Performance issue with auto_click=True?

[alp-yg]

Hello,

Thanks a lot for the library, and the possibility to auto click on the login button.

However, it looks like that when using auto_click=True on the authorize_button, the button might be auto-clicked multiple times, including possibly in the popup window (aka the app starts normally, the popup window is opened, and instead of going to the auth page, it loads the app, including the button that is thus auto-clicked).

This results in multiple popup windows to be started, with some of them remaining after a successful login, with the app displayed in them. This also resulted in me unable to login as I most likely reached the max number of attempts 😄

It might be a performance issue as it does run fine some times.

Below is a code example with Microsoft auth (with secrets removed obviously):

import streamlit as st
from streamlit_oauth import OAuth2Component

tenantID = "<my_tenant_id>"

# Set environment variables
AUTHORIZE_URL = f"https://login.microsoftonline.com/{tenantID}/oauth2/v2.0/authorize"
TOKEN_URL = f"https://login.microsoftonline.com/{tenantID}/oauth2/v2.0/token"
REFRESH_TOKEN_URL = f"https://login.microsoftonline.com/{tenantID}/oauth2/v2.0/token"
REVOKE_TOKEN_URL = None
CLIENT_ID = "<my_client_id>"
CLIENT_SECRET = "<my_client_secret>"
REDIRECT_URI = "http://localhost:8501"
SCOPE = "openid"


# Create OAuth2Component instance
oauth2 = OAuth2Component(CLIENT_ID, CLIENT_SECRET, AUTHORIZE_URL, TOKEN_URL, REFRESH_TOKEN_URL, REVOKE_TOKEN_URL)

# Check if token exists in session state
if 'token' not in st.session_state:
    # If not, show authorize button
    result = oauth2.authorize_button("Authorize", REDIRECT_URI, SCOPE, auto_click=True)
    if result and 'token' in result:
        # If authorization successful, save token in session state
        st.session_state.token = result.get('token')
        st.rerun()
else:
    # If token exists in session state, show the token
    token = st.session_state['token']
    st.json(token)
    if st.button("Refresh Token"):
        # If refresh token button is clicked, refresh the token
        token = oauth2.refresh_token(token)
        st.session_state.token = token
        st.rerun()

[dnplus]

There have check if the popup already exists, but it does popup multiple times sometimes, currently has no idea how to fix this.

streamlit-oauth/streamlit_oauth/frontend/main.js

Line 72 in 69cab9d

if(data.args["auto_click"] && !window.opener && !window.clicked) {

[alp-yg]

I just tested again (note that I have version 0.1.13 from PyPi, but Github said max version was 0.1.9 until a few minutes ago), and the issue showed itself immediately. Since PyPi has a compiled version, I cannot check if the line you mentioned is indeed here or not. I also just tested with version 0.1.14, and the issue is still there.

Maybe you would be able to reproduce if your computer is under high CPU/Memory/Network usage? I don't have a lot opened, but Chrome might be using quite a lot of resources in the background. Last attempt showed that I got a 407 error due to proxy (I would know how to fix that), so maybe it happens if the request takes some time?