I’m using google-start-project’s code into one of my gaelyk app. This is the groovy-ed code for the OAuth 2.0 authorization process. Unlike twitter, whenever the app requests authorization the user must allow the app to continue and I think is weird. There are some mistakes that I made?

    // Check for an error returned by OAuth
if ( params.error ) {
    response.setContentType("text/plain");
    out.println("There was a problem during authentication: " + error);
    log.severe("There was a problem during authentication: " + error);
    return;
}

// When we're redirected back from the OAuth 2.0 grant page, a code will be supplied in a GET parameter named 'code'

if ( !params.code ) {
    // Now that we have the OAuth 2.0 code, we must exchange it for a token to make API requests.

    // Build the authorization URL
    AuthorizationRequestUrl authorizeUrl = new GoogleAuthorizationRequestUrl(
            CLIENT_ID,
            REDIRECT_URI,
            SCOPES
        );
    authorizeUrl.redirectUri = REDIRECT_URI;
    authorizeUrl.scope = SCOPES;
    String authorizationUrl = authorizeUrl.build();

    log.info("Redirecting browser for OAuth 2.0 authorization to " + authorizationUrl);
    response.sendRedirect(authorizationUrl);
    return;
} else {
    log.info("Exchanging OAuth code for access token using server side call");

    AccessTokenResponse accessTokenResponse = new GoogleAccessTokenRequest.GoogleAuthorizationCodeGrant(
            new NetHttpTransport(),
            new GsonFactory(),
            CLIENT_ID,
            CLIENT_SECRET,
            params.code,
            REDIRECT_URI
        ).execute();

    log.info("Storing authentication token into the session");
    request.session.accessToken = accessTokenResponse.accessToken
    request.session.refreshToken = accessTokenResponse.refreshToken

    //The authentication is all done! Redirect back to the samples index so you can play with them.
    response.sendRedirect("/");
}