nonce verification failure when user visited wp-login.php with reauth=1 query arg.
cause
reauth=1 forces user for re-authentication even when wordpressp_logged_in cookie is set. Thus when nonce is
generated for google-api query arguments user_id is present. While during nonce verification user_id is not present resulting in different nonce. Hence the failure.
Fix
Redirect to wp-login.php if the above scenario occurs before rendering the button.
Description
Issue
wp-login.php
withreauth=1
query arg.cause
wordpressp_logged_in
cookie is set. Thus when nonce isgenerated for google-api query arguments
user_id
is present. While during nonce verificationuser_id
is not present resulting in different nonce. Hence the failure.Fix
wp-login.php
if the above scenario occurs before rendering the button.ref.
112