Google Oauth is done via client-side authentication, which needs a redirect URI to pass the access token on success. The token is part of the URL's hash component which is _not_ transferred to the server. In normal Tampermonkey should close the tab after it extracted the access token from the tab's URL.
