Merge pull request #6339 from Cyb4Black/fix-not-rely-on-id-token-for-user-info

fix: get userinfo from endpoint, not only from token
2025-06-26 18:26:48 +00:00 · 2024-10-22 13:36:30 -07:00
parent c57ef980fb 1b5ac834ef
commit 170ec2f9d0
1 changed files with 5 additions and 0 deletions
--- a/backend/open_webui/utils/oauth.py
+++ b/backend/open_webui/utils/oauth.py
@@ -139,6 +139,11 @@ class OAuthManager:
            log.warning(f"OAuth callback error: {e}")
            raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
        user_data: UserInfo = token["userinfo"]
+        if not user_data:
+            user_data: UserInfo = await client.userinfo(token=token)
+        if not user_data:
+            log.warning(f"OAuth callback failed, user data is missing: {token}")
+            raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)

        sub = user_data.get("sub")
        if not sub: