I have a little trouble understanding I will not lie to you.
Two different operations are mixed here. On the one hand obtaining an acces_token which must be done graphically and manually.
So I have to write this acces_token in a hard copy (and if necessary also store the refresh token) so that my application can use it as part of its connection to the Pub / Sub service.
BUT, I must also whenever I use it, use the refresh function, which is completely backend. And the newly generated token access must replace the old access_token in my configuration to be used.
In reality if we follow your logic, I have to store the two keys permanently and have them changed, my program must, on each startup, refresh the access_token so my configuration changes constantly?
Do you understand that we mix frontend operation and backend operation in the same process?