User (patron) getting authorization error message


#1

A longtime user started being unable to access Discourse. She’s tried several devices, cleared her cache and is in good standing with Patreon. The error message reads “Sorry, there was an error authorizing you’re account. Perhaps you did not approve authorization?”

Is there something I can do on my side to assist?


(Daniela) #2

Please ask your user to login again, but before you should enable the site setting patreon verbose log, then you should report here the error you will find on /admin/logs (if there is the error)


(Jai Haze) #3

ive had the same problem. The problem goes away when on desktop, however mobile throws this error every time


(Jai Haze) #4

(patreon) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected

is the error when trying to login via mobile, even if logged in thru desktop. Its almost like its detecting ip spoofing or proxies. This only started happening when I upgraded to business plan, and some people have always had this issue on mobile. so its good we figure this out


(Daniela) #5

I can login with my android phone without problem. Try the login in incognito mode and be sure to use the HTTPS version of your domain


(Jai Haze) #6

again, did it no dice. Some people have no issues, a lot of mobile users that are logging in with patreon are having the issue

here is a video of all incognito


(Daniela) #7

So the problem is not on android devices but is on iPhone, iPad and Apple devices?
Can you confirm that with your users?


(Jai Haze) #8

all platforms, that was just me. Android, PC and iPad (one of your guys here have the issue as well on the ipad and has been able to duplicate it). So its across the board


(Simon Cossar) #9

@Falco I can reproduce the error that’s described here when I try to login through Patreon on my iPad (tested with Safari and Chrome.) On Android and on Desktop Chrome I can login through Patreon without any problem.

Do you have any idea what the problem could be?


(Vinoth Kannan) #13

I think this is not Patreon specific error. I’m able to see few discussions over it in the omniauth-oauth2 repo. I will check the issue.


(Jai Haze) #15

yeah well some people dont have the issuye on my site while others including myself do


(Jai Haze) #17

the problem is @vinothkannans is that some people can use it no problem, its just people certain people non stop. People have resorted to delering their account to try and reregister to get o the forum


(Vinoth Kannan) #18

It’s bad. I will try to fix the problem as soon as possible.


(Jai Haze) #19

do you know what the problem is?


(Vinoth Kannan) #20

Yes. It looks like one of the required params not correctly carry forwarded across the requests. I think it’s lost while coming back from Patreon after the authentication flow.


(Jai Haze) #21

will it take long to fix?


(Vinoth Kannan) #22

It shouldn’t take much time. I will try to fix it asap.


(Jai Haze) #23

did what you do stop or remove the viewport? I cannot remove the option of the address bar anymore by adding it to home screen. And it keeps asking for authorizing


(Vinoth Kannan) #24

No I didn’t receive anything from the viewport for this fix. I think it’s unrelated.


#26

My user is still unable to access on any device as of this morning (10.19.18)