Ram Prashath created GUACAMOLE-848:
--------------------------------------
Summary: OpenID connect Guacamole Integration Error
Key: GUACAMOLE-848
URL: https://issues.apache.org/jira/browse/GUACAMOLE-848
Project: Guacamole
Issue Type: Bug
Components: guacamole-auth-openid
Affects Versions: 1.0.0
Environment: ubuntu 16.04
Reporter: Ram Prashath
Fix For: 1.0.0
Attachments: GUacamole.JPG
i have tried to get this setup. Unfortunately it seems Okta insist (even with
Single Page App (SPA)) to have state field in the POST even if (when using SPA)
it's not actually used. The guacamole client just goes in a redirect loop with
error in URL visible of "invalid state".
error=invalid_state
error_description=The authentication request has an invalid state parameter.
I added State/Openid-state value in Guacamole.Properties File. after adding the
state The guacamole client just goes in a redirect loop with error in URL
visible of "invalid state"
Guacamole.Properties
#Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 8080
#MySQL Authentication
mysql-hostname: 127.0.0.1
mysql-port: 3306
mysql-database: guacamole_db
mysql-username: guacamole_user
mysql-password: password
OIDC properties
openid-state:123
openid-authorization-endpoint:https://accenturemdrtest.okta.com/oauth2/v1/authorize/
openid-jwks-endpoint:https://accenturemdrtest.okta.com/oauth2/v1/keys?client_id=0oavtqytdWOJ7Yyen356
openid-issuer:https://accenturemdrtest.okta.com/
openid-client-id:0oavtqytdWOJ7Yyen356
openid-redirect-uri:http://13.235.117.86:8080/guacamole/
openid-username-claim-type:email
openid-scope:openid profile
auth-provider:org.apache.guacamole.auth.openid.OpenIDAuthenticationProvider
the state parameter value is didnt take in guacamole.properties file
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
