I’ve been integrating OAuth for a few days now and today I’m randomly getting 401.
And I’ve tried to create new account HERE to post about it and tried to use my existing Patreon account and it also failed:
So I guess it’s not just me 
.
EDIT:
From what I can see, the /api/oauth2/v2/identity will randomly fail with 401 error.
As a hotfix, I’ll simply retry the request in a loop until it succeeds (which takes around 3 retries).
I’ve had several patrons contact in the last 24 hours with login issues. Using WordPress plugin
How did you fix this? Is it something we can resolve on our end?
I use Next-Auth for authentication via OAuth2 in nextJS and I am getting the following error:
[next-auth][error][OAUTH_CALLBACK_ERROR]
https://next-auth.js.org/errors#oauth_callback_error expected 200 OK, got: 401 Unauthorized {
error: OPError: expected 200 OK, got: 401 Unauthorized
at processResponse (C:\FW\Repos\patreon-rewards\node_modules\openid-client\lib\helpers\process_response.js:41:11)
at Client.userinfo (C:\FW\Repos\patreon-rewards\node_modules\openid-client\lib\client.js:1237:18)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async oAuthCallback (C:\FW\Repos\patreon-rewards\node_modules\next-auth\core\lib\oauth\callback.js:131:17)
at async Object.callback (C:\FW\Repos\patreon-rewards\node_modules\next-auth\core\routes\callback.js:52:11)
at async AuthHandler (C:\FW\Repos\patreon-rewards\node_modules\next-auth\core\index.js:201:28)
at async NextAuthHandler (C:\FW\Repos\patreon-rewards\node_modules\next-auth\next\index.js:24:19)
at async C:\FW\Repos\patreon-rewards\node_modules\next-auth\next\index.js:60:32
at async Object.apiResolver (C:\FW\Repos\patreon-rewards\node_modules\next\dist\server\api-utils\node.js:372:9)
at async DevServer.runApi (C:\FW\Repos\patreon-rewards\node_modules\next\dist\server\next-server.js:488:9)
at async Object.fn (C:\FW\Repos\patreon-rewards\node_modules\next\dist\server\next-server.js:751:37)
at async Router.execute (C:\FW\Repos\patreon-rewards\node_modules\next\dist\server\router.js:253:36)
at async DevServer.run (C:\FW\Repos\patreon-rewards\node_modules\next\dist\server\base-server.js:384:29)
at async DevServer.run (C:\FW\Repos\patreon-rewards\node_modules\next\dist\server\dev\next-dev-server.js:743:20)
at async DevServer.handleRequest (C:\FW\Repos\patreon-rewards\node_modules\next\dist\server\base-server.js:322:20) {
name: 'OAuthCallbackError',
code: undefined
},
providerId: 'patreon',
message: 'expected 200 OK, got: 401 Unauthorized'
}
On some days Oauth2 works normally but on other days like today it rejects the authentication randomly. Still, it is possible to log in when trying several times (between 3 to infinite attempts).
I think the problem is in the patreon API
Has this issue been resolved for you? It seems to work only some of the time.
Can you people DM the full response headers? Uuids and all…
Hello,
Same problem for me !
Url called :
/api/oauth2/v2/identity?include=memberships,memberships.currently_entitled_tiers&fields%5Buser%5D=can_see_nsfw,email,first_name,full_name,hide_pledges,image_url,is_email_verified,last_name,thumb_url,url,vanity&fields%5Bmember%5D=campaign_lifetime_support_cents,currently_entitled_amount_cents,is_follower,last_charge_date,last_charge_status,lifetime_support_cents,next_charge_date,patron_status,pledge_cadence,pledge_relationship_start,will_pay_amount_cents&fields%5Btier%5D=amount_cents,discord_role_ids,published,remaining,requires_shipping,title,unpublished_at,url,user_limit
and I get this error :
{
code: 1,
code_name: "Unauthorized",
detail: "The server could not verify that you are authorized to access the URL requested. You either supplied the wrong credentials (e.g. a bad password), or your browser doesn't understand how to supply the credentials required.",
id: "93bd8174-3be0-5c22-bd17-68b696fc1245",
status: "401",
title: "Unauthorized",
}
@here A fix that could address this was deployed just now. Please check if you are still experiencing this issue (especially 401s). If you still are, try to collect as much response headers as you can until tomorrow and DM them to me via the forum dm.
Problem is still present. Even logging into this forum via patreon gave me errors 4 times (worked after the 5th retry). Haven’t collected any headers since I am on vacation, hopefully someone else can contribute.
I can confirm I’m still getting the same issues, it’s been happening since yesterday, it can sometimes take up to 10 retries for the API not to return that unauthorized error. Happens with both API v1 and API v2, and can also confirm it’s affecting logging into this forum as well, which hopefully should give @codebard a way to reproduce and get whatever info they need to fix it.
@codebard I also confirm that the error continues today (I tested at UTC-3 11:30)
To test it, just try to log in with the Patreon account in this forum, for example.
Below is a video of the error when trying to log in to the forum:
In my NEXTJS application, I am getting the following logs when I try to authenticate:
CREATE_STATE [{"value":"gN8oIxcPI5LC9ZyQh7WRK7yT4oJM8bzFrwE6Fnmm58Q","maxAge":900}]
GET_AUTHORIZATION_URL [{"url":"https://www.patreon.com/oauth2/authorize?client_id=my_client_id&scope=identity%20identity%5Bemail%5D%20identity.memberships&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000% ":{"httpOnly":true,"sameSite":"lax","path":"/","secure":false,"maxAge":900,"expires":"2023-03-29T14:31: 19.290Z"}}],"provider":{"id":"patreon","name":"Patreon","type":"oauth","version":"2.0","authorization":{" url":"https://www.patreon.com/oauth2/authorize","params":{"scope":"identity identity[email] identity.memberships"}},"token":{"url": "https://www.patreon.com/api/oauth2/token", "params":{}},"userinfo":{"url":"https://www.patreon.com/api/oauth2/api/current_user","params":{}},"style":{ "logo":"/patreon.svg","logoDark":"/patreon.svg","bg":"#fff","text":"#e85b46","bgDark":"#000"," textDark":"#e85b46"},"idToken":false,"checks":["state"],"clientId":"my_client_id","clientSecret":"my_client_secret","signinUrl":"http:// localhost:3000/api/auth/signin/patreon","callbackUrl":"http://localhost:3000/api/auth/callback/patreon"}}]
OAUTH_CALLBACK_ERROR [{"error":{"name":"OAuthCallbackError","message":"expected 200 OK, got: 401 Unauthorized","stack":"OPError: expected 200 OK, got: 401 Unauthorized\n at processResponse (C:\\FW\\Repos\\patreon-rewards\\node_modules\\openid-client\\lib\\helpers\\process_response.js:41:11)\n at Client.userinfo (C:\\FW \\Repos\\patreon-rewards\\node_modules\\openid-client\\lib\\client.js:1237:18)\n at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n at async oAuthCallback (C:\\FW\\Repos\\patreon-rewards\\node_modules\\next-auth\\core\\lib\\oauth\\callback.js:131:17)\n at async Object. callback (C:\\FW\\Repos\\patreon-rewards\\node_modules\\next-auth\\core\\routes\\callback.js:52:11)\n at async AuthHandler (C:\\FW \\Repos\\patreon-rewards\\node_modules\\next-auth\\core\\index.js:201:28)\n at async NextAuthHandler (C:\\FW\\Repos\\patreon-rewards\\ node_modules\\next-auth\\next\\index.js:24:19)\n at async C:\\FW\\Repos\\patreon-rewards\\node _modules\\next-auth\\next\\index.js:60:32\n at async Object.apiResolver (C:\\FW\\Repos\\patreon-rewards\\node_modules\\next\\dist\\ server\\api-utils\\node.js:372:9)\n at async DevServer.runApi (C:\\FW\\Repos\\patreon-rewards\\node_modules\\next\\dist\\server\ \next-server.js:488:9)\n at async Object.fn (C:\\FW\\Repos\\patreon-rewards\\node_modules\\next\\dist\\server\\next-server. js:751:37)\n at async Router.execute (C:\\FW\\Repos\\patreon-rewards\\node_modules\\next\\dist\\server\\router.js:253:36)\ n at async DevServer.run (C:\\FW\\Repos\\patreon-rewards\\node_modules\\next\\dist\\server\\base-server.js:384:29)\n at async DevServer. run (C:\\FW\\Repos\\patreon-rewards\\node_modules\\next\\dist\\server\\dev\\next-dev-server.js:743:20)\n at async DevServer. handleRequest (C:\\FW\\Repos\\patreon-rewards\\node_modules\\next\\dist\\server\\base-server.js:322:20)"},"providerId":"patreon"} ]
I also created a site that only has patreon authentication for testing (https://test-patreon.vercel.app).
In this video, I can authenticate to this test site on the second try:
Thanks for the headers (but dont post your tokens). The investigation is ongoing.
It appears to be working just fine now.
Yes another fix went out a while ago. The 401s seem to appear much less in the logs now so you should be ok.