Imported Discourse -> Wordpress Users Get Error

(Justin DiRose) #1

I’m working on setting up SSO on my community at where my Wordpress site at is set as the SSO provider. Everything appears to be working correctly for new user signups and for users who sign up for a Wordpress account manually. However, for imported users, I’m getting this error in the Discourse logs:

Verbose SSO log: Record was invalid: User 
{:primary_email=>"has already been taken"}

{"admin"=>false, "moderator"=>false, "locale"=>nil, "name"=>"justin_test", "title"=>nil, "username"=>"justin_test1"}

SSO Diagnostics:
avatar_force_update: false
external_id: 1216
name: justin_test
nonce: d13a1196fbea800db55411422de0721f
require_activation: true
username: justin_test

It’s true because the account already exists on the Discourse site. However from the looks of the error it is passing a new username over to Discourse with a 1 appended to it.

Wordpress debug logs don’t show anything out of the ordinary either. I’m not quite sure where to go with this one. @Simon_Cossar or others, have any suggestions?

(Simon Cossar) #2

I think you are running into a problem that’s due to some recent changes to the Discourse SSO code. If a user’s email address is not validated, Discourse is no longer matching existing users based on their email address. This is a good change, but is going to cause issues for some sites. I’ll look into finding a workaround for the issue.

To confirm that this is the problem, do you know if the users who are successfully logging into Discourse are having to respond to the Discourse activation email before they can first login?

(Justin DiRose) #3

I just created a second test user through the SSO process. No, I was not prompted to respond to the activation email before first login.

(Simon Cossar) #4

If you look at the SSO logs on Discourse for your recent login is the require_activation parameter set to false? I’m fairly sure the issue with the SSO login attempt in your initial post is that require_activation is being set to true. Whether it’s set to true or false will depend on how a user has registered on your WordPress site. Unless users are registering through the default WordPress login system, require_activation will be set to true. Maybe this is the problem with your imported users?

(Justin DiRose) #5

Yes this is the case.

It does appear that in the failed login attempts require_activation is set to true.

Is there a way to work around this?

(Simon Cossar) #6

Here’s a temporary solution that will be safe for your case if you are certain that the email addresses of your imported users are valid, and you continue to use the default WordPress login system for your new users. If you ever switch to using a front-end login system that doesn’t validate emails, you must be sure to remove this code. Try copying this function into your theme’s functions.php file:

add_filter( 'discourse_email_verification', 'wpdc_custom_email_verification' );
function wpdc_custom_email_verification() {

    return false;

Sporadic issue wp-discourse/SSO: Nonce has already expired
(Justin DiRose) #7

I think this did the trick!

Thanks a bunch, Simon.

(Jesse Perry) #8

THANK YOU - this was my issue and this fixed it