app.py

import os
import platform
import sys
import time
from typing import Any

import gradio as gr
from huggingface_hub import HfApi


def _safe_preview_secret(value: str | None, *, start: int = 6, end: int = 4) -> str | None:
    if not value:
        return None
    if len(value) <= start + end:
        return "*" * len(value)
    return f"{value[:start]}...{value[-end:]}"


def _serialize_obj(obj: Any) -> dict[str, Any]:
    # Try common serialization paths, then fallback to attribute introspection
    for attr in ("model_dump", "dict", "to_dict"):
        if hasattr(obj, attr) and callable(getattr(obj, attr)):
            try:
                return dict(getattr(obj, attr)())  # type: ignore[arg-type]
            except Exception:
                pass
    if hasattr(obj, "__dict__") and isinstance(obj.__dict__, dict):
        return {k: v for k, v in obj.__dict__.items() if not k.startswith("_")}
    # Last resort: pick readable attributes
    result: dict[str, Any] = {}
    for name in dir(obj):
        if name.startswith("_"):
            continue
        try:
            value = getattr(obj, name)
        except Exception:
            continue
        if isinstance(value, (str, int, float, bool, dict, list, tuple, type(None))):
            result[name] = value
    return result


def show_profile(profile: gr.OAuthProfile | None) -> dict[str, Any]:
    if profile is None:
        return {"error": "No profile found. Please sign in with the button first."}
    data = _serialize_obj(profile)
    return {
        "profile": data,
    }


def show_token_info(token: gr.OAuthToken | None) -> dict[str, Any]:
    if token is None or not getattr(token, "token", None):
        return {"error": "No OAuth token available. Please sign in first."}

    token_str = token.token  # type: ignore[assignment]
    info: dict[str, Any] = {
        "present": True,
        "length": len(token_str),
        "preview": _safe_preview_secret(token_str),
    }
    try:
        api = HfApi()
        who = api.whoami(token=token_str)
        # who typically contains: {"name": username, "email": ..., "orgs": [...]}
        info["whoami"] = who
    except Exception as e:
        info["whoami_error"] = str(e)
    return info


def show_env_info() -> dict[str, Any]:
    keys_of_interest = [
        "SPACE_HOST",
        "OPENID_PROVIDER_URL",
        "OAUTH_CLIENT_ID",
        "OAUTH_CLIENT_SECRET",
        "OAUTH_SCOPES",
        "HF_TOKEN",
        "HUGGING_FACE_HUB_TOKEN",
        "HF_HOME",
        "PYTHONPATH",
    ]
    env_details: dict[str, Any] = {}
    for k in keys_of_interest:
        v = os.getenv(k)
        if v is None:
            env_details[k] = None
        else:
            env_details[k] = _safe_preview_secret(v)

    system_info = {
        "python_version": sys.version,
        "platform": platform.platform(),
        "time": time.strftime("%Y-%m-%d %H:%M:%S", time.gmtime()),
    }

    all_env_names = sorted(list(os.environ.keys()))

    return {
        "selected_environment": env_details,
        "all_environment_variable_names": all_env_names,
        "system": system_info,
    }


with gr.Blocks() as demo:
    gr.Markdown("""
    # HF OAuth Info Tester
    Use the button below to sign in with Hugging Face. Then click the buttons to inspect the signed-in profile, token-derived info, and selected environment details.
    """)

    with gr.Row():
        gr.LoginButton()

    info = gr.JSON(label="Output")

    with gr.Row():
        btn_profile = gr.Button("Show User Profile")
        btn_token = gr.Button("Show Token Info (whoami)")
        btn_env = gr.Button("Show Environment Info")

    btn_profile.click(fn=show_profile, inputs=None, outputs=info)
    btn_token.click(fn=show_token_info, inputs=None, outputs=info)
    btn_env.click(fn=show_env_info, inputs=None, outputs=info)


if __name__ == "__main__":
    demo.launch()