My first component, a quick wrap for OAuth currently focuses on authorization code grant flow, the original idea coming from Implementing Google OAuth in Streamlit | by Duc Anh Bui | Towards Data Science, but I want to adopt more than one OAuth service in different pages, It’s hard to manage callback handler, so I made this component.
I’ve developed some apps and I want to add some authentication features to them. I read a couple of articles that showed how to integrate django authentication.
My ultimate goal is to link the authentication with the users and emails of my coworkers. Our company is based on Microsoft Suite, I was wondering if one could use this component to achieve such behaviour ?
I have really no prior knowledge of any authentication protocol or related topics, so I’m sorry if my question is not really related. Any references to where to start looking into this would be much appreciated.
I get the following error using the default code example from github, no matter what SCOPE value I set:
Traceback (most recent call last):
File "/opt/homebrew/lib/python3.11/site-packages/streamlit/runtime/scriptrunner/script_runner.py", line 565, in _run_script
exec(code, module.__dict__)
File "oauth_test.py", line 37, in <module>
result = oauth2.authorize_button("Authorize", REDIRECT_URI, SCOPE)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/homebrew/lib/python3.11/site-packages/streamlit_oauth/__init__.py", line 47, in authorize_button
scope=scope.split(" "),
^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'split'
Yep, sorry I filed the issue on github and didn’t notice this. So i’ve tried it on both Google App Engine and Streamlit Cloud at this time and got the same bug.
After clicking the Login with Github button on the main page, I get a pop up with the right callback URL + code parameter from the oauth provider.
Hi, I tested this out but after logging in through Google it redirects me to another authorize button in the popup that does nothing. What am I doing wrong?
EDIT: Have also tested it with Discord, it still redirects to the authorize button and result returns None
As described, getting redirect to OAuth provider and having MFA there. Then a redirect to my stramlit app and token is not feteched.
I’m not certain if 60 seconds is sufficient for the entire authorization process.
Sorry, I set it to 300seconds in PR. Best would be to have it configurable eg. with env variable, but I don’t know if there is such possibility in python.
Or maybe it’s a different issue with the library, but sometimes when I’m getting back to the application from OIDC provider it’s not retriving tokens properly from OIDC provider. I do it like this:
result = st_oauth2.authorize_button("Log in", OAUTH_REDIRECT_URI, OAUTH_SCOPE)
if result and 'token' in result:
st.session_state.token = result.get('token')
st.experimental_rerun()
Thanks for stopping by! We use cookies to help us understand how you interact with our website.
By clicking “Accept all”, you consent to our use of cookies. For more information, please see our privacy policy.
Cookie settings
Strictly necessary cookies
These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.
Performance cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us understand how visitors move around the site and which pages are most frequently visited.
Functional cookies
These cookies are used to record your choices and settings, maintain your preferences over time and recognize you when you return to our website. These cookies help us to personalize our content for you and remember your preferences.
Targeting cookies
These cookies may be deployed to our site by our advertising partners to build a profile of your interest and provide you with content that is relevant to you, including showing you relevant ads on other websites.