refac: rm OAUTH_USE_PICTURE_CLAIM

2025-04-10 15:45:45 +00:00 · 2025-04-02 19:23:24 -07:00 · 2025-04-02 19:23:24 -07:00 · 7a1e10f3a7
commit 7a1e10f3a7
parent b15bf0dc70
2 changed files with 7 additions and 12 deletions
--- a/backend/open_webui/config.py
+++ b/backend/open_webui/config.py
@ -331,11 +331,6 @@ JWT_EXPIRES_IN = PersistentConfig(
 # OAuth config
 ####################################

-OAUTH_USE_PICTURE_CLAIM = PersistentConfig(
-    "OAUTH_USE_PICTURE_CLAIM",
-    "oauth.oidc.use_picture_claim",
-    os.environ.get("OAUTH_USE_PICTURE_CLAIM", "True").lower() == "true",
-)

 ENABLE_OAUTH_SIGNUP = PersistentConfig(
    "ENABLE_OAUTH_SIGNUP",
@ -343,6 +338,7 @@ ENABLE_OAUTH_SIGNUP = PersistentConfig(
    os.environ.get("ENABLE_OAUTH_SIGNUP", "False").lower() == "true",
 )

+
 OAUTH_MERGE_ACCOUNTS_BY_EMAIL = PersistentConfig(
    "OAUTH_MERGE_ACCOUNTS_BY_EMAIL",
    "oauth.merge_accounts_by_email",
@ -472,6 +468,7 @@ OAUTH_USERNAME_CLAIM = PersistentConfig(
    os.environ.get("OAUTH_USERNAME_CLAIM", "name"),
 )

+
 OAUTH_PICTURE_CLAIM = PersistentConfig(
    "OAUTH_PICTURE_CLAIM",
    "oauth.oidc.avatar_claim",
--- a/backend/open_webui/utils/oauth.py
+++ b/backend/open_webui/utils/oauth.py
@ -23,7 +23,6 @@ from open_webui.config import (
    OAUTH_PROVIDERS,
    ENABLE_OAUTH_ROLE_MANAGEMENT,
    ENABLE_OAUTH_GROUP_MANAGEMENT,
-    OAUTH_USE_PICTURE_CLAIM,
    OAUTH_ROLES_CLAIM,
    OAUTH_GROUPS_CLAIM,
    OAUTH_EMAIL_CLAIM,
@ -58,7 +57,6 @@ auth_manager_config.ENABLE_OAUTH_SIGNUP = ENABLE_OAUTH_SIGNUP
 auth_manager_config.OAUTH_MERGE_ACCOUNTS_BY_EMAIL = OAUTH_MERGE_ACCOUNTS_BY_EMAIL
 auth_manager_config.ENABLE_OAUTH_ROLE_MANAGEMENT = ENABLE_OAUTH_ROLE_MANAGEMENT
 auth_manager_config.ENABLE_OAUTH_GROUP_MANAGEMENT = ENABLE_OAUTH_GROUP_MANAGEMENT
-auth_manager_config.OAUTH_USE_PICTURE_CLAIM = OAUTH_USE_PICTURE_CLAIM 
 auth_manager_config.OAUTH_ROLES_CLAIM = OAUTH_ROLES_CLAIM
 auth_manager_config.OAUTH_GROUPS_CLAIM = OAUTH_GROUPS_CLAIM
 auth_manager_config.OAUTH_EMAIL_CLAIM = OAUTH_EMAIL_CLAIM
@ -327,9 +325,8 @@ class OAuthManager:
                if existing_user:
                    raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN)

-                # Check if we should use the picture claim based on configuration
-                if auth_manager_config.OAUTH_USE_PICTURE_CLAIM:
-                    picture_claim = auth_manager_config.OAUTH_PICTURE_CLAIM
+                picture_claim = auth_manager_config.OAUTH_PICTURE_CLAIM
+                if picture_claim:
                    picture_url = user_data.get(
                        picture_claim, OAUTH_PROVIDERS[provider].get("picture_url", "")
                    )
@ -343,7 +340,9 @@ class OAuthManager:
                                    "Authorization": f"Bearer {access_token}",
                                }
                            async with aiohttp.ClientSession() as session:
-                                async with session.get(picture_url, **get_kwargs) as resp:
+                                async with session.get(
+                                    picture_url, **get_kwargs
+                                ) as resp:
                                    if resp.ok:
                                        picture = await resp.read()
                                        base64_encoded_picture = base64.b64encode(
@ -366,7 +365,6 @@ class OAuthManager:
                    if not picture_url:
                        picture_url = "/user.png"
                else:
-                    # If OAUTH_USE_PICTURE_CLAIM is False, just use the default image
                    picture_url = "/user.png"

                username_claim = auth_manager_config.OAUTH_USERNAME_CLAIM