Some questions please. Not sure if it's the best platform to ask a question.

In the dailymotion-sample, there's a callback back to localhost (127.0.0.1:8080/Callback) to provide the verification code in order for the app to access the user's data.

Questions:
What's the architecture here?
There's actually some sort of a server running behind the scene?
Who's this example for? Android? webapp? Stand alone java client?
If this is supposed to integrate with a web application, how do we not reveal the app secret? How do we use it in our own server-client webapp?

This question appears to be obsolete.

That said, it's trying to describe Oauth2 with a webserver.
https://developers.google.com/identity/protocols/oauth2

The call back is for the case that you are using it locally, if you deployed it to your data center, then the call back would be the web address of the callback.

The basic idea is that Google knows valid endpoints and can use that for a 3 handed auth flow. I'm going to close this, feel free to reopen if you'd like additional information.