SSO discourse have error at same session

Hi, I use sso to login to wordpress by discourse. I used discourse wordpress plugin
First it’s work smoothly

But when I’m in the same session (not log out), and try to go to link admin /wp-admin/, it does not redirect me to dashboard, and show this error in login form:

Expired Nonce

There is something wrong with session or cookies
This make user confused, because I use sso by google login

I think the problem you are having is caused by object caching on your server. Try adding something like the following code to your WordPress theme’s functions.php file to see if that solves the problem:

add_filter('wpdc_sso_client_query', 'wpdc_custom_sso_client_query' );
function wpdc_custom_sso_client_query() {
    return wp_generate_password( 12, false );
}

There are some details about this here: Wordpress SSO Expired nonce - #15 by simon.

It still failed with this code
Discourse is not ok with cloudflare, but I use cloudflare for my web to defend. Is it ok?

It 's ok if I delete cookies and login again, but it is confused

It stop by this link:

/wp-login.php?discourse_sso_error=expired_nonce

I think it’s not cloudflare, because this rule I set to test to bypass:

The intesting test I found is not every link of your plugin failed

This link is work normally:

/?discourse_sso=7cygqwtc8aaz&redirect_to=https%3A%2F%2Fmyweb.net%2Fmy-account

It means your parameter “7” in sso is ok

I try to redirect my link to this parameter to redirect user
You could check to resolve this by parameters of links

This link is on text “External Login Text” is worked ok

Log-In-‹-Working24-—-WordPress

Did you eventually find a solution? I have the same problem.

Try using the solution that is given here: Wordpress SSO Expired nonce - #15 by simon.

1 Like

Thanks, I applied it but the problem persists.

@Golaxo Are you also using Cloudflare?

If so, please try disabling Cloudflare entirely and check if the problem persists.

2 Likes

Thanks mate, after swearing a lot I found the problem: the Paid Membership Pro plugin made a conflict. I still need to find out how to restrict content on Wordpress for users coming from Discourse SSO but at least I see where the problem is now :slight_smile:

2 Likes