Hi
For now, you can share the authentication state across pages using session_state.
The functionality to use cookies or local storage is planned to be added in the future.
Hi @dnplus,
Thanks for this great library.
Is there any way to retrieve the email address and/or username of the authenticated user?
Can anyone help with GitHub auth please?
Thank you so much, this was exactly what I was looking for. Couldnāt figure out the button + url and you provide that!
Thank you @dnplus for such a helpful component.
I am able to easily integrate it ā¦ I am however looking for some guidance here.
After authentication, I would like to use the user to create google slides programmatically using his accountā¦ not sure how to use the response from oauth2.authorize_button() to a credential in service = build(āslidesā, āv1ā, credentials=). the credential is of type oauth2client.Credentials or google.auth.credentials.Credentials, credentials to be used for authentication.
Any suggestion would really helpā¦ Truly appreciateā¦
refer to google.auth.credentials module ā google-auth 1.30.0 documentation
Seems like it is a class to represent the token response.
I think you can fill the necessary parameters from oauth2.authorize_button() into that class to create an object to use it
1 Like
Thank you @dnplus for that replyā¦ One more questionā¦ how can we provide more scopes? seems you are loading dotenv which has scope variable defined: SCOPE = os.environ.get(āSCOPEā) and then use it like:
scope=āopenid email profileā
If I want to add more scopes, how I can do so? is it possible to share the env file without the sensitive information.
It just an example, you can define scope directly and pass when calling authorize_button
oauth2.authorize_button("authorize", redirect_uri, "email openid") # split each scope with space
1 Like
hi, Do you have an example of using cookies to store the state? can you please point to the example? The issue I have is that page refresh triggers fresh login and session_state is lost
You can use streamlit-cookies-controller Ā· PyPI to save the session state.
Hi @dnplus,
I have code that looks like this for Oauth with pingID:
oauth2 = #initalized_correctly
# from your github
if 'token' not in st.session_state:
result = oauth2.authorize_button(name="SSO", redirect_uri=os.environ['REDIRECT_URL'], scope=os.environ['SCOPE'], use_container_width=True, auto_click=True, extras_params={'response_type': 'code'})
if result and 'token' in result:
st.session_state.token = result.get('token')
st.rerun()
else:
render_webpage()
but I get the following error signature starting with:
site-packages/streamlit_oauth/init.py", line xyz, in authorize_button
result[ātokenā] = asyncio.run(self.client.get_access_token(**args))
Also the auto_click does not work
whatās the full error message?
And how you make sure the oauth2 object initialized correctly?
Enable CORS in your oauth provider. For example in Okta: Enable CORS in API ā SECURITY ā Trusted Origins
Hey all! Just wanted to mention here that with 1.42, we recently launched a native authentication feature in Streamlit! 
This letās you add auth via OIDC/OAuth2 (e.g. āLogin with Googleā) to your app. Check out the docs here: User authentication and information - Streamlit Docs
@dnplus This is a great moduleāthank you for putting it together! Itās working as expected for me. I do have a quick question though: is it possible to capture the userās email address during the identification process?
Thanks
Thanks! Glad to hear itās working well for you.
Regarding your question:
In theory, accessing the popupās content from a parent window would violate browser security policies if they are on different origins, so it wouldnāt be feasible in that case.