Error while trying to add Paytm Oauth using discourse-oauth2-basic plugin

sso
1

Hi Guys,
I’m trying to add Paytm OAuth to my Discourse forum using the discourse-oauth2-basic plugin, but I’m having trouble getting it to work. I followed the instructions in the plugin’s readme file, but when I try to log in with Paytm, I get an error message saying “Authorization timed out, or you have switched browsers. Please try again.”
I’m not sure why it isn’t working.

Any help would be greatly appreciated!

Below is the error I found in discourse log:

Error:
*Message*

*(oauth2_basic) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected*

*Backtrace*

*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:87:in `callback_phase'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'*

*Env*

*HTTP HOSTS: devforum.paytm.in*
hostname devforum-app
process_id 148
application_version 2d46824a87f2104b307abd76dbb2ec2b0f2df4a0
HTTP_HOST devforum.paytm.in
REQUEST_URI /auth/oauth2_basic/callback
REQUEST_METHOD GET
HTTP_USER_AGENT Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36
HTTP_ACCEPT text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7
HTTP_REFERER https://paytm.com/
HTTP_X_FORWARDED_FOR 103.181.14.201, 136.226.233.15, 23.212.253.68, 104.124.54.30, 10.188.8.126
HTTP_X_REAL_IP 10.188.8.126
time 9:50 am

image
image1920×986 33.5 KB

1 Like
2

Now after checking and fixing response parameter now I am getting below error:

image
image2878×490 179 KB 

Message

NoMethodError (undefined method `downcase' for nil:NilClass)
lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:81:in `any?'
lib/final_destination/ssrf_detector.rb:81:in `host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:100:in `lookup_and_filter_ips'
lib/final_destination/http.rb:13:in `connect'
lib/middleware/omniauth_bypass_middleware.rb:53:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:367:in `call'
config/initializers/008-rack-cors.rb:24:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
lib/middleware/request_tracker.rb:228:in `call'

Backtrace

lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:81:in `any?'
lib/final_destination/ssrf_detector.rb:81:in `host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:100:in `lookup_and_filter_ips'
lib/final_destination/http.rb:13:in `connect'
/usr/local/lib/ruby/3.2.0/net/http.rb:1248:in `do_start'
/usr/local/lib/ruby/3.2.0/net/http.rb:1237:in `start'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:112:in `request_with_wrapped_block'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:102:in `perform_request'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:66:in `block in call'

hostname devforum-app
process_id 150
application_version 91c5658e9baaab0df581f53ab56dc784b152d5ec
HTTP_HOST [devforum.paytm.in](http://devforum.paytm.in/)
REQUEST_METHOD GET
HTTP_USER_AGENT Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/[112.0.0.0](http://112.0.0.0/) Safari/537.36
HTTP_ACCEPT text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
HTTP_REFERER https://paytm.com/
HTTP_X_FORWARDED_FOR 103.181.14.201, 136.226.255.14, 23.196.14.7, 23.32.57.143, 10.188.8.104
HTTP_X_REAL_IP 10.188.8.104
time 6:07 pm
params state 30c07ae6b523d21238502f537c339b9c014729f4665b4b53
--- --- --- ---
--- ---
client_id paytm_client_id
client_secret paytm_client_secret
code cb08b800-47fd-41ca-81dd-305cf1002500
1 Like
3

I experience the same error using GitLab.com as oauth provider with the discourse-oauth2-basic plugin (version 0.3).

The authentication at gitlab.com succeeds, then I get back to discourse with the correct Redirect URI:
http://example.com/auth/oauth2_basic/callback?code=...&state=

The error is

NoMethodError (undefined method `downcase' for nil:NilClass) lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?' lib/final_destination/ssrf_detector.rb:81:in `any?' lib/final

and the traceback

lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:81:in `any?'
lib/final_destination/ssrf_detector.rb:81:in `host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:100:in `lookup_and_filter_ips'
lib/final_destination/http.rb:13:in `connect'
/usr/local/lib/ruby/3.2.0/net/http.rb:1248:in `do_start'
/usr/local/lib/ruby/3.2.0/net/http.rb:1237:in `start'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:112:in `request_with_wrapped_block'

faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:102:in `perform_request'

faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:66:in `block in call'

faraday (2.7.5) lib/faraday/adapter.rb:45:in `connection'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:65:in `call'

faraday (2.7.5) lib/faraday/rack_builder.rb:153:in `build_response'
faraday (2.7.5) lib/faraday/connection.rb:444:in `run_request'
plugins/discourse-oauth2-basic/plugin.rb:231:in `fetch_user_details'
plugins/discourse-oauth2-basic/plugin.rb:278:in `after_authenticate'
app/controllers/users/omniauth_callbacks_controller.rb:37:in `complete'
actionpack (7.0.4.3) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
actionpack (7.0.4.3) lib/abstract_controller/base.rb:215:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/rendering.rb:53:in `process_action'
actionpack (7.0.4.3) lib/abstract_controller/callbacks.rb:234:in `block in process_action'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:118:in `block in run_callbacks'
app/controllers/application_controller.rb:418:in `block in with_resolved_locale'
i18n (1.14.1) lib/i18n.rb:322:in `with_locale'
app/controllers/application_controller.rb:418:in `with_resolved_locale'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:127:in `block in run_callbacks'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:138:in `run_callbacks'
actionpack (7.0.4.3) lib/abstract_controller/callbacks.rb:233:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/rescue.rb:22:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/instrumentation.rb:67:in `block in process_action'
activesupport (7.0.4.3) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.0.4.3) lib/active_support/notifications/instrumenter.rb:24:in `instrument'
activesupport (7.0.4.3) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.0.4.3) lib/action_controller/metal/instrumentation.rb:66:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/params_wrapper.rb:259:in `process_action'
activerecord (7.0.4.3) lib/active_record/railties/controller_runtime.rb:27:in `process_action'
actionpack (7.0.4.3) lib/abstract_controller/base.rb:151:in `process'
actionview (7.0.4.3) lib/action_view/rendering.rb:39:in `process'
rack-mini-profiler (3.1.0) lib/mini_profiler/profiling_methods.rb:85:in `block in profile_method'

actionpack (7.0.4.3) lib/action_controller/metal.rb:188:in `dispatch'
actionpack (7.0.4.3) lib/action_controller/metal.rb:251:in `dispatch'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:50:in `block in serve'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:32:in `each'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:852:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:420:in `call_app!'
omniauth (1.9.2) lib/omniauth/strategy.rb:373:in `callback_phase'
omniauth-oauth2 (1.7.3) lib/omniauth/strategies/oauth2.rb:93:in `callback_phase'

omniauth (1.9.2) lib/omniauth/strategy.rb:238:in `callback_call'
omniauth (1.9.2) lib/omniauth/strategy.rb:189:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/builder.rb:45:in `call'
lib/middleware/omniauth_bypass_middleware.rb:53:in `call'
rack (2.2.7) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.7) lib/rack/conditional_get.rb:27:in `call'
rack (2.2.7) lib/rack/head.rb:12:in `call'
actionpack (7.0.4.3) lib/action_dispatch/http/permissions_policy.rb:38:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:369:in `call'
rack (2.2.7) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.7) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:99:in `run_callbacks'
actionpack (7.0.4.3) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/debug_exceptions.rb:28:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/show_exceptions.rb:26:in `call'
logster (2.12.2) lib/logster/middleware/reporter.rb:43:in `call'
railties (7.0.4.3) lib/rails/rack/logger.rb:40:in `call_app'
railties (7.0.4.3) lib/rails/rack/logger.rb:27:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/remote_ip.rb:93:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/request_id.rb:26:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
rack (2.2.7) lib/rack/method_override.rb:24:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/executor.rb:14:in `call'
rack (2.2.7) lib/rack/sendfile.rb:110:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/host_authorization.rb:131:in `call'
rack-mini-profiler (3.1.0) lib/mini_profiler.rb:260:in `call'
message_bus (4.3.2) lib/message_bus/rack/middleware.rb:60:in `call'
lib/middleware/request_tracker.rb:228:in `call'
railties (7.0.4.3) lib/rails/engine.rb:530:in `call'
railties (7.0.4.3) lib/rails/railtie.rb:226:in `public_send'
railties (7.0.4.3) lib/rails/railtie.rb:226:in `method_missing'
rack (2.2.7) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.7) lib/rack/urlmap.rb:58:in `each'
rack (2.2.7) lib/rack/urlmap.rb:58:in `call'
unicorn (6.1.0) lib/unicorn/http_server.rb:634:in `process_client'
unicorn (6.1.0) lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn (6.1.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn (6.1.0) lib/unicorn/http_server.rb:143:in `start'
unicorn (6.1.0) bin/unicorn:128:in `<top (required)>'
vendor/bundle/ruby/3.2.0/bin/unicorn:25:in `load'
vendor/bundle/ruby/3.2.0/bin/unicorn:25:in `<main>'

Any hint is appreciated

4

Any update on this, please let me know. i’m also facing same issue