I am working with Discourse SSO authentication and running into a problem with redirects. I am able to successfully login and everything works great, until the user logs in using GitHub or Google.
What seems to be happening is our site redirects to Discourse, Discourse accepts the SSO request, allows user to select GitHub, and redirects to GitHub. The user logs in, and is redirected to Discourse, but the last redirect back to our service is never completed. Discourse forgot my encoded request to Discourse? Why would Discourse not complete the redirect back to my service after GitHub or other login via OAuth?
I believe this may be a bug, but suspect I may be missing a header.
The service is a node.js service. The service uses Express for routing. In the current setup, the user attempts to access a page that is restricted and is sent to our login page. From there, they say, click a link called “login”. That starts the SSO process and generates a URL to “/session/sso_provider”
After the user is redirected to the Discourse login, they enter their credentials, and Discourse redirects back to our service endpoint and we receive a token. This is all built into Discourse SSO.
This all works great if the user is created in Discourse. The problem arises if the discourse user account is an OAuth account linked to GitHub or other. Discourse redirects to GitHub or other provider and Github redirects back (standard OAuth behavior). Discourse fails at that point to redirect back to the service that started the SSO transaction.
Just to be clear, I am using Discourse as an SSO provider for our service. I think I failed to mention that.