Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Invalid
-
1.2.0
-
None
-
None
Description
I want to use OpenID authentication with G-Suite.
But I'm having trouble with a redirection loop on the login screen.
Is there anyway solution this issue?
And is it possible with authenticate G Suite?
I have installed as follows.
- Guacamole 1.2.0 in Docker
- guacamole-auth-openid is 1.2.0
I have recieved following info by G Suite Admin.(Some of them are dummies)
------------------------------------------------------------
client_id : "${client_id}",
project_id : "${project_id}",
auth_uri : "https://accounts.google.com/o/oauth2/auth",
token_uri : "https://oauth2.googleapis.com/token",
auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs",
client_secret: "${client_secret}",
redirect_uris: "https://my-guacamole-server/guacamole/" ,
javascript_origins: "https://my-guacamole-server"
------------------------------------------------------------
So, I set it up as follows in docker-compose.yaml.
I'm not sure if this is the right setting.
------------------------------------------------------------
OPENID_AUTHORIZATION_ENDPOINT=https://accounts.google.com/o/oauth2/auth
OPENID_JWKS_ENDPOINT=https://accounts.google.com/.well-known/openid-configuration
OPENID_ISSUER=https://accounts.google.com/
OPENID_CLIENT_ID=${client_id}
OPENID_REDIRECT_URI=https://my-guacamole-server/guacamole/
------------------------------------------------------------
After reboot, once I logged in, it occured redirect loop.
I suppose that authentication is probably successful because the token has been returned from GSuite.
Is above setting correct?
And Is there any help this issue?
Thanks.