diff --git a/jupyterhub/services/auth.py b/jupyterhub/services/auth.py
index 0c940c12..e85a8dd9 100644
--- a/jupyterhub/services/auth.py
+++ b/jupyterhub/services/auth.py
@@ -638,6 +638,8 @@ class HubOAuthCallbackHandler(HubOAuthenticated, RequestHandler):
         # TODO: make async (in a Thread?)
         token = self.hub_auth.token_for_code(code)
         user_model = self.hub_auth.user_for_token(token)
+        if user_model is None:
+            raise HTTPError(500, "oauth callback failed to identify a user")
         app_log.info("Logged-in user %s", user_model)
         self.hub_auth.set_cookie(self, token)
         next_url = self.get_argument('next', '') or self.hub_auth.base_url
diff --git a/jupyterhub/singleuser.py b/jupyterhub/singleuser.py
index dd8ca9a5..14df66f2 100755
--- a/jupyterhub/singleuser.py
+++ b/jupyterhub/singleuser.py
@@ -5,12 +5,13 @@
 # Distributed under the terms of the Modified BSD License.
 
 import os
+from textwrap import dedent
 from urllib.parse import urlparse
 
 from jinja2 import ChoiceLoader, FunctionLoader
 
 from tornado import ioloop
-from textwrap import dedent
+from tornado.web import HTTPError
 
 try:
     import notebook
@@ -119,6 +120,8 @@ class OAuthCallbackHandler(HubOAuthCallbackHandler, IPythonHandler):
         # TODO: make async (in a Thread?)
         token = self.hub_auth.token_for_code(code)
         user_model = self.hub_auth.user_for_token(token)
+        if user_model is None:
+            raise HTTPError(500, "oauth callback failed to identify a user")
         self.log.info("Logged-in user %s", user_model)
         self.hub_auth.set_cookie(self, token)
         next_url = self.get_argument('next', '') or self.base_url