Hugging Face's logo

Spaces:
evalstate
/
gen-ui
Running

App Files Community
evalstate HF Staff commited on
Commit
2e3ca88
·
verified ·
1 Parent(s): c631558

Fix OAuth protected resource metadata for gen-ui

Browse files
Files changed (2) hide show
  1. scripts/__pycache__/hub_search_prefab_server.cpython-313.pyc +0 -0
  2. scripts/hub_search_prefab_server.py +11 -18
scripts/__pycache__/hub_search_prefab_server.cpython-313.pyc CHANGED
Binary files a/scripts/__pycache__/hub_search_prefab_server.cpython-313.pyc and b/scripts/__pycache__/hub_search_prefab_server.cpython-313.pyc differ
 
scripts/hub_search_prefab_server.py CHANGED
@@ -8,7 +8,7 @@ from pathlib import Path
8
 
9
  from starlette.middleware import Middleware
10
  from starlette.middleware.cors import CORSMiddleware
11
- from starlette.responses import JSONResponse, PlainTextResponse
12
 
13
  def _discover_workspace_root() -> Path:
14
  env_root = os.getenv("CODE_TOOLS_ROOT")
@@ -71,6 +71,15 @@ from prefab_hub_ui import (
71
  parse_runtime_payload,
72
  )
73
 
 
 
 
 
 
 
 
 
 
74
  def _get_oauth_config() -> tuple[str | None, list[str], str]:
75
  oauth_provider = os.environ.get("FAST_AGENT_SERVE_OAUTH", "").lower()
76
  if oauth_provider in ("hf", "huggingface"):
@@ -100,11 +109,10 @@ fast.load_agents(PREFAB_LLM_CHAIN_CARD_FILE)
100
 
101
  _oauth_provider, _oauth_scopes, _oauth_resource_url = _get_oauth_config()
102
  _auth_provider = None
103
- _oauth_metadata: dict[str, object] | None = None
104
  _middleware = list(CORS_MIDDLEWARE)
105
 
106
  if _oauth_provider == "huggingface":
107
- _auth_provider = RemoteAuthProvider(
108
  token_verifier=PresenceTokenVerifier(
109
  provider="huggingface",
110
  scopes=_oauth_scopes,
@@ -115,14 +123,6 @@ if _oauth_provider == "huggingface":
115
  resource_name="gen-ui",
116
  resource_documentation=AnyHttpUrl("https://huggingface.co/spaces/evalstate/gen-ui"),
117
  )
118
- _oauth_metadata = {
119
- "resource": f"{str(AnyHttpUrl(_oauth_resource_url)).rstrip('/')}{PATH}",
120
- "authorization_servers": ["https://huggingface.co/"],
121
- "scopes_supported": _oauth_scopes,
122
- "bearer_methods_supported": ["header"],
123
- "resource_name": "gen-ui",
124
- "resource_documentation": "https://huggingface.co/spaces/evalstate/gen-ui",
125
- }
126
  _middleware.append(Middleware(HFAuthHeaderMiddleware))
127
 
128
  mcp = FastMCP(
@@ -137,13 +137,6 @@ async def root_info(request) -> PlainTextResponse:
137
  return PlainTextResponse("gen-ui MCP server. Use /mcp for MCP and /.well-known/oauth-protected-resource for auth discovery.")
138
 
139
 
140
- if _oauth_metadata is not None:
141
-
142
- @mcp.custom_route("/.well-known/oauth-protected-resource", methods=["GET", "OPTIONS"])
143
- async def oauth_protected_resource_alias(request) -> JSONResponse:
144
- return JSONResponse(_oauth_metadata)
145
-
146
-
147
  async def _run_raw(query: str) -> str:
148
  async with fast.run() as agents:
149
  return await getattr(agents, RAW_AGENT).send(query)
 
8
 
9
  from starlette.middleware import Middleware
10
  from starlette.middleware.cors import CORSMiddleware
11
+ from starlette.responses import PlainTextResponse
12
 
13
  def _discover_workspace_root() -> Path:
14
  env_root = os.getenv("CODE_TOOLS_ROOT")
 
71
  parse_runtime_payload,
72
  )
73
 
74
+
75
+ class _RootResourceRemoteAuthProvider(RemoteAuthProvider):
76
+ """Advertise the Space root as the protected resource."""
77
+
78
+ def _get_resource_url(self, path: str | None = None) -> AnyHttpUrl | None:
79
+ del path
80
+ return self.base_url
81
+
82
+
83
  def _get_oauth_config() -> tuple[str | None, list[str], str]:
84
  oauth_provider = os.environ.get("FAST_AGENT_SERVE_OAUTH", "").lower()
85
  if oauth_provider in ("hf", "huggingface"):
 
109
 
110
  _oauth_provider, _oauth_scopes, _oauth_resource_url = _get_oauth_config()
111
  _auth_provider = None
 
112
  _middleware = list(CORS_MIDDLEWARE)
113
 
114
  if _oauth_provider == "huggingface":
115
+ _auth_provider = _RootResourceRemoteAuthProvider(
116
  token_verifier=PresenceTokenVerifier(
117
  provider="huggingface",
118
  scopes=_oauth_scopes,
 
123
  resource_name="gen-ui",
124
  resource_documentation=AnyHttpUrl("https://huggingface.co/spaces/evalstate/gen-ui"),
125
  )
 
 
 
 
 
 
 
 
126
  _middleware.append(Middleware(HFAuthHeaderMiddleware))
127
 
128
  mcp = FastMCP(
 
137
  return PlainTextResponse("gen-ui MCP server. Use /mcp for MCP and /.well-known/oauth-protected-resource for auth discovery.")
138
 
139
 
 
 
 
 
 
 
 
140
  async def _run_raw(query: str) -> str:
141
  async with fast.run() as agents:
142
  return await getattr(agents, RAW_AGENT).send(query)