> Hi Team, >
> We are integrating guacamole 1.4.0 with keycloak by using the below OPENID > attributes. > > OPENID_AUTHORIZATION_ENDPOINT: " > https://authenticate.id-proxy.rp.de.1u1.local:8443/realms/master/protocol/openid-connect/auth > " > OPENID_JWKS_ENDPOINT: " > https://authenticate.id-proxy.rp.de.1u1.local:8443/realms/master/protocol/openid-connect/certs > " > OPENID_ISSUER: " > https://authenticate.id-proxy.rp.de.1u1.local:8443/realms/master"; > OPENID_CLIENT_ID: "guacamole-client" > OPENID_REDIRECT_URI: "http://guacamole:8080"; > > We observed that the application URL is redirected to keycloak for > authentication and then redirection to the application URL is failing with > the below error message. But we didn't add keycloak certificates to > guacamole container. Will it give any issue? if yes, please share the > procedure to update the certificates. > > 13:13:57.927 [http-nio-8080-exec-2] INFO > o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT > processing failed. Additional details: [[17] Unable to process JOSE object > (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable > verification key for JWS w/ header {"alg":"RS256","typ" : "JWT","kid" : > "b_miyK9tDisD--lStj4nX5AmaoX3EHsrvGysA9TVD8c"} due to an unexpected > exception (java.net.SocketTimeoutException: connect timed out) while > obtaining or using keys from JWKS endpoint at > https://authenticate.id-proxy.rp.de.1u1.local:8443/realms/master/protocol/openid-connect/certs > ): > <https://l0001spapka0005.rp.de.dmn.local/auth/realms/Symworld/protocol/openid-connect/certs):> > JsonWebSignature{"alg":"RS256","typ" : "JWT","kid" : > "b_miyK9tDisD--lStj4nX5AmaoX3EHsrvGysA9TVD8c"}->eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiX21peUs5dERpc0QtLWxTdGo0blg1QW1hb1gzRUhzcnZHeXNBOVRWRDhjIn0.eyJleHAiOjE2Nzg4MDA0NTUsImlhdCI6MTY3ODc5OTU1NSwiYXV0aF90aW1lIjoxNjc4NzkzNTM5LCJqdGkiOiJjYTI5ZDhmMS1kZjkyLTRkM2QtYjQ3MC1mYjk5M2UzMjQ4MDUiLCJpc3MiOiJodHRwczovL2wwMDAxc3BhcGthMDAwNS5ycC5kZS5kbW4ubG9jYWwvYXV0aC9yZWFsbXMvU3ltd29ybGQiLCJhdWQiOiJQQU0iLCJzdWIiOiI0MjBhYTQwMC0yNDc3LTQ2OGItOTk2NC03YjhkYWiJJRCIsImF6cCI6IlBBTSIsIm5vbmNlIjoiazZsNTU1N3RlOThnaWVzNjIzcjRkcmExdTkiLCJzZXNzaW9uX3N0YXRlIjoiOGJlZDFjOWEtYTQ2OS00ZGFlLTgwZTUtYTQ5M2FhZGQxMTA1IiwiYWNyIjoiMCIsInNpZCI6IjhiZWQxYzlhLWE0NjktNGRhZS04MGU1LWE0OTNhYWRkMTEwNSIsImVtYWlsX3ZlcmlmaWVkIjp0cnhbWUiOiJLb25kYSIsImVtYWlsIjoidmVua2F0YS5rb25kYUByYWt1dGVuLmNvbSJ9.WVmBCulUiSVppZk5J59wFdThxWpfzmeMwG-jo_-8RyozWrtpNachLafZJtXxcLoFNEGbOi98hM3RK_RsQ0DgSuM9P85xe4Oho6-qIrmk3DIuLoBVN4YjTwALjvKwtKidIluQwMRyZjgvMBmtoF9_qpPQMx_0irTV7gbqDifI8zaIyHwafX_5gQT-pDPu5jeFRS1sR4swUJOvQiKbfe7u897289K4MZ8U-lQnv-wExtumXRvQaf3c7cVzttFgzSGo9XaT_IUI8rHdLj08EKQaf_9iQDuq-PTMpIxFNLSyO8_t-drUVDnmvbKWJS3wPrEuNwItx7E7ya2jZoBiKfWvFQ] > > > Regards, > Venkata >
