Oauth keys are intended for one session uses, so they expire quickly. Because of this, you should generate a new oauth key before you make a new action on behalf of a user (or when the old oauth key expires).
To generate a new oauth key you'll need to supply the user's most recent Refresh Token to this endpoint. Sample code is below.
In the response, you should see the time remaining before the oauth key expires. You will also see the amount of uses you have left for the refresh token. See example response below.
If your refresh token has expired, you can GET user. The refresh token will be included in the response for that user.
Remember: Please do not store refresh tokens or oauth keys. The only thing you need to store is the user ID (and encrypted/hashed fingerprint if desired).