Toshitaka Kawamura created GUACAMOLE-1019:
---------------------------------------------
Summary: Redirect loop occurs in OpenID
Key: GUACAMOLE-1019
URL: https://issues.apache.org/jira/browse/GUACAMOLE-1019
Project: Guacamole
Issue Type: Bug
Components: guacamole-auth-openid
Affects Versions: 1.2.0
Reporter: Toshitaka Kawamura
I want to use OpenID authentication with G-Suite.
But I'm having trouble with a redirection loop on the login screen.
Is there anyway solution this issue?
And is it possible with authenticate G Suite?
I have installed as follows.
- Guacamole 1.2.0 in Docker
- guacamole-auth-openid is 1.2.0
I have recieved following info by G Suite Admin.(Some of them are dummies)
------------------------------------------------------------
client_id : "${client_id}",
project_id : "${project_id}",
auth_uri : "https://accounts.google.com/o/oauth2/auth";,
token_uri : "https://oauth2.googleapis.com/token";,
auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs";,
client_secret: "${client_secret}",
redirect_uris: "https://my-guacamole-server/guacamole/"; ,
javascript_origins: "https://my-guacamole-server";
------------------------------------------------------------
So, I set it up as follows in docker-compose.yaml.
I'm not sure if this is the right setting.
------------------------------------------------------------
OPENID_AUTHORIZATION_ENDPOINT=https://accounts.google.com/o/oauth2/auth
OPENID_JWKS_ENDPOINT=https://accounts.google.com/.well-known/openid-configuration
OPENID_ISSUER=https://accounts.google.com/
OPENID_CLIENT_ID=${client_id}
OPENID_REDIRECT_URI=https://my-guacamole-server/guacamole/
------------------------------------------------------------
After reboot, once I logged in, it occured redirect loop.
I suppose that authentication is probably successful because the token has been
returned from GSuite.
Is above setting correct?
And Is there any help this issue?
Thanks.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
