Hello, I got a problem using OAuth2 from F5.
My guacamole.properties looks like / ## ## [OpenID-1] OpenID application integration details ## ## openid-authorization-endpoint: https://auth-test.service-ti.de/f5-oauth2/v1/authorize openid-jwks-endpoint: https://auth-test.service-ti.de/f5-oauth2/v1/jwks openid-issuer: https://auth-test.service-ti.de/f5-oauth2/v1 openid-client-id: TEST4711 openid-redirect-uri: https://hosting.ti-dienste.de/ ## ## [OpenID-2] OpenID application optional details ## ## openid-username-claim-type: name openid-scope: openid ssp user openid-max-token-validity: 1000 / Every time I call the page I got /18:54:54.702 [http-nio-127.0.0.1-8080-exec-3] DEBUG org.jose4j.jwk.HttpsJwks - Refreshing/loading JWKS from https://auth-test.service-ti.de/f5-oauth2/v1/jwks 18:54:54.702 [http-nio-127.0.0.1-8080-exec-3] DEBUG org.jose4j.http.Get -HTTP GET of https://auth-test.service-ti.de/f5-oauth2/v1/jwks 18:54:54.946 [http-nio-127.0.0.1-8080-exec-5] DEBUG o.a.g.resource.ResourceServlet - Resource not modified: "/translations/de.json" 18:54:54.960 [http-nio-127.0.0.1-8080-exec-3] DEBUG org.jose4j.http.Get - read 588 characters 18:54:54.962 [http-nio-127.0.0.1-8080-exec-6] DEBUG o.a.g.resource.ResourceServlet - Resource not modified: "/translations/en.json" 18:54:54.963 [http-nio-127.0.0.1-8080-exec-3] DEBUG org.jose4j.http.Get - HTTP GET of https://auth-test.service-ti.de/f5-oauth2/v1/jwks returned SimpleResponse{statusCode=200, statusMessage='OK', headers={null=[HTTP/1.1 200 OK], access-control-allow-origin=[*], content-length=[588], access-control-allow-credentials=[true], access-control-allow-headers=[Content-Type,Authorization], connection=[Close], content-type=[application/json; charset=UTF-8], cache-control=[no-store], access-control-allow-methods=[GET,PUT,POST,DELETE,OPTIONS], pragma=[no-cache]}, body='{ "keys":[ { "kty":"RSA", "use":"sig", "alg":"RS256", "kid":"jwt_webkey_ssp-service", "n":"4ImtiKNhluymYa2lwfkmB0Hi10yfNJY5yevYGPaJsX0bqLareqUTtensCBg5TM-orvL38iekRHGCSXKDx78UVx1rbLgVQIDkkZekpNmoB7pLg9c6K7QYA2s9Dn6zH8OqmMK4qurhymoNoKUkSCW7ynfRkChKgBHKFjszrnGuCGA9oyiSQTurY1-ZhHpEufGM3qi--UMrgb1_G9F4Q0Pg7NxXdz31DFUlhIaBB1tV2O6GoG5_umgzN2fGuY2h3MWJ77NOIsK2WoWnScfmxf0fjuV10H10HK0FigkTMrgZ6MhUZUYNhCgd6IzZ1RylzIYNLDKLIsyB_dUu0arK62lhxw", "e":"AQAB", "x5t":"0T9Kxpw80aF-05EnBEq3bCDtjJ8", "x5t#S256":"wqVy474qmxvBF4AADUABQ_72EFeyBRWFHunp_18SQEk" } ] } '} 18:54:54.966 [http-nio-127.0.0.1-8080-exec-3] DEBUG org.jose4j.jwk.HttpsJwks - Will use default cache duration of 3600 seconds for content from https://auth-test.service-ti.de/f5-oauth2/v1/jwks 18:54:54.966 [http-nio-127.0.0.1-8080-exec-3] DEBUG org.jose4j.jwk.HttpsJwks - Updated JWKS content from https://auth-test.service-ti.de/f5-oauth2/v1/jwks will be cached for 3600 seconds until about Mon Jan 11 19:54:54 CET 2021 -> [org.jose4j.jwk.RsaJsonWebKey{kty=RSA, kid=jwt_webkey_ssp-service, use=sig, alg=RS256, n=4ImtiKNhluymYa2lwfkmB0Hi10yfNJY5yevYGPaJsX0bqLareqUTtensCBg5TM-orvL38iekRHGCSXKDx78UVx1rbLgVQIDkkZekpNmoB7pLg9c6K7QYA2s9Dn6zH8OqmMK4qurhymoNoKUkSCW7ynfRkChKgBHKFjszrnGuCGA9oyiSQTurY1-ZhHpEufGM3qi--UMrgb1_G9F4Q0Pg7NxXdz31DFUlhIaBB1tV2O6GoG5_umgzN2fGuY2h3MWJ77NOIsK2WoWnScfmxf0fjuV10H10HK0FigkTMrgZ6MhUZUYNhCgd6IzZ1RylzIYNLDKLIsyB_dUu0arK62lhxw, e=AQAB, x5t=0T9Kxpw80aF-05EnBEq3bCDtjJ8, x5t#S256=wqVy474qmxvBF4AADUABQ_72EFeyBRWFHunp_18SQEk}] 18:54:54.968 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.jose4j.jwa.AlgorithmFactoryFactory - Initializing jose4j (running with Java 11.0.9 from AdoptOpenJDK at /DBA/adopt-openjdk/11.0.9 with [SUN version 11, SunRsaSign version 11, SunEC version 11, SunJSSE version 11, SunJCE version 11, SunJGSS version 11, SunSASL version 11, XMLDSig version 11, SunPCSC version 11, JdkLDAP version 11, JdkSASL version 11, SunPKCS11 version 11] security providers installed)... 18:54:54.969 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.PlaintextNoneAlgorithm@311425e6 registered for alg algorithm none 18:54:54.970 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.HmacUsingShaAlgorithm$HmacSha256@33c3fe08 registered for algalgorithm HS256 18:54:54.971 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.HmacUsingShaAlgorithm$HmacSha384@7012cd6e registered for algalgorithm HS384 18:54:54.972 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.HmacUsingShaAlgorithm$HmacSha512@4f5ebced registered for algalgorithm HS512 18:54:54.973 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.EcdsaUsingShaAlgorithm$EcdsaP256UsingSha256@47c418e9 registered for alg algorithm ES256 18:54:54.973 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.EcdsaUsingShaAlgorithm$EcdsaP384UsingSha384@6be6fa2e registered for alg algorithm ES384 18:54:54.973 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.EcdsaUsingShaAlgorithm$EcdsaP521UsingSha512@6db4cd1c registered for alg algorithm ES512 18:54:54.973 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.RsaUsingShaAlgorithm$RsaSha256@355bdc83 registered for algalgorithm RS256 18:54:54.974 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.RsaUsingShaAlgorithm$RsaSha384@1a60933e registered for algalgorithm RS384 18:54:54.974 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - org.jose4j.jws.RsaUsingShaAlgorithm$RsaSha512@2fe6cb40 registered for algalgorithm RS512 18:54:54.974 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.RsaUsingShaAlgorithm$RsaPssSha256 - PS256 vai SHA256withRSAandMGF1 is NOT available from the underlying JCE (org.jose4j.lang.JoseException: Unable to get an implementation of algorithm name: SHA256withRSAandMGF1; caused by: java.security.NoSuchAlgorithmException: SHA256withRSAandMGF1 Signature not available). 18:54:54.974 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - PS256 is unavailable so will not be registered for alg algorithms. 18:54:54.975 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.RsaUsingShaAlgorithm$RsaPssSha384 - PS384 vai SHA384withRSAandMGF1 is NOT available from the underlying JCE (org.jose4j.lang.JoseException: Unable to get an implementation of algorithm name: SHA384withRSAandMGF1; caused by: java.security.NoSuchAlgorithmException: SHA384withRSAandMGF1 Signature not available). 18:54:54.975 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - PS384 is unavailable so will not be registered for alg algorithms. 18:54:54.975 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.RsaUsingShaAlgorithm$RsaPssSha512 - PS512 vai SHA512withRSAandMGF1 is NOT available from the underlying JCE (org.jose4j.lang.JoseException: Unable to get an implementation of algorithm name: SHA512withRSAandMGF1; caused by: java.security.NoSuchAlgorithmException: SHA512withRSAandMGF1 Signature not available). 18:54:54.975 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->JsonWebSignatureAlgorithm - PS512 is unavailable so will not be registered for alg algorithms. 18:54:54.975 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.jose4j.jwa.AlgorithmFactoryFactory - JWS signature algorithms: [none, HS256, HS384, HS512, ES256, ES384, ES512, RS256, RS384, RS512] 18:54:54.976 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.RsaKeyManagementAlgorithm$Rsa1_5@7d2dbce4 registered for alg algorithm RSA1_5 18:54:54.976 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.RsaKeyManagementAlgorithm$RsaOaep@6c657e8c registered for algalgorithm RSA-OAEP 18:54:54.979 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.RsaKeyManagementAlgorithm$RsaOaep256@21b24a03 registered for alg algorithm RSA-OAEP-256 18:54:54.979 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.DirectKeyManagementAlgorithm@3104df15 registered for algalgorithm dir 18:54:54.980 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.AesKeyWrapManagementAlgorithm$Aes128@607e2f03 registered for alg algorithm A128KW 18:54:54.981 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.AesKeyWrapManagementAlgorithm$Aes192@6f5267c registered for alg algorithm A192KW 18:54:54.981 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.AesKeyWrapManagementAlgorithm$Aes256@a87243c registered for alg algorithm A256KW 18:54:54.983 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.EcdhKeyAgreementAlgorithm@6d1220d7 registered for algalgorithm ECDH-ES 18:54:54.985 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.EcdhKeyAgreementWithAesKeyWrapAlgorithm$EcdhKeyAgreementWithAes128KeyWrapAlgorithm@5b1fd5e registered for alg algorithm ECDH-ES+A128KW 18:54:54.986 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.EcdhKeyAgreementWithAesKeyWrapAlgorithm$EcdhKeyAgreementWithAes192KeyWrapAlgorithm@1b597740 registered for alg algorithm ECDH-ES+A192KW 18:54:54.988 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.EcdhKeyAgreementWithAesKeyWrapAlgorithm$EcdhKeyAgreementWithAes256KeyWrapAlgorithm@6dfbead4 registered for alg algorithm ECDH-ES+A256KW 18:54:54.989 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.Pbes2HmacShaWithAesKeyWrapAlgorithm$HmacSha256Aes128@3e4883d4 registered for alg algorithm PBES2-HS256+A128KW 18:54:54.989 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.Pbes2HmacShaWithAesKeyWrapAlgorithm$HmacSha384Aes192@7e7e41a1 registered for alg algorithm PBES2-HS384+A192KW 18:54:54.990 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.Pbes2HmacShaWithAesKeyWrapAlgorithm$HmacSha512Aes256@1df40892 registered for alg algorithm PBES2-HS512+A256KW 18:54:54.991 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.AesGcmKeyEncryptionAlgorithm$Aes128Gcm@6a58617a registered for alg algorithm A128GCMKW 18:54:54.992 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.AesGcmKeyEncryptionAlgorithm$Aes192Gcm@70330311 registered for alg algorithm A192GCMKW 18:54:54.992 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->KeyManagementAlgorithm - org.jose4j.jwe.AesGcmKeyEncryptionAlgorithm$Aes256Gcm@53975dbd registered for alg algorithm A256GCMKW 18:54:54.992 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.jose4j.jwa.AlgorithmFactoryFactory - JWE key management algorithms: [RSA1_5, RSA-OAEP, RSA-OAEP-256, dir, A128KW, A192KW, A256KW, ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW, A128GCMKW, A192GCMKW, A256GCMKW] 18:54:54.993 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->ContentEncryptionAlgorithm - org.jose4j.jwe.AesCbcHmacSha2ContentEncryptionAlgorithm$Aes128CbcHmacSha256@14678573 registered for enc algorithm A128CBC-HS256 18:54:54.993 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->ContentEncryptionAlgorithm - org.jose4j.jwe.AesCbcHmacSha2ContentEncryptionAlgorithm$Aes192CbcHmacSha384@43535471 registered for enc algorithm A192CBC-HS384 18:54:54.993 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->ContentEncryptionAlgorithm - org.jose4j.jwe.AesCbcHmacSha2ContentEncryptionAlgorithm$Aes256CbcHmacSha512@47d17fa0 registered for enc algorithm A256CBC-HS512 18:54:54.994 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->ContentEncryptionAlgorithm - org.jose4j.jwe.AesGcmContentEncryptionAlgorithm$Aes128Gcm@6d20b209 registered for enc algorithm A128GCM 18:54:54.994 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->ContentEncryptionAlgorithm - org.jose4j.jwe.AesGcmContentEncryptionAlgorithm$Aes192Gcm@30e58ddc registered for enc algorithm A192GCM 18:54:54.995 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->ContentEncryptionAlgorithm - org.jose4j.jwe.AesGcmContentEncryptionAlgorithm$Aes256Gcm@191ded0e registered for enc algorithm A256GCM 18:54:54.995 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.jose4j.jwa.AlgorithmFactoryFactory - JWE content encryption algorithms: [A128CBC-HS256, A192CBC-HS384, A256CBC-HS512, A128GCM, A192GCM, A256GCM] 18:54:54.995 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.j.j.AlgorithmFactory->CompressionAlgorithm - org.jose4j.zip.DeflateRFC1951CompressionAlgorithm@1ef33181 registered for zip algorithm DEF 18:54:54.995 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.jose4j.jwa.AlgorithmFactoryFactory - JWE compression algorithms: [DEF] 18:54:54.995 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.jose4j.jwa.AlgorithmFactoryFactory - Initialized jose4j in 27ms 18:54:54.997 [http-nio-127.0.0.1-8080-exec-3] WARN o.a.g.a.o.t.TokenValidationService - Username claim "name" missing from token. Perhaps the OpenID scope and/or username claim type are misconfigured? 18:54:54.998 [http-nio-127.0.0.1-8080-exec-3] DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt from [147.161.165.28, 127.0.0.1] failed. / Does anyone know this problem or got a solution for this? -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
