OAuth Refuses to Function for Non-HTTP(S) Callback URLs

[Paddy Foran]

I'm working on connecting my Android application to an App Engine server with the built-in OAuth provider for Python. I'm trying to set a callback for myappname://insert.host.here/oauth/callback, but every time I make a request, I authorise the token and instead of being redirected am given a message: Invalid Callback URL.

It looks like most OAuth providers don't currently restrict you to http/https in callbacks (possibly for this very reason). Every http/https request I make works, just the custom callback ones have an issue.

Is the App Engine OAuth provider limited to a certain subset of protocols for callbacks? Is there any way to get a list of the allowed callbacks or, preferably, get the limitation lifted? Android and App Engine provide an amazing platform together, but if the OAuth flow is hobbled (e.g, making us use OOB, which isn't very user-friendly), it makes things a bit more difficult.

Thanks,

Paddy