What is the point of redirect_uri for the Google get token call?

I have a web app that uses the Google API. The process to authenticate makes two calls to google, the first to get a code and the second to exchange the code for a token. Both calls take a redirect_uri parameter. The first call uses this parameter as I expect, redirecting back to the redirect_uri, however, the second call, to get the token, does not redirect, bar validating it it seems to ignore this parameter, so what is the point of it?

The redirect_uri parameter in access token request is described as REQUIRED in the OAuth 2.0 specification.

The reason behind it is described in detail in the section 10.6 of the same document. In short:

1. An attacker can obtain the authorization code by manipulating the request_uri of authorization request. The only two parties who can notice this trick are victim (legitimate user) and server. Client remains unaware of these manipulations.
2. Even with the code an attacker cannot exchange it to access token, yet it can try to deceive the client by sending the "callback response" with the stolen code on behalf of itself.
3. If client could exchange the code it received to the token, it would grant access to the victim's data to attacker. Fortunately, because client's redirect_uri doesn't match with the one the server has seen, the request will be rejected.