open-webui

mirror of https://github.com/open-webui/open-webui.git synced 2025-12-22 17:25:25 +00:00

History

Classic298 ef43e81f9a fix: MCP OAuth 2.1 token exchange and multi-node propagation (#20076 ) * sequential * zero default * fix * fix: preserve absolute paths in sqlite+sqlcipher URLs Previously, the connection logic incorrectly stripped the leading slash from `sqlite+sqlcipher` paths, forcibly converting absolute paths (e.g., `sqlite+sqlcipher:////app/data.db`) into relative paths (which became `app/data.db`). This caused database initialization failures when using absolute paths, such as with Docker volume mounts. This change removes the slash-stripping logic, ensuring that absolute path conventions (starting with `/`) are respected while maintaining support for relative paths (which do not start with `/`). * fix: MCP OAuth 2.1 token exchange and multi-node propagation Fix two MCP OAuth 2.1 bugs affecting tool server authentication: 1. Token exchange failing with duplicate credentials (#19823) - Removed explicit client_id/client_secret passing in handle_callback() - Authlib already has credentials configured during add_client(), passing them again caused concatenation (e.g., "ID1,ID1") and 401 errors - Added token validation to detect missing access_token and provide clear error messages instead of cryptic database constraint errors 2. OAuth clients not propagating across multi-node setups (#19901) - Updated get_client() and get_client_info() to auto-lazy-load OAuth clients from the Redis-synced TOOL_SERVER_CONNECTIONS config - Clients are now instantiated on-demand on any node that needs them Fixes #19823, #19901 * Update db.py * Update wrappers.py		2025-12-21 10:51:52 -05:00
..
db	enh/refac: kb pagination	2025-12-10 23:19:19 -05:00
images	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
mcp	chore: format	2025-10-26 19:33:39 -07:00
telemetry	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
access_control.py	feat: user list in channels	2025-11-25 04:38:07 -05:00
audit.py	fix: audit	2025-12-01 10:59:01 -05:00
auth.py	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
channels.py	feat: channel/thread @ model	2025-09-17 00:49:44 -05:00
chat.py	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
code_interpreter.py	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
embeddings.py	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
files.py	refac	2025-12-03 19:31:23 -05:00
filter.py	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
groups.py	chore: format	2025-12-02 17:16:12 -05:00
headers.py	refac: images	2025-11-04 13:30:59 -05:00
logger.py	chore: format	2025-08-06 14:27:58 +04:00
middleware.py	refac	2025-12-21 13:58:49 +04:00
misc.py	refac	2025-12-21 16:15:28 +04:00
models.py	enh: models endpoint optimization	2025-12-21 15:43:02 +04:00
oauth.py	fix: MCP OAuth 2.1 token exchange and multi-node propagation (#20076 )	2025-12-21 10:51:52 -05:00
payload.py	refac	2025-10-25 23:01:13 -07:00
pdf_generator.py
plugin.py	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
rate_limit.py	feat: signin rate limit	2025-12-02 03:52:38 -05:00
redis.py	feat: REDIS_SOCKET_CONNECT_TIMEOUT	2025-12-08 11:59:45 -05:00
response.py	fix: ollama tool call	2025-07-18 06:11:53 +08:00
security_headers.py
task.py	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
tools.py	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00
webhook.py	chore/perf: Remove old SRC level log env vars with no impact (#20045 )	2025-12-20 08:16:14 -05:00