Login is successful but can't get in due to "Unknown client"

erok415 · March 24, 2023, 5:46pm

Hi there,

Our application has been running fine for almost 2 years and all of a sudden Google Auth stopped working. Our website is a WordPress site with the Auth0 plugin. We have not made any changes to the Auth0 tenant, the plugin integration on WordPress, or the Google connection.

Now when I try to log in, I get this WordPress error “There was a problem with your login: Invalid state [error code: unknown]”

In the Auth0 logs, I can see that I received a “Success Login” message. However, in my logs, I noticed that there are a plethora of “Failed Login” messages even though nobody is trying to log in to the website. Is it possible that something is trying to brute force login to the site and Auth0 is not allowing me to log in anymore?

All of the failed logins are coming from a Firefox user_agent and IP that’s unknown to us.
{
“date”: “2023-03-24T17:44:16.164Z”,
“type”: “f”,
“description”: “Unknown client: oncudk2vq36a6fcmccsot7spgznjgbh6”,
“connection_id”: “”,
“ip”: “91.206.200.207”,
“user_agent”: “Firefox 109.0.0 / Windows 10.0.0”,

Your help is appreciated.

erok415 · March 24, 2023, 5:52pm

I’ve turned on security “Attack Protection” and logging to see if that helps. I’m still prohibited from logging in.

erok415 · March 28, 2023, 6:20pm

The issue turned out to be that our WordPress theme was updated and it was not a custom theme and didn’t have a child theme connected to it. Which meant that an important function in the function.php file was removed along with any other customization.

The missing code that was needed was:

/**
 * Prefix state and nonce cookie names.
 *
 * @param string $cookie_name - Cookie name to modify.
 *
 * @return string
 */
function auth0_theme_hook_prefix_cookie_name($cookie_name)
{
  return 'STYXKEY_' . $cookie_name;
}
add_filter('auth0_state_cookie_name', 'auth0_theme_hook_prefix_cookie_name');
add_filter('auth0_nonce_cookie_name', 'auth0_theme_hook_prefix_cookie_name');

konrad.sopala · March 31, 2023, 1:33pm

Thanks for sharing that with the rest of community!

system · April 14, 2023, 1:34pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.