references/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-06-13 19:20:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bfe5523c5258ebd0484b9e54ed41a7cb661a62b7
open-webui/backend
T
History
Justin Williams 478bc9e3f1 fix(oauth): use Protected Resource Metadata scopes in static OAuth 2.1 flow (#24690) 
The static credentials OAuth flow currently sets scope=None, relying on
the OAuth provider's default scopes. This breaks providers like GitHub
that default to minimal/public-only access when no scope is requested.

This change reads scopes_supported from the Protected Resource Metadata
document (RFC 9728) and uses them in the authorization request. Unlike
the Authorization Server's scopes_supported (a full catalog of every
scope the AS can grant), the PRM scopes_supported represents what the
specific resource requires — making it safe to request without breaking
providers like Entra ID that reject broad scope requests.

Fixes the regression introduced in 349ea4ea where all scope handling was
removed from the static flow.
2026-06-01 13:52:18 -07:00
..
data
open_webui
fix(oauth): use Protected Resource Metadata scopes in static OAuth 2.1 flow (#24690)
2026-06-01 13:52:18 -07:00
.dockerignore
.gitignore
dev.sh
refac
2026-03-24 19:43:30 -05:00
requirements-min.txt
refac
2026-04-24 18:20:10 +09:00
requirements.txt
refac
2026-06-01 12:24:45 -07:00
start_windows.bat
refac
2026-04-24 15:40:02 +09:00
start.sh
fix: default optional env vars used with bash ,, in start.sh (#24683)
2026-05-15 09:29:25 +09:00