ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 04:15:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
13833 commits 8 branches 138 tags 968 MiB
Commit graph

107 commits

Author SHA1 Message Date
Taylor Wilsdon
ecbf74dbea Added a preflight authorize check that automatically re-registers MCP OAuth clients when the stored client ID no longer exists on the server, so the browser flow never hits the stale-ID failure 2025-10-18 16:53:44 -04:00
Taylor Wilsdon
d49fb9c010 complete cleanup of oauth clients 2025-10-18 14:16:10 -04:00
Taylor Wilsdon
40c450e6e5 Add more granular information to oauth failure messages 2025-10-18 13:43:51 -04:00
Timothy Jaeryang Baek
dbbdad3ebd refac 2025-10-07 16:13:20 -05:00
Timothy Jaeryang Baek
911a114ad4 refac/fix: mcp oauth2.1 2025-10-07 14:56:10 -05:00
Timothy Jaeryang Baek
eaf786c1ef enh: ENABLE_OAUTH_EMAIL_FALLBACK 2025-10-05 15:11:56 -05:00
Timothy Jaeryang Baek
062264c7f6 refac/fix: oauth 2025-10-05 14:22:00 -05:00
Timothy Jaeryang Baek
0330dc3159 refac 2025-10-01 15:35:37 -05:00
Timothy Jaeryang Baek
e493562735 fix: oauth client registration 2025-10-01 15:15:24 -05:00
Timothy Jaeryang Baek
0431ad9cc4 refac: get_discovery_urls 2025-09-26 14:34:26 -05:00
Timothy Jaeryang Baek
3c7d01163d refac 2025-09-25 11:02:49 -05:00
Timothy Jaeryang Baek
cd7bd0aa20 refac 2025-09-25 02:00:02 -05:00
Timothy Jaeryang Baek
77e971dd9f feat: oauth2.1 mcp integration 2025-09-25 01:49:16 -05:00
Timothy Jaeryang Baek
972be4eda5 enh: oauth2.1 dynamic client registration 2025-09-25 00:28:13 -05:00
Timothy Jaeryang Baek
c5a967e05f refac 2025-09-24 06:56:50 -05:00
Timothy Jaeryang Baek
651f385ba5 fix: oauth refresh server metadata 2025-09-24 06:56:24 -05:00
Timothy Jaeryang Baek
e4c4ba0979 fix: oauth token 2025-09-19 00:10:48 -05:00
Timothy Jaeryang Baek
034163e9f9 chore: format 2025-09-16 11:16:08 -05:00
Xie Yanbo
ee82439e67 feat: add Feishu OAuth integration 
Implement Feishu OAuth provider using standard client:
- Set up Feishu-specific endpoints for authorization, token, and userinfo
- Use user_id as sub claim for Feishu user identification
- Extract correct user information from nested 'data' field in Feishu responses

Configuration requirements:
- Set FEISHU_CLIENT_ID and FEISHU_CLIENT_SECRET environment variables to enable Feishu OAuth
- Set ENABLE_OAUTH_SIGNUP=true to allow automatic user creation after OAuth login
- Set DEFAULT_USER_ROLE=user to grant immediate access after OAuth registration
- Set OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true to enable merging of existing user accounts with matching emails
 2025-09-12 14:09:32 +08:00
Timothy Jaeryang Baek
b786d1e3f3 refac 2025-09-08 18:52:59 +04:00
Timothy Jaeryang Baek
fc11e4384f refac 2025-09-08 18:17:11 +04:00
Timothy Jaeryang Baek
217f4daef0 feat: server-side OAuth token management system 
Co-Authored-By: Classic298 <27028174+Classic298@users.noreply.github.com>
 2025-09-08 18:05:43 +04:00
Timothy Jaeryang Baek
6d38ac41b6 refac 2025-09-08 14:36:00 +04:00
Timothy Jaeryang Baek
91755309ce refac 2025-09-08 14:18:25 +04:00
Timothy Jaeryang Baek
3d6d050ad8 refac/enh: display oauth error as toast 2025-09-07 01:48:52 +04:00
Timothy Jaeryang Baek
df66e21472 enh: regex pattern support for groups 2025-09-03 18:50:02 +04:00
Timothy Jaeryang Baek
b0f6f24ca8 refac 2025-08-31 23:42:34 +04:00
Timothy Jaeryang Baek
68d42ef850 refac 2025-08-18 19:49:29 +04:00
Timothy Jaeryang Baek
f1c28455ad refac: async webhook request 2025-08-15 00:07:02 +04:00
Timothy Jaeryang Baek
2ed9896dea refac/fix: oauth jwt cookie 2025-08-14 02:00:38 +04:00
Markus Kofler
2011e5711d
Enable Retrieving Username Claim from Userinfo Endpoint 2025-08-13 16:27:25 +02:00
Timothy Jaeryang Baek
c1d566bad4 enh: oauth_sub_claim 2025-08-09 00:46:14 +04:00
Timothy Jaeryang Baek
0912a023c2 fix: jwt token exposed in url 2025-08-06 21:02:54 +04:00
Timothy Jaeryang Baek
f24b76d9a3 refac: has_users 
Co-Authored-By: pickle-dice <159401444+hassan-ajek@users.noreply.github.com>
 2025-08-05 22:15:22 +04:00
Timothy Jaeryang Baek
340d9820b8 refac 2025-06-16 18:33:45 +04:00
Jason Kidd
fced3efd98
fix: Trailing slash was never removed from request.base_url because it's not a string but rather a starlette.datastructures.URL 2025-06-12 12:29:08 -07:00
Timothy Jaeryang Baek
4e82c44f3e refac 2025-05-31 15:04:38 +04:00
Timothy Jaeryang Baek
d4c3cfbaba refac: oauth redirect url to use WEBUI_URL 2025-05-23 01:03:28 +04:00
Timothy Jaeryang Baek
b143c71da2 refac: AIOHTTP_CLIENT_SESSION_SSL 2025-05-14 23:33:52 +04:00
Timothy Jaeryang Baek
04287eb6d6 refac 2025-05-14 23:27:34 +04:00
Tim Jaeryang Baek
410af53eca
Merge pull request #13581 from kaytwo/refreshOauthPfp 
feat: refresh oauth profile picture
 2025-05-07 22:06:43 +04:00
Timothy Jaeryang Baek
6359cb55fe chore: format 2025-05-07 02:01:03 +04:00
Chris Kanich
500f4d73e1 refresh oauth profile picture 2025-05-06 11:00:35 -05:00
Tim Jaeryang Baek
ed210517c2
Merge pull request #13533 from TheRauch1/main 
feat: handle user OAuth groups as list or string
 2025-05-06 09:57:14 +04:00
therauch1
c36acd46cc enh: handle user OAuth groups as list or string 2025-05-05 21:38:31 +02:00
Timothy Jaeryang Baek
db0a0b395f fix: oauth 2025-05-05 19:38:36 +04:00
Timothy Jaeryang Baek
754f631a07 feat: OAUTH_BLOCKED_GROUPS support 2025-05-02 14:47:02 +04:00
Timothy Jaeryang Baek
7d0a78a43a refac: aiohttp trust_env=True 2025-04-28 16:47:34 +04:00
Timothy Jaeryang Baek
5030041683 chore: format 2025-04-23 16:05:15 +09:00
Taylor Wilsdon
1dbf4d0461 Add ENABLE_OAUTH_GROUP_CREATION flag for JIT group creation with OAuth group updates enabled 2025-04-18 10:17:08 -07:00