ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 12:25:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
13615 commits 8 branches 138 tags 972 MiB
Commit graph

99 commits

Author SHA1 Message Date
Timothy Jaeryang Baek
e493562735 fix: oauth client registration 2025-10-01 15:15:24 -05:00
Timothy Jaeryang Baek
0431ad9cc4 refac: get_discovery_urls 2025-09-26 14:34:26 -05:00
Timothy Jaeryang Baek
3c7d01163d refac 2025-09-25 11:02:49 -05:00
Timothy Jaeryang Baek
cd7bd0aa20 refac 2025-09-25 02:00:02 -05:00
Timothy Jaeryang Baek
77e971dd9f feat: oauth2.1 mcp integration 2025-09-25 01:49:16 -05:00
Timothy Jaeryang Baek
972be4eda5 enh: oauth2.1 dynamic client registration 2025-09-25 00:28:13 -05:00
Timothy Jaeryang Baek
c5a967e05f refac 2025-09-24 06:56:50 -05:00
Timothy Jaeryang Baek
651f385ba5 fix: oauth refresh server metadata 2025-09-24 06:56:24 -05:00
Timothy Jaeryang Baek
e4c4ba0979 fix: oauth token 2025-09-19 00:10:48 -05:00
Timothy Jaeryang Baek
034163e9f9 chore: format 2025-09-16 11:16:08 -05:00
Xie Yanbo
ee82439e67 feat: add Feishu OAuth integration 
Implement Feishu OAuth provider using standard client:
- Set up Feishu-specific endpoints for authorization, token, and userinfo
- Use user_id as sub claim for Feishu user identification
- Extract correct user information from nested 'data' field in Feishu responses

Configuration requirements:
- Set FEISHU_CLIENT_ID and FEISHU_CLIENT_SECRET environment variables to enable Feishu OAuth
- Set ENABLE_OAUTH_SIGNUP=true to allow automatic user creation after OAuth login
- Set DEFAULT_USER_ROLE=user to grant immediate access after OAuth registration
- Set OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true to enable merging of existing user accounts with matching emails
 2025-09-12 14:09:32 +08:00
Timothy Jaeryang Baek
b786d1e3f3 refac 2025-09-08 18:52:59 +04:00
Timothy Jaeryang Baek
fc11e4384f refac 2025-09-08 18:17:11 +04:00
Timothy Jaeryang Baek
217f4daef0 feat: server-side OAuth token management system 
Co-Authored-By: Classic298 <27028174+Classic298@users.noreply.github.com>
 2025-09-08 18:05:43 +04:00
Timothy Jaeryang Baek
6d38ac41b6 refac 2025-09-08 14:36:00 +04:00
Timothy Jaeryang Baek
91755309ce refac 2025-09-08 14:18:25 +04:00
Timothy Jaeryang Baek
3d6d050ad8 refac/enh: display oauth error as toast 2025-09-07 01:48:52 +04:00
Timothy Jaeryang Baek
df66e21472 enh: regex pattern support for groups 2025-09-03 18:50:02 +04:00
Timothy Jaeryang Baek
b0f6f24ca8 refac 2025-08-31 23:42:34 +04:00
Timothy Jaeryang Baek
68d42ef850 refac 2025-08-18 19:49:29 +04:00
Timothy Jaeryang Baek
f1c28455ad refac: async webhook request 2025-08-15 00:07:02 +04:00
Timothy Jaeryang Baek
2ed9896dea refac/fix: oauth jwt cookie 2025-08-14 02:00:38 +04:00
Markus Kofler
2011e5711d
Enable Retrieving Username Claim from Userinfo Endpoint 2025-08-13 16:27:25 +02:00
Timothy Jaeryang Baek
c1d566bad4 enh: oauth_sub_claim 2025-08-09 00:46:14 +04:00
Timothy Jaeryang Baek
0912a023c2 fix: jwt token exposed in url 2025-08-06 21:02:54 +04:00
Timothy Jaeryang Baek
f24b76d9a3 refac: has_users 
Co-Authored-By: pickle-dice <159401444+hassan-ajek@users.noreply.github.com>
 2025-08-05 22:15:22 +04:00
Timothy Jaeryang Baek
340d9820b8 refac 2025-06-16 18:33:45 +04:00
Jason Kidd
fced3efd98
fix: Trailing slash was never removed from request.base_url because it's not a string but rather a starlette.datastructures.URL 2025-06-12 12:29:08 -07:00
Timothy Jaeryang Baek
4e82c44f3e refac 2025-05-31 15:04:38 +04:00
Timothy Jaeryang Baek
d4c3cfbaba refac: oauth redirect url to use WEBUI_URL 2025-05-23 01:03:28 +04:00
Timothy Jaeryang Baek
b143c71da2 refac: AIOHTTP_CLIENT_SESSION_SSL 2025-05-14 23:33:52 +04:00
Timothy Jaeryang Baek
04287eb6d6 refac 2025-05-14 23:27:34 +04:00
Tim Jaeryang Baek
410af53eca
Merge pull request #13581 from kaytwo/refreshOauthPfp 
feat: refresh oauth profile picture
 2025-05-07 22:06:43 +04:00
Timothy Jaeryang Baek
6359cb55fe chore: format 2025-05-07 02:01:03 +04:00
Chris Kanich
500f4d73e1 refresh oauth profile picture 2025-05-06 11:00:35 -05:00
Tim Jaeryang Baek
ed210517c2
Merge pull request #13533 from TheRauch1/main 
feat: handle user OAuth groups as list or string
 2025-05-06 09:57:14 +04:00
therauch1
c36acd46cc enh: handle user OAuth groups as list or string 2025-05-05 21:38:31 +02:00
Timothy Jaeryang Baek
db0a0b395f fix: oauth 2025-05-05 19:38:36 +04:00
Timothy Jaeryang Baek
754f631a07 feat: OAUTH_BLOCKED_GROUPS support 2025-05-02 14:47:02 +04:00
Timothy Jaeryang Baek
7d0a78a43a refac: aiohttp trust_env=True 2025-04-28 16:47:34 +04:00
Timothy Jaeryang Baek
5030041683 chore: format 2025-04-23 16:05:15 +09:00
Taylor Wilsdon
1dbf4d0461 Add ENABLE_OAUTH_GROUP_CREATION flag for JIT group creation with OAuth group updates enabled 2025-04-18 10:17:08 -07:00
Timothy Jaeryang Baek
7a1e10f3a7 refac: rm OAUTH_USE_PICTURE_CLAIM 2025-04-02 19:23:24 -07:00
CityOfBunbury
548c7f17d7 Added OAUTH_USE_PICTURE_CLAIM env var 
Added OAUTH_USE_PICTURE_CLAIM to config.py

Added check to oauth.py on OAUTH_USE_PICTURE_CLAIM, to decide whether to user the profile picture in the claim or the default user.png
 2025-04-03 08:24:14 +08:00
Timothy Jaeryang Baek
116e0559f6 refac: oauth 2025-03-10 09:42:59 +00:00
Dong Shin
b8f3abda5a
fix: email claim constant 2025-03-04 15:50:04 +09:00
Timothy Jaeryang Baek
50dec12072 refac 2025-02-21 22:15:22 -08:00
Jeannot Damoiseaux
d50098b622
Fix: Ensure user_oauth_groups defaults to an empty list to prevent TypeError 
When the OAuth groups claim does not yield a list, `user_oauth_groups` was previously
set to None, causing a TypeError during membership checks. Changed this default to
an empty list (`[]`) to ensure the variable is always iterable, preventing errors
for non-admin users while logging in.

This fix ensures stability in the `update_user_groups` function.
 2025-02-21 22:25:22 +01:00
Timothy Jaeryang Baek
eeb00a5ca2 chore: format 2025-02-20 01:01:29 -08:00
星海
de8492de34
fix: GitHub OAuth email retrieval when public email is not set 2025-02-20 15:06:07 +08:00