Shiny Proxy - Open ID - Multiple redirections


#1

Hi,

We successfully connected Shiny Proxy through OpenID to ADFS. Authentication is working correctly but as soon as we’re adding the roles-claim attribute to manage group authorisations we can’t login anymore and we’re having errors

org.springframework.security.access.AccessDeniedException: Access is denied

And finally an ERR_TOO_MANY_REDIRECTS error in the browser.
If we remove the roles-claim attribute everything goes back to normal. What could explain that I can’t use roles-claim?
Here’s my configuration :

authentication: openid
openid:
auth-url: xxxxxxxxxxxx/adfs/oauth2/authorize
token-url: xxxxxxxxxxxx/adfs/oauth2/token
jwks-url: xxxxxxxxxxxx/adfs/discovery/keys
client-id: xxxxxxxxxxxx
client-secret: xxxxxxxxxxxx
username-attribute: unique_name
roles-claim: Groups
scopes: [allatclaims]
logout-url: https://xxxxxxxxxxxx/adfs/oauth2/logout?returnTo=http%3A%2F%2Fwww.9-yyyyyyy