Per von Zweigbergk created GUACAMOLE-2039:
---------------------------------------------
Summary: Documentation for OIDC configuration for Docker
containers missing
Key: GUACAMOLE-2039
URL: https://issues.apache.org/jira/browse/GUACAMOLE-2039
Project: Guacamole
Issue Type: Improvement
Components: guacamole-auth-openid, guacamole-docker, guacamole-manual
Affects Versions: 1.5.5
Reporter: Per von Zweigbergk
There doesn't appear to be any documentation for how to use the
guacamole-auth-openid component with the guacamole docker containers, or, by
extension, any documentation at all suggesting that you can actually configure
the OIDC plugin using environment variables.
By reading the source code I was able to figure out that environment variables
can be used to configure the Guacamole Docker image to perform OIDC
authentication as per the example below:
{{OPENID_AUTHORIZATION_ENDPOINT=https://login.microsoftonline.com/<REDACTED>/oauth2/v2.0/authorize}}
{{OPENID_JWKS_ENDPOINT=https://login.microsoftonline.com/<REDACTED>/discovery/v2.0/keys}}
{{OPENID_ISSUER=https://login.microsoftonline.com/<REDACTED>/v2.0}}
{{OPENID_CLIENT_ID=<REDACTED>}}
{{OPENID_REDIRECT_URI=https://guacamole.example.com/guacamole}}
{{OPENID_GROUPS_CLAIM_TYPE=roles}}
... but it would be nice if this were documented. I would expect this to be
documented in the "Installing Guacamole with Docker" page in the manual:
[https://guacamole.apache.org/doc/gug/guacamole-docker.html]
I'm happy to volunteer writing a section for this in that manual page if this
bug is accepted.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
