Refreshing OAuth Bearer tokens

[jeremdow]

I'm having an issue with waterwheel calls failing after the oauth access token has expired.

Request URL: /oauth/token
Request Method: POST
Status Code: 400 

{error: "invalid_grant",…}

"The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."

This may be a server issue related to d.o: #2894738 ?

But reviewing the documentation here, I noticed:

grant_type: The type of OAuth 2 grant. Currently password is the only supported value.

However, I was able to make calls via 'access_token' by making the following change:
jeremdow/waterwheel.js@9e51415

Then refresh the token(s) by switching the grant_type back to 'password' after expiration.

Without understanding the underlying issue better, this does prevent the above failure, and I believe(?) sets the proper grant_type for standard requests?

As it was, it seemed that a new refresh token (but not access token) was being returned by every request made via 'password' grant_type, which was only reset on refresh?