Discourse as SSO Provider: Login Error

balupton · April 28, 2020, 9:33am

I’m following this guide here:

I am providing the correct signature, however for some reason discourse is not accepting it.

Here is the URL I am hitting:

Here is the error log for it:

Message

Verbose SSO log: Signature parse error

Bad signature for payload 

sso: redacted

sig: ae997097f358b7e08aa0568290b55ef6e2174077e96a1184153b1d8369d50f8

expected sig: ae997097f358b7e08aa0568290b55ef6e2174077e96a1184153b1d08369d50f8



Backtrace

/var/www/discourse/app/controllers/session_controller.rb:52:in `rescue in sso_provider'
/var/www/discourse/app/controllers/session_controller.rb:41:in `sso_provider'
/var/www/discourse/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.2.2/lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
/var/www/discourse/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.2.2/lib/abstract_controller/base.rb:196:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.2.2/lib/action_controller/metal/rendering.rb:30:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.2.2/lib/abstract_controller/callbacks.rb:42:in `block in process_action'
/var/www/discourse/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.2.2/lib/active_support/callbacks.rb:135:in `run_callbacks'
/var/www/discourse/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.2.2/lib/abstract_controller/callbacks.rb:41:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.2.2/lib/action_controller/metal/rescue.rb:22:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.2.2/lib/action_controller/metal/instrumentation.rb:33:in `block in process_action'

Env

HTTP HOSTS: discuss.bevry.me

Here is the settings:

Here is the code for the cloudflare worker:

redacted - will open-source later

However, this could be on our side, as there is a difference between:

ae997097f358b7e08aa0568290b55ef6e2174077e96a1184153b1d8369d50f8
ae997097f358b7e08aa0568290b55ef6e2174077e96a1184153b1d08369d50f8

Although I am not sure how to resolve that.

balupton · April 28, 2020, 9:41am

Okay using this method solved it:

// https://jameshfisher.com/2017/10/31/web-cryptography-api-hmac/
// https://stackoverflow.com/questions/40031688/javascript-arraybuffer-to-hex
export function buf2hex(buffer: ArrayBuffer): string {
	return Array.prototype.map
		.call(new Uint8Array(buffer), (x) => ('00' + x.toString(16)).slice(-2))
		.join('')
}

system · May 28, 2020, 9:42am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Login error while trying to use Discourse as an identity provider (SSO, DiscourseConnect) SSO	3	806	May 30, 2023
Discourse as an identity provider not working in localhost SSO	2	864	June 3, 2022
Nil secret on SSO Support	4	883	July 24, 2019
WP as DiscourseConnect client: Signature parse error/Bad signature error (solved) WordPress	1	784	August 29, 2022
Could Discourse offer a StackExchange-like SSO/Federated login service? Feature	6	1621	August 19, 2020

Discourse as SSO Provider: Login Error

Related Topics