@mathieug I've been working on a similar part of our code today. It looks like you only get a refresh_token in the response on the first authorisation.

Assuming you're using one of your own google accounts to test this, go to - https://myaccount.google.com/permissions and revoke the permissions your app has to your personal google account.

Then try to run the auth again from your project, you should see a refresh_token in the response if that was the issue!

EDIT: Here's a stack overflow question on the same topic - https://stackoverflow.com/questions/10827920/not-receiving-google-oauth-refresh-token#comment56214632_10857806

Exactly, it's what I figured out few days ago. Thank you @katpas.
I close this issue even if sometimes the refresh_token appears again.

To be more precise, you only get a refresh_token back when the user saw the consent screen, AKA the list of scopes and the "Accept" button. Users will see this screen the first time they are asked to grant access, but upon subsequent trips through the OAuth flow that screen is skipped (assuming they haven't revoked access). However, you can force the user to see the consent screen again by passing &prompt=consent in the authorization URL:

var url = oauth2Client.generateAuthUrl({
  access_type: 'offline',
  scope: scopes,
  prompt: 'consent'
});

More details about this option can be found in the auth library.

It needs to be noted access_type: 'offline' needs to be present on the url request for the refresh token to be given. https://stackoverflow.com/questions/10827920/not-receiving-google-oauth-refresh-token