UniqAI/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui synced 2025-02-01 07:17:23 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
8,300 Commits 8 Branches 83 Tags 363 MiB
412923dc91
Commit Graph

28 Commits

Author SHA1 Message Date
Antti Pyykkönen
412923dc91 feat: separate cookie settings between session & auth cookies 
Introducing two new env config options to control cookies settings regarding
authentication. These values are taken into use when setting 'token' and 'oauth_id_token'.
To maintain backwards compatibility, the original session cookie values are used as
fallback.

Separation is done to prevent issues with the session cookie. When the config value was
set as 'strict', the oauth flow was broken (since the session cookie was not provided
after the callback).

Providing a separate config for auth & session cookies allows us to keep the 'strict'
settings for auth related cookies, while also allowing the session cookie to behave as
intended (e.g., by configuring it as 'lax').

The original config was added in commit #af4f8aa. However a later commit #a2e889c reused
this config option for other type of cookies, which was not the original intent.
 2025-01-23 16:16:50 +02:00
Tryanks
f3e6dacf0d refac: Extend OIDC support to all OAuth authentication methods 2025-01-17 12:56:03 +08:00
Timothy Jaeryang Baek
5526c43853
Merge pull request #8620 from Tryanks/dev 
fix: incorrectly indexing the key userinfo in the token.
 2025-01-16 11:12:41 -08:00
Tryanks
4b6700a4b2
fixed: incorrectly indexing the key userinfo in the token. 2025-01-17 00:33:20 +08:00
Rodrigo Agundez
91df1c56b2 Add headers 2025-01-16 19:32:35 +08:00
Timothy Jaeryang Baek
3328e2ea97
Merge pull request #8566 from rragundez/ms-auth-picture 
Add functionality to retrive picture for microsoft oauth
 2025-01-15 10:02:28 -08:00
Rodrigo Agundez
c8be0b20cc Add functionality to retrive picture for microsoft oauth 2025-01-15 09:17:22 +08:00
Timothy Jaeryang Baek
987664f9b5 fix 
Co-Authored-By: Izhar Firdaus <480984+kagesenshi@users.noreply.github.com>
 2025-01-08 00:57:52 -08:00
Timothy Jaeryang Baek
b3c7ecaea1 fix: oauth webhook 
Co-Authored-By: Izhar Firdaus <480984+kagesenshi@users.noreply.github.com>
 2025-01-08 00:38:00 -08:00
tarmst
8117bf8603 Add admin check 2025-01-06 18:23:42 +00:00
Timothy Jaeryang Baek
1902d4238b chore: format 2024-12-17 13:51:29 -08:00
tarmst
0f33856182 Removing prints used for debugging 2024-12-17 19:50:59 +00:00
tarmst
9737869d11 Adding oauth group management for users upon login 2024-12-17 19:38:07 +00:00
Timothy Jaeryang Baek
d3d161f723 wip 2024-12-10 00:54:13 -08:00
Timothy Jaeryang Baek
f264d82d13
Merge pull request #7551 from jonassvatos/patch-1 
feat: Add OAUTH_ALLOWED_DOMAINS
 2024-12-09 16:27:06 -08:00
Timothy Jaeryang Baek
8718067894
Merge pull request #7678 from ZaibanAli/feature/keycloak-terminate-sso-session 
feat: implement OAuth logout functionality for keyclock to terminate sso session
 2024-12-09 16:26:10 -08:00
Timothy Jaeryang Baek
a3ca632921 refac: id_token -> oauth_id_token 2024-12-09 16:25:56 -08:00
Timothy Jaeryang Baek
33099bf9e4 refac 2024-12-08 16:01:56 -08:00
Zaiban Ali
48d604a525 feat: enable OAuth signup configuration for signout functionality 2024-12-07 15:21:05 +01:00
Zaiban Ali
9918ec6246 feat: update signout functionality to use OpenID configuration for logout URL and remove the logout variable from config 2024-12-07 15:13:13 +01:00
Zaiban Ali
d5ce85f34a feat: implement OAuth logout functionality for keyclock to terminate sso session 2024-12-07 13:49:12 +01:00
jonassvatos
d42de65298 Add OAUTH_ALLOWED_DOMAINS for ability to restrict from which e-mail domains can users sign-up via OAuth 2024-12-02 10:23:05 +01:00
Fabian Fischer
23461332b9
fix: boolean values don't need to be accessed by .value 2024-10-25 09:44:03 +02:00
Willnow, Patrick
1b5ac834ef fix: get userinfo from endpoint, not only from token 
as was suggested by @alvarolopez in #6262
 2024-10-22 21:55:12 +02:00
Timothy J. Baek
9936583477 chore: format 2024-10-20 18:38:06 -07:00
Willnow, Patrick
9ad07ad0ce Add WEBUI_SESSION_COOKIE-settings missing from merge conflict 2024-10-16 20:30:35 +02:00
Willnow, Patrick
8eebd6bce1 Finish reorganizing oauth code 2024-10-16 16:32:57 +02:00
Willnow, Patrick
08ff494754 WIP 
- refactoring oauth functions to enable refresh functionality
 2024-10-16 09:42:47 +02:00