refac: rm OAUTH_USE_PICTURE_CLAIM

backend/open_webui/config.py

@@ -331,11 +331,6 @@ JWT_EXPIRES_IN = PersistentConfig(
 # OAuth config
 ####################################
 
-OAUTH_USE_PICTURE_CLAIM = PersistentConfig(
-    "OAUTH_USE_PICTURE_CLAIM",
-    "oauth.oidc.use_picture_claim",
-    os.environ.get("OAUTH_USE_PICTURE_CLAIM", "True").lower() == "true",
-)
 
 ENABLE_OAUTH_SIGNUP = PersistentConfig(
     "ENABLE_OAUTH_SIGNUP",
@@ -343,6 +338,7 @@ ENABLE_OAUTH_SIGNUP = PersistentConfig(
     os.environ.get("ENABLE_OAUTH_SIGNUP", "False").lower() == "true",
 )
 
+
 OAUTH_MERGE_ACCOUNTS_BY_EMAIL = PersistentConfig(
     "OAUTH_MERGE_ACCOUNTS_BY_EMAIL",
     "oauth.merge_accounts_by_email",
@@ -472,6 +468,7 @@ OAUTH_USERNAME_CLAIM = PersistentConfig(
     os.environ.get("OAUTH_USERNAME_CLAIM", "name"),
 )
 
+
 OAUTH_PICTURE_CLAIM = PersistentConfig(
     "OAUTH_PICTURE_CLAIM",
     "oauth.oidc.avatar_claim",

backend/open_webui/utils/oauth.py

@@ -23,7 +23,6 @@ from open_webui.config import (
     OAUTH_PROVIDERS,
     ENABLE_OAUTH_ROLE_MANAGEMENT,
     ENABLE_OAUTH_GROUP_MANAGEMENT,
-    OAUTH_USE_PICTURE_CLAIM,
     OAUTH_ROLES_CLAIM,
     OAUTH_GROUPS_CLAIM,
     OAUTH_EMAIL_CLAIM,
@@ -58,7 +57,6 @@ auth_manager_config.ENABLE_OAUTH_SIGNUP = ENABLE_OAUTH_SIGNUP
 auth_manager_config.OAUTH_MERGE_ACCOUNTS_BY_EMAIL = OAUTH_MERGE_ACCOUNTS_BY_EMAIL
 auth_manager_config.ENABLE_OAUTH_ROLE_MANAGEMENT = ENABLE_OAUTH_ROLE_MANAGEMENT
 auth_manager_config.ENABLE_OAUTH_GROUP_MANAGEMENT = ENABLE_OAUTH_GROUP_MANAGEMENT
-auth_manager_config.OAUTH_USE_PICTURE_CLAIM = OAUTH_USE_PICTURE_CLAIM 
 auth_manager_config.OAUTH_ROLES_CLAIM = OAUTH_ROLES_CLAIM
 auth_manager_config.OAUTH_GROUPS_CLAIM = OAUTH_GROUPS_CLAIM
 auth_manager_config.OAUTH_EMAIL_CLAIM = OAUTH_EMAIL_CLAIM
@@ -327,9 +325,8 @@ class OAuthManager:
                 if existing_user:
                     raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN)
 
-                # Check if we should use the picture claim based on configuration
+                picture_claim = auth_manager_config.OAUTH_PICTURE_CLAIM
-                if auth_manager_config.OAUTH_USE_PICTURE_CLAIM:
+                if picture_claim:
-                    picture_claim = auth_manager_config.OAUTH_PICTURE_CLAIM
                     picture_url = user_data.get(
                         picture_claim, OAUTH_PROVIDERS[provider].get("picture_url", "")
                     )
@@ -343,7 +340,9 @@ class OAuthManager:
                                     "Authorization": f"Bearer {access_token}",
                                 }
                             async with aiohttp.ClientSession() as session:
-                                async with session.get(picture_url, **get_kwargs) as resp:
+                                async with session.get(
+                                    picture_url, **get_kwargs
+                                ) as resp:
                                     if resp.ok:
                                         picture = await resp.read()
                                         base64_encoded_picture = base64.b64encode(
@@ -366,7 +365,6 @@ class OAuthManager:
                     if not picture_url:
                         picture_url = "/user.png"
                 else:
-                    # If OAUTH_USE_PICTURE_CLAIM is False, just use the default image
                     picture_url = "/user.png"
 
                 username_claim = auth_manager_config.OAUTH_USERNAME_CLAIM