From 1b5ac834ef70223c79993ad430bd4a761d4f75a1 Mon Sep 17 00:00:00 2001
From: "Willnow, Patrick" <patrick.willnow@th-luebeck.de>
Date: Tue, 22 Oct 2024 21:55:12 +0200
Subject: [PATCH] fix: get userinfo from endpoint, not only from token as was
 suggested by @alvarolopez in #6262

---
 backend/open_webui/utils/oauth.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/backend/open_webui/utils/oauth.py b/backend/open_webui/utils/oauth.py
index d59e36733..17b0c4fe0 100644
--- a/backend/open_webui/utils/oauth.py
+++ b/backend/open_webui/utils/oauth.py
@@ -139,6 +139,11 @@ class OAuthManager:
             log.warning(f"OAuth callback error: {e}")
             raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
         user_data: UserInfo = token["userinfo"]
+        if not user_data:
+            user_data: UserInfo = await client.userinfo(token=token)
+        if not user_data:
+            log.warning(f"OAuth callback failed, user data is missing: {token}")
+            raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
 
         sub = user_data.get("sub")
         if not sub: