Not very clear what happens in in AuthorizationRequest.
After calling for the first time http://localhost:8080/nuxeo/oauth2/authorization?response_type=code&client_id=nuxeo-mobile-app&redirect_uri=https://www.google.com, an AuthRequest object is stored with the sessions id in the requests object.
Doing another call with a different redirect_uri does not work. Is it expected?
Need to be re-checked properly.