I have no experience with Discourse plug-ins so I’m guessing a bit here …
Is the potential solution that the NONCE expiration that is currently hardcoded to 10.minutes in single_sign_on.rb (see file on git for others reading this) could be overridden by a plug-in?
If so, reading this topic it appears that would be pretty trivial. Just changes to the following three plug in files - config/settings.yml, config/locales/server.en.yml, and plugin.rb.
If I chose to not surface this in the admin UI (I likely would), could I just provide the updated value in
plugin.rb?
Chris