ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 12:25:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

refac/fix: mcp oauth2.1

Browse source
This commit is contained in:
Timothy Jaeryang Baek 2025-10-07 14:56:10 -05:00
parent 216fb5c3db
commit 911a114ad4
2 changed files with 35 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
backend/open_webui/utils/oauth.py
View file

@ -83,6 +83,8 @@ class OAuthClientInformationFull(OAuthClientMetadata):
client_id_issued_at: int | None = None client_id_issued_at: int | None = None
client_secret_expires_at: int | None = None client_secret_expires_at: int | None = None
server_metadata: Optional[OAuthMetadata] = None # Fetched from the OAuth server
from open_webui.env import SRC_LOG_LEVELS, GLOBAL_LOG_LEVEL from open_webui.env import SRC_LOG_LEVELS, GLOBAL_LOG_LEVEL
@ -297,6 +299,7 @@ async def get_oauth_client_info_with_dynamic_client_registration(
{ {
**registration_response_json, **registration_response_json,
**{"issuer": oauth_server_metadata_url}, **{"issuer": oauth_server_metadata_url},
**{"server_metadata": oauth_server_metadata},
} }
) )
log.info( log.info(
@ -332,20 +335,27 @@ class OAuthClientManager:
self.clients = {} self.clients = {}
def add_client(self, client_id, oauth_client_info: OAuthClientInformationFull): def add_client(self, client_id, oauth_client_info: OAuthClientInformationFull):
self.clients[client_id] = { kwargs = {
"client": self.oauth.register( "name": client_id,
name=client_id, "client_id": oauth_client_info.client_id,
client_id=oauth_client_info.client_id, "client_secret": oauth_client_info.client_secret,
client_secret=oauth_client_info.client_secret, "client_kwargs": (
client_kwargs=( {"scope": oauth_client_info.scope} if oauth_client_info.scope else {}
{"scope": oauth_client_info.scope}
if oauth_client_info.scope
else {}
), ),
server_metadata_url=( "server_metadata_url": (
oauth_client_info.issuer if oauth_client_info.issuer else None oauth_client_info.issuer if oauth_client_info.issuer else None
), ),
), }
if (
oauth_client_info.server_metadata
and "S256"
in oauth_client_info.server_metadata.code_challenge_methods_supported
):
kwargs["code_challenge_method"] = "S256"
self.clients[client_id] = {
"client": self.oauth.register(**kwargs),
"client_info": oauth_client_info, "client_info": oauth_client_info,
} }
return self.clients[client_id] return self.clients[client_id]
@ -561,7 +571,17 @@ class OAuthClientManager:
error_message = None error_message = None
try: try:
token = await client.authorize_access_token(request) client_info = self.get_client_info(client_id)
token_params = {}
if (
client_info
and hasattr(client_info, "client_id")
and hasattr(client_info, "client_secret")
):
token_params["client_id"] = client_info.client_id
token_params["client_secret"] = client_info.client_secret
token = await client.authorize_access_token(request, **token_params)
if token: if token:
try: try:
# Add timestamp for tracking # Add timestamp for tracking

2
src/lib/components/chat/MessageInput/IntegrationsMenu.svelte
View file

@ -338,7 +338,7 @@
let serverId = parts?.at(-1) ?? toolId; let serverId = parts?.at(-1) ?? toolId;
const authUrl = getOAuthClientAuthorizationUrl(serverId, 'mcp'); const authUrl = getOAuthClientAuthorizationUrl(serverId, 'mcp');
window.open(authUrl, '_blank', 'noopener'); window.open(authUrl, '_self', 'noopener');
} else { } else {
tools[toolId].enabled = !tools[toolId].enabled; tools[toolId].enabled = !tools[toolId].enabled;