From 48d604a525be76add87319ac4a8764aef173808f Mon Sep 17 00:00:00 2001
From: Zaiban Ali <za18anali@gmail.com>
Date: Sat, 7 Dec 2024 15:21:05 +0100
Subject: [PATCH] feat: enable OAuth signup configuration for signout
 functionality

---
 .../open_webui/apps/webui/routers/auths.py    | 34 ++++++++++---------
 backend/open_webui/utils/oauth.py             |  3 +-
 2 files changed, 19 insertions(+), 18 deletions(-)

diff --git a/backend/open_webui/apps/webui/routers/auths.py b/backend/open_webui/apps/webui/routers/auths.py
index 622e118b2..1a671d0bf 100644
--- a/backend/open_webui/apps/webui/routers/auths.py
+++ b/backend/open_webui/apps/webui/routers/auths.py
@@ -33,6 +33,7 @@ from fastapi import APIRouter, Depends, HTTPException, Request, status
 from fastapi.responses import RedirectResponse, Response
 from open_webui.config import (
     OPENID_PROVIDER_URL,
+    ENABLE_OAUTH_SIGNUP,
 )
 from pydantic import BaseModel
 from open_webui.utils.misc import parse_duration, validate_email_format
@@ -505,22 +506,23 @@ async def signup(request: Request, response: Response, form_data: SignupForm):
 async def signout(request: Request, response: Response):
     response.delete_cookie("token")
 
-    id_token = request.cookies.get("id_token", None)
-    if id_token:
-        async with httpx.AsyncClient() as client:
-            try:
-                openid_config = await client.get(OPENID_PROVIDER_URL.value)
-                openid_config.raise_for_status()
-                openid_data = openid_config.json()
-                end_session_endpoint = openid_data.get("end_session_endpoint")
-                if end_session_endpoint:
-                    logout_url = f"{end_session_endpoint}?id_token_hint={id_token}"
-                    response.delete_cookie("id_token")
-                    return RedirectResponse(url=logout_url)
-            except httpx.HTTPStatusError as e:
-                raise HTTPException(status_code=e.response.status_code, detail="Failed to fetch OpenID configuration")
-            except Exception as e:
-                raise HTTPException(status_code=500, detail=str(e))
+    if ENABLE_OAUTH_SIGNUP.value:
+        id_token = request.cookies.get("id_token", None)
+        if id_token:
+            async with httpx.AsyncClient() as client:
+                try:
+                    openid_config = await client.get(OPENID_PROVIDER_URL.value)
+                    openid_config.raise_for_status()
+                    openid_data = openid_config.json()
+                    end_session_endpoint = openid_data.get("end_session_endpoint")
+                    if end_session_endpoint:
+                        logout_url = f"{end_session_endpoint}?id_token_hint={id_token}"
+                        response.delete_cookie("id_token")
+                        return RedirectResponse(url=logout_url)
+                except httpx.HTTPStatusError as e:
+                    raise HTTPException(status_code=e.response.status_code, detail="Failed to fetch OpenID configuration")
+                except Exception as e:
+                    raise HTTPException(status_code=500, detail=str(e))
 
     # Fall back to the default signout
     return {"status": True}
diff --git a/backend/open_webui/utils/oauth.py b/backend/open_webui/utils/oauth.py
index 3c2e3a90c..e7a6b167f 100644
--- a/backend/open_webui/utils/oauth.py
+++ b/backend/open_webui/utils/oauth.py
@@ -20,7 +20,6 @@ from open_webui.config import (
     OAUTH_MERGE_ACCOUNTS_BY_EMAIL,
     OAUTH_PROVIDERS,
     ENABLE_OAUTH_ROLE_MANAGEMENT,
-    OAUTH_PROVIDER_NAME,
     OAUTH_ROLES_CLAIM,
     OAUTH_EMAIL_CLAIM,
     OAUTH_PICTURE_CLAIM,
@@ -254,7 +253,7 @@ class OAuthManager:
             secure=WEBUI_SESSION_COOKIE_SECURE,
         )
         
-        if OAUTH_PROVIDER_NAME.value:
+        if ENABLE_OAUTH_SIGNUP.value:
             id_token = token.get("id_token")
             response.set_cookie(
                 key="id_token",