search

gradio-app / gradio

Build and share delightful machine learning apps, all in Python. 🌟 Star to support our work!
http://www.gradio.app
Apache License 2.0
30.56k stars 2.27k forks source link

OAuth (Sign In With Hugging Face) Not Working in Spaces (Too Many Redirects) #8533

Open matdmiller opened 2 weeks ago

matdmiller commented 2 weeks ago

Describe the bug

The Login With Huggingface button and corresponding Oauth flow is not working. When I click the Sign In With Hugging Face button it takes me to a page to input my Hugging Face Username and Password. When I click Log In it asks for my MFA code. When I input that and click Verify in Safari it takes me back to the login screen again and in Chrome a grey box pops up and says Too Many Redirects.

I tried to implement the Huggingface Login Button into my app by referencing the example in the docs. When I was unable to get that working I fell back to creating a new Space using the exact code from the docs and experienced the same result. I also tried the Login With Huggingface Oauth template workspace and experienced the same result. I've tried in Safari and Chrome on MacOS Sonoma including Incognito mode in Chrome.

Have you searched existing issues? 🔎

Reproduction

Tested in HF Space: https://huggingface.co/spaces/matdmiller/hf-oauth app.py -> from docs: https://www.gradio.app/guides/sharing-your-app#o-auth-login-via-hugging-face

#Code is copied and pasted exactly from docs
import gradio as gr
from huggingface_hub import whoami

def hello(profile: gr.OAuthProfile | None) -> str:
    if profile is None:
        return "I don't know you."
    return f"Hello {profile.name}"

def list_organizations(oauth_token: gr.OAuthToken | None) -> str:
    if oauth_token is None:
        return "Please log in to list organizations."
    org_names = [org["name"] for org in whoami(oauth_token.token)["orgs"]]
    return f"You belong to {', '.join(org_names)}."

with gr.Blocks() as demo:
    gr.LoginButton()
    m1 = gr.Markdown()
    m2 = gr.Markdown()
    demo.load(hello, inputs=None, outputs=m1)
    demo.load(list_organizations, inputs=None, outputs=m2)

demo.launch()

Readme.md

---
title: Hf Oauth
emoji: 🔥
colorFrom: red
colorTo: purple
sdk: gradio
sdk_version: 4.36.1
app_file: app.py
pinned: false
license: mit
hf_oauth: true
---

Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference

Screenshot

Screenshot 2024-06-11 at 9 36 59 PM Screenshot 2024-06-11 at 9 37 14 PM Screenshot 2024-06-11 at 9 27 39 PM Screenshot 2024-06-11 at 9 27 58 PM Screenshot 2024-06-11 at 9 28 36 PM Screenshot 2024-06-11 at 9 28 56 PM Screenshot 2024-06-11 at 9 29 13 PM Screenshot 2024-06-11 at 9 29 32 PM Screenshot 2024-06-11 at 9 30 27 PM

Logs

Unrecognized feature: 'ambient-light-sensor'.Understand this warning
hf-oauth:211 Unrecognized feature: 'battery'.Understand this warning
hf-oauth:211 Unrecognized feature: 'document-domain'.Understand this warning
hf-oauth:211 Unrecognized feature: 'layout-animations'.Understand this warning
hf-oauth:211 Unrecognized feature: 'legacy-image-formats'.Understand this warning
hf-oauth:211 Unrecognized feature: 'oversized-images'.Understand this warning
hf-oauth:211 Unrecognized feature: 'vr'.Understand this warning
hf-oauth:211 Unrecognized feature: 'wake-lock'.Understand this warning
iframeResizer.contentWindow.min.js:9 [iFrameSizer][iFrameResizer0] No tagged elements (data-iframe-height) found on page
ae @ iframeResizer.contentWindow.js:177
be @ iframeResizer.contentWindow.js:930
taggedElement @ iframeResizer.contentWindow.js:994
Ee @ iframeResizer.contentWindow.js:1059
Se @ iframeResizer.contentWindow.js:1118
ue @ iframeResizer.contentWindow.js:196
init @ iframeResizer.contentWindow.js:1198
(anonymous) @ iframeResizer.contentWindow.js:1282Understand this warning
iframeResizer.contentWindow.min.js:9 [iFrameSizer][iFrameResizer0] No tagged elements (data-iframe-height) found on page

_______________

===== Application Startup at 2024-06-12 01:56:02 =====

Running on local URL:  http://0.0.0.0:7860

To create a public link, set `share=True` in `launch()`.
/usr/local/lib/python3.10/site-packages/gradio/components/login_button.py:74: UserWarning: LoginButton created outside of a Blocks context. May not work unless you call its `activate()` method manually.
  warnings.warn(

System Info

Running in HF Spaces: https://huggingface.co/spaces/matdmiller/hf-oauth
Running on MacOS Sonoma
Chrome (Incognito) & Safari Browsers

Severity

Blocking usage of gradio

matdmiller commented 2 weeks ago

I went through and tested previous versions of Gradio and it appears that 4.26 was the last version that worked and every version since 4.27 that I tested did not work including 4.36.1 which is the latest as of today.

When I was trying to latest version that did work it redirects the page to https://matdmiller-hf-oauth.hf.space/ instead of only redirecting the iframe. I then tried upgrading the version of gradio to 4.36.1 and starting out at https://matdmiller-hf-oauth.hf.space/ instead of https://huggingface.co/spaces/matdmiller/hf-oauth after the page reloaded and it worked. It seems like something with the default iframe spaces implementation is broken when using huggingface oauth, but not if you visit the second version of the URL.

abidlabs commented 1 week ago

Thank you for the detailed issue report @matdmiller! @Wauplin do you think you could take a look into this as its likely due to https://github.com/gradio-app/gradio/pull/8000 or https://github.com/gradio-app/gradio/pull/7887?