For anyone else experiencing this error, I fixed it by filling in the sso provider secrets setting for the client domain name:
In the Discourse code, when this secret is not set, the call to OpenSSL::HMAC.hexdigest fails with the following error in the logs:
TypeError (no implicit conversion of nil into String) /var/www/discourse/lib/single_sign_on.rb:114:in `hexdigest’
Here is the relevant code path:
- https://github.com/discourse/discourse/blob/f3643176/lib/single_sign_on_provider.rb#L21-L34
- https://github.com/discourse/discourse/blob/f3643176/lib/single_sign_on.rb#L69
- https://github.com/discourse/discourse/blob/f3643176/lib/single_sign_on.rb#L112
This error message should definitely be improved! Edit: and it has been - see Confusing/unpolished error message when using Discourse as SSO provider