enh: OIDC/OAuth2 flow logs #1843

New Issue

Open

opened 2025-11-11 14:54:40 -06:00 by GiteaMirror · 1 comment

GiteaMirror commented 2025-11-11 14:54:40 -06:00

Owner

Copy Link

Originally created by @senpro-ingwersenk on GitHub (Aug 22, 2024).

Bug Report

There are issues here and there with the OIDC/OAuth implementation that you can find reports on in numerous tickets. The biggest issue is, that the logs give you no feedback on what is wrong exactly and just continues on with weird messages in the frontend - like mismatching email/password, when the request is the result of an OIDC flow. It makes no sense...

So, I would like to ask for more and better debugging so we can get rid of that bug! :)

/cc @brtptrs

Installation Method

I used Docker Compose - but Keycloak lives in a k3s cluster - in fact, in a separate network.

Environment

• Open WebUI Version: ghcr.io/open-webui/open-webui:main

• Ollama (if applicable): n/a

• Operating System: Linux, arm64, Debian 12

• Browser (if applicable): Not applicable

Confirmation:

• I have read and followed all the instructions provided in the README.md.
• I am on the latest version of both Open WebUI and Ollama.
• I have included the browser console logs.
• I have included the Docker container logs.
• I have provided the exact steps to reproduce the bug in the "Steps to Reproduce" section below.

Expected Behavior:

Right now, we only get messages like this:

WARNI [main] OAuth callback error: Expecting value: line 1 column 1 (char 0)

No URL, no parameters, no response body. I even set LOG_LEVEL: trace.

The expected behaviour is to receive more context to reproduce or at least investigate bette rinto where the problem comes from.

Actual Behavior:

Short logs with little information

Description

Bug Summary:
OpenWebUI does not provide further information even under trace logging, making the actual debugging quite difficult.

Reproduction Details

Steps to Reproduce:
There's a couple. In my case, just a basic Keycloak realm ("master") with a provider configured for client/secret, with everything else left on default.

Logs and Screenshots

Browser Console Logs:
n/a

Docker Container Logs:
See above

Screenshots/Screen Recordings (if applicable):
n/a

Additional Information

In my case, Keycloak lives in a separate segment of the main network and there is a chance that it is running into our firewall and I have no real way of finding that out because the firewall my boss chose to use is ... uh ... well, to put it nicely, it is not nice. ;) It has a WAF but it is hard to look into it's logs.

Note

If the bug report is incomplete or does not follow the provided instructions, it may not be addressed. Please ensure that you have followed the steps outlined in the README.md and troubleshooting.md documents, and provide all necessary information for us to reproduce and address the issue. Thank you!

Thank you too!

Originally created by @senpro-ingwersenk on GitHub (Aug 22, 2024). # Bug Report There are issues here and there with the OIDC/OAuth implementation that you can find reports on in numerous tickets. The biggest issue is, that the logs give you no feedback on what is wrong exactly and just continues on with weird messages in the frontend - like mismatching email/password, when the request is the result of an OIDC flow. It makes no sense... So, I would like to ask for more and better debugging so we can get rid of that bug! :) /cc @brtptrs ## Installation Method I used Docker Compose - but Keycloak lives in a k3s cluster - in fact, in a separate network. ## Environment - **Open WebUI Version:** `ghcr.io/open-webui/open-webui:main` - **Ollama (if applicable):** n/a - **Operating System:** Linux, arm64, Debian 12 - **Browser (if applicable):** Not applicable **Confirmation:** - [X] I have read and followed all the instructions provided in the README.md. - [X] I am on the latest version of both Open WebUI and Ollama. - [ ] I have included the browser console logs. - [ ] I have included the Docker container logs. - [ ] I have provided the exact steps to reproduce the bug in the "Steps to Reproduce" section below. ## Expected Behavior: Right now, we only get messages like this: ``` WARNI [main] OAuth callback error: Expecting value: line 1 column 1 (char 0) ``` No URL, no parameters, no response body. I even set `LOG_LEVEL: trace`. The expected behaviour is to receive more context to reproduce or at least investigate bette rinto where the problem comes from. ## Actual Behavior: Short logs with little information ## Description **Bug Summary:** OpenWebUI does not provide further information even under trace logging, making the actual debugging quite difficult. ## Reproduction Details **Steps to Reproduce:** There's a couple. In my case, just a basic Keycloak realm ("master") with a provider configured for client/secret, with everything else left on default. ## Logs and Screenshots **Browser Console Logs:** n/a **Docker Container Logs:** See above **Screenshots/Screen Recordings (if applicable):** n/a ## Additional Information In my case, Keycloak lives in a separate segment of the main network and there is a chance that it is running into our firewall and I have no real way of finding that out because the firewall my boss chose to use is ... uh ... well, to put it nicely, it is not nice. ;) It has a WAF but it is hard to look into it's logs. ## Note > If the bug report is incomplete or does not follow the provided instructions, it may not be addressed. Please ensure that you have followed the steps outlined in the README.md and troubleshooting.md documents, and provide all necessary information for us to reproduce and address the issue. Thank you! Thank you too!

GiteaMirror commented 2025-11-11 14:54:42 -06:00

Author

Owner

Copy Link

@tjbck commented on GitHub (Aug 22, 2024):

PR welcome!

@tjbck commented on GitHub (Aug 22, 2024): PR welcome!

GiteaMirror referenced this issue 2025-11-11 17:31:25 -06:00

[PR #1843] [CLOSED] Increase-Context-Length #7608

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

bits-ui-v2

backend-outlet

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#1843