OAuth2-Benutzer-Verknüpfung innerhalb von Discourse

Jim.Morrison · 4. September 2019 um 16:53

Gelegentlich tritt bei Benutzern das Problem auf, dass sie bei jedem Loginversuch aufgefordert werden, ein neues Discourse-Konto einzurichten. Dies geschieht häufig entweder bei Legacy-Konten, die gerade erst wieder in Discourse einloggen, oder wenn sie sich zuvor mit Benutzername und Passwort angemeldet haben und nun versuchen, sich per OAuth einzuloggen. In der Vergangenheit wurde dieses Problem gelöst, indem die Auth0 OAuth2-Anmeldedaten mit der Benutzer-ID in Discourse verknüpft wurden, indem der folgende Befehl in der Rails-Konsole innerhalb der Discourse-Instanz ausgeführt wurde:

PluginStore.set('oauth2_basic', 'oauth2_basic_user_google-apps|tony.danza@aol.com', {"user_id":7235})

Das Problem scheint nun darin zu bestehen, dass dies nicht mehr persistiert. Tatsächlich wird =>True zurückgegeben, wo früher Ok zurückkam. Ich befinde mich an einer Pry-Eingabeaufforderung, was ich in der Vergangenheit nicht für den Fall hielt. Wenn ich Pry verlasse, werde ich auch aus der Rails-Konsole entfernt.

Haben Sie eine Idee, was hier passieren könnte? Vielen Dank!

Dieses Plugin wird genutzt: GitHub - discourse/discourse-oauth2-basic: A basic OAuth2 plugin for use with Discourse · GitHub

Falco · 4. September 2019 um 17:35

That command is outdated, now the plugin uses the user associations table.

Jim.Morrison · 4. September 2019 um 18:15

Can you share an example of the command that I will now run @Falco in replacement of it? Thank you for you help

Jim.Morrison · 6. September 2019 um 13:40

Following up for the latest command @Falco, thanks!

Jim.Morrison · 11. September 2019 um 13:32

Any update or insight on the command @Falco?

Falco · 11. September 2019 um 14:12

This file shound give you an idea of how to construct the command you need:

github.com/discourse/discourse-oauth2-basic

db/migrate/20190724055909_move_to_managed_authenticator.rb

main

# frozen_string_literal: true

class MoveToManagedAuthenticator < ActiveRecord::Migration[5.2]
  def up
    execute <<~SQL
    INSERT INTO user_associated_accounts (
      provider_name,
      provider_uid,
      user_id,
      created_at,
      updated_at
    ) SELECT
      'oauth2_basic',
      replace(key, 'oauth2_basic_user_', ''),
      (value::json->>'user_id')::integer,
      CURRENT_TIMESTAMP,
      CURRENT_TIMESTAMP
    FROM plugin_store_rows
    WHERE plugin_name = 'oauth2_basic'
    AND value::json->>'user_id' ~ '^[0-9]+$'

This file has been truncated. show original

Jim.Morrison · 18. September 2019 um 22:35

Sorry for the delay, I had to upgrade discourse before I tried again. I gave the change a shot but didn’t experience success. Below is the example of what I have since tried that return true.

[1] pry(main)> PluginStore.set('oauth2_basic', 'user_associated_accounts_google-apps|tony.danza@gmail.com', {"user_id":1234})
=> true

Jim.Morrison · 20. September 2019 um 21:25

Following up on this topic, thanks for the help!

Falco · 30. September 2019 um 21:37

Damn you pinged me 7 times while I was on vacation…

Instead of using the PluginStore.set method, you need to create a new UserAssociatedAccount, like for example:

UserAssociatedAccount.create!(provider_name: 'oauth2_basic', provider_uid: 'google-apps|tony.danza@aol.com', user_id: 7235)

Jim.Morrison · 1. Oktober 2019 um 02:40

Sorry about that @Falco, we too have had a hard time when having Community members go on vacation and not being able to keep everyone in the loop. I hope you had a great vacation and I apologize.

I will give your suggestion a go tomorrow and share the results. Thank you again for your help

Jim.Morrison · 26. Februar 2020 um 02:53

Hey there @Falco, following up on this front. When I try to run the above suggested command I receive the below:

root@ip-172-31-20-121-app:/var/www/discourse# rails c
NOTE: Inheriting Faraday::Error::ClientError is deprecated; use Faraday::ClientError instead. It will be removed in or after version 1.0
Faraday::Error::ClientError.inherited called from /var/www/discourse/plugins/discourse-github/gems/2.6.5/gems/octokit-4.14.0/lib/octokit/middleware/follow_redirects.rb:14.
[1] pry(main)> UserAssociatedAccount.create!(provider_name: 'oauth2_basic', provider_uid: 'google-apps|nico@auth0.com', user_id: 1722)
ActiveRecord::RecordNotUnique: PG::UniqueViolation: ERROR:  duplicate key value violates unique constraint "associated_accounts_provider_uid"
DETAIL:  Key (provider_name, provider_uid)=(oauth2_basic, google-apps|nico@auth0.com) already exists.
from /var/www/discourse/vendor/bundle/ruby/2.6.0/gems/rack-mini-profiler-1.1.3/lib/patches/db/pg.rb:69:in `async_exec_params'
Caused by PG::UniqueViolation: ERROR:  duplicate key value violates unique constraint "associated_accounts_provider_uid"
DETAIL:  Key (provider_name, provider_uid)=(oauth2_basic, google-apps|nico@auth0.com) already exists.

from /var/www/discours

Thema		Antworten	Aufrufe
Programmatically create user with OAuth2 user ID Support	3	558	13. Juli 2021
Configure sign up and log in with Auth0 using the OAuth2 Basic Plugin Integrations auth-plugins , oauth2 , how-to , sso	73	19768	16. Dezember 2025
OIDC users not associating with existing Discourse users Self-hosting openid-connect	2	119	28. September 2025
Switching from GitHub auth to OAuth2 SSO oauth2	10	2849	30. Juli 2019
Auth0 Associated Accounts - how to connect existing account? Support	0	401	12. November 2020

OAuth2-Benutzer-Verknüpfung innerhalb von Discourse

Verwandte Themen