Redirect url sanitization strips umlauts (öäü) 

The php function filter_var_array() with flag FILTER_SANITIZE_URL strips umlauts from the input string. But umlauts actually are valid url characters.
I suggest to use htmlspecialchars() function instead to sanitize the redirect url.
Or nothing at all, the requested redirect uri gets checked against the redirect url of the registered client anyway.