"invalid_request" is an OAuth error:
* From the authorization endpoint, it means that the "response_type" was
something other than "code";
* From the token endpoint, it means that one or more of the following are
incorrect: client_id, client_secret, code, and/or redirect_uri.
If you send me your client ID, I can look at our logs to see which case is
occurring. Common causes are:
* Attempt to re-use an authorization code (they expire as soon as they are
converted to access tokens); or,
* Not passing the same redirect_uri to both endpoints.