app.py

from flask import Flask, render_template, request, jsonify, redirect, url_for, session
from flask_session import Session  # Import the Session class
from flask.sessions import SecureCookieSessionInterface  # Import the class
from simple_salesforce import Salesforce
from flask_cors import CORS
import os
import requests

# Initialize Flask app
app = Flask(__name__)
app.secret_key = os.urandom(24)  # Random secret key for session management

# Configure session management
app.config["SESSION_COOKIE_SECURE"] = False  # Temporarily disable secure cookie
app.config["SESSION_COOKIE_SAMESITE"] = "Lax"  # Use "Lax" instead of "None"
app.config["SESSION_TYPE"] = "filesystem"  # Use filesystem for session storage
Session(app)  # Initialize the session interface
CORS(app)  # Enable Cross-Origin Resource Sharing (CORS)

# Salesforce OAuth URLs and credentials from environment variables for security
SALESFORCE_OAUTH_URL = "https://login.salesforce.com/services/oauth2/authorize"
SALESFORCE_TOKEN_URL = "https://login.salesforce.com/services/oauth2/token"
CLIENT_ID = os.getenv('SALESFORCE_CLIENT_ID', 'your_client_id')  # Use environment variables
CLIENT_SECRET = os.getenv('SALESFORCE_CLIENT_SECRET', 'your_client_secret')  # Use environment variables
REDIRECT_URI = os.getenv('SALESFORCE_REDIRECT_URI', 'https://huggingface.co/spaces/nagasurendra/BiryaniHubflask21')  # Your Hugging Face redirect URI

# Salesforce connection setup
def get_salesforce_connection():
    # Fetch Salesforce credentials from environment variables
    sf = Salesforce(
        username=os.getenv('SALESFORCE_USERNAME', 'your_username'),
        password=os.getenv('SALESFORCE_PASSWORD', 'your_password'),
        security_token=os.getenv('SALESFORCE_SECURITY_TOKEN', 'your_security_token')
    )
    return sf

# OAuth flow to redirect to Salesforce login
@app.route('/login')
def login():
    oauth_url = f"{SALESFORCE_OAUTH_URL}?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}"
    return redirect(oauth_url)

# Handle the OAuth callback from Salesforce and exchange the authorization code for an access token
@app.route('/oauth/callback')
def oauth_callback():
    auth_code = request.args.get('code')  # The code returned from Salesforce

    if not auth_code:
        return jsonify({"error": "No authorization code provided"}), 400

    # Exchange the authorization code for an access token
    token_data = {
        'grant_type': 'authorization_code',
        'code': auth_code,
        'client_id': CLIENT_ID,
        'client_secret': CLIENT_SECRET,
        'redirect_uri': REDIRECT_URI
    }

    token_response = requests.post(SALESFORCE_TOKEN_URL, data=token_data)

    if token_response.status_code == 200:
        token_info = token_response.json()
        access_token = token_info['sSSjyhInIsUohKpG8sHzty2q']  # Correct key to fetch the access token
        instance_url = token_info['https://biryanihub-dev-ed.develop.my.site.com/s/welcomePage']  # Correct key to fetch the instance URL

        # Store access token in session for future API requests
        session['access_token'] = access_token
        session['instance_url'] = instance_url

        return redirect('/dashboard')  # Redirect user to the Hugging Face dashboard or home page
    else:
        return jsonify({"error": "Failed to authenticate with Salesforce"}), 400

# Example protected route that uses the Salesforce access token
@app.route('/dashboard')
def dashboard():
    if 'access_token' not in session:
        return redirect('/login')  # If the user is not logged in, redirect to login
    
    access_token = session['access_token']
    instance_url = session['instance_url']
    
    # Use the access token to make API calls to Salesforce (example: fetch user info)
    headers = {'Authorization': f'Bearer {access_token}'}
    user_info_url = f"{instance_url}/services/oauth2/userinfo"
    user_info_response = requests.get(user_info_url, headers=headers)
    
    if user_info_response.status_code == 200:
        user_info = user_info_response.json()
        return jsonify(user_info)  # Display user info from Salesforce
    else:
        return jsonify({"error": "Failed to fetch user info from Salesforce"}), 400

if __name__ == '__main__':
    app.run(debug=True, host="0.0.0.0", port=7860)  # Make sure it listens on the correct port