portainer: OAuth2 not working with Nextcloud

Bug description Setting up OAuth2 authentication with Nextcloud as a backend does not work. The OAuth2 handshake completes up to the point where Portainer retrieves user data and this error is logged:

2019/10/08 07:47:47 [DEBUG] - OAuth authentication error: Unable to authenticate user via OAuth:oauth2: cannot fetch token: 200 OK
Response: {"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"enabled":true,"storageLocation":"\/storage\/path","id":"karim","lastLogin":1234,"backend":"Backend","subadmin":["Some", "Groups"],"quota":{"free":1,"used":2,"total":3,"relative":0.4,"quota":-3},"email":"my@e.mail","phone":"012345","address":"123, My Address, Withdrawn","website":"https:\/\/my.site","twitter":"@followme1","groups":["admin","duh"],"language":"fr","locale":"fr_FR","backendCapabilities":{"setDisplayName":true,"setPassword":true},"display-name":"Karim Vergnes"}}}

Expected behavior Portainer completes the OAuth2 handshake, extracts the user ID and logs me in.

Steps to reproduce the issue:

1. Enable OAuth2 authentication with the following settings
   • Authorization URL: https://nextcloud/apps/oauth2/authorize
   • Token URL: https://nextcloud/apps/oauth2/api/v1/token
   • Resource URL: https://nextcloud/ocs/v2.php/cloud/user?format=json
   • User ID: ocs.data.id
2. Create a user which matches the user ID under OAuth (karim)
3. Try to use the “Login using OAuth” button

Technical details:

• Portainer version: 1.22.0
• Docker version (managed by Portainer): 4.19.68
• Platform (windows/linux): linux
• Command used to start Portainer (docker run -p 9000:9000 portainer/portainer):
• Browser: Firefox

Additional context

OAuth2 extension enabled, Portainer and Nextcloud are on the same machine and all connections are encrypted in HTTPS using a reverse proxy.