您好,我正在使用 Apple 构建 Discourse 登录 API。我已经安装了插件并遵循了 Discourse Apple Authentication 的说明。在使用 Apple 帐户登录 Discourse 网站时,它工作正常。
在检查了 Apple 登录的 Web 流程后,我注意到它会重定向到 Apple 的登录页面,在成功登录后获取 Apple 生成的代码,然后重定向到:
POST {{discourse_host}}/auth/apple/callback,参数为 state:{state}, code:{code from Apple}
之后,它会重定向到 GET {{discourse_host}}/auth/apple/callback?code={{code from Apple}}&state={state},生成一个将在 Discourse API 中使用的新 cookie。
根据此流程,我期望在调用 /auth/apple/callback 后会生成一个新的 cookie。
但是,当我尝试调用 API 时,会显示错误 Authorization timed out, or you have switched browsers. Please try again.
因此,我再次尝试使用 Apple 生成的新代码,但仍然收到相同的错误。
当我检查日志时,它显示:
Started GET "/auth/apple/callback?code=c32f105b5084d42b8bd3e7051873ddb55.0.rrzxz.pChPU9zGlXIHHhgEXLiA5g&state=fbi3bbboud" for
(apple) Setup endpoint detected, running now.
(apple) Callback phase initiated.
(apple) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected
Started GET "/auth/failure?message=csrf_detected&strategy=apple" for 123.253.233.16 at 2023-11-27 06:10:28 +0000
Processing by Users::OmniauthCallbacksController#failure as HTML
Parameters: {"message"=>"csrf_detected", "strategy"=>"apple"}
Rendered users/omniauth_callbacks/failure.html.erb within layouts/no_ember (Duration: 4.1ms | Allocations: 17)
Rendered layout layouts/no_ember.html.erb (Duration: 57.5ms | Allocations: 2882)
Message (47 copies reported)
(apple) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected
Backtrace
/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'
/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'
/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:87:in `callback_phase'
/var/www/discourse/plugins/discourse-apple-auth/lib/omniauth_apple.rb:60:in `callback_phase'
/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'
/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'
/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'
/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
/var/www/discourse/vendor/bundle/ruby/3.2.0/gems/omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'
所以我想问一下,使用 Discourse Apple 登录的 API 方向是否正确,以及如何解决 csrf_detected 错误。





