Hi - this seems to be a recent change from Googles side. We never had to do this extra step when working on these features for 3.3.
My guess is that it's a response to some recent phishing attacks involving OAuth (https://www.scmagazine.com/massive-google-docs-phishing-attack-targeted-credentials-permissions/article/654938/). It may also be related to the recent changes to EU privacy laws.
Regardless - it would be very helpful for anyone who has completed this process to post about it here so others can see how it works. The list of scopes that Moodle requires are: "openid profile email https://www.googleapis.com/auth/drive". This is the minimum user information we require to create a unique account - and the google drive API is required to manage files using the google drive repository. The google drive API is also required if you are using the google document converter.