In the [[ https://secure.phabricator.com/book/phabcontrib/article/using_oauthserver/ | documentation about the OAuth Server application ]] it says //"If done correctly, the OAuth Server will redirect to the pertinent redirect_uri with an access token."//, however, it just responds with a JSON object containing the token.
I had a look into the code and it does not seem like PhabricatorOAuthServerTokenController redirects anywhere in any case.