oauth in iframe

app.py

@@ -36,7 +36,8 @@ def show_profile(request: gr.Request) -> str:
 
 def js_open(url: str) -> str:
     # Taken from https://cmgdo.com/external-link-in-gradio-button/
-    return f"function() {{window.open('{url}', '_blank');}}"
+    return f"function() {{window.location.assign('{url}');}}"
+    # return f"function() {{window.open('{url}', '_blank');}}"
 
 
 with gr.Blocks() as demo:

auth.py

@@ -3,7 +3,7 @@ import os
 from authlib.integrations.starlette_client import OAuth
 from fastapi import FastAPI
 from fastapi.requests import Request
-from fastapi.responses import HTMLResponse
+from fastapi.responses import RedirectResponse
 from starlette.middleware.sessions import SessionMiddleware
 
 
@@ -30,7 +30,7 @@ oauth.register(
 
 # Hack to close the login/logout page once the user is logged in/out.
 # TODO: can it be less hacky?
-CLOSE_WINDOW_HTML = HTMLResponse("<script>window.close();</script>")
+# CLOSE_WINDOW_HTML = HTMLResponse("<script>window.close();</script>")
 
 
 async def oauth_login(request: Request):
@@ -40,15 +40,15 @@ async def oauth_login(request: Request):
     return await oauth.huggingface.authorize_redirect(request, redirect_uri)
 
 
-async def oauth_logout(request: Request) -> HTMLResponse:
+async def oauth_logout(request: Request) -> RedirectResponse:
     request.session.pop("user", None)
-    return CLOSE_WINDOW_HTML
+    return RedirectResponse("/")
 
 
-async def oauth_redirect_callback(request: Request) -> HTMLResponse:
+async def oauth_redirect_callback(request: Request) -> RedirectResponse:
     token = await oauth.huggingface.authorize_access_token(request)
     request.session["user"] = token["userinfo"]  # TODO: we should store entire token
-    return CLOSE_WINDOW_HTML
+    return RedirectResponse("/")
 
 
 def attach_oauth(app: FastAPI) -> None: