OAuth signup results in blank screen


(Bas van Leeuwen) #1

We’re experiencing an issue where the sign up flow breaks.

Flow:

Expected
The popup window closes and the sign up modal is pre-filled

Actual
The popup window closes, nothing happens, the screen keeps a black overlay

Here is the console:

Interestingly enough, if you initiate the sign up by clicking the Log In button and following the Oauth route, everything works fine.

This seems to happen sporadically with different users, on different networks, with different browsers.
I personally can reproduce in Safari for mac and Chrome, with both an ordinary Gmail account and a corporate Google Mail one.

We have must approve users and login_required both set, but the issue also occurs when those options are disabled.

If anyone has a good idea on how to start debugging this, that would be appreciated.


(Jeff Atwood) #2

Do you have any Adblock or other browser plugins that could be interfering? Have you tried in a different browser, one you do not normally use?


(Michael Brown) #3

Also, a great place to start is with the /logs path on the site while logged in as an admin.


(Bas van Leeuwen) #4

I do have them in my default browser, I do not have them in Chrome.

I have no idea why I didn’t check there :-/
Just cleared the logs and tried again, they remain empty.
(note: we’re running on Discoursehosting’s multisite setup; I don’t have direct access to the “mother” logs, but they shouldn’t contain anything about this).


(Richard - DiscourseHosting.com) #5

All we see in the logs is the happy flow

image

I’m wondering what access_type=offline means.


(Michael Brown) #6

Can you paste and redact the text logs? Make sure you get enough, above we see two requests and one response. Also things are cut off that may be important. (code="4)

What Discourse version? Any plugins?

Are there some accounts where it always works and some where it always fails?


(Richard - DiscourseHosting.com) #7

There is nothing missing from the logs, I guess the /auth/google_oauth2 call is just redirecting and not logging anything about that. Every call to the oauth2 endpoint has exactly these logs (only IP addresses, timestamps and parameters differ)

The 4. was cut off on purpose, it made the image unnecessary wide and I would have redacted it anyway.
Which parameters do you need to be excluded from redaction?

Discourse v1.9.4, quite some plugins, some bespoke. But nothing that could account for these issues, as far as I can tell.

discourse-adsense
discourse-akismet
discourse-bb-algolis
discourse-bb-docs
discourse-bb-instantsearch
discourse-bb-static-pages
discourse-bb-theme
discourse-data-explorer
discourse-details
discourse-migratepassword
discourse-narrative-bot
discourse-nginx-performance-report
discourse-patreon
discourse-plugin-linkedin-auth
discourse-presence
discourse-sitemap
discourse-slack-official
discourse-solved
discourse-spoiler-alert
discourse-staff-notes
lazyYT
poll