SSO incorrect nonce

Rikatemu · June 3, 2022, 10:48am

Hello,

I have a problem integrating the Discourse Connect SSO solution.
Everything is up and running and all of the data I encode and decode seem correct.

The problem is that when I try to login I get a login error

Account login timed out, please try logging in again.

and on the /logs page I can see

Nonce is incorrect, was generated in a different browser session, or has expired

Weirdly when I start the SSO process the /logs page shows this nonce

nonce: 5bfe777da39abd9199ef213453975310

but in the redirect URL that leads to my login page the sso parameter is

bm9uY2U9NzE1ZDE5MDM3YTUzZDY0ZDY4NTU3YjIyMzVmYmE4NzEmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZmb3J1bXMucGxheXJlc3BhcmsuY29tJTJGc2Vzc2lvbiUyRnNzb19sb2dpbg%3D%3D

which after decoding shows this nonce

nonce=715d19037a53d64d68557b2235fba871

therefore the nonce doesn’t match in the final payload.

Is this a bug or am I doing something wrong ?

Currently we are using the latest 2.9.0.beta4 version.

Jack_Bransfield · October 18, 2022, 1:11pm

I currently have this exact same problem, did you come to any sort of resolution?

LeBlanc · April 25, 2023, 10:10am

I currently have this exact same problem

LeBlanc · April 26, 2023, 5:08pm

i found if close force_https can resolve this problem

LeBlanc · April 26, 2023, 5:50pm

I solved this problem . Because i use a proxies， but not add header ：X-Forwarded-Proto . When I add this Header the problem was solved .

https://meta.discourse.org/t/403-error-when-changing-any-settings-after-enabling-force-https-with-proxy/132246/4

Topic		Replies	Views
I have a react app, and I want to implement the SSO feature. But I always get a nonce error Dev sso	0	408	June 23, 2023
Connect SSO: Login Error sso_login SSO	4	318	June 25, 2024
SSO stopped working after upgrade to 2.6.2 (from 2.5.1) Support	4	696	February 23, 2021
Implementing SSO, nonce immediately expires Support	3	2000	June 8, 2024
Invalid nonce error SSO	8	2431	March 19, 2018

SSO incorrect nonce

Related topics