Hari to clarify I was actually referring to the possibility of faking OAuth requests, which is not possible if you don't have the secret, and Google doesn't allow you to download the secret after the first time.
If someone gets access to your Google account, you have a bigger problem. They can simply do a password reset, and that's not something you can fix. You should prevent that from happening by using 2-factor authentication, and you should then be reasonably safe.
1Dot as far as I remember that was a vulnerability in the "view as" feature, and it might have exposed access tokens. You can fake OAuth requests only if you have the consumer key and secret, if that's the concern. You can revoke and rotate those credentials periodically if you feel it's a risk.
Then the same reasoning as above applies: protect your account with 2FA and you'll be safe.