Spaces:
Sleeping
Fix: Add /oauth-callback endpoint for OAuth flow
Browse files🐛 Problem:
- OAuth callback URL /oauth-callback returns 404 error
- HF redirects to /oauth-callback but backend only has /auth/callback
- Frontend and backend using different callback paths
✅ Solution:
- Added new /auth/oauth-callback endpoint route
- Unified callback handler handle_oauth_callback()
- Updated redirect_uri to use /oauth-callback consistently
- Keep legacy /auth/callback for compatibility
🔧 Technical Changes:
Backend:
-
@router
.get('/oauth-callback') -> oauth_callback_new()
- Refactored oauth_callback logic into shared handle_oauth_callback()
- Updated all redirect_uri to use /oauth-callback path
- Maintains backward compatibility with existing /auth/callback
🎯 Expected Result:
- OAuth callback should work correctly
- No more 404 errors after HF authorization
- Successful authentication and redirect to app
- backend/routers/auth.py +13 -2
|
@@ -114,7 +114,7 @@ async def login(request: Request):
|
|
| 114 |
else:
|
| 115 |
base_url = str(request.base_url).rstrip('/')
|
| 116 |
|
| 117 |
-
redirect_uri = f"{base_url}/
|
| 118 |
|
| 119 |
# Build authorization URL
|
| 120 |
auth_url = (
|
|
@@ -131,6 +131,17 @@ async def login(request: Request):
|
|
| 131 |
|
| 132 |
@router.get("/callback")
|
| 133 |
async def oauth_callback(request: Request, code: str, state: str):
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 134 |
"""
|
| 135 |
Handle OAuth callback from Hugging Face.
|
| 136 |
"""
|
|
@@ -178,7 +189,7 @@ async def oauth_callback(request: Request, code: str, state: str):
|
|
| 178 |
else:
|
| 179 |
base_url = str(request.base_url).rstrip('/')
|
| 180 |
|
| 181 |
-
redirect_uri = f"{base_url}/
|
| 182 |
|
| 183 |
try:
|
| 184 |
token_response = requests.post(
|
|
|
|
| 114 |
else:
|
| 115 |
base_url = str(request.base_url).rstrip('/')
|
| 116 |
|
| 117 |
+
redirect_uri = f"{base_url}/oauth-callback"
|
| 118 |
|
| 119 |
# Build authorization URL
|
| 120 |
auth_url = (
|
|
|
|
| 131 |
|
| 132 |
@router.get("/callback")
|
| 133 |
async def oauth_callback(request: Request, code: str, state: str):
|
| 134 |
+
"""Legacy callback endpoint (keep for compatibility)"""
|
| 135 |
+
return await handle_oauth_callback(request, code, state)
|
| 136 |
+
|
| 137 |
+
|
| 138 |
+
@router.get("/oauth-callback")
|
| 139 |
+
async def oauth_callback_new(request: Request, code: str, state: str):
|
| 140 |
+
"""New OAuth callback endpoint for direct OAuth flow"""
|
| 141 |
+
return await handle_oauth_callback(request, code, state)
|
| 142 |
+
|
| 143 |
+
|
| 144 |
+
async def handle_oauth_callback(request: Request, code: str, state: str):
|
| 145 |
"""
|
| 146 |
Handle OAuth callback from Hugging Face.
|
| 147 |
"""
|
|
|
|
| 189 |
else:
|
| 190 |
base_url = str(request.base_url).rstrip('/')
|
| 191 |
|
| 192 |
+
redirect_uri = f"{base_url}/oauth-callback"
|
| 193 |
|
| 194 |
try:
|
| 195 |
token_response = requests.post(
|