Good afternoon, We have a Guacamole setup with the OpenID and ToTp extensions enabled. We are having issues with this setup as users authenticated via our OpenID Connect Idp (Duende 6) get the ToTP configuration prompt but after successful authentication guacamole rejects them with the error message 'Invalid session'.
The terminal logs this message: "[http-nio-8080-exec-6] INFO o.a.g.a.o.t.TokenValidationService - Rejected OpenID token with invalid/old nonce." The JWT token includes a nonce claim that is perfectly valid but for some reason our setup is not working. If we disable the ToTp extension it works perfect. The user can login and access the published servers with no issues. Can anybody help us with this issue? Kind regards,
