Description
The google-api-nodejs-client documentation states that the library will “automatically use a refresh token to obtain a new access token if it is about to expire” (Source). However, this statement is misleading because the library does not proactively refresh the token based on the remaining time before expiry. Instead, the token is refreshed only after it has expired, and certain criteria are met, as explained in the code comments here.
The criteria for refreshing the token include:
- The absence of expiry_date or the forceRefreshOnFailure flag is set.
- A failure response (401 or 403) from an API call due to an expired token.
- The presence of a refresh_token and/or a refreshHandler callback.
The phrase “about to expire” is inaccurate since the library does not evaluate the remaining time on the expiry_date. Instead, the token is used until it causes a failure, at which point a refresh is triggered. This can lead to confusion for developers expecting proactive token refreshing.