Hi. Thank you for replying.
Sorry. I didn't explain detail. I know that the latest release version is 1.1.0. I checked out latest code of guacamole-client as of 02/04/2020, And I built it to docker image. so, I called as ver 1.2.0 The reason I use 1.2 was the redirect loop bug was fixed. This is chiket https://issues.apache.org/jira/browse/GUACAMOLE-805 Anyway,Thank you for blog information. I'll read and try it. Thanks. Regards On Sat, Apr 11, 2020 at 2:46 PM Sebastian Männling < [email protected]> wrote: > Hi, > are you sure you’re using version 1.2.0? > As far as I know the official docker image is version 1.1.0 ( > https://hub.docker.com/r/guacamole/guacamole/tags) > > I also ran into a redirect loop using the docker setup. I stumbled across > the following blog post: > https://blog.exceptionerror.io/2019/06/10/home-lab-2019/ > which explains how to patch the openid module: > > ``` > git clone https://github.com/apache/guacamole-client > git checkout 1.1.0 > git checkout -b open-id-fix > git cherry-pick -m 1 0344ef30e45954d1252d44b9826c7eedad8b02f3 > > cd extensions/guacamole-auth-openid > mvn clean install > ``` > > After that you can use the patches guacamole-auth-openid.jar which worked > (at least for me) > Using docker I just volume mounted it over the existing one... > > Greetings, > Sebastian > > > On 11. Apr 2020, at 06:57, Toshitaka Kawamura <[email protected]> > wrote: > > > Hi > > I want to use OpenID authentication with G-Suite. > But I'm having trouble with a redirection loop on the login screen. > Is there anyway solution this issue? > And is it possible with authenticate G Suite? > > I have installed as follows. > > - Guacamole 1.2.0 in Docker > - guacamole-auth-openid is 1.2.0 > > I have recieved following info by our G Suite Admin.(Some of them are > dummies) > ------------------------------------------------------------ > client_id : "${client_id}", > project_id : "${project_id}", > auth_uri : "https://accounts.google.com/o/oauth2/auth";, > token_uri : "https://oauth2.googleapis.com/token";, > auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs";, > client_secret: "${client_secret}", > redirect_uris: "https://my-guacamole-server/guacamole/"; , > javascript_origins: "https://my-guacamole-server"; > ------------------------------------------------------------ > > So, I set it up as follows in docker-compose.yaml. > I'm not sure if this is the right setting. > ------------------------------------------------------------ > OPENID_AUTHORIZATION_ENDPOINT=https://accounts.google.com/o/oauth2/auth > OPENID_JWKS_ENDPOINT= > https://accounts.google.com/.well-known/openid-configuration > OPENID_ISSUER=https://accounts.google.com/ > OPENID_CLIENT_ID=${client_id} > OPENID_REDIRECT_URI=https://my-guacamole-server/guacamole/ > ------------------------------------------------------------ > > After reboot, once I logged in, it occured redirect loop. > I suppose that authentication is probably successful because the token has > been returned from GSuite. > Is above setting correct? > And Is there any help this issue? > > Thanks. > > Toshi. > >
