Steam SSO (1.18)

Unsolved Technical Support
  • Hi,
    I'm looking for a steam SSO plugin but can't, unfortunately, find one, Are there any suggestions on how I can go about this as it's quite crucial to my forum design.


  • Global Moderator Plugin & Theme Dev

    Have you tried this one?

  • @pitaj Hey, thanks for the quick response.

    Yes I'm actually trying to get that working right now, but keep running into problems, I've managed to get this as the most recent error:
    Error: We were unable to log you in, likely due to an expired session. Please try again

    I believe this may be due to the BB located in a non HTTPS environment?

  • @pitaj Hey, just went and researched through a bunch of topics but I'm having no luck getting rid of this auth/callback error.

    Currently I'm using cloudflare for my SSL certs and then that leads to my docker nginx reverse proxy, that then sends you to the correct subfolder in the domain
    I.E => proxy.pass thenodebb:backend however I still am getting this issue, I've tried a whole host of things and keep ending up at the same space, here is the nginx conf

    ```server {
        # You would want to make a separate file with its own server block for each virtual domain
        # on your server and then include them.
        listen       8081;
        #tells Nginx the hostname and the TCP port where it should listen for HTTP connections.
        # listen 80; is equivalent to listen *:80;
        root                    /var/www/dir/public;
        # lets you doname-based virtual hosting
        proxy_set_header X-Forwarded-Proto https;
        #charset koi8-r;
        #access_log  logs/host.access.log  main;
        location / {
            #The location setting lets you configure how nginx responds to requests for resources within the server.
            index  index.html index.htm;
        location /auth/ {
        location /forums/{
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header X-Forwarded-Proto $scheme;
                    proxy_set_header X-Forwarded-Port 443;
                    proxy_set_header Host $http_host;
                    proxy_set_header X-NginX-Proxy true;
                    proxy_redirect off;
                    # Socket.IO Support
                    proxy_http_version 1.1;
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header Connection "upgrade";

    would really love some suggestions as to what I'm doing wrong (if you want the domain to access this I can dm it to you)

  • @bara-suffar Still having no luck with this, I'm at the point where I can't even log into the normal authentication, it just puts me onto the homepage, without any errors of any sort, really puzzled as to whats going on lol

  • Global Moderator Plugin & Theme Dev

    Why do you have a separate route handler for auth?

    Also your proxy pass should probably be proxy_pass; of you're running nginx and nodebb on the same server.

    If the plugin is breaking your logins, you can disable it from the command line:

    ./nodebb reset -p <package name>

  • @bara-suffar I noticed you're using Cloudflare - can you see if this post helps to resolve your issue ?

  • @pitaj The /auth/ section is a route to my main website, I'm going to migrate that within the forum if I can get that working, and will get rid of it eventually.

    I've done this and now back to square 1 being the session expired. I checked the console and its pointing out that it gets a 500 error when trying to reach the callback section. I've gone over my config and haven't been able to resolve this after trying a lot of suggestions. Not sure where the issue lies now because it seems that it isn't my ngnix config.

  • Global Moderator Plugin & Theme Dev

    @bara-suffar what is the url in config.json? It should match the url at which you access the site exactly.

  • @pitaj URL is also correct.
    I've managed to temporarily fix the issue, but I don't think its a very secure fix,
    in /src/routes/authentication.js line 124
    // next(req.query.state !== req.session.ssoState ? new Error('[[error:csrf-invalid]]') : null);
    the req.query.state == unidentified, so no matter what I did I was getting the error, however replaced it with next(); and its all working now, but still not sure why the query state is unidentified, any suggestions?

Suggested Topics

| | | |