I think I found a solution, but not sure if it is the correct one.
For test, I just added &hd=mydomain.com to the auth url and I was correctly redirected to the the domain login page. Once I logged in, I did get 403, Admin has disabled third party apps. So I logged in to the google apps admin and enabled the checkbox. And it worked fine.
I just need a confirmation from Google drive developers if this is a correct solution or works currently only because AuthSub/ OAuth1 is yet to be disabled?
UPDATE: hd=default does not work. You can set it to empty string.