refac: add separate Client IDs for OneDrive

2025-12-12 04:15:25 +00:00 · 2025-09-21 01:40:14 -04:00 · 2025-09-21 01:40:14 -04:00 · 466d5bb696
commit 466d5bb696
parent 6e4a2f18e1
3 changed files with 32 additions and 21 deletions
--- a/backend/open_webui/config.py
+++ b/backend/open_webui/config.py
@ -2170,6 +2170,8 @@ ENABLE_ONEDRIVE_INTEGRATION = PersistentConfig(
    "onedrive.enable",
    os.getenv("ENABLE_ONEDRIVE_INTEGRATION", "False").lower() == "true",
 )
+
+
 ENABLE_ONEDRIVE_PERSONAL = (
    os.environ.get("ENABLE_ONEDRIVE_PERSONAL", "True").lower() == "true"
 )
@ -2177,10 +2179,12 @@ ENABLE_ONEDRIVE_BUSINESS = (
    os.environ.get("ENABLE_ONEDRIVE_BUSINESS", "True").lower() == "true"
 )

-ONEDRIVE_CLIENT_ID = PersistentConfig(
-    "ONEDRIVE_CLIENT_ID",
-    "onedrive.client_id",
-    os.environ.get("ONEDRIVE_CLIENT_ID", ""),
+ONEDRIVE_CLIENT_ID = os.environ.get("ONEDRIVE_CLIENT_ID", "")
+ONEDRIVE_CLIENT_ID_PERSONAL = os.environ.get(
+    "ONEDRIVE_CLIENT_ID_PERSONAL", ONEDRIVE_CLIENT_ID
+)
+ONEDRIVE_CLIENT_ID_BUSINESS = os.environ.get(
+    "ONEDRIVE_CLIENT_ID_BUSINESS", ONEDRIVE_CLIENT_ID
 )

 ONEDRIVE_SHAREPOINT_URL = PersistentConfig(
--- a/backend/open_webui/main.py
+++ b/backend/open_webui/main.py
@ -301,7 +301,8 @@ from open_webui.config import (
    GOOGLE_DRIVE_CLIENT_ID,
    GOOGLE_DRIVE_API_KEY,
    ENABLE_ONEDRIVE_INTEGRATION,
-    ONEDRIVE_CLIENT_ID,
+    ONEDRIVE_CLIENT_ID_PERSONAL,
+    ONEDRIVE_CLIENT_ID_BUSINESS,
    ONEDRIVE_SHAREPOINT_URL,
    ONEDRIVE_SHAREPOINT_TENANT_ID,
    ENABLE_ONEDRIVE_PERSONAL,
@ -1743,7 +1744,8 @@ async def get_app_config(request: Request):
                    "api_key": GOOGLE_DRIVE_API_KEY.value,
                },
                "onedrive": {
-                    "client_id": ONEDRIVE_CLIENT_ID.value,
+                    "client_id_personal": ONEDRIVE_CLIENT_ID_PERSONAL,
+                    "client_id_business": ONEDRIVE_CLIENT_ID_BUSINESS,
                    "sharepoint_url": ONEDRIVE_SHAREPOINT_URL.value,
                    "sharepoint_tenant_id": ONEDRIVE_SHAREPOINT_TENANT_ID.value,
                },
--- a/src/lib/utils/onedrive-file-picker.ts
+++ b/src/lib/utils/onedrive-file-picker.ts
@ -31,12 +31,10 @@ class OneDriveConfig {
 	}

 	private async getCredentials(): Promise<void> {
-		const headers: HeadersInit = {
-			'Content-Type': 'application/json'
-		};
-
 		const response = await fetch('/api/config', {
-			headers,
+			headers: {
+				'Content-Type': 'application/json'
+			},
 			credentials: 'include'
 		});

@ -46,17 +44,14 @@ class OneDriveConfig {

 		const config = await response.json();

-		const newClientId = config.onedrive?.client_id;
-		const newSharepointUrl = config.onedrive?.sharepoint_url;
-		const newSharepointTenantId = config.onedrive?.sharepoint_tenant_id;
+		this.clientIdPersonal = config.onedrive?.client_id_personal;
+		this.clientIdBusiness = config.onedrive?.client_id_business;
+		this.sharepointUrl = config.onedrive?.sharepoint_url;
+		this.sharepointTenantId = config.onedrive?.sharepoint_tenant_id;

-		if (!newClientId) {
-			throw new Error('OneDrive configuration is incomplete');
+		if (!this.newClientIdPersonal && !this.newClientIdBusiness) {
+			throw new Error('OneDrive client ID not configured');
 		}
-
-		this.clientId = newClientId;
-		this.sharepointUrl = newSharepointUrl;
-		this.sharepointTenantId = newSharepointTenantId;
 	}

 	public async getMsalInstance(
@ -69,10 +64,20 @@ class OneDriveConfig {
 				this.currentAuthorityType === 'organizations'
 					? this.sharepointTenantId || 'common'
 					: 'consumers';
+
+			const clientId =
+				this.currentAuthorityType === 'organizations'
+					? this.clientIdBusiness
+					: this.clientIdPersonal;
+
+			if (!clientId) {
+				throw new Error('OneDrive client ID not configured');
+			}
+
 			const msalParams = {
 				auth: {
 					authority: `https://login.microsoftonline.com/${authorityEndpoint}`,
-					clientId: this.clientId
+					clientId: clientId
 				}
 			};