Client gets redirected more often than necessary while authenticating

[liamsi]

While investigating #640 it seems that clients (using their OAuth client ID/secret as described in the current README) get redirected on every request.

cc: @AMarcedone: Can you confirm this behavior?

The obtained access_token is never stored. See https://developers.google.com/identity/protocols/OpenIDConnect for more information.

After discussing with @gdbelvin: The client could store the received access_token and the RefreshToken such that the user doesn't get redirected to the consent screen on every server interaction.

[gdbelvin]

duplicate of #755

[gdbelvin]

The command line client currently forces users to go through an OAuth flow for every update. This could be improved by saving the OAuth refresh token locally, so users would only have to authenticate once per session.