new try

main.py

@@ -386,34 +386,36 @@ async def get_random_sample(dataset_name: str = Query(..., alias="dataset-name")
 
 @app.get("/login/callback")
 async def oauth_callback(code: str, state: str):
-    # Verify the state value here
-    print(client_id)
+    # Prepare the authorization header
+    credentials = f"{client_id}:{client_secret}"
+    credentials_bytes = credentials.encode("ascii")
+    base64_credentials = base64.b64encode(credentials_bytes)
+    auth_header = f"Basic {base64_credentials.decode('ascii')}"
 
-    access_token = ""
     try:
         token_response = requests.post(
             'https://huggingface.co/oauth/token',
+            headers={'Authorization': auth_header},
             data={
                 'grant_type': 'authorization_code',
                 'code': code,
                 'redirect_uri': f'https://{space_host}/login/callback',
-                'client_id': client_id,
-                'client_secret': client_secret,
-                'client_assertion_type': 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'
+                'client_id': client_id
             }
         )
         print(token_response.status_code, token_response.text)
-    except Exception:
-        traceback.print_exc()
 
-    # # Fetch user information using access token
-    # user_response = requests.get(
-    #     'https://huggingface.co/api/user',
-    #     headers={'Authorization': f'Bearer {access_token}'}
-    # )
-    # user_data = user_response.json()
-    # username = user_data['username']
+        if token_response.status_code == 200:
+            tokens = token_response.json()
+            access_token = tokens.get('access_token')
+            # ID Token can be extracted here if needed
+            # id_token = tokens.get('id_token')
+        else:
+            access_token = ""
 
+    except Exception:
+        traceback.print_exc()
+        access_token = ""
 
     return {"access_token": access_token}