@lobehub/lobehub 2.0.0-next.185 → 2.0.0-next.186

package/CHANGELOG.md

@@ -2,6 +2,31 @@
 
 # Changelog
 
+## [Version 2.0.0-next.186](https://github.com/lobehub/lobe-chat/compare/v2.0.0-next.185...v2.0.0-next.186)
+
+<sup>Released on **2026-01-01**</sup>
+
+#### ♻ Code Refactoring
+
+- **misc**: Refactor oidc env to auth env.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### Code refactoring
+
+- **misc**: Refactor oidc env to auth env, closes [#11095](https://github.com/lobehub/lobe-chat/issues/11095) ([6e8d4ff](https://github.com/lobehub/lobe-chat/commit/6e8d4ff))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
 ## [Version 2.0.0-next.185](https://github.com/lobehub/lobe-chat/compare/v2.0.0-next.184...v2.0.0-next.185)
 
 <sup>Released on **2026-01-01**</sup>

package/changelog/v1.json

@@ -1,4 +1,13 @@
 [
+  {
+    "children": {
+      "improvements": [
+        "Refactor oidc env to auth env."
+      ]
+    },
+    "date": "2026-01-01",
+    "version": "2.0.0-next.186"
+  },
   {
     "children": {
       "improvements": [

package/e2e/src/support/webServer.ts

@@ -101,7 +101,6 @@ export async function startWebServer(options: WebServerOptions): Promise<void> {
         ...process.env,
         // E2E test secret keys
         BETTER_AUTH_SECRET: 'e2e-test-secret-key-for-better-auth-32chars!',
-        ENABLE_OIDC: '0',
         KEY_VAULTS_SECRET: 'LA7n9k3JdEcbSgml2sxfw+4TV1AzaaFU5+R176aQz4s=',
         // Disable email verification for e2e
         NEXT_PUBLIC_AUTH_EMAIL_VERIFICATION: '0',

package/next.config.ts

@@ -1,5 +1,18 @@
 import { defineConfig } from './src/libs/next/config/define-config';
 
-const nextConfig = defineConfig({});
+const nextConfig = defineConfig({
+  experimental: {
+    webpackBuildWorker: true,
+    webpackMemoryOptimizations: true,
+  },
+  webpack: (webpackConfig, context) => {
+    const { dev } = context;
+    if (!dev) {
+      webpackConfig.cache = false;
+    }
+
+    return webpackConfig;
+  },
+});
 
 export default nextConfig;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/lobehub",
-  "version": "2.0.0-next.185",
+  "version": "2.0.0-next.186",
   "description": "LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",
@@ -40,6 +40,7 @@
     "build:analyze": "NODE_OPTIONS=--max-old-space-size=8192 ANALYZE=true next build --webpack",
     "build:docker": "npm run prebuild && NODE_OPTIONS=--max-old-space-size=8192 DOCKER=true next build --webpack && npm run build-sitemap",
     "build:electron": "cross-env NODE_OPTIONS=--max-old-space-size=8192 NEXT_PUBLIC_IS_DESKTOP_APP=1 tsx scripts/electronWorkflow/buildNextApp.mts",
+    "build:vercel": "npm run prebuild && cross-env NODE_OPTIONS=--max-old-space-size=6144 next build --webpack",
     "clean:node_modules": "bash -lc 'set -e; echo \"Removing all node_modules...\"; rm -rf node_modules; pnpm -r exec rm -rf node_modules; rm -rf apps/desktop/node_modules; echo \"All node_modules removed.\"'",
     "db:generate": "drizzle-kit generate && npm run db:generate-client && npm run workflow:dbml",
     "db:generate-client": "tsx ./scripts/migrateClientDB/compile-migrations.ts",

package/packages/types/src/message/common/base.ts

@@ -5,7 +5,7 @@ import type { ILobeAgentRuntimeErrorType } from '../../agentRuntime';
 import { ErrorType } from '../../fetch';
 
 /**
- * 聊天消息错误对象
+ * Chat message error object
  */
 export interface ChatMessageError {
   body?: any;

package/packages/types/src/message/ui/chat.ts

@@ -107,7 +107,7 @@ export interface UIChatMessage {
   content: string;
   createdAt: number;
   error?: ChatMessageError | null;
-  // 扩展字段
+  // Extended fields
   extra?: ChatMessageExtra;
   fileList?: ChatFileItem[];
   /**
@@ -186,11 +186,11 @@ export interface UIChatMessage {
   tool_call_id?: string;
   tools?: ChatToolPayload[];
   /**
-   * 保存到主题的消息
+   * Messages saved to topic
    */
   topicId?: string;
   /**
-   * 观测链路 id
+   * Observation trace ID
    */
   traceId?: string;
   updatedAt: number;

package/packages/types/src/message/ui/extra.ts

@@ -9,8 +9,8 @@ export interface ChatTTS {
 export interface ChatMessageExtra {
   model?: string;
   provider?: string;
-  // 翻译
+  // Translation
   translate?: ChatTranslate | false | null;
-  // TTS
+  // Text-to-Speech
   tts?: ChatTTS;
 }

package/packages/types/src/openai/plugin.ts

@@ -53,5 +53,5 @@ export interface OpenAIPluginManifest {
   name_for_human: string;
   name_for_model: string;
   schema_version: string;
-  // 其他可能的字段...
+  // Other possible fields...
 }

package/packages/types/src/session/agentSession.ts

@@ -47,7 +47,7 @@ export interface LobeGroupSession {
 
 export interface LobeAgentSettings {
   /**
-   * 语言模型角色设定
+   * Language model agent configuration
    */
   config: LobeAgentConfig;
   meta: MetaData;

package/packages/types/src/user/settings/index.ts

@@ -28,7 +28,7 @@ export * from './tool';
 export * from './tts';
 
 /**
- * 配置设置
+ * User configuration settings
  */
 export interface UserSettings {
   defaultAgent: UserDefaultAgent;

package/src/app/(backend)/oidc/[...oidc]/route.ts

@@ -2,7 +2,7 @@ import debug from 'debug';
 import { type NextRequest, NextResponse } from 'next/server';
 import { URL } from 'node:url';
 
-import { oidcEnv } from '@/envs/oidc';
+import { authEnv } from '@/envs/auth';
 import { createNodeRequest, createNodeResponse } from '@/libs/oidc-provider/http-adapter';
 import { getOIDCProvider } from '@/server/services/oidc/oidcProvider';
 
@@ -17,7 +17,7 @@ const handler = async (req: NextRequest) => {
   let responseCollector;
 
   try {
-    if (!oidcEnv.ENABLE_OIDC) {
+    if (!authEnv.ENABLE_OIDC) {
       log('OIDC is not enabled');
       return new NextResponse('OIDC is not enabled', { status: 404 });
     }

package/src/app/[variants]/(auth)/oauth/consent/[uid]/page.tsx

@@ -1,6 +1,6 @@
 import { notFound } from 'next/navigation';
 
-import { oidcEnv } from '@/envs/oidc';
+import { authEnv } from '@/envs/auth';
 import { defaultClients } from '@/libs/oidc-provider/config';
 import { OIDCService } from '@/server/services/oidc';
 
@@ -9,7 +9,7 @@ import Consent from './Consent';
 import Login from './Login';
 
 const InteractionPage = async (props: { params: Promise<{ uid: string }> }) => {
-  if (!oidcEnv.ENABLE_OIDC) return notFound();
+  if (!authEnv.ENABLE_OIDC) return notFound();
 
   const params = await props.params;
   const uid = params.uid;

package/src/envs/auth.ts

@@ -284,6 +284,7 @@ export const getAuthConfig = () => {
 
       // Generic JWKS key for signing/verifying JWTs
       JWKS_KEY: z.string().optional(),
+      ENABLE_OIDC: z.boolean(),
     },
 
     runtimeEnv: {
@@ -407,6 +408,7 @@ export const getAuthConfig = () => {
 
       // Generic JWKS key (fallback to OIDC_JWKS_KEY for backward compatibility)
       JWKS_KEY: process.env.JWKS_KEY || process.env.OIDC_JWKS_KEY,
+      ENABLE_OIDC: !!(process.env.JWKS_KEY || process.env.OIDC_JWKS_KEY),
     },
   });
 };

package/src/libs/next/config/define-config.ts

@@ -6,9 +6,11 @@ import type { Header, Redirect } from 'next/dist/lib/load-custom-routes';
 import ReactComponentName from 'react-scan/react-component-name/webpack';
 
 interface CustomNextConfig {
+  experimental?: NextConfig['experimental'];
   headers?: Header[];
   redirects?: Redirect[];
   turbopack?: NextConfig['turbopack'];
+  webpack?: NextConfig['webpack'];
 }
 
 export function defineConfig(config: CustomNextConfig) {
@@ -56,6 +58,7 @@ export function defineConfig(config: CustomNextConfig) {
       webVitalsAttribution: ['CLS', 'LCP'],
       webpackBuildWorker: true,
       webpackMemoryOptimizations: true,
+      ...config.experimental,
     },
     async headers() {
       const securityHeaders = [
@@ -325,20 +328,20 @@ export function defineConfig(config: CustomNextConfig) {
       ignoreBuildErrors: true,
     },
 
-    webpack(config) {
-      config.experiments = {
+    webpack(baseWebpackConfig, options) {
+      baseWebpackConfig.experiments = {
         asyncWebAssembly: true,
         layers: true,
       };
 
       // 开启该插件会导致 pglite 的 fs bundler 被改表
       if (enableReactScan) {
-        config.plugins.push(ReactComponentName({}));
+        baseWebpackConfig.plugins.push(ReactComponentName({}));
       }
 
       // to fix shikiji compile error
       // refs: https://github.com/antfu/shikiji/issues/23
-      config.module.rules.push({
+      baseWebpackConfig.module.rules.push({
         resolve: {
           fullySpecified: false,
         },
@@ -347,14 +350,14 @@ export function defineConfig(config: CustomNextConfig) {
       });
 
       // https://github.com/pinojs/pino/issues/688#issuecomment-637763276
-      config.externals.push('pino-pretty');
+      baseWebpackConfig.externals.push('pino-pretty');
 
-      config.resolve.alias.canvas = false;
+      baseWebpackConfig.resolve.alias.canvas = false;
 
       // to ignore epub2 compile error
       // refs: https://github.com/lobehub/lobe-chat/discussions/6769
-      config.resolve.fallback = {
-        ...config.resolve.fallback,
+      baseWebpackConfig.resolve.fallback = {
+        ...baseWebpackConfig.resolve.fallback,
         zipfile: false,
       };
 
@@ -364,7 +367,7 @@ export function defineConfig(config: CustomNextConfig) {
       ) {
         // fix the Worker URL cross-origin issue
         // refs: https://github.com/lobehub/lobe-chat/pull/9624
-        config.module.rules.push({
+        baseWebpackConfig.module.rules.push({
           generator: {
             // @see https://webpack.js.org/configuration/module/#rulegeneratorpublicpath
             publicPath: '/_next/',
@@ -375,7 +378,13 @@ export function defineConfig(config: CustomNextConfig) {
         });
       }
 
-      return config;
+      const updatedConfig = baseWebpackConfig;
+
+      if (config.webpack) {
+        return config.webpack(updatedConfig, options);
+      }
+
+      return updatedConfig;
     },
   };
 

package/src/libs/next/proxy/define-config.ts

@@ -12,7 +12,6 @@ import { LOBE_THEME_APPEARANCE } from '@/const/theme';
 import { isDesktop } from '@/const/version';
 import { appEnv } from '@/envs/app';
 import { authEnv } from '@/envs/auth';
-import { oidcEnv } from '@/envs/oidc';
 import NextAuth from '@/libs/next-auth';
 import { type Locales } from '@/locales/resources';
 import { parseBrowserLanguage } from '@/utils/locale';
@@ -236,7 +235,7 @@ export function defineConfig() {
       response.headers.set(OAUTH_AUTHORIZED, 'true');
 
       // If OIDC is enabled and user is logged in, add OIDC session pre-sync header
-      if (oidcEnv.ENABLE_OIDC && session?.user?.id) {
+      if (authEnv.ENABLE_OIDC && session?.user?.id) {
         logNextAuth('OIDC session pre-sync: Setting %s = %s', OIDC_SESSION_HEADER, session.user.id);
         response.headers.set(OIDC_SESSION_HEADER, session.user.id);
       }
@@ -285,10 +284,10 @@ export function defineConfig() {
       });
 
       // If OIDC is enabled and Clerk user is logged in, add OIDC session pre-sync header
-      if (oidcEnv.ENABLE_OIDC && data.userId) {
+      if (authEnv.ENABLE_OIDC && data.userId) {
         logClerk('OIDC session pre-sync: Setting %s = %s', OIDC_SESSION_HEADER, data.userId);
         response.headers.set(OIDC_SESSION_HEADER, data.userId);
-      } else if (oidcEnv.ENABLE_OIDC) {
+      } else if (authEnv.ENABLE_OIDC) {
         logClerk('No Clerk user detected, not setting OIDC session sync header');
       }
 
@@ -351,7 +350,7 @@ export function defineConfig() {
     enableBetterAuth: authEnv.NEXT_PUBLIC_ENABLE_BETTER_AUTH,
     enableClerk: authEnv.NEXT_PUBLIC_ENABLE_CLERK_AUTH,
     enableNextAuth: authEnv.NEXT_PUBLIC_ENABLE_NEXT_AUTH,
-    enableOIDC: oidcEnv.ENABLE_OIDC,
+    enableOIDC: authEnv.ENABLE_OIDC,
   });
 
   return {

package/src/libs/trpc/lambda/context.ts

@@ -1,17 +1,17 @@
-import { type ClientSecretPayload } from '@lobechat/types';
-import { parse } from 'cookie';
-import debug from 'debug';
-import { type User } from 'next-auth';
-import { type NextRequest } from 'next/server';
-
 import {
   LOBE_CHAT_AUTH_HEADER,
   LOBE_CHAT_OIDC_AUTH_HEADER,
   enableBetterAuth,
   enableClerk,
   enableNextAuth,
-} from '@/const/auth';
-import { oidcEnv } from '@/envs/oidc';
+} from '@lobechat/const';
+import { type ClientSecretPayload } from '@lobechat/types';
+import { parse } from 'cookie';
+import debug from 'debug';
+import { type User } from 'next-auth';
+import { type NextRequest } from 'next/server';
+
+import { authEnv } from '@/envs/auth';
 import { ClerkAuth, type IClerkAuth } from '@/libs/clerk-auth';
 import { validateOIDCJWT } from '@/libs/oidc-provider/jwt';
 
@@ -129,11 +129,9 @@ export const createLambdaContext = async (request: NextRequest): Promise<LambdaC
   let oidcAuth = null;
 
   // Prioritize checking for OIDC authentication (both standard Authorization and custom Oidc-Auth headers)
-  if (oidcEnv.ENABLE_OIDC) {
+  if (authEnv.ENABLE_OIDC) {
     log('OIDC enabled, attempting OIDC authentication');
-    const standardAuthorization = request.headers.get('Authorization');
     const oidcAuthToken = request.headers.get(LOBE_CHAT_OIDC_AUTH_HEADER);
-    log('Standard Authorization header: %s', standardAuthorization ? 'exists' : 'not found');
     log('Oidc-Auth header: %s', oidcAuthToken ? 'exists' : 'not found');
 
     try {

package/src/server/services/oidc/oidcProvider.ts

@@ -1,5 +1,5 @@
 import { getDBInstance } from '@/database/core/web-server';
-import { oidcEnv } from '@/envs/oidc';
+import { authEnv } from '@/envs/auth';
 import { type OIDCProvider, createOIDCProvider } from '@/libs/oidc-provider/provider';
 
 /**
@@ -13,7 +13,7 @@ let provider: OIDCProvider;
  */
 export const getOIDCProvider = async (): Promise<OIDCProvider> => {
   if (!provider) {
-    if (!oidcEnv.ENABLE_OIDC) {
+    if (!authEnv.ENABLE_OIDC) {
       throw new Error('OIDC is not enabled. Set ENABLE_OIDC=1 to enable it.');
     }
 

package/vercel.json

@@ -1,4 +1,4 @@
 {
-  "buildCommand": "bun run build",
+  "buildCommand": "bun run build:vercel",
   "installCommand": "npx bun@1.2.23 install"
 }

package/src/envs/oidc.ts

@@ -1,18 +0,0 @@
-import { createEnv } from '@t3-oss/env-nextjs';
-import { z } from 'zod';
-
-export const oidcEnv = createEnv({
-  client: {},
-  runtimeEnv: {
-    ENABLE_OIDC: process.env.ENABLE_OIDC === '1',
-    OIDC_JWKS_KEY: process.env.OIDC_JWKS_KEY,
-  },
-  server: {
-    // 是否启用 OIDC
-    ENABLE_OIDC: z.boolean().optional().default(false),
-    // OIDC 签名密钥
-    // 必须是一个包含私钥的 JWKS (JSON Web Key Set) 格式的 JSON 字符串。
-    // 可以使用 `node scripts/generate-oidc-jwk.mjs` 命令生成。
-    OIDC_JWKS_KEY: z.string().optional(),
-  },
-});