ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-11 20:05:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

feat: add OAUTH_GROUPS_SEPARATOR for configurable group parsing

Browse source
This commit is contained in:
Adam M. Smith 2025-11-06 21:01:51 +00:00
parent 639d26252e
commit 96b98cd13c
2 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
backend/open_webui/config.py
View file

@ -570,6 +570,8 @@ OAUTH_BLOCKED_GROUPS = PersistentConfig(
os.environ.get("OAUTH_BLOCKED_GROUPS", "[]"), os.environ.get("OAUTH_BLOCKED_GROUPS", "[]"),
) )
OAUTH_GROUPS_SEPARATOR = os.environ.get("OAUTH_GROUPS_SEPARATOR", ";")
OAUTH_ROLES_CLAIM = PersistentConfig( OAUTH_ROLES_CLAIM = PersistentConfig(
"OAUTH_ROLES_CLAIM", "OAUTH_ROLES_CLAIM",
"oauth.roles_claim", "oauth.roles_claim",

7
backend/open_webui/utils/oauth.py
View file

@ -42,6 +42,7 @@ from open_webui.config import (
ENABLE_OAUTH_GROUP_MANAGEMENT, ENABLE_OAUTH_GROUP_MANAGEMENT,
ENABLE_OAUTH_GROUP_CREATION, ENABLE_OAUTH_GROUP_CREATION,
OAUTH_BLOCKED_GROUPS, OAUTH_BLOCKED_GROUPS,
OAUTH_GROUPS_SEPARATOR,
OAUTH_ROLES_CLAIM, OAUTH_ROLES_CLAIM,
OAUTH_SUB_CLAIM, OAUTH_SUB_CLAIM,
OAUTH_GROUPS_CLAIM, OAUTH_GROUPS_CLAIM,
@ -1035,7 +1036,11 @@ class OAuthManager:
if isinstance(claim_data, list): if isinstance(claim_data, list):
user_oauth_groups = claim_data user_oauth_groups = claim_data
elif isinstance(claim_data, str): elif isinstance(claim_data, str):
user_oauth_groups = [claim_data] # Split by the configured separator if present
if OAUTH_GROUPS_SEPARATOR in claim_data:
user_oauth_groups = claim_data.split(OAUTH_GROUPS_SEPARATOR)
else:
user_oauth_groups = [claim_data]
else: else:
user_oauth_groups = [] user_oauth_groups = []