I'm starting to think I may misunderstand what this complete login endpoint objective is.
I think I'm the one who is misunderstanding things 🙂 Yes, you should be able to build your own login pages to auth directly with google, and yes, you should get the refresh_token returned. I didn't follow what you were attempting to do, I thought you were using the google form provided by FusionAuth (which is what I tested and which returns a refresh_token if you provide the scope).
This sure looks like a bug because the refresh_token should be returned according to the docs. At the very least it is a doc bug, because the noJWT parameter doesn't state that the refreshToken will be returned if noJWT = false:
When this value is set to true a JWT will not be issued as part of this request. The response body will not contain the token field, and the access_token and refresh_token cookies will not be written to the HTTP response
But the response body states a refreshToken will be returned:
The refresh token that can be used to obtain a new access token once the provide one has expired. Because a refresh token is per user and per application, this value will only be returned when an applicationId was provided on the login request.
Can you please file a bug? https://github.com/fusionauth/fusionauth-issues/issues