Open bazza888 opened 2 months ago
Just an update I managed to get things working by pointing my JWKS URI directly at the Authentik container not via NPM So I'm not too fussed just think its curious this is my only container experiencing this issue.
Sorry for the late response, I don't know really anything about configuring guacamole the official docs would probably be the place to look for how to configure that kind of stuff.
Describe Your Problem: Using Authentik as the OAuth Provider the JWT token query fails
Logs:
02:57:23.266 [http-nio-8080-exec-5] INFO o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header
Environment:
Guacamole 1.5.5 (latest at time of this post) Authentik 2024.6.1 Both going via NGINX proxy manager with valid Lets Encrypt certs
Notes: All my other OAuth services work just fine - it is isolated to Guacamole Have tried using different certs in the Authentik provider (EC ,RSA etc) Seems to be a fair bit of info on this online with various fixes none of which seemed to work for me Is there a config i can put into the guacamole properties to ignore certs when querying the JWT token
Any help appreciated thank you.