From 7a1e10f3a79912088b55edd9bd892500da163d7d Mon Sep 17 00:00:00 2001 From: Timothy Jaeryang Baek Date: Wed, 2 Apr 2025 19:23:24 -0700 Subject: [PATCH] refac: rm OAUTH_USE_PICTURE_CLAIM --- backend/open_webui/config.py | 7 ++----- backend/open_webui/utils/oauth.py | 12 +++++------- 2 files changed, 7 insertions(+), 12 deletions(-) diff --git a/backend/open_webui/config.py b/backend/open_webui/config.py index e31d85d74..981ba1b7e 100644 --- a/backend/open_webui/config.py +++ b/backend/open_webui/config.py @@ -331,11 +331,6 @@ JWT_EXPIRES_IN = PersistentConfig( # OAuth config #################################### -OAUTH_USE_PICTURE_CLAIM = PersistentConfig( - "OAUTH_USE_PICTURE_CLAIM", - "oauth.oidc.use_picture_claim", - os.environ.get("OAUTH_USE_PICTURE_CLAIM", "True").lower() == "true", -) ENABLE_OAUTH_SIGNUP = PersistentConfig( "ENABLE_OAUTH_SIGNUP", @@ -343,6 +338,7 @@ ENABLE_OAUTH_SIGNUP = PersistentConfig( os.environ.get("ENABLE_OAUTH_SIGNUP", "False").lower() == "true", ) + OAUTH_MERGE_ACCOUNTS_BY_EMAIL = PersistentConfig( "OAUTH_MERGE_ACCOUNTS_BY_EMAIL", "oauth.merge_accounts_by_email", @@ -472,6 +468,7 @@ OAUTH_USERNAME_CLAIM = PersistentConfig( os.environ.get("OAUTH_USERNAME_CLAIM", "name"), ) + OAUTH_PICTURE_CLAIM = PersistentConfig( "OAUTH_PICTURE_CLAIM", "oauth.oidc.avatar_claim", diff --git a/backend/open_webui/utils/oauth.py b/backend/open_webui/utils/oauth.py index 75c3842a6..9ebe0e6dc 100644 --- a/backend/open_webui/utils/oauth.py +++ b/backend/open_webui/utils/oauth.py @@ -23,7 +23,6 @@ from open_webui.config import ( OAUTH_PROVIDERS, ENABLE_OAUTH_ROLE_MANAGEMENT, ENABLE_OAUTH_GROUP_MANAGEMENT, - OAUTH_USE_PICTURE_CLAIM, OAUTH_ROLES_CLAIM, OAUTH_GROUPS_CLAIM, OAUTH_EMAIL_CLAIM, @@ -58,7 +57,6 @@ auth_manager_config.ENABLE_OAUTH_SIGNUP = ENABLE_OAUTH_SIGNUP auth_manager_config.OAUTH_MERGE_ACCOUNTS_BY_EMAIL = OAUTH_MERGE_ACCOUNTS_BY_EMAIL auth_manager_config.ENABLE_OAUTH_ROLE_MANAGEMENT = ENABLE_OAUTH_ROLE_MANAGEMENT auth_manager_config.ENABLE_OAUTH_GROUP_MANAGEMENT = ENABLE_OAUTH_GROUP_MANAGEMENT -auth_manager_config.OAUTH_USE_PICTURE_CLAIM = OAUTH_USE_PICTURE_CLAIM auth_manager_config.OAUTH_ROLES_CLAIM = OAUTH_ROLES_CLAIM auth_manager_config.OAUTH_GROUPS_CLAIM = OAUTH_GROUPS_CLAIM auth_manager_config.OAUTH_EMAIL_CLAIM = OAUTH_EMAIL_CLAIM @@ -327,9 +325,8 @@ class OAuthManager: if existing_user: raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN) - # Check if we should use the picture claim based on configuration - if auth_manager_config.OAUTH_USE_PICTURE_CLAIM: - picture_claim = auth_manager_config.OAUTH_PICTURE_CLAIM + picture_claim = auth_manager_config.OAUTH_PICTURE_CLAIM + if picture_claim: picture_url = user_data.get( picture_claim, OAUTH_PROVIDERS[provider].get("picture_url", "") ) @@ -343,7 +340,9 @@ class OAuthManager: "Authorization": f"Bearer {access_token}", } async with aiohttp.ClientSession() as session: - async with session.get(picture_url, **get_kwargs) as resp: + async with session.get( + picture_url, **get_kwargs + ) as resp: if resp.ok: picture = await resp.read() base64_encoded_picture = base64.b64encode( @@ -366,7 +365,6 @@ class OAuthManager: if not picture_url: picture_url = "/user.png" else: - # If OAUTH_USE_PICTURE_CLAIM is False, just use the default image picture_url = "/user.png" username_claim = auth_manager_config.OAUTH_USERNAME_CLAIM