User (patron) getting authorization error message

A longtime user started being unable to access Discourse. She’s tried several devices, cleared her cache and is in good standing with Patreon. The error message reads “Sorry, there was an error authorizing you’re account. Perhaps you did not approve authorization?”

Is there something I can do on my side to assist?

Please ask your user to login again, but before you should enable the site setting patreon verbose log, then you should report here the error you will find on /admin/logs (if there is the error)

ive had the same problem. The problem goes away when on desktop, however mobile throws this error every time

(patreon) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected

is the error when trying to login via mobile, even if logged in thru desktop. Its almost like its detecting ip spoofing or proxies. This only started happening when I upgraded to business plan, and some people have always had this issue on mobile. so its good we figure this out

I can login with my android phone without problem. Try the login in incognito mode and be sure to use the HTTPS version of your domain

again, did it no dice. Some people have no issues, a lot of mobile users that are logging in with patreon are having the issue

here is a video of all incognito

So the problem is not on android devices but is on iPhone, iPad and Apple devices?
Can you confirm that with your users?

all platforms, that was just me. Android, PC and iPad (one of your guys here have the issue as well on the ipad and has been able to duplicate it). So its across the board

@Falco I can reproduce the error that’s described here when I try to login through Patreon on my iPad (tested with Safari and Chrome.) On Android and on Desktop Chrome I can login through Patreon without any problem.

Do you have any idea what the problem could be?

I think this is not Patreon specific error. I’m able to see few discussions over it in the omniauth-oauth2 repo. I will check the issue.

https://github.com/omniauth/omniauth-oauth2/issues/32

https://github.com/omniauth/omniauth-oauth2/issues/58

2 Likes

yeah well some people dont have the issuye on my site while others including myself do

the problem is @vinothkannans is that some people can use it no problem, its just people certain people non stop. People have resorted to delering their account to try and reregister to get o the forum

It’s bad. I will try to fix the problem as soon as possible.

do you know what the problem is?

Yes. It looks like one of the required params not correctly carry forwarded across the requests. I think it’s lost while coming back from Patreon after the authentication flow.

1 Like

will it take long to fix?

It shouldn’t take much time. I will try to fix it asap.

3 Likes

did what you do stop or remove the viewport? I cannot remove the option of the address bar anymore by adding it to home screen. And it keeps asking for authorizing

No I didn’t receive anything from the viewport for this fix. I think it’s unrelated.

My user is still unable to access on any device as of this morning (10.19.18)