Over at gratipay/gratipay.com#2870 we're finding that parse_authorization_code_response sometimes receives an error response that it's not prepared to handle. Here's a couple examples of the querystrings we're seeing from different providers:

Google:   error=access_denied&state=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Facebook: error=access_denied&error_code=200&error_description=Permissions+error&error_reason=user_denied&state=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Should a check for error be added, with a call to raise_from_error (but cf. #2869)?