It appears that Google has been modernizing OAuth interactions for native apps as announced initially here https://developers.googleblog.com/2016/08/modernizing-oauth-interacti
The behavior of Google's authorization server is gated on the type of client you register.
It's an oddity that the "client secret" is required for Desktop and TV clients, but not iOS and Android, however for all 4 native app types, the server treats the clients as non-confidential, and the "client secret" value is effectively an extension of the client id. This is in contrast to web-clients, where it is assumed the client secret confidentiality is maintained, and thus they can be treated differently for actions like incremental auth.
Regarding the registration of redirect URIs, this is also gated on client types. For some types like Web, manual registration is required. For other types like Desktop, the redirect URI is pre-registered (in the case of desktop, http://127.0.0.1:*/*
).