下面是The OAuth 2.0 Authorization Framework中关于refresh_token的规定，注意黑体部分：

Refresh tokens are credentials used to obtain access tokens. Refreshtokens are issued to the client by the authorization server and areused to obtain a new access token when the current access tokenbecomes invalid or expires, or to obtain additional access tokenswith identical or narrower scope (access tokens may have a shorterlifetime and fewer permissions than authorized by the resourceowner). Issuing a refresh token is optional at the discretion of the authorization server. If the authorization server issues a refreshtoken, it is included when issuing an access token (i.e. step (D) inFigure 1).

单独拿新浪来说，其token有效期与应用的授权级别有关：

授权级别 测试 普通 中级 高级 合作
授权有效期 1天 7天 15天 30天 90天

并且新浪有一个access_token授权自动延期方案：

如果用户在授权有效期内重新打开授权页授权（如果此时用户有微博登录状态，这个页面将一闪而过），那么新浪会为开发者自动延长access_token的生命周期，请开发者维护新授权后得access_token值。

相关链接：
The OAuth 2.0 Authorization Framework http://tools.ietf.org/html/draft-ietf...
新浪授权机制说明 http://open.weibo.com/wiki/%E6%8E%88%...