I have setup discourse in my local machine and wanted to setup SSO login I can redirect the user when it clicks on login but when I get redirected I am continuously getting errors, I enabled logging also and it says Nonce is incorrect, was generated in a different browser session, or has expired
Below is the python file which I’m using: Discourse-setup/main.py at main · kamleshjoshi8102/Discourse-setup · GitHub
Also Please note in my case it’s running on port 4201 so I have redirected to port 4201 on login
def nonce_valid?
if SiteSetting.discourse_connect_csrf_protection
nonce && @secure_session[nonce_key].present?
else
nonce && Discourse.cache.read(nonce_key).present?
end
end
It’s checking that the nonce was generated by Discourse for the same session as as the one that redirects the user back to Discourse.
You could try setting the discourse_connect_csrf_protection site setting to false. Its default value is true. It’s a hidden site setting, so it can only be disabled from the Rails console.
When enabled, the discourse_connect_csrf_protection setting ensures that the entire SSO authentication process occurs through browser redirects. If you are starting the authentication process by making a background request to session/sso, you will need to disable it. More details here: DiscourseConnect flow no longer functions - #5 by david.