[ https://issues.apache.org/jira/browse/GUACAMOLE-1019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17080420#comment-17080420 ]
Nick Couchman commented on GUACAMOLE-1019: ------------------------------------------ [~toshi_km]: Please start your help request on the mailing list: http://guacamole.apache.org/support/ It's unlikely the issue you're encountering is a bug, and the mailing list is where you will find a broad community of people who might be able to help you figure it out. > Redirect loop occurs in OpenID > ------------------------------ > > Key: GUACAMOLE-1019 > URL: https://issues.apache.org/jira/browse/GUACAMOLE-1019 > Project: Guacamole > Issue Type: Bug > Components: guacamole-auth-openid > Affects Versions: 1.2.0 > Reporter: Toshitaka Kawamura > Priority: Major > > I want to use OpenID authentication with G-Suite. > But I'm having trouble with a redirection loop on the login screen. > Is there anyway solution this issue? > And is it possible with authenticate G Suite? > I have installed as follows. > - Guacamole 1.2.0 in Docker > - guacamole-auth-openid is 1.2.0 > I have recieved following info by G Suite Admin.(Some of them are dummies) > ------------------------------------------------------------ > client_id : "${client_id}", > project_id : "${project_id}", > auth_uri : "https://accounts.google.com/o/oauth2/auth", > token_uri : "https://oauth2.googleapis.com/token", > auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs", > client_secret: "${client_secret}", > redirect_uris: "https://my-guacamole-server/guacamole/" , > javascript_origins: "https://my-guacamole-server" > ------------------------------------------------------------ > So, I set it up as follows in docker-compose.yaml. > I'm not sure if this is the right setting. > ------------------------------------------------------------ > OPENID_AUTHORIZATION_ENDPOINT=https://accounts.google.com/o/oauth2/auth > OPENID_JWKS_ENDPOINT=https://accounts.google.com/.well-known/openid-configuration > OPENID_ISSUER=https://accounts.google.com/ > OPENID_CLIENT_ID=${client_id} > OPENID_REDIRECT_URI=https://my-guacamole-server/guacamole/ > ------------------------------------------------------------ > After reboot, once I logged in, it occured redirect loop. > I suppose that authentication is probably successful because the token has > been returned from GSuite. > Is above setting correct? > And Is there any help this issue? > Thanks. -- This message was sent by Atlassian Jira (v8.3.4#803005)