diff --git a/src/Composer/Util/Bitbucket.php b/src/Composer/Util/Bitbucket.php
index e1f319768..4e5579c94 100644
--- a/src/Composer/Util/Bitbucket.php
+++ b/src/Composer/Util/Bitbucket.php
@@ -54,7 +54,7 @@ class Bitbucket
      */
     public function getToken()
     {
-        if (! isset($this->token['access_token'])) {
+        if (!isset($this->token['access_token'])) {
             return '';
         }
         return $this->token['access_token'];
@@ -137,7 +137,7 @@ class Bitbucket
         $url = 'https://confluence.atlassian.com/bitbucket/oauth-on-bitbucket-cloud-238027431.html';
         $this->io->writeError(sprintf('Follow the instructions on %s', $url));
         $this->io->writeError(sprintf('to create a consumer. It will be stored in "%s" for future use by Composer.', $this->config->getAuthConfigSource()->getName()));
-        $this->io->writeError('Ensure you enter a "Callback URL" or it will not be possible to create an Access Token (this callback url will not be used by composer)');
+        $this->io->writeError('Ensure you enter a "Callback URL" (http://example.com is fine) or it will not be possible to create an Access Token (this callback url will not be used by composer)');
 
         $consumerKey = trim($this->io->askAndHideAnswer('Consumer Key (hidden): '));
 
@@ -159,7 +159,7 @@ class Bitbucket
 
         $this->io->setAuthentication($originUrl, $consumerKey, $consumerSecret);
 
-        if (! $this->requestAccessToken($originUrl)) {
+        if (!$this->requestAccessToken($originUrl)) {
             return false;
         }
 
@@ -189,7 +189,7 @@ class Bitbucket
         }
 
         $this->io->setAuthentication($originUrl, $consumerKey, $consumerSecret);
-        if (! $this->requestAccessToken($originUrl)) {
+        if (!$this->requestAccessToken($originUrl)) {
             return '';
         }
 
@@ -227,9 +227,10 @@ class Bitbucket
     {
         $authConfig = $this->config->get('bitbucket-oauth');
 
-        if (! isset($authConfig[$originUrl]['access-token']) ||
-            ! isset($authConfig[$originUrl]['access-token-expiration']) ||
-            time() > $authConfig[$originUrl]['access-token-expiration']
+        if (
+            !isset($authConfig[$originUrl]['access-token'])
+            || !isset($authConfig[$originUrl]['access-token-expiration'])
+            || time() > $authConfig[$originUrl]['access-token-expiration']
         ) {
             return false;
         }
diff --git a/src/Composer/Util/RemoteFilesystem.php b/src/Composer/Util/RemoteFilesystem.php
index 4a7490864..ed5eb720e 100644
--- a/src/Composer/Util/RemoteFilesystem.php
+++ b/src/Composer/Util/RemoteFilesystem.php
@@ -600,7 +600,7 @@ class RemoteFilesystem
                 if ($auth['username'] !== 'x-token-auth') {
                     $bitbucketUtil = new Bitbucket($this->io, $this->config);
                     $accessToken = $bitbucketUtil->requestToken($this->originUrl, $auth['username'], $auth['password']);
-                    if (! empty($accessToken)) {
+                    if (!empty($accessToken)) {
                         $this->io->setAuthentication($this->originUrl, 'x-token-auth', $accessToken);
                         $askForOAuthToken = false;
                     }
@@ -610,7 +610,7 @@ class RemoteFilesystem
             }
 
             if ($askForOAuthToken) {
-                $message = "\n".'Could not fetch ' . $this->fileUrl . ', please create a bitbucket OAuth token to ' . ($httpStatus === 401 ? 'to access private repos' : 'to go over the API rate limit');
+                $message = "\n".'Could not fetch ' . $this->fileUrl . ', please create a bitbucket OAuth token to ' . (($httpStatus === 401 || $httpStatus === 403) ? 'to access private repos' : 'to go over the API rate limit');
                 $bitBucketUtil = new Bitbucket($this->io, $this->config);
                 if (! $bitBucketUtil->authorizeOAuth($this->originUrl)
                     && (! $this->io->isInteractive() || !$bitBucketUtil->authorizeOAuthInteractively($this->originUrl, $message))