Hi, are you sure you’re using version 1.2.0? As far as I know the official docker image is version 1.1.0 (https://hub.docker.com/r/guacamole/guacamole/tags)
I also ran into a redirect loop using the docker setup. I stumbled across the following blog post: https://blog.exceptionerror.io/2019/06/10/home-lab-2019/ which explains how to patch the openid module: ``` git clone https://github.com/apache/guacamole-client git checkout 1.1.0 git checkout -b open-id-fix git cherry-pick -m 1 0344ef30e45954d1252d44b9826c7eedad8b02f3 cd extensions/guacamole-auth-openid mvn clean install ``` After that you can use the patches guacamole-auth-openid.jar which worked (at least for me) Using docker I just volume mounted it over the existing one... Greetings, Sebastian > On 11. Apr 2020, at 06:57, Toshitaka Kawamura <kawam...@alpacadb.com> wrote: > > > Hi > > I want to use OpenID authentication with G-Suite. > But I'm having trouble with a redirection loop on the login screen. > Is there anyway solution this issue? > And is it possible with authenticate G Suite? > I have installed as follows. > Guacamole 1.2.0 in Docker > guacamole-auth-openid is 1.2.0 > I have recieved following info by our G Suite Admin.(Some of them are dummies) > ------------------------------------------------------------ > client_id : "${client_id}", > project_id : "${project_id}", > auth_uri : "https://accounts.google.com/o/oauth2/auth";, > token_uri : "https://oauth2.googleapis.com/token";, > auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs";, > client_secret: "${client_secret}", > redirect_uris: "https://my-guacamole-server/guacamole/"; , > javascript_origins: "https://my-guacamole-server"; > ------------------------------------------------------------ > So, I set it up as follows in docker-compose.yaml. > I'm not sure if this is the right setting. > ------------------------------------------------------------ > OPENID_AUTHORIZATION_ENDPOINT=https://accounts.google.com/o/oauth2/auth > OPENID_JWKS_ENDPOINT=https://accounts.google.com/.well-known/openid-configuration > OPENID_ISSUER=https://accounts.google.com/ > OPENID_CLIENT_ID=${client_id} > OPENID_REDIRECT_URI=https://my-guacamole-server/guacamole/ > ------------------------------------------------------------ > After reboot, once I logged in, it occured redirect loop. > I suppose that authentication is probably successful because the token has > been returned from GSuite. > Is above setting correct? > And Is there any help this issue? > Thanks. > Toshi.
