Luke Garceau
159ef78f6f
Merge remote-tracking branch 'origin/dev' into feat/google-oauth-groups-dev
...
# Conflicts:
# backend/open_webui/utils/oauth.py
2025-11-27 17:18:02 -05:00
Luke Garceau
89a5dbda45
Merge branch 'main' into feat/google-oauth-groups-dev
...
# Conflicts:
# backend/open_webui/utils/oauth.py
# uv.lock
2025-11-27 16:53:12 -05:00
Tobias Genannt
04b337323a
fix: correct role check on OAuth login ( #19476 )
...
When a users role is switched from admin to user in the OAuth provider
their groups are not correctly updated when ENABLE_OAUTH_GROUP_MANAGEMENT
is enabled.
2025-11-26 21:48:06 -05:00
gerhardj-b
f2d6a425de
feat: also consider OAUTH_ROLES_SEPARATOR for string claims themselves ( #19514 )
2025-11-26 17:38:26 -05:00
Timothy Jaeryang Baek
0f8729dea2
refac
Deploy to HuggingFace Spaces / check-secret (push) Waiting to run
Deploy to HuggingFace Spaces / deploy (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-cuda126-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / build-main-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-main-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda126-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda126-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-slim-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-slim-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / merge-main-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-cuda-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-ollama-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-slim-images (push) Blocked by required conditions
Python CI / Format Backend (push) Waiting to run
2025-11-24 06:42:12 -05:00
Timothy Jaeryang Baek
286a5ad0db
refac/fix: oauth
2025-11-24 06:03:19 -05:00
gerhardj-b
66c5b7380d
feat: allow flat claims instead of nested claims as alternative ( #19286 )
Deploy to HuggingFace Spaces / check-secret (push) Waiting to run
Deploy to HuggingFace Spaces / deploy (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-ollama-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / build-main-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-main-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda126-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda126-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-slim-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-slim-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / merge-main-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-cuda-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-cuda126-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-slim-images (push) Blocked by required conditions
Python CI / Format Backend (push) Waiting to run
Frontend Build / Format & Build Frontend (push) Waiting to run
Frontend Build / Frontend Unit Tests (push) Waiting to run
2025-11-19 19:58:53 -05:00
Timothy Jaeryang Baek
0c47cbd16a
refac/enh: mcp oauth auth method support
2025-11-19 02:26:42 -05:00
Tim Baek
34684e7e58
feat/refac: group members db table ( #19239 )
...
* refac: group members table db migration
* refac: group members backend
* refac: group members frontend
* refac: group members frontend integration
* refac: styling
2025-11-18 03:59:56 -05:00
logan-hcg
0ed174f6a1
Update MCP Oauth server metadata discovery order ( #19244 )
2025-11-17 18:24:43 -05:00
Timothy Jaeryang Baek
bc576782d7
refac: group members backend
2025-11-17 05:09:06 -05:00
Timothy Jaeryang Baek
c43f95f4b8
refac: pass token_endpoint_auth_method
2025-11-13 15:34:45 -05:00
Timothy Jaeryang Baek
6d9a562edd
refac: oauth pass client auth params
2025-11-13 15:30:22 -05:00
xqqp
3207998114
Fix: Handle empty strings in OAuth registration response ( #19144 )
...
- The mcp package requires optional unset values to be None. If an empty string is passed, it gets validated and fails.
- Replace all empty strings with None.
2025-11-12 22:57:53 -05:00
Adam M. Smith
96b98cd13c
feat: add OAUTH_GROUPS_SEPARATOR for configurable group parsing
2025-11-06 21:01:51 +00:00
Timothy Jaeryang Baek
bafeb76c41
refac/fix: trusted env for proxy
Deploy to HuggingFace Spaces / check-secret (push) Waiting to run
Deploy to HuggingFace Spaces / deploy (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-slim-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / build-main-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-main-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda126-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-cuda126-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-ollama-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / build-slim-image (linux/amd64, ubuntu-latest) (push) Waiting to run
Create and publish Docker images with specific build args / build-slim-image (linux/arm64, ubuntu-24.04-arm) (push) Waiting to run
Create and publish Docker images with specific build args / merge-main-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-cuda-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-cuda126-images (push) Blocked by required conditions
Create and publish Docker images with specific build args / merge-ollama-images (push) Blocked by required conditions
Python CI / Format Backend (push) Waiting to run
2025-11-04 12:21:18 -05:00
Timothy Jaeryang Baek
cbcab062eb
refac
2025-10-27 16:46:04 -07:00
Timothy Jaeryang Baek
c8b2313362
refac
2025-10-27 15:38:59 -07:00
Timothy Jaeryang Baek
92aafd6c06
refac
2025-10-27 15:31:25 -07:00
Taylor Wilsdon
4b74034967
black fmt
2025-10-19 16:58:09 -04:00
Taylor Wilsdon
ecbf74dbea
Added a preflight authorize check that automatically re-registers MCP OAuth clients when the stored client ID no longer exists on the server, so the browser flow never hits the stale-ID failure
2025-10-18 16:53:44 -04:00
Taylor Wilsdon
d49fb9c010
complete cleanup of oauth clients
2025-10-18 14:16:10 -04:00
Taylor Wilsdon
40c450e6e5
Add more granular information to oauth failure messages
2025-10-18 13:43:51 -04:00
Timothy Jaeryang Baek
dbbdad3ebd
refac
2025-10-07 16:13:20 -05:00
Timothy Jaeryang Baek
911a114ad4
refac/fix: mcp oauth2.1
2025-10-07 14:56:10 -05:00
Timothy Jaeryang Baek
eaf786c1ef
enh: ENABLE_OAUTH_EMAIL_FALLBACK
2025-10-05 15:11:56 -05:00
Timothy Jaeryang Baek
062264c7f6
refac/fix: oauth
2025-10-05 14:22:00 -05:00
Timothy Jaeryang Baek
0330dc3159
refac
2025-10-01 15:35:37 -05:00
Timothy Jaeryang Baek
e493562735
fix: oauth client registration
2025-10-01 15:15:24 -05:00
Timothy Jaeryang Baek
0431ad9cc4
refac: get_discovery_urls
2025-09-26 14:34:26 -05:00
Timothy Jaeryang Baek
3c7d01163d
refac
2025-09-25 11:02:49 -05:00
Timothy Jaeryang Baek
cd7bd0aa20
refac
2025-09-25 02:00:02 -05:00
Timothy Jaeryang Baek
77e971dd9f
feat: oauth2.1 mcp integration
2025-09-25 01:49:16 -05:00
Timothy Jaeryang Baek
972be4eda5
enh: oauth2.1 dynamic client registration
2025-09-25 00:28:13 -05:00
Timothy Jaeryang Baek
c5a967e05f
refac
2025-09-24 06:56:50 -05:00
Timothy Jaeryang Baek
651f385ba5
fix: oauth refresh server metadata
2025-09-24 06:56:24 -05:00
Timothy Jaeryang Baek
e4c4ba0979
fix: oauth token
2025-09-19 00:10:48 -05:00
Timothy Jaeryang Baek
034163e9f9
chore: format
2025-09-16 11:16:08 -05:00
Xie Yanbo
ee82439e67
feat: add Feishu OAuth integration
...
Implement Feishu OAuth provider using standard client:
- Set up Feishu-specific endpoints for authorization, token, and userinfo
- Use user_id as sub claim for Feishu user identification
- Extract correct user information from nested 'data' field in Feishu responses
Configuration requirements:
- Set FEISHU_CLIENT_ID and FEISHU_CLIENT_SECRET environment variables to enable Feishu OAuth
- Set ENABLE_OAUTH_SIGNUP=true to allow automatic user creation after OAuth login
- Set DEFAULT_USER_ROLE=user to grant immediate access after OAuth registration
- Set OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true to enable merging of existing user accounts with matching emails
2025-09-12 14:09:32 +08:00
Timothy Jaeryang Baek
b786d1e3f3
refac
2025-09-08 18:52:59 +04:00
Timothy Jaeryang Baek
fc11e4384f
refac
2025-09-08 18:17:11 +04:00
Timothy Jaeryang Baek
217f4daef0
feat: server-side OAuth token management system
...
Co-Authored-By: Classic298 <27028174+Classic298@users.noreply.github.com>
2025-09-08 18:05:43 +04:00
Timothy Jaeryang Baek
6d38ac41b6
refac
2025-09-08 14:36:00 +04:00
Timothy Jaeryang Baek
91755309ce
refac
2025-09-08 14:18:25 +04:00
Timothy Jaeryang Baek
3d6d050ad8
refac/enh: display oauth error as toast
2025-09-07 01:48:52 +04:00
Timothy Jaeryang Baek
df66e21472
enh: regex pattern support for groups
2025-09-03 18:50:02 +04:00
Timothy Jaeryang Baek
b0f6f24ca8
refac
2025-08-31 23:42:34 +04:00
Timothy Jaeryang Baek
68d42ef850
refac
2025-08-18 19:49:29 +04:00
Timothy Jaeryang Baek
f1c28455ad
refac: async webhook request
2025-08-15 00:07:02 +04:00
Timothy Jaeryang Baek
2ed9896dea
refac/fix: oauth jwt cookie
2025-08-14 02:00:38 +04:00
