Hi Guys,
I’m trying to add Paytm OAuth to my Discourse forum using the discourse-oauth2-basic plugin, but I’m having trouble getting it to work. I followed the instructions in the plugin’s readme file, but when I try to log in with Paytm, I get an error message saying “Authorization timed out, or you have switched browsers. Please try again.”
I’m not sure why it isn’t working.
Any help would be greatly appreciated!
Below is the error I found in discourse log:
Error:
*Message*
*(oauth2_basic) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected*
*Backtrace*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:87:in `callback_phase'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'*
*Env*
*HTTP HOSTS: devforum.paytm.in*
hostname
devforum-app
process_id
148
application_version
2d46824a87f2104b307abd76dbb2ec2b0f2df4a0
HTTP_HOST
devforum.paytm.in
REQUEST_URI
/auth/oauth2_basic/callback
REQUEST_METHOD
GET
HTTP_USER_AGENT
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36
HTTP_ACCEPT
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/ ;q=0.8,application/signed-exchange;v=b3;q=0.7
HTTP_REFERER
https://paytm.com/
HTTP_X_FORWARDED_FOR
103.181.14.201, 136.226.233.15, 23.212.253.68, 104.124.54.30, 10.188.8.126
HTTP_X_REAL_IP
10.188.8.126
time
9:50 am
1 Like
Now after checking and fixing response parameter now I am getting below error:
Message
NoMethodError (undefined method `downcase' for nil:NilClass)
lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:81:in `any?'
lib/final_destination/ssrf_detector.rb:81:in `host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:100:in `lookup_and_filter_ips'
lib/final_destination/http.rb:13:in `connect'
lib/middleware/omniauth_bypass_middleware.rb:53:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:367:in `call'
config/initializers/008-rack-cors.rb:24:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
lib/middleware/request_tracker.rb:228:in `call'
Backtrace
lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:81:in `any?'
lib/final_destination/ssrf_detector.rb:81:in `host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:100:in `lookup_and_filter_ips'
lib/final_destination/http.rb:13:in `connect'
/usr/local/lib/ruby/3.2.0/net/http.rb:1248:in `do_start'
/usr/local/lib/ruby/3.2.0/net/http.rb:1237:in `start'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:112:in `request_with_wrapped_block'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:102:in `perform_request'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:66:in `block in call'
hostname devforum-app
process_id 150
application_version 91c5658e9baaab0df581f53ab56dc784b152d5ec
HTTP_HOST [devforum.paytm.in](http://devforum.paytm.in/)
REQUEST_METHOD GET
HTTP_USER_AGENT Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/[112.0.0.0](http://112.0.0.0/) Safari/537.36
HTTP_ACCEPT text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
HTTP_REFERER https://paytm.com/
HTTP_X_FORWARDED_FOR 103.181.14.201, 136.226.255.14, 23.196.14.7, 23.32.57.143, 10.188.8.104
HTTP_X_REAL_IP 10.188.8.104
time 6:07 pm
params state 30c07ae6b523d21238502f537c339b9c014729f4665b4b53
--- --- --- ---
--- ---
client_id paytm_client_id
client_secret paytm_client_secret
code cb08b800-47fd-41ca-81dd-305cf1002500
1 Like
sebix1
(sebix)
June 7, 2023, 6:04pm
3
I experience the same error using GitLab.com as oauth provider with the discourse-oauth2-basic plugin (version 0.3).
The authentication at gitlab.com succeeds, then I get back to discourse with the correct Redirect URI:
http://example.com/auth/oauth2_basic/callback?code=...&state= …
The error is
NoMethodError (undefined method `downcase' for nil:NilClass) lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?' lib/final_destination/ssrf_detector.rb:81:in `any?' lib/final
and the traceback
lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:81:in `any?'
lib/final_destination/ssrf_detector.rb:81:in `host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:100:in `lookup_and_filter_ips'
lib/final_destination/http.rb:13:in `connect'
/usr/local/lib/ruby/3.2.0/net/http.rb:1248:in `do_start'
/usr/local/lib/ruby/3.2.0/net/http.rb:1237:in `start'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:112:in `request_with_wrapped_block'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:102:in `perform_request'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:66:in `block in call'
faraday (2.7.5) lib/faraday/adapter.rb:45:in `connection'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:65:in `call'
faraday (2.7.5) lib/faraday/rack_builder.rb:153:in `build_response'
faraday (2.7.5) lib/faraday/connection.rb:444:in `run_request'
plugins/discourse-oauth2-basic/plugin.rb:231:in `fetch_user_details'
plugins/discourse-oauth2-basic/plugin.rb:278:in `after_authenticate'
app/controllers/users/omniauth_callbacks_controller.rb:37:in `complete'
actionpack (7.0.4.3) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
actionpack (7.0.4.3) lib/abstract_controller/base.rb:215:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/rendering.rb:53:in `process_action'
actionpack (7.0.4.3) lib/abstract_controller/callbacks.rb:234:in `block in process_action'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:118:in `block in run_callbacks'
app/controllers/application_controller.rb:418:in `block in with_resolved_locale'
i18n (1.14.1) lib/i18n.rb:322:in `with_locale'
app/controllers/application_controller.rb:418:in `with_resolved_locale'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:127:in `block in run_callbacks'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:138:in `run_callbacks'
actionpack (7.0.4.3) lib/abstract_controller/callbacks.rb:233:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/rescue.rb:22:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/instrumentation.rb:67:in `block in process_action'
activesupport (7.0.4.3) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.0.4.3) lib/active_support/notifications/instrumenter.rb:24:in `instrument'
activesupport (7.0.4.3) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.0.4.3) lib/action_controller/metal/instrumentation.rb:66:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/params_wrapper.rb:259:in `process_action'
activerecord (7.0.4.3) lib/active_record/railties/controller_runtime.rb:27:in `process_action'
actionpack (7.0.4.3) lib/abstract_controller/base.rb:151:in `process'
actionview (7.0.4.3) lib/action_view/rendering.rb:39:in `process'
rack-mini-profiler (3.1.0) lib/mini_profiler/profiling_methods.rb:85:in `block in profile_method'
actionpack (7.0.4.3) lib/action_controller/metal.rb:188:in `dispatch'
actionpack (7.0.4.3) lib/action_controller/metal.rb:251:in `dispatch'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:50:in `block in serve'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:32:in `each'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:852:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:420:in `call_app!'
omniauth (1.9.2) lib/omniauth/strategy.rb:373:in `callback_phase'
omniauth-oauth2 (1.7.3) lib/omniauth/strategies/oauth2.rb:93:in `callback_phase'
omniauth (1.9.2) lib/omniauth/strategy.rb:238:in `callback_call'
omniauth (1.9.2) lib/omniauth/strategy.rb:189:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/builder.rb:45:in `call'
lib/middleware/omniauth_bypass_middleware.rb:53:in `call'
rack (2.2.7) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.7) lib/rack/conditional_get.rb:27:in `call'
rack (2.2.7) lib/rack/head.rb:12:in `call'
actionpack (7.0.4.3) lib/action_dispatch/http/permissions_policy.rb:38:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:369:in `call'
rack (2.2.7) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.7) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:99:in `run_callbacks'
actionpack (7.0.4.3) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/debug_exceptions.rb:28:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/show_exceptions.rb:26:in `call'
logster (2.12.2) lib/logster/middleware/reporter.rb:43:in `call'
railties (7.0.4.3) lib/rails/rack/logger.rb:40:in `call_app'
railties (7.0.4.3) lib/rails/rack/logger.rb:27:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/remote_ip.rb:93:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/request_id.rb:26:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
rack (2.2.7) lib/rack/method_override.rb:24:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/executor.rb:14:in `call'
rack (2.2.7) lib/rack/sendfile.rb:110:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/host_authorization.rb:131:in `call'
rack-mini-profiler (3.1.0) lib/mini_profiler.rb:260:in `call'
message_bus (4.3.2) lib/message_bus/rack/middleware.rb:60:in `call'
lib/middleware/request_tracker.rb:228:in `call'
railties (7.0.4.3) lib/rails/engine.rb:530:in `call'
railties (7.0.4.3) lib/rails/railtie.rb:226:in `public_send'
railties (7.0.4.3) lib/rails/railtie.rb:226:in `method_missing'
rack (2.2.7) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.7) lib/rack/urlmap.rb:58:in `each'
rack (2.2.7) lib/rack/urlmap.rb:58:in `call'
unicorn (6.1.0) lib/unicorn/http_server.rb:634:in `process_client'
unicorn (6.1.0) lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn (6.1.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn (6.1.0) lib/unicorn/http_server.rb:143:in `start'
unicorn (6.1.0) bin/unicorn:128:in `<top (required)>'
vendor/bundle/ruby/3.2.0/bin/unicorn:25:in `load'
vendor/bundle/ruby/3.2.0/bin/unicorn:25:in `<main>'
Any hint is appreciated
Any update on this, please let me know. i’m also facing same issue