Interesting issue here:
I'm looking in the function sgc_oauth_catcher():
in sgc-base.php there is the following check
if ( !empty( $_REQUEST['state'] ) )
Now, checking the URL returned by google, there is a state=popup_profile_connect - but strangely the $_REQUEST['state'] is null.
If I replace the final redirect in sgc_oauth_catcher():
Which should obviously never be reached, with:
do_action('sgc_state_popup_profile_connect', $oauth );
which would be called if $_REQUEST['state'] wasn't returning null it works fine.
So... any ideas why $_REQUEST['state'] is returning null to php when I can clearly see it in the url, and why $_REQUEST['code'] is returning the correct value (which is also visible in the url)?