Steam SSO (1.18)

@pitaj URL is also correct.
I've managed to temporarily fix the issue, but I don't think its a very secure fix,
in /src/routes/authentication.js line 124
// next(req.query.state !== req.session.ssoState ? new Error('[[error:csrf-invalid]]') : null);
the req.query.state == unidentified, so no matter what I did I was getting the error, however replaced it with next(); and its all working now, but still not sure why the query state is unidentified, any suggestions?

@pitaj The /auth/ section is a route to my main website, I'm going to migrate that within the forum if I can get that working, and will get rid of it eventually.

I've done this and now back to square 1 being the session expired. I checked the console and its pointing out that it gets a 500 error when trying to reach the callback section. I've gone over my config and haven't been able to resolve this after trying a lot of suggestions. Not sure where the issue lies now because it seems that it isn't my ngnix config.

@bara-suffar Still having no luck with this, I'm at the point where I can't even log into the normal authentication, it just puts me onto the homepage, without any errors of any sort, really puzzled as to whats going on lol

@pitaj Hey, just went and researched through a bunch of topics but I'm having no luck getting rid of this auth/callback error.

Currently I'm using cloudflare for my SSL certs and then that leads to my docker nginx reverse proxy, that then sends you to the correct subfolder in the domain
I.E website.com/forums => proxy.pass thenodebb:backend however I still am getting this issue, I've tried a whole host of things and keep ending up at the same space, here is the nginx conf

```server {
    # You would want to make a separate file with its own server block for each virtual domain
    # on your server and then include them.
    listen       127.0.0.1:8081;
    listen       8081;
    #tells Nginx the hostname and the TCP port where it should listen for HTTP connections.
    # listen 80; is equivalent to listen *:80;
    root                    /var/www/dir/public;
    server_name  xxx.xxxx.xxx(hidden);
    # lets you doname-based virtual hosting
    proxy_set_header X-Forwarded-Proto https;
    #charset koi8-r;

    #access_log  logs/host.access.log  main;

    location / {
        #The location setting lets you configure how nginx responds to requests for resources within the server.
        index  index.html index.htm;
    }
    location /auth/ {
        proxy_pass http://xxx.xxxx.xxx(hidden):9032;

    }
    location /forums/{
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header X-Forwarded-Port 443;
                proxy_set_header Host $http_host;
                proxy_set_header X-NginX-Proxy true;
        proxy_pass http://xxx.xxxx.xxx(hidden):4567;
                proxy_redirect off;
                # Socket.IO Support
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";

    }```

would really love some suggestions as to what I'm doing wrong (if you want the domain to access this I can dm it to you)

@pitaj Hey, thanks for the quick response.

Yes I'm actually trying to get that working right now, but keep running into problems, I've managed to get this as the most recent error:
/auth/steam/callback
Error: We were unable to log you in, likely due to an expired session. Please try again

I believe this may be due to the BB located in a non HTTPS environment?

Hi,
I'm looking for a steam SSO plugin but can't, unfortunately, find one, Are there any suggestions on how I can go about this as it's quite crucial to my forum design.

Thanks,