What Google APIs were/are affected by the Heartbleed bug? I'm mostly curious if the API for exchanging a refresh token for an access token is affected because the Google Drive APIs only use transient access tokens anyway so they're mitigated.
Should we recommend our users to re-authorize? This is to invalidate the old and then have a new refresh token.