Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

OAuth Consumer Error - Invalid redirect_uri

Kyle Lee
Kyle Lee August 28, 2019

I am trying to setup a Bitbucket OAuth consumer for authentication for an application called SonarQube (linting tool). Following the guide, it looks like I have setup everything correctly - https://github.com/SonarSource/sonar-auth-bitbucket.

The callback URL is set to https://myserver/oauth2/callback. When I navigate to it directly, I get "You're not authorized to access this page. Please contact the administrator." - which probably is valid. I don't have any trailing slashes or incorrect scheme. 

One thing to note is that I am using an nginx reverse proxy. I did read sometimes this issue surfaces when the headers X-Forwarded-For and X-Forwarded-Proto are set incorrectly. Please note my troubleshooting skills around this is not the greatest but when I use dev tools and navigate to https://myserver/oauth2/callback, I don't see those headers set. However when I run `nginx -T | grep proxy_set_header`, it seems to be correct.

```

root@01008bf897b1:/app# nginx -T | grep proxy_set_header
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
proxy_set_header Proxy "";

```

Also when I look at the URL when doing the Bitbucket authentication, I notice it does not include https in the redirect_uri:

- https://bitbucket.org/site/oauth2/authorize?response_type=code&client_id=Fs5Fq2e5VqfduRs4xD&redirect_uri=myserver%2Foauth2%2Fcallback%2Fbitbucket&scope=account

If I had https, like below, it actually prompts for "Confirm access to your account":

https://bitbucket.org/site/oauth2/authorize?response_type=code&client_id=Fs5Fq2e5VqfduRs4xD&redirect_uri=https%3A%2F%2Fmyserver%2Foauth2%2Fcallback%2Fbitbucket&scope=account

 

Is my reverse proxy setup incorrectly - proxy headers? Possible Bitbucket issue? Any help would be appreciated!

Answer
Watch
Like Be the first to like this
827 views

0 answers

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events