From e9dcb125e9ef4755fcf89e1a7318f3745a960b51 Mon Sep 17 00:00:00 2001 From: "Merwin, Nishanth" Date: Fri, 19 Jul 2024 14:25:07 -0400 Subject: [PATCH 1/5] Udpated streamlit --- solvebio/contrib/streamlit/solvebio_auth.py | 2 ++ solvebio/contrib/streamlit/solvebio_streamlit.py | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/solvebio/contrib/streamlit/solvebio_auth.py b/solvebio/contrib/streamlit/solvebio_auth.py index 10332371..1bdd3aea 100644 --- a/solvebio/contrib/streamlit/solvebio_auth.py +++ b/solvebio/contrib/streamlit/solvebio_auth.py @@ -16,6 +16,7 @@ class SolveBioOAuth2(BaseOAuth2[Dict[str, Any]]): SOLVEBIO_URL = os.environ.get('SOLVEBIO_URL', 'https://my.solvebio.com') OAUTH2_TOKEN_URL = "/v1/oauth2/token" OAUTH2_REVOKE_TOKEN_URL = "/v1/oauth2/revoke_token" + OAUTH2_REVOKE_TOKEN_AUTH = "client_secret_post" def __init__(self, client_id, client_secret, name="solvebio"): super().__init__( @@ -26,6 +27,7 @@ def __init__(self, client_id, client_secret, name="solvebio"): revoke_token_endpoint=urljoin( solvebio.api_host, self.OAUTH2_REVOKE_TOKEN_URL ), + revocation_endpoint_auth_method=OAUTH2_REVOKE_TOKEN_AUTH, name=name, ) diff --git a/solvebio/contrib/streamlit/solvebio_streamlit.py b/solvebio/contrib/streamlit/solvebio_streamlit.py index cb0a40c1..23c4b01d 100644 --- a/solvebio/contrib/streamlit/solvebio_streamlit.py +++ b/solvebio/contrib/streamlit/solvebio_streamlit.py @@ -12,7 +12,7 @@ class SolveBioStreamlit: # App settings loaded from environment variables or .env file CLIENT_ID = os.environ.get("CLIENT_ID", "Application (client) Id") - CLIENT_SECRET = os.environ.get("CLIENT_SECRET", "Application (client) secret") + CLIENT_SECRET = os.environ.get("CLIENT_SECRET") APP_URL = os.environ.get("APP_URL", "http://localhost:5000") def solvebio_login_component(self, authorization_url): @@ -61,11 +61,11 @@ def wrap(self, streamlit_app): # User is not authrized to use the app try: # Trying to get the authorization token from the url if successfully authorized - code = st.experimental_get_query_params()["code"] + code = st.get_query_params()["code"] # Remove authorization token from the url params params = {} - st.experimental_set_query_params(**params) + st.set_query_params(**params) except: # Display SolveBio login until user is successfully authorized From 7ba63a1088b7c5a1c3fbc1fc593b83dd5d202c3c Mon Sep 17 00:00:00 2001 From: "Merwin, Nishanth" Date: Fri, 19 Jul 2024 22:41:52 -0400 Subject: [PATCH 2/5] Updated streamlit extension for compatibility with streamlit 1.36.0 --- setup.py | 2 +- solvebio/contrib/streamlit/solvebio_auth.py | 10 ++++--- .../contrib/streamlit/solvebio_streamlit.py | 27 +++++++++++-------- 3 files changed, 24 insertions(+), 15 deletions(-) diff --git a/setup.py b/setup.py index 805f6421..087d6bdb 100644 --- a/setup.py +++ b/setup.py @@ -49,7 +49,7 @@ # solvebio-recipes only available in python3 extras_requires = {} else: - extra['use_2to3'] = True + extra['use_2to3'] = False with open('README.md') as f: long_description = f.read() diff --git a/solvebio/contrib/streamlit/solvebio_auth.py b/solvebio/contrib/streamlit/solvebio_auth.py index 1bdd3aea..5b1d78b8 100644 --- a/solvebio/contrib/streamlit/solvebio_auth.py +++ b/solvebio/contrib/streamlit/solvebio_auth.py @@ -8,6 +8,9 @@ from httpx_oauth.oauth2 import BaseOAuth2 +import logging +logger = logging.getLogger('solvebio') + class SolveBioOAuth2(BaseOAuth2[Dict[str, Any]]): """Class implementing OAuth2 for SolveBio API""" @@ -16,7 +19,7 @@ class SolveBioOAuth2(BaseOAuth2[Dict[str, Any]]): SOLVEBIO_URL = os.environ.get('SOLVEBIO_URL', 'https://my.solvebio.com') OAUTH2_TOKEN_URL = "/v1/oauth2/token" OAUTH2_REVOKE_TOKEN_URL = "/v1/oauth2/revoke_token" - OAUTH2_REVOKE_TOKEN_AUTH = "client_secret_post" + OAUTH2_REVOKE_TOKEN_AUTH = "client_secret_basic" def __init__(self, client_id, client_secret, name="solvebio"): super().__init__( @@ -27,7 +30,7 @@ def __init__(self, client_id, client_secret, name="solvebio"): revoke_token_endpoint=urljoin( solvebio.api_host, self.OAUTH2_REVOKE_TOKEN_URL ), - revocation_endpoint_auth_method=OAUTH2_REVOKE_TOKEN_AUTH, + revocation_endpoint_auth_method=self.OAUTH2_REVOKE_TOKEN_AUTH, name=name, ) @@ -40,4 +43,5 @@ def get_authorization_url(self, redirect_uri): "redirect_uri": redirect_uri, } - return "{}/authorize?{}".format(self.authorize_endpoint, urlencode(params)) + auth_url = "{}/authorize?{}".format(self.authorize_endpoint, urlencode(params)) + return auth_url diff --git a/solvebio/contrib/streamlit/solvebio_streamlit.py b/solvebio/contrib/streamlit/solvebio_streamlit.py index 23c4b01d..bd4d85d0 100644 --- a/solvebio/contrib/streamlit/solvebio_streamlit.py +++ b/solvebio/contrib/streamlit/solvebio_streamlit.py @@ -4,7 +4,10 @@ import streamlit as st import solvebio -from solvebio_auth import SolveBioOAuth2 +from .solvebio_auth import SolveBioOAuth2 + +import logging +logger = logging.getLogger('solvebio') class SolveBioStreamlit: @@ -16,16 +19,16 @@ class SolveBioStreamlit: APP_URL = os.environ.get("APP_URL", "http://localhost:5000") def solvebio_login_component(self, authorization_url): - """Streamlit component for logging into SolveBio""" + """Streamlit component for logging into QuartzBio""" st.title("Secure Streamlit App") st.write( """

- Log in to SolveBio to continue + Log in to QuartzBio EDP to continue

- This app requires a SolveBio account.
- Contact Support + This app requires a QuartzBio account.
+ Contact Support """.format( authorization_url ), @@ -48,6 +51,8 @@ def get_token_from_session(self): def wrap(self, streamlit_app): """SolveBio OAuth2 wrapper around streamlit app""" + logger.info("Wrapping streamlit application") + # SolveBio OAuth2 client oauth_client = SolveBioOAuth2(self.CLIENT_ID, self.CLIENT_SECRET) authorization_url = oauth_client.get_authorization_url( @@ -56,17 +61,16 @@ def wrap(self, streamlit_app): # Authorization token from Streamlit session state oauth_token = self.get_token_from_session() + logger.debug(f"{oauth_token[:4] if oauth_token else None}") if oauth_token is None: # User is not authrized to use the app try: # Trying to get the authorization token from the url if successfully authorized - code = st.get_query_params()["code"] + code = st.query_params.get("code") # Remove authorization token from the url params - params = {} - st.set_query_params(**params) - + st.query_params.clear() except: # Display SolveBio login until user is successfully authorized self.solvebio_login_component(authorization_url) @@ -76,9 +80,10 @@ def wrap(self, streamlit_app): oauth_token = asyncio.run( oauth_client.get_access_token(code, self.APP_URL) ) - except: + except Exception as e: st.error( - "This account is not allowed or page was refreshed. Please login again." + "This account is not allowed or page was refreshed. Please login again.", + e ) self.solvebio_login_component(authorization_url) else: From 5c759852e393fc5e538b75e779cbb2ec0c5fbec1 Mon Sep 17 00:00:00 2001 From: "Merwin, Nishanth" Date: Fri, 19 Jul 2024 22:47:16 -0400 Subject: [PATCH 3/5] py2 supported string formatting --- solvebio/contrib/streamlit/solvebio_streamlit.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/solvebio/contrib/streamlit/solvebio_streamlit.py b/solvebio/contrib/streamlit/solvebio_streamlit.py index bd4d85d0..691e3dc9 100644 --- a/solvebio/contrib/streamlit/solvebio_streamlit.py +++ b/solvebio/contrib/streamlit/solvebio_streamlit.py @@ -61,7 +61,8 @@ def wrap(self, streamlit_app): # Authorization token from Streamlit session state oauth_token = self.get_token_from_session() - logger.debug(f"{oauth_token[:4] if oauth_token else None}") + debug_message = oauth_token[:4] if oauth_token else "" + logger.debug("OAuth token: " + debug_message) if oauth_token is None: # User is not authrized to use the app From b832d87a79912525dcc49e80519def31fb42c5bd Mon Sep 17 00:00:00 2001 From: "Merwin, Nishanth" Date: Fri, 19 Jul 2024 22:58:21 -0400 Subject: [PATCH 4/5] Updated error message --- solvebio/contrib/streamlit/solvebio_streamlit.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solvebio/contrib/streamlit/solvebio_streamlit.py b/solvebio/contrib/streamlit/solvebio_streamlit.py index 691e3dc9..614d75c7 100644 --- a/solvebio/contrib/streamlit/solvebio_streamlit.py +++ b/solvebio/contrib/streamlit/solvebio_streamlit.py @@ -84,8 +84,8 @@ def wrap(self, streamlit_app): except Exception as e: st.error( "This account is not allowed or page was refreshed. Please login again.", - e ) + st.error(e) self.solvebio_login_component(authorization_url) else: # Check if token has expired: From ec4b758bb8de26fa4f1de81fb0e866929098427f Mon Sep 17 00:00:00 2001 From: "Merwin, Nishanth" Date: Fri, 19 Jul 2024 23:01:48 -0400 Subject: [PATCH 5/5] Fixed broken token logging --- solvebio/contrib/streamlit/solvebio_streamlit.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solvebio/contrib/streamlit/solvebio_streamlit.py b/solvebio/contrib/streamlit/solvebio_streamlit.py index 614d75c7..7adb3cee 100644 --- a/solvebio/contrib/streamlit/solvebio_streamlit.py +++ b/solvebio/contrib/streamlit/solvebio_streamlit.py @@ -61,7 +61,7 @@ def wrap(self, streamlit_app): # Authorization token from Streamlit session state oauth_token = self.get_token_from_session() - debug_message = oauth_token[:4] if oauth_token else "" + debug_message = str(oauth_token)[:4] if oauth_token else "" logger.debug("OAuth token: " + debug_message) if oauth_token is None: