Custom oauth2 error auth access token unobtainable

My version of HedgeDoc is: 1.9.9

What I expected to happen:

local hedgedoc instance should send a request to my local oauth server, in order to obtain the authorization token/the token to request the actual user data

What actually happened:

but instead it throws internal server error oauth access token could not be obtained or sth like that. It should only send it to port 8080 but on 8080 there is no incomming request. activated debug for 8080 but still no request to be found.

example that i sent to my local hedgedoc and the error occured after
http://localhost:3001/auth/oauth2/callback?state=...&code=

Hello @Endsmasher and welcome to the HedgeDoc community!

Could it be that you run HedgeDoc in docker and your OAuth2 provider is running under the domain name localhost? Since docker containers each have their own network segment, localhost only points to the container itself and not the host which runs the containers.

At least this could explain why the redirect to your auth provider works (this does not require any communication from HedgeDoc itself to the provider), but the code exchange doesn’t.

If that’s not the case and your auth provider is behind Cloudflare, you might want to verify the WAF settings there since we already got another report about OAuth2 errors where Cloudflare WAF was intercepting the process.