For the longest time we have been using the patreon plugin with API V1 for Discourse to signin with Patreon. This is the recommended setup according to the official Discourse patreon plugin documentation: Configure Patreon integration with Discourse
However, Patreon has not supported V1 for years now. It constantly breaks, it doesn’t sync fully, and recently, it just wouldn’t work for us anymore.
The problem is when we switch to API V2 which is supported by patreon, it fails to authorize users. When users try to click on the log in with Patreon and they allow API v2 to connect to their Patreon account, they get this error:
Sorry, there was an error while trying to authorize your account with Patreon. Please try again.
And according to the official patreon plugin discourse documentation specifically states that API v2 may cause these authentications errors. Which makes v2 unusable.
Thankfully, we found a work around to get API v2 working. This solution should be added to the official documentation because right now API v1, which is what’s recommended, is completely broken.
Solution
The solution is to create a custom OAuth2. Instead of users using the login with patreon button from the patreon plugin, they will use a custom login button that we created will auth with patreon using our own oauth.
Step 1: Add these redirect URIs to Patreon.
-
https://<your_discourse_server_link>/auth/oauth2_basic/callback -
https://<your_discourse_server_link>/auth/patreon/callback
Step 2: In Discourse go to Admin > Login & Authentication > OAuth2 and configure the following:
-
oauth2_enabled: true -
oauth2_client_id:<your Patreon client id> -
oauth2_client_secret:<your Patreon client secret> -
oauth2_authorize_url:https://www.patreon.com/oauth2/authorize -
oauth2_authorize_signup_url:(leave blank) -
oauth2_token_url:https://www.patreon.com/api/oauth2/token -
oauth2_callback_user_id_path:(leave blank) -
oauth2_callback_user_info_paths:email -
oauth2_token_url_method:POST -
oauth2_callback_user_info_paths: email -
oauth2_fetch_user_details: true -
oauth2_user_json_url:https://www.patreon.com/api/oauth2/v2/identity?include=memberships&fields[user]=email,full_name,vanity -
oauth2_json_user_id_path:data.id -
oauth2_json_name_path:data.attributes.full_name -
oauth2_json_username_path:data.attributes.vanity -
oauth2_json_email_path:data.attributes.email -
oauth2_json_email_verified_path:(leave blank) -
oauth2_email_verified: true (trust provider to reduce prompts) If some patrons lack email, set this to false and expect a signup prompt. -
oauth2_email_verified:true -
oauth2_send_auth_header: true -
oauth2_send_auth_body: true -
oauth2_debug_auth:true -
oauth2_authorize_options: scope -
oauth2_scope:identity identity[email] campaigns campaigns.members -
oauth2_button_title:Login with with Patreon -
oauth2_allow_association_change: false (recommended)
Step 3: In Discourse core login controls configure the following:
-
enable sso: false -
patreon login enabled: false (prevents two Patreon buttons; keep plugin only for sync) -
allow new registrations: choose:-
true to let new patrons create accounts
-
false to allow only existing Discourse users to log in
-
-
invite only: false while testing -
must approve users: false while testing -
session_cookie_domain: (blank)
Step 4: In your Discourse yml file configure the following for networking and hosts.
-
DISCOURSE_HOSTNAMEinapp.yml:<your_discourse_server_link> -
force_https: true
Step 5: Rebuild your app to implement the changes:
cd /var/discourse
./launcher rebuild app
Result:
Now you should have your own working OAuth2 Login with Patreon Button that actually works on API v2 which properly syncs your user groups with Patreon.