Ram Prashath created GUACAMOLE-848: -------------------------------------- Summary: OpenID connect Guacamole Integration Error Key: GUACAMOLE-848 URL: https://issues.apache.org/jira/browse/GUACAMOLE-848 Project: Guacamole Issue Type: Bug Components: guacamole-auth-openid Affects Versions: 1.0.0 Environment: ubuntu 16.04 Reporter: Ram Prashath Fix For: 1.0.0 Attachments: GUacamole.JPG
i have tried to get this setup. Unfortunately it seems Okta insist (even with Single Page App (SPA)) to have state field in the POST even if (when using SPA) it's not actually used. The guacamole client just goes in a redirect loop with error in URL visible of "invalid state". error=invalid_state error_description=The authentication request has an invalid state parameter. I added State/Openid-state value in Guacamole.Properties File. after adding the state The guacamole client just goes in a redirect loop with error in URL visible of "invalid state" Guacamole.Properties #Hostname and port of guacamole proxy guacd-hostname: localhost guacd-port: 8080 #MySQL Authentication mysql-hostname: 127.0.0.1 mysql-port: 3306 mysql-database: guacamole_db mysql-username: guacamole_user mysql-password: password OIDC properties openid-state:123 openid-authorization-endpoint:https://accenturemdrtest.okta.com/oauth2/v1/authorize/ openid-jwks-endpoint:https://accenturemdrtest.okta.com/oauth2/v1/keys?client_id=0oavtqytdWOJ7Yyen356 openid-issuer:https://accenturemdrtest.okta.com/ openid-client-id:0oavtqytdWOJ7Yyen356 openid-redirect-uri:http://13.235.117.86:8080/guacamole/ openid-username-claim-type:email openid-scope:openid profile auth-provider:org.apache.guacamole.auth.openid.OpenIDAuthenticationProvider the state parameter value is didnt take in guacamole.properties file -- This message was sent by Atlassian JIRA (v7.6.14#76016)