Remove mcp-gateway/OPENUI_OAUTH_QUICK_FIX.txt
This commit is contained in:
parent
fd78e7b17b
commit
a20f6018eb
1 changed files with 0 additions and 167 deletions
|
|
@ -1,167 +0,0 @@
|
|||
OPENUI OAUTH FIX - QUICK IMPLEMENTATION
|
||||
=========================================
|
||||
|
||||
PROBLEM:
|
||||
--------
|
||||
Open-UI gets: {"error":"invalid_client","error_description":"Client not registered."}
|
||||
Works fine in Claude.ai but fails after gateway restart.
|
||||
|
||||
ROOT CAUSE:
|
||||
-----------
|
||||
OAuth clients stored in RAM only → lost on restart
|
||||
Open-UI can register new client but then can't use it if gateway restarts
|
||||
|
||||
SOLUTION:
|
||||
---------
|
||||
Use persistent file storage for OAuth clients instead of RAM
|
||||
|
||||
|
||||
3 SIMPLE STEPS:
|
||||
===============
|
||||
|
||||
STEP 1: Deploy oauth_storage.py
|
||||
------
|
||||
|
||||
The file is ready at:
|
||||
gateway-proxy/oauth_storage.py
|
||||
|
||||
No changes needed - just copy it to your gateway-proxy folder if not there already.
|
||||
|
||||
|
||||
STEP 2: Update gateway_proxy.py (3 edits)
|
||||
--------
|
||||
|
||||
EDIT 2A - Around line 27 (with other imports):
|
||||
|
||||
ADD THIS:
|
||||
from .oauth_storage import load_oauth_clients, save_oauth_clients
|
||||
|
||||
---
|
||||
|
||||
EDIT 2B - Around line 52 (where REGISTERED_CLIENTS is defined):
|
||||
|
||||
CHANGE THIS:
|
||||
REGISTERED_CLIENTS: dict[str, dict] = {}
|
||||
|
||||
TO THIS:
|
||||
REGISTERED_CLIENTS = load_oauth_clients()
|
||||
|
||||
---
|
||||
|
||||
EDIT 2C - In oauth_register() function, after line 383:
|
||||
|
||||
AFTER:
|
||||
REGISTERED_CLIENTS[client_id] = client_info
|
||||
|
||||
ADD THIS NEW LINE:
|
||||
save_oauth_clients(REGISTERED_CLIENTS)
|
||||
|
||||
So it looks like:
|
||||
REGISTERED_CLIENTS[client_id] = client_info
|
||||
save_oauth_clients(REGISTERED_CLIENTS) # <-- ADD THIS
|
||||
|
||||
|
||||
STEP 3: Update docker-compose.yml
|
||||
---------
|
||||
|
||||
Add a volume to the gateway-proxy service:
|
||||
|
||||
Find:
|
||||
gateway-proxy:
|
||||
build:
|
||||
context: ./gateway-proxy
|
||||
...
|
||||
|
||||
Add volumes section (if not present):
|
||||
volumes:
|
||||
- gateway-data:/data
|
||||
|
||||
And at the bottom of docker-compose.yml, add:
|
||||
|
||||
volumes:
|
||||
gateway-data:
|
||||
|
||||
Example:
|
||||
gateway-proxy:
|
||||
build:
|
||||
context: ./gateway-proxy
|
||||
...
|
||||
volumes:
|
||||
- gateway-data:/data
|
||||
|
||||
volumes:
|
||||
gateway-data:
|
||||
|
||||
|
||||
STEP 4: Restart
|
||||
-------
|
||||
|
||||
docker-compose down
|
||||
docker-compose up -d
|
||||
|
||||
|
||||
VERIFY IT WORKS:
|
||||
================
|
||||
|
||||
After restart, check:
|
||||
|
||||
1. OAuth clients are saved:
|
||||
docker exec mcp-gateway ls -la /data/oauth_clients.json
|
||||
|
||||
2. Check contents:
|
||||
docker exec mcp-gateway cat /data/oauth_clients.json | jq '.'
|
||||
|
||||
3. Test in Open-UI:
|
||||
- Add gateway: http://mcp.wilddragon.net:8000
|
||||
- Should NOT ask to authorize again (because client is persisted)
|
||||
- Should work normally
|
||||
|
||||
|
||||
WHY THIS WORKS:
|
||||
===============
|
||||
|
||||
Before: Gateway starts → RAM is empty → Open-UI registers new client → Client stored in RAM →
|
||||
Gateway restarts → RAM cleared → Client is GONE → Open-UI can't authenticate
|
||||
|
||||
After: Gateway starts → Loads clients from /data/oauth_clients.json → Open-UI registers once →
|
||||
Stored on disk → Gateway restarts → Loads same clients from disk → Open-UI can use existing client
|
||||
|
||||
|
||||
FILE LOCATIONS:
|
||||
===============
|
||||
|
||||
Ready to use:
|
||||
✅ gateway-proxy/oauth_storage.py (already created)
|
||||
✅ OPENUI_OAUTH_FIX.md (detailed docs)
|
||||
⏳ gateway-proxy/gateway_proxy.py (needs 3 small edits)
|
||||
⏳ docker-compose.yml (add volume)
|
||||
|
||||
|
||||
TROUBLESHOOTING:
|
||||
================
|
||||
|
||||
If /data/oauth_clients.json doesn't get created:
|
||||
1. Check Docker volume was added to compose file
|
||||
2. Check gateway logs: docker logs mcp-gateway | grep oauth_storage
|
||||
3. Ensure /data folder exists in container: docker exec mcp-gateway ls /data
|
||||
|
||||
If Open-UI still says "Client not registered":
|
||||
1. Check file exists: docker exec mcp-gateway ls -la /data/oauth_clients.json
|
||||
2. Check contents: docker exec mcp-gateway cat /data/oauth_clients.json
|
||||
3. Check for save errors in logs: docker logs mcp-gateway | grep "Failed to save"
|
||||
|
||||
If you want to force re-auth:
|
||||
1. Delete the stored clients: docker exec mcp-gateway rm /data/oauth_clients.json
|
||||
2. Restart: docker-compose restart gateway-proxy
|
||||
3. Open-UI will need to register again
|
||||
|
||||
|
||||
TESTING PERSISTENCE:
|
||||
====================
|
||||
|
||||
1. Open-UI authorizes and gets token (works)
|
||||
2. Test API works: curl with token (works)
|
||||
3. Restart gateway: docker-compose restart gateway-proxy
|
||||
4. Use same token to test API again (should still work!)
|
||||
|
||||
If step 4 works, persistence is working correctly.
|
||||
Loading…
Reference in a new issue