oauth2: enable `use_refresh_token` by default (#36065)

<!--
!!!ATTENTION!!!

If you are fixing *any* crash or *any* potential security issue, *do
not*
open a pull request in this repo. Please report the issue via emailing
envoy-security@googlegroups.com where the issue will be triaged
appropriately.
Thank you in advance for helping to keep Envoy secure.

!!!ATTENTION!!!

For an explanation of how to fill out the fields, please see the
relevant section
in
[PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/main/PULL_REQUESTS.md)
-->

Commit Message: enable `use_refresh_token` by default in oauth2 filter.
Additional Description: Almost all oauth provider give you an option to
enable or disable sending refresh_token in response. If someone is
sending refresh_token, the intent is generally to use it. If not, the
same is not used and the behavior stays the same. This feature is now
pretty stable and can be enabled by default.
Risk Level: Low
Testing: UTs
Docs Changes: Present in the PR.
Release Notes: Need to mention about enabling `use_refresh_token` by
default.

Fixes #36045

---------

Signed-off-by: Anurag Aggarwal <kanurag94@gmail.com>

Mirrored from https://github.com/envoyproxy/envoy @ ce3e47b93d507daa5bbc68bf6eb7e1f66d8800ec

envoy/extensions/filters/http/oauth2/v3/oauth.proto

@@ -148,7 +148,7 @@ message OAuth2Config {
 
   // If set to true, allows automatic access token refresh using the associated refresh token (see
   // `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
-  // Default value is false.
+  // Default value is true.
   google.protobuf.BoolValue use_refresh_token = 12;
 
   // The default lifetime in seconds of the access token, if omitted by the authorization server.