Erro ao tentar adicionar Paytm Oauth usando o plugin discourse-oauth2-basic

Olá pessoal,

Estou tentando adicionar o Paytm OAuth ao meu fórum Discourse usando o plugin discourse-oauth2-basic, mas estou tendo problemas para fazê-lo funcionar. Segui as instruções no arquivo readme do plugin, mas quando tento fazer login com o Paytm, recebo uma mensagem de erro dizendo “Autorização expirou ou você trocou de navegador. Por favor, tente novamente.”
Não tenho certeza por que não está funcionando.

Qualquer ajuda seria muito apreciada!

Abaixo está o erro que encontrei no log do Discourse:

Erro:
*Mensagem*

*(oauth2_basic) Falha na autenticação! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detectado*

*Backtrace*

*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:87:in `callback_phase'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'*
*/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'*

*Env*

*HTTP HOSTS: devforum.paytm.in*

image1920×986 33.5 KB

Agora, após verificar e corrigir o parâmetro de resposta, estou recebendo o seguinte erro:

image2878×490 179 KB

Message

NoMethodError (undefined method `downcase' for nil:NilClass)
lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:81:in `any?'
lib/final_destination/ssrf_detector.rb:81:in `host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:100:in `lookup_and_filter_ips'
lib/final_destination/http.rb:13:in `connect'
lib/middleware/omniauth_bypass_middleware.rb:53:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:367:in `call'
config/initializers/008-rack-cors.rb:24:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
lib/middleware/request_tracker.rb:228:in `call'

Backtrace

lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:81:in `any?'
lib/final_destination/ssrf_detector.rb:81:in `host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:100:in `lookup_and_filter_ips'
lib/final_destination/http.rb:13:in `connect'
/usr/local/lib/ruby/3.2.0/net/http.rb:1248:in `do_start'
/usr/local/lib/ruby/3.2.0/net/http.rb:1237:in `start'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:112:in `request_with_wrapped_block'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:102:in `perform_request'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:66:in `block in call'

hostname devforum-app
process_id 150
application_version 91c5658e9baaab0df581f53ab56dc784b152d5ec
HTTP_HOST [devforum.paytm.in](http://devforum.paytm.in/)
REQUEST_METHOD GET
HTTP_USER_AGENT Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/[112.0.0.0](http://112.0.0.0/) Safari/537.36
HTTP_ACCEPT text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
HTTP_REFERER https://paytm.com/
HTTP_X_FORWARDED_FOR 103.181.14.201, 136.226.255.14, 23.196.14.7, 23.32.57.143, 10.188.8.104
HTTP_X_REAL_IP 10.188.8.104
time 6:07 pm
params state 30c07ae6b523d21238502f537c339b9c014729f4665b4b53
--- --- --- ---
--- ---
client_id paytm_client_id
client_secret paytm_client_secret
code cb08b800-47fd-41ca-81dd-305cf1002500

Experimento o mesmo erro usando GitLab.com como provedor oauth com o plugin discourse-oauth2-basic (versão 0.3).

A autenticação no gitlab.com é bem-sucedida, então volto para o discourse com o URI de Redirecionamento correto:
http://example.com/auth/oauth2_basic/callback?code=…\u0026state=…

O erro é

NoMethodError (undefined method `downcase' for nil:NilClass) lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?' lib/final_destination/ssrf_detector.rb:81:in `any?' lib/final 

e o traceback

lib/final_destination/ssrf_detector.rb:81:in `block in host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:81:in `any?'
lib/final_destination/ssrf_detector.rb:81:in `host_bypasses_checks?'
lib/final_destination/ssrf_detector.rb:100:in `lookup_and_filter_ips'
lib/final_destination/http.rb:13:in `connect'
/usr/local/lib/ruby/3.2.0/net/http.rb:1248:in `do_start'
/usr/local/lib/ruby/3.2.0/net/http.rb:1237:in `start'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:112:in `request_with_wrapped_block'

faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:102:in `perform_request'

faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:66:in `block in call'

faraday (2.7.5) lib/faraday/adapter.rb:45:in `connection'
faraday-net_http (3.0.2) lib/faraday/adapter/net_http.rb:65:in `call'

faraday (2.7.5) lib/faraday/rack_builder.rb:153:in `build_response'
faraday (2.7.5) lib/faraday/connection.rb:444:in `run_request'
plugins/discourse-oauth2-basic/plugin.rb:231:in `fetch_user_details'
plugins/discourse-oauth2-basic/plugin.rb:278:in `after_authenticate'
app/controllers/users/omniauth_callbacks_controller.rb:37:in `complete'
actionpack (7.0.4.3) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
actionpack (7.0.4.3) lib/abstract_controller/base.rb:215:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/rendering.rb:53:in `process_action'
actionpack (7.0.4.3) lib/abstract_controller/callbacks.rb:234:in `block in process_action'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:118:in `block in run_callbacks'
app/controllers/application_controller.rb:418:in `block in with_resolved_locale'
i18n (1.14.1) lib/i18n.rb:322:in `with_locale'
app/controllers/application_controller.rb:418:in `with_resolved_locale'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:127:in `block in run_callbacks'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:138:in `run_callbacks'
actionpack (7.0.4.3) lib/abstract_controller/callbacks.rb:233:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/rescue.rb:22:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/instrumentation.rb:67:in `block in process_action'
activesupport (7.0.4.3) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.0.4.3) lib/active_support/notifications/instrumenter.rb:24:in `instrument'
activesupport (7.0.4.3) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.0.4.3) lib/action_controller/metal/instrumentation.rb:66:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/params_wrapper.rb:259:in `process_action'
activerecord (7.0.4.3) lib/active_record/railties/controller_runtime.rb:27:in `process_action'
actionpack (7.0.4.3) lib/abstract_controller/base.rb:151:in `process'
actionview (7.0.4.3) lib/action_view/rendering.rb:39:in `process'
rack-mini-profiler (3.1.0) lib/mini_profiler/profiling_methods.rb:85:in `block in profile_method'

actionpack (7.0.4.3) lib/action_controller/metal.rb:188:in `dispatch'
actionpack (7.0.4.3) lib/action_controller/metal.rb:251:in `dispatch'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:50:in `block in serve'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:32:in `each'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:852:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:420:in `call_app!'
omniauth (1.9.2) lib/omniauth/strategy.rb:373:in `callback_phase'
omniauth-oauth2 (1.7.3) lib/omniauth/strategies/oauth2.rb:93:in `callback_phase'

omniauth (1.9.2) lib/omniauth/strategy.rb:238:in `callback_call'
omniauth (1.9.2) lib/omniauth/strategy.rb:189:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/strategy.rb:192:in `call!'
omniauth (1.9.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (1.9.2) lib/omniauth/builder.rb:45:in `call'
lib/middleware/omniauth_bypass_middleware.rb:53:in `call'
rack (2.2.7) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.7) lib/rack/conditional_get.rb:27:in `call'
rack (2.2.7) lib/rack/head.rb:12:in `call'
actionpack (7.0.4.3) lib/action_dispatch/http/permissions_policy.rb:38:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:369:in `call'
rack (2.2.7) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.7) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:99:in `run_callbacks'
actionpack (7.0.4.3) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/debug_exceptions.rb:28:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/show_exceptions.rb:26:in `call'
logster (2.12.2) lib/logster/middleware/reporter.rb:43:in `call'
railties (7.0.4.3) lib/rails/rack/logger.rb:40:in `call_app'
railties (7.0.4.3) lib/rails/rack/logger.rb:27:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/remote_ip.rb:93:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/request_id.rb:26:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
rack (2.2.7) lib/rack/method_override.rb:24:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/executor.rb:14:in `call'
rack (2.2.7) lib/rack/sendfile.rb:110:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/host_authorization.rb:131:in `call'
rack-mini-profiler (3.1.0) lib/mini_profiler.rb:260:in `call'
message_bus (4.3.2) lib/message_bus/rack/middleware.rb:60:in `call'
lib/middleware/request_tracker.rb:228:in `call'
railties (7.0.4.3) lib/rails/engine.rb:530:in `call'
railties (7.0.4.3) lib/rails/railtie.rb:226:in `public_send'
railties (7.0.4.3) lib/rails/railtie.rb:226:in `method_missing'
rack (2.2.7) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.7) lib/rack/urlmap.rb:58:in `each'
rack (2.2.7) lib/rack/urlmap.rb:58:in `call'
unicorn (6.1.0) lib/unicorn/http_server.rb:634:in `process_client'
unicorn (6.1.0) lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn (6.1.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn (6.1.0) lib/unicorn/http_server.rb:143:in `start'
unicorn (6.1.0) bin/unicorn:128:in `<top (required)>'
vendor/bundle/ruby/3.2.0/bin/unicorn:25:in `load'
vendor/bundle/ruby/3.2.0/bin/unicorn:25:in `<main>'

Qualquer dica é apreciada

Alguma atualização sobre isso, por favor me avise. Eu também estou enfrentando o mesmo problema