Can't use Bitbucket as a provider

[arthurfalcao]

Question 💬

Hey folks,

I was adding Bitbucket as a provider and did not work. Since the bitbucket authorization returns the token_type as bearer, when passing through userinfo it returns 401 as it only accepts the token as Bearer.

[next-auth][error][CALLBACK_OAUTH_ERROR]
https://next-auth.js.org/errors#callback_oauth_error expected 200 OK, got: 401 Unauthorized OPError: expected 200 OK, got: 401 Unauthorized
    at processResponse (webpack-internal:///../next-auth/node_modules/openid-client/lib/helpers/process_response.js:48:11)
    at Client.userinfo (webpack-internal:///../next-auth/node_modules/openid-client/lib/client.js:1123:18)
    at runMicrotasks (<anonymous>)
    at processTicksAndRejections (internal/process/task_queues.js:95:5)
    at async oAuthCallback (webpack-internal:///../next-auth/server/lib/oauth/callback.js:112:17)
    at async Object.callback (webpack-internal:///../next-auth/server/routes/callback.js:50:11)
    at async NextAuthHandler (webpack-internal:///../next-auth/server/index.js:171:18)
    at async eval (webpack-internal:///../next-auth/server/index.js:251:32)
    at async Object.apiResolver (/home/arthurfalcao/Development/arthurfalcao/epic-notes-generator/node_modules/next/dist/server/api-utils.js:102:9)
    at async DevServer.handleApiRequest (/home/arthurfalcao/Development/arthurfalcao/epic-notes-generator/node_modules/next/dist/server/next-server.js:1017:9) {
  name: 'OAuthCallbackError'
}

Response from bitbucket oauth2:

{
  "provider": "bitbucket",
  "type": "oauth",
  "providerAccountId": "",
  "scopes": "account pullrequest",
  "access_token": "",
  "expires_at": 1635642968,
  "token_type": "bearer",
  "state": "authorization_code",
  "refresh_token": ""
}

How to reproduce ☕️

CodeSandbox

Contributing 🙌🏽

Yes, I am willing to help answer this question in a PR

[balazsorban44]

This seems to be an upstream bug. They send one response but then expect something else? 😅

[stale]

Hi there! It looks like this issue hasn't had any activity for a while. It will be closed if no further activity occurs. If you think your issue is still relevant, feel free to comment on it to keep it open. (Read more at #912) Thanks!

[stale]

Hi there! It looks like this issue hasn't had any activity for a while. To keep things tidy, I am going to close this issue for now. If you think your issue is still relevant, just leave a comment and I will reopen it. (Read more at #912) Thanks!

[jayantbh]

I posted a comment here: #3076 (comment)

This is how I managed to use bitbucket as a provider.

[domharrington]

I also came across this same issue to do with the token_type inconsistency breaking stuff. NextAuth's OpenID Client was making a request with a lowercase b in the bearer header which was causing 401s:

$ curl https://api.bitbucket.org/2.0/user --header "authorization: bearer xxxxxxxxx" -i
HTTP/2 401
server: envoy

But it works when using uppercase b in Bearer:

$ curl https://api.bitbucket.org/2.0/user --header "authorization: Bearer xxxxxxxxx" -i
HTTP/2 200
server: envoy

I used @jayantbh's example from above, but had to modify it a bit to work with bitbucket's latest API: #3076 (comment)