Imported user unable to log in if no SSO details in Discourse

If a user who was imported and does not have an external ID in Discourse tries to log in to Discourse for the first time since importing he will get the There is a problem with your account. Please contact the site’s administrator error message.

This happens even though the user has the same email address in WP and Discourse. I know this used to work before, so there must have been a change in the WP plugin or Discourse SSO that I missed?

I have Match Users by Email Address selected in WP.

This example user has an external_id: 1002 noted in the log below, but no Single Sign On section in the Admin.

SSO log:

Message
Verbose SSO log: Record was invalid: User 
{:primary_email=>"has already been taken"}

Attributes:
{"admin"=>false, "moderator"=>false, "locale"=>nil, "name"=>"Example User", "title"=>nil, "username"=>"ExampleUser1"}

SSO Diagnostics:
add_groups: 
admin: 
moderator: 
avatar_force_update: true
avatar_url: https://secure.gravatar.com/avatar/4c0f43e6d0d1xxxxxxx1ef5d30459bf1?s=96&d=404&r=g
bio: 
card_background_url: 
email: example.user5656@gmail.invalid
external_id: 1002
groups: 
locale: 
locale_force_update: 
name: Example User
nonce: 0c10590a43f6f0ca34325b9d6e20afa1
profile_background_url: 
remove_groups: 
require_activation: true
return_sso_url: 
suppress_welcome_message: 
title: 
username: ExampleUser
website: 
Backtrace
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/logster-2.1.2/lib/logster/logger.rb:110:in `report_to_store'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/logster-2.1.2/lib/logster/logger.rb:101:in `add_with_opts'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/logster-2.1.2/lib/logster/logger.rb:52:in `add'
/usr/local/lib/ruby/2.5.0/logger.rb:536:in `warn'
/var/www/discourse/app/controllers/session_controller.rb:198:in `rescue in sso_login'
/var/www/discourse/app/controllers/session_controller.rb:143:in `sso_login'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/abstract_controller/base.rb:194:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/rendering.rb:30:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/abstract_controller/callbacks.rb:42:in `block in process_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:132:in `run_callbacks'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/abstract_controller/callbacks.rb:41:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/rescue.rb:22:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:34:in `block in process_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/notifications.rb:168:in `block in instrument'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/notifications/instrumenter.rb:23:in `instrument'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/notifications.rb:168:in `instrument'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:32:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/params_wrapper.rb:256:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/activerecord-5.2.2.1/lib/active_record/railties/controller_runtime.rb:24:in `process_action'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/abstract_controller/base.rb:134:in `process'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionview-5.2.2.1/lib/action_view/rendering.rb:32:in `process'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-mini-profiler-1.0.2/lib/mini_profiler/profiling_methods.rb:78:in `block in profile_method'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal.rb:191:in `dispatch'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal.rb:252:in `dispatch'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/routing/route_set.rb:52:in `dispatch'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/routing/route_set.rb:34:in `serve'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/journey/router.rb:52:in `block in serve'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/journey/router.rb:35:in `each'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/journey/router.rb:35:in `serve'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/routing/route_set.rb:840:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-protection-2.0.5/lib/rack/protection/frame_options.rb:31:in `call'
/var/www/discourse/lib/middleware/omniauth_bypass_middleware.rb:32:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/tempfile_reaper.rb:15:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/conditional_get.rb:25:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/head.rb:12:in `call'
/var/www/discourse/lib/content_security_policy/middleware.rb:12:in `call'
/var/www/discourse/lib/middleware/anonymous_cache.rb:214:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/session/abstract/id.rb:232:in `context'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/session/abstract/id.rb:226:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/cookies.rb:670:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:98:in `run_callbacks'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/callbacks.rb:26:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/debug_exceptions.rb:61:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/logster-2.1.2/lib/logster/middleware/reporter.rb:30:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/railties-5.2.2.1/lib/rails/rack/logger.rb:38:in `call_app'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/railties-5.2.2.1/lib/rails/rack/logger.rb:28:in `call'
/var/www/discourse/config/initializers/100-quiet_logger.rb:16:in `call'
/var/www/discourse/config/initializers/100-silence_logger.rb:29:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/request_id.rb:27:in `call'
/var/www/discourse/lib/middleware/enforce_hostname.rb:17:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/method_override.rb:22:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/executor.rb:14:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/sendfile.rb:111:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-mini-profiler-1.0.2/lib/mini_profiler/profiler.rb:171:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/message_bus-2.2.0/lib/message_bus/rack/middleware.rb:57:in `call'
/var/www/discourse/lib/middleware/request_tracker.rb:163:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/railties-5.2.2.1/lib/rails/engine.rb:524:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/railties-5.2.2.1/lib/rails/railtie.rb:190:in `public_send'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/railties-5.2.2.1/lib/rails/railtie.rb:190:in `method_missing'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/urlmap.rb:68:in `block in call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/urlmap.rb:53:in `each'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/rack-2.0.6/lib/rack/urlmap.rb:53:in `call'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/unicorn-5.4.1/lib/unicorn/http_server.rb:606:in `process_client'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/unicorn-5.4.1/lib/unicorn/http_server.rb:701:in `worker_loop'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/unicorn-5.4.1/lib/unicorn/http_server.rb:549:in `spawn_missing_workers'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/unicorn-5.4.1/lib/unicorn/http_server.rb:142:in `start'
/var/www/discourse/vendor/bundle/ruby/2.5.0/gems/unicorn-5.4.1/bin/unicorn:126:in `<top (required)>'
/var/www/discourse/vendor/bundle/ruby/2.5.0/bin/unicorn:23:in `load'
/var/www/discourse/vendor/bundle/ruby/2.5.0/bin/unicorn:23:in `<main>'
Env
hostname	gaoa-discourse-app
process_id	2096
application_version	d2a7f29595786376a3010cb7e320d66f5b8d60ef
HTTP_HOST	forum.glasair-owners.com
REQUEST_URI	/session/sso_login?sso=ZXh0ZXJuYWxfaWQ9MTAwMiZ1c2VybmFtZT1DcmFpZ0VsbGlzb24mZW1haWw9Y3JhaWcuZWxsaXNvbjU2NTYlNDBnbWFpbC5jb20mcmVxdWlyZV9hY3RpdmF0aW9uPXRydWUmbmFtZT1DcmFpZytFbGxpc29uJmJpbz0mYXZhdGFyX3VybD1odHRwcyUzQSUyRiUyRnNlY3VyZS5ncmF2YXRhci5jb20lMkZhdmF0YXIlMkY0YzBmNDNlNmQwZDEyNmYyNGMyMWVmNWQzMDQ1OWJmMSUzRnMlM0Q5NiUyNmQlM0Q0MDQlMjZyJTNEZyZhdmF0YXJfZm9yY2VfdXBkYXRlPXRydWUmbm9uY2U9MGMxMDU5MGE0M2Y2ZjBjYTM0MzI1YjlkNmUyMGFmYTE%3D&sig=e3b7ee1eac9b351c45fb691955d0a04117282d72d14d4f075acb4c0b6eb245a9
REQUEST_METHOD	GET
HTTP_USER_AGENT	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15
HTTP_ACCEPT	text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_REFERER	https://glasair-owners.com/directory/?ps&pn=8&limit=16
HTTP_X_FORWARDED_FOR	172.76.xx.xx
HTTP_X_REAL_IP	172.76.xx.xx
params	
sso	ZXh0ZXJuYWxfaWQ9MTAwMiZ1c2VybmFtZT1DcmFpZ0VsbGlzb24mZW1haWw9Y3JhaWcuZWxsaXNvbjU2NTYlNDBnbWFpbC5jb20mc
sig	e3b7ee1eac9b351c45fb691955d0a04117282d72d14d4f075acb4c0b6eb245a9
2 Likes

Discourse has changed the way it deals with users when the SSO parameter require_activation is set to true. When that parameter is set, Discourse will no longer match existing users to new users by their email address.

You are going to have to manually create an SSO record for this user through the rails console. Based off the values in your logs, you can create the record like this:

First, get the user’s Discourse id:

User.find_by_email('example.user5656@gmail.invalid').id

Substitiute that id for <user-id> in the command below. The last_payload is intentionally set to an empty string:

SingleSignOnRecord.create(user_id: <user-id> , external_id: 1002 , external_email: 'example.user5656@gmail.invalid', last_payload: '')

The user should now be able to login.

3 Likes

Ah! So I should be able to set require_activation to false and eliminate the issue, right?

add_filter( 'discourse_email_verification', 'gaoa_wp_discourse_email_verification' );
function gaoa_wp_discourse_email_verification( $require_activation ) {
    return false;
}
1 Like

Yes, that should solve the problem. If you only want to disable email verification for a particular user, you can call the filter with it’s second parameter to get access to the WordPress user:

add_filter( 'discourse_email_verification', 'gaoa_wp_discourse_email_verification', 10, 2 );
function gaoa_wp_discourse_email_verification( $require_activation, $user ) {
    if ( 'example.user5656@gmail.invalid' === $user->user_email ) {
        return false;
    }

    return $require_activation;
}
3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.