История изменений

А, у тебя же вэб приложение, я слово вэб проглядел, у меня было installed приложения :) там 3 метода было: юзер ручками вводит токен, в тайтлбаре браузера и на localhost в качестве запроса.

вот: https://developers.google.com/accounts/docs/OAuth2InstalledApp

цитирую:

The sequence is similar to the one shown in the Using OAuth 2.0 for Web Server Applications, but there are three exceptions:

1) When registering the application, you specify that the > application is a Installed application. This results in a different value for the redirect_uri parameter.
2) The client_id and client_secret obtained during registration are embedded in the source code of your application. In this context, the client_secret is obviously not treated as a secret.
3) The authorization code can be returned to your application in the title bar of the browser or to an http://localhost port in the query string.

Сорри, что дотнот, т.к. писал на нём аутентификацию, но вот: https://developers.google.com/accounts/docs/OAuth2InstalledApp

цитирую:

The sequence is similar to the one shown in the Using OAuth 2.0 for Web Server Applications, but there are three exceptions:

1) When registering the application, you specify that the > application is a Installed application. This results in a different value for the redirect_uri parameter.
2) The client_id and client_secret obtained during registration are embedded in the source code of your application. In this context, the client_secret is obviously not treated as a secret.
3) The authorization code can be returned to your application in the title bar of the browser or to an http://localhost port in the query string.