feat: minimal Auth; remove Profile Switcher & Spec Health panels

openapi_loader.py

@@ -1,40 +1,23 @@
 # openapi_loader.py
 from __future__ import annotations
-import json, os, re, sys
-from typing import Any, Dict, Tuple, Optional, List
+import json, os, re
+from typing import Any, Dict, Tuple, Optional
 from urllib.parse import urlparse
 import requests
 import yaml
 import gradio as gr
-import inspect, keyword, base64, requests
+import inspect, keyword, base64
 from openapi_spec_validator import validate_spec
-import sys, yaml
-
-
 
 Json = Dict[str, Any]
 _VAR_RE = re.compile(r"\{([^}]+)\}")
-
-
-import keyword
-import re
+_PY_IDENT = re.compile(r"^[A-Za-z_]\w*$")
 
 _PY_IDENT = re.compile(r"^[A-Za-z_]\w*$")
 
 def _is_valid_identifier(name: str) -> bool:
     return bool(_PY_IDENT.match(name)) and not keyword.iskeyword(name)
 
-def _load_profile_from_yaml(name: str):
-    """Load (spec, base_url, bearer) from profiles.yaml in CWD."""
-    path = os.path.join(os.getcwd(), "profiles.yaml")
-    if not os.path.exists(path):
-        raise FileNotFoundError("profiles.yaml not found in the working directory.")
-    data = yaml.safe_load(open(path, "r", encoding="utf-8")) or {}
-    if name not in data:
-        raise KeyError(f"profile '{name}' not found. Available: {list(data.keys())}")
-    prof = data[name] or {}
-    return (prof.get("spec"), prof.get("base_url"), prof.get("bearer") or None), list(data.keys())
-
 
 def sanitize_header_params(spec: Json) -> Tuple[Json, list]:
     """
@@ -174,18 +157,6 @@ def best_default_security(spec: Json) -> Optional[str]:
     return next(iter(schemes.keys())) if schemes else None
 
 
-def _load_profile_from_yaml(name: str) -> Tuple[Tuple[str, str, Optional[str]], List[str]]:
-    path = os.path.join(os.getcwd(), "profiles.yaml")
-    if not os.path.exists(path):
-        raise FileNotFoundError("profiles.yaml not found.")
-    data = yaml.safe_load(open(path, "r", encoding="utf-8"))
-    if name not in data:
-        raise KeyError(f"profile '{name}' not in profiles.yaml. Have: {list(data.keys())}")
-    prof = data[name] or {}
-    profile_names = list(data.keys())
-    return (prof.get("spec"), prof.get("base_url"), prof.get("bearer")), profile_names
-
-
 def build_gradio_app_from_spec(spec: Json, base_url: Optional[str] = None,
                                bearer_token: Optional[str] = None) -> gr.Blocks:
     if not base_url:
@@ -224,50 +195,6 @@ def build_gradio_app_from_spec(spec: Json, base_url: Optional[str] = None,
         gr.Markdown("### AnyAPI→MCP Factory — OpenAPI Explorer")
         gr.Markdown(f"**Base URL:** `{base_url}`  \n**Auth:** {banner_auth}")
 
-        # --- Profile Switcher (reloads the process with selected profile) ---
-        with gr.Accordion("Profile switcher (restart with selected profile)", open=False):
-            profile_list = []
-            try:
-                # Load list of profile names (and ignore the selected profile here)
-                _tmp, profile_list = _load_profile_from_yaml("__dummy__")  # will raise, we just want the list
-            except KeyError as _e:
-                # _e.args[0] has message with available list from loader; parse a best-effort
-                msg = str(_e)
-                start = msg.find("[")
-                end = msg.rfind("]")
-                if start != -1 and end != -1:
-                    names_str = msg[start+1:end]
-                    profile_list = [n.strip().strip("'\"") for n in names_str.split(",")] if names_str else []
-            except FileNotFoundError:
-                profile_list = []
-
-            prof_dd = gr.Dropdown(choices=profile_list or ["<no profiles.yaml>"],
-                                  value=(profile_list[0] if profile_list else "<no profiles.yaml>"),
-                                  label="Select profile (from profiles.yaml)")
-            reload_btn = gr.Button("Reload app with this profile")
-            reload_out = gr.Textbox(label="Reload status", interactive=False)
-
-            def _reload_with_profile(sel_name: str):
-                if not sel_name or sel_name == "<no profiles.yaml>":
-                    return "❌ No profiles.yaml or no profiles found."
-                try:
-                    (p_spec, p_base, p_bearer), _ = _load_profile_from_yaml(sel_name)
-                    if not p_spec or not p_base:
-                        return "❌ Profile missing 'spec' or 'base_url'."
-                    # Build argv: python app.py --spec ... --base-url ... [--bearer ...] [--profile sel_name]
-                    argv = [sys.executable, os.path.abspath(sys.argv[0]),
-                            "--spec", p_spec, "--base-url", p_base]
-                    if p_bearer:
-                        argv += ["--bearer", p_bearer]
-                    argv += ["--profile", sel_name]  # keep the profile label in argv for clarity
-                    # Flush response text, then execv to hard-restart the process
-                    # Note: This will drop current connections; expected for a restart.
-                    os.execv(sys.executable, argv)
-                except Exception as e:
-                    return f"❌ {type(e).__name__}: {e}"
-
-            reload_btn.click(_reload_with_profile, inputs=[prof_dd], outputs=[reload_out])
-
         # 1) Spec validator (local)
         def validate_btn():
             try:
@@ -289,8 +216,8 @@ def build_gradio_app_from_spec(spec: Json, base_url: Optional[str] = None,
             "oauth2": {"token": None}
         })
 
-        # === Auth Wizard (drop-in block) ===
-        with gr.Accordion("Auth Wizard (reads components.securitySchemes)", open=False):
+        # === Auth (minimal) ===
+        with gr.Accordion("Auth", open=True):
             scheme_names = list(schemes.keys()) or ["<none>"]
             scheme_dd = gr.Dropdown(
                 scheme_names,
@@ -299,8 +226,7 @@ def build_gradio_app_from_spec(spec: Json, base_url: Optional[str] = None,
             )
 
             with gr.Row():
-                api_in   = gr.Dropdown(["header", "query", "cookie"], label="apiKey.in")
-                # Make it user-editable and NEVER bind it as an output again
+                api_in   = gr.Dropdown(["header", "query", "cookie"], value="header", label="apiKey.in")
                 api_name = gr.Textbox(label="apiKey.name", interactive=True, placeholder="X-API-Key")
                 api_value = gr.Textbox(label="apiKey.value (secret)", type="password")
 
@@ -311,34 +237,22 @@ def build_gradio_app_from_spec(spec: Json, base_url: Optional[str] = None,
                 basic_user = gr.Textbox(label="Basic user")
                 basic_pass = gr.Textbox(label="Basic password", type="password")
 
-            with gr.Accordion("OAuth2 (manual or client_credentials)", open=False):
-                oauth_token = gr.Textbox(label="Access token (sets Authorization: Bearer ...)", type="password")
-                token_url   = gr.Textbox(label="tokenUrl (for client_credentials)")
-                client_id   = gr.Textbox(label="client_id")
-                client_secret = gr.Textbox(label="client_secret", type="password")
-                scope       = gr.Textbox(label="scope (space-separated)", placeholder="read write")
-                fetch_tok   = gr.Button("Fetch token (client_credentials)")
-                fetch_out   = gr.Textbox(label="Token fetch result", interactive=False)
-
-            # Prefill only apiKey.in from the selected scheme; leave name editable
             def on_scheme_change(sel):
                 data = schemes.get(sel, {}) if sel and sel in schemes else {}
+                # Only prefill apiKey.in; leave name editable
                 return (data.get("in") or "header")
             scheme_dd.change(on_scheme_change, inputs=[scheme_dd], outputs=[api_in])
 
-            # Apply button + handler (this is the one that went missing)
-            apply_btn = gr.Button("Apply auth to proxy_request")
+            apply_btn = gr.Button("Apply auth")
             apply_out = gr.Textbox(label="Auth status", interactive=False)
 
-            def apply_auth(sel, api_in_v, api_name_v, api_value_v, bearer_v, basic_u, basic_p, oauth_tok):
+            def apply_auth(sel, api_in_v, api_name_v, api_value_v, bearer_v, basic_u, basic_p):
                 ctx = {
                     "mode": None,
                     "apiKey": {"in": None, "name": None, "value": None},
                     "bearer": {"token": None},
                     "basic": {"user": None, "pass": None},
-                    "oauth2": {"token": None}
                 }
-                # Prefer defined scheme if present
                 if sel in schemes:
                     stype = (schemes[sel].get("type") or "").lower()
                     scheme_name = (schemes[sel].get("scheme") or "").lower()
@@ -355,60 +269,25 @@ def build_gradio_app_from_spec(spec: Json, base_url: Optional[str] = None,
                     elif stype == "http" and scheme_name == "basic":
                         ctx["mode"] = "http_basic"
                         ctx["basic"] = {"user": basic_u, "pass": basic_p}
-                    elif stype == "oauth2":
-                        ctx["mode"] = "oauth2"
-                        ctx["oauth2"]["token"] = oauth_tok
-                else:
-                    # No securitySchemes: infer from what the user typed
+
+                # Fallbacks if the spec doesn't define a scheme
+                if ctx["mode"] is None:
                     if api_value_v and (api_in_v or api_name_v):
                         ctx["mode"] = "apiKey"
-                        ctx["apiKey"] = {
-                            "in": api_in_v or "header",
-                            "name": api_name_v or "X-API-Key",
-                            "value": api_value_v
-                        }
+                        ctx["apiKey"] = {"in": api_in_v or "header", "name": api_name_v or "X-API-Key", "value": api_value_v}
                     elif bearer_v:
-                        ctx["mode"] = "http_bearer"
-                        ctx["bearer"]["token"] = bearer_v
+                        ctx["mode"] = "http_bearer"; ctx["bearer"]["token"] = bearer_v
                     elif basic_u or basic_p:
-                        ctx["mode"] = "http_basic"
-                        ctx["basic"] = {"user": basic_u, "pass": basic_p}
-                    elif oauth_tok:
-                        ctx["mode"] = "oauth2"
-                        ctx["oauth2"]["token"] = oauth_tok
+                        ctx["mode"] = "http_basic"; ctx["basic"] = {"user": basic_u, "pass": basic_p}
 
                 return ctx, f"Applied auth mode: {ctx['mode']}"
 
             apply_btn.click(
                 fn=apply_auth,
-                inputs=[scheme_dd, api_in, api_name, api_value, bearer_inp, basic_user, basic_pass, oauth_token],
+                inputs=[scheme_dd, api_in, api_name, api_value, bearer_inp, basic_user, basic_pass],
                 outputs=[auth_ctx, apply_out]
             )
-
-            # Client Credentials fetch helper (optional)
-            def fetch_token_cc(token_url_v, client_id_v, client_secret_v, scope_v):
-                if not token_url_v:
-                    return "❌ tokenUrl required"
-                try:
-                    data = {"grant_type": "client_credentials"}
-                    if scope_v: data["scope"] = scope_v
-                    resp = requests.post(
-                        token_url_v, data=data,
-                        auth=(client_id_v or "", client_secret_v or ""), timeout=30
-                    )
-                    resp.raise_for_status()
-                    payload = resp.json()
-                    tok = payload.get("access_token")
-                    return f"✅ got token: {('***' if tok else '<none>')}"
-                except Exception as e:
-                    return f"❌ {type(e).__name__}: {e}"
-
-            fetch_tok.click(
-                fetch_token_cc,
-                inputs=[token_url, client_id, client_secret, scope],
-                outputs=[fetch_out]
-            )
-        # === end Auth Wizard ===
+        # === end Auth ===
 
         # 4) Render auto-generated API UI
         loaded_app.render()
@@ -476,69 +355,6 @@ def build_gradio_app_from_spec(spec: Json, base_url: Optional[str] = None,
             status_out = f"{resp.status_code} {resp.reason}"
             return status_out, body_out, headers_out
 
-        # --- Spec Health (Modal) ---
-        with gr.Accordion("Spec Health (Modal)", open=False):
-            status_url = gr.Textbox(
-                label="Status URL (exact)",
-                placeholder="https://<your-status>.modal.run",
-                value=os.environ.get("MODAL_STATUS_URL", "")
-            )
-            download_url = gr.Textbox(
-                label="Download URL (exact)",
-                placeholder="https://<your-download>.modal.run",
-                value=os.environ.get("MODAL_DOWNLOAD_URL", "")
-            )
-
-            fetch = gr.Button("Fetch status")
-            used_status_url = gr.Textbox(label="(debug) used status URL", interactive=False)
-            status_out = gr.Textbox(label="Result", interactive=False)
-            status_json = gr.JSON(label="Status JSON")
-
-            validated_dd = gr.Dropdown(choices=[], label="Validated profile")
-            reload_validated_btn = gr.Button("Reload with validated spec")
-            reload_validated_out = gr.Textbox(label="Reload result", interactive=False)
-
-            def _fetch_status(status_u: str):
-                if not status_u:
-                    return "", "❌ Provide the full Status URL", None
-                try:
-                    # DO NOT append '/status' — this URL *is* the endpoint
-                    r = requests.get(status_u, timeout=20, allow_redirects=True)
-                    r.raise_for_status()
-                    data = r.json()
-                    profiles = sorted(list(data.keys()))
-                    note = f"✅ {len(profiles)} profiles fetched"
-                    dd = gr.update(choices=profiles, value=(profiles[0] if profiles else None))
-                    return status_u, note, data, dd
-                except Exception as e:
-                    return status_u, f"❌ {type(e).__name__}: {e}", None, gr.update(choices=[], value=None)
-
-            fetch.click(_fetch_status, inputs=[status_url], outputs=[used_status_url, status_out, status_json, validated_dd])
-
-            def _reload_with_validated(profile_name: str, download_u: str):
-                if not profile_name:
-                    return "❌ Select a profile."
-                if not download_u:
-                    return "❌ Provide the full Download URL."
-
-                # Read base_url from profiles.yaml
-                try:
-                    (p_spec, p_base, p_bearer), _ = _load_profile_from_yaml(profile_name)
-                except Exception:
-                    p_spec, p_base, p_bearer = None, None, None
-                if not p_base:
-                    return "❌ profiles.yaml must include base_url for this profile."
-
-                # Modal download endpoint uses ?profile=...
-                spec_url = f"{download_u}{'' if '?' in download_u else ''}?profile={profile_name}"
-
-                argv = [sys.executable, os.path.abspath(sys.argv[0]), "--spec", spec_url, "--base-url", p_base, "--profile", profile_name]
-                if p_bearer:
-                    argv += ["--bearer", p_bearer]
-                os.execv(sys.executable, argv)
-
-            reload_validated_btn.click(_reload_with_validated, inputs=[validated_dd, download_url], outputs=[reload_validated_out])
-
         with gr.Accordion("Advanced request (API-Key / Basic / custom headers)", open=False):
             with gr.Row():
                 method = gr.Dropdown(["GET","POST","PUT","PATCH","DELETE","HEAD","OPTIONS"], value="GET", label="Method")