I just setup SSO on my discourse forum that I deployed through docker using the latest “stable” version (1.5). To clarify, I have my own SSO service that I am using to log into discourse. I am not using Discourse as an SSO provider. I used the cviebrock/discourse-php PHP package in order to develop the SSO service to work with discourse.
Whenever I hit login, everything redirects okay, but I land on the discourse forum with the message:
There is a problem with your account. Please contact the site’s administrator.
I tested messing with the signature or the sso and if I do that I get a blank page. I also tested plugging in an incorrect secret and got a different error message.
Has anyone else received this error message and know what I should do? Are there logs anywhere I can get more detailed information from?
If the email is actually there (and not blank), perhaps that email address has been banned or blacklisted. Check your site settings and admin, logs, screened emails.
Hi,
I found another wierd behavior to get this error. And it is very annoying. Documentation sais that the SSO has to urlEncode the values of the unsigned payload.
Ok, for example I map the value of user.name:
Single string. Works fine
String with ONE space. It can either be encoded with a + or %20 (both are valid urlEncodings). Works fine
String with TWO or MORE spaces. When they are encoded with a +, ERROR. With %20 works fine.
One space encoded with a ‘+’ works but several ‘+’ don’t? And the logs do not raise any error about this.
I think this is worth mentioning in the SSO documentation.