database, so the save_access_token event is now emitted. It is optional. Closes #10
Connect 2.0 is incompatible with this until further notice. Closes #11
This should allow standard HTTP auth to function in a subsequent middleware down the stack. Closes #6
Provide the access token grant date so implementations can decide when to expire tokens if required. Closes #5
Emit create_access_token event to add user data to an access token that will be available during the access_token event when accessing protected resources. Add creation timestamp to access token so we can expire access tokens in the future.