hf test

.env.example

@@ -1,9 +1,15 @@
-# Gemini Proxy Configuration
-# Set your Google Cloud Project ID here to skip automatic detection
-GEMINI_PROJECT_ID=
+# Required: Authentication password for API access
+GEMINI_AUTH_PASSWORD=123456
 
-# Optional: Set a custom port (default is 8888)
-GEMINI_PORT=8888
+# Option 1: Credentials as JSON string (highest priority - overrides file-based credentials)
+# GEMINI_CREDENTIALS={"client_id":"your-client-id","client_secret":"your-client-secret","token":"your-access-token","refresh_token":"your-refresh-token","scopes":["https://www.googleapis.com/auth/cloud-platform"],"token_uri":"https://oauth2.googleapis.com/token"}
 
-# Authentication password for the proxy (default is 123456)
-GEMINI_AUTH_PASSWORD=123456
+# Option 2: Path to credentials file (only used if GEMINI_CREDENTIALS is not set)
+GOOGLE_APPLICATION_CREDENTIALS=oauth_creds.json
+
+# Optional: Google Cloud Project ID (if not in credentials)
+# GOOGLE_CLOUD_PROJECT=your-project-id
+
+# Server configuration (optional)
+# HOST=0.0.0.0
+# PORT=8888  # Default compatibility port (use 7860 for Hugging Face)

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2025 gzzhongqi
+Copyright (c) 2024 Gemini CLI to API Proxy
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,229 +1,183 @@
-# Gemini CLI to API Proxy
-
-A proxy server that converts Google's Gemini CLI authentication to standard API format, allowing you to use Gemini models with any Gemini API client.
-
-## Features
-
-- OAuth 2.0 authentication with Google Cloud
-- Automatic project ID detection and caching
-- Support for both streaming and non-streaming requests
-- Converts Google's internal API format to standard Gemini API format
-- Credential caching for seamless restarts
-
-## Prerequisites
-
-- Python 3.7 or higher
-- Google Cloud account with Gemini API access
-- Required Python packages (see `requirements.txt`)
-
-## Installation
+---
+title: Gemini CLI to API Proxy
+emoji: 🤖
+colorFrom: blue
+colorTo: purple
+sdk: docker
+pinned: false
+license: mit
+app_port: 7860
+---
+
+# Gemini CLI to API Proxy (geminicli2api)
+
+A FastAPI-based proxy server that converts the Gemini CLI tool into both OpenAI-compatible and native Gemini API endpoints. This allows you to leverage Google's free Gemini API quota through familiar OpenAI API interfaces or direct Gemini API calls.
+
+## 🚀 Features
+
+- **OpenAI-Compatible API**: Drop-in replacement for OpenAI's chat completions API
+- **Native Gemini API**: Direct proxy to Google's Gemini API
+- **Streaming Support**: Real-time streaming responses for both API formats
+- **Multimodal Support**: Text and image inputs
+- **Authentication**: Multiple auth methods (Bearer, Basic, API key)
+- **Docker Ready**: Containerized for easy deployment
+- **Hugging Face Spaces**: Ready for deployment on Hugging Face
+
+## 🔧 Environment Variables
+
+### Required
+- `GEMINI_AUTH_PASSWORD`: Authentication password for API access
+
+### Optional Credential Sources (choose one)
+- `GEMINI_CREDENTIALS`: JSON string containing Google OAuth credentials
+- `GOOGLE_APPLICATION_CREDENTIALS`: Path to Google OAuth credentials file
+- `GOOGLE_CLOUD_PROJECT`: Google Cloud project ID
+- `GEMINI_PROJECT_ID`: Alternative project ID variable
+
+### Example Credentials JSON
+```json
+{
+  "client_id": "your-client-id",
+  "client_secret": "your-client-secret", 
+  "token": "your-access-token",
+  "refresh_token": "your-refresh-token",
+  "scopes": ["https://www.googleapis.com/auth/cloud-platform"],
+  "token_uri": "https://oauth2.googleapis.com/token"
+}
+```
 
-1. Clone or download this repository
-2. Install the required dependencies:
-   ```bash
-   pip install -r requirements.txt
-   ```
+## 📡 API Endpoints
 
-## Setup and Usage
+### OpenAI-Compatible Endpoints
+- `POST /v1/chat/completions` - Chat completions (streaming & non-streaming)
+- `GET /v1/models` - List available models
 
-### First Time Setup
+### Native Gemini Endpoints  
+- `GET /v1beta/models` - List Gemini models
+- `POST /v1beta/models/{model}:generateContent` - Generate content
+- `POST /v1beta/models/{model}:streamGenerateContent` - Stream content
+- All other Gemini API endpoints are proxied through
 
-1. **(Optional) Configure your settings:**
-   If you know your Google Cloud project ID, you can set it in the `.env` file to skip automatic detection:
-   ```bash
-   # Edit the .env file
-   GEMINI_PROJECT_ID=your-project-id
-   
-   # Optional: Change the default port
-   GEMINI_PORT=8888
-   ```
+### Utility Endpoints
+- `GET /health` - Health check for container orchestration
 
-2. **Start the proxy server:**
-   ```bash
-   python gemini_proxy.py
-   ```
+## 🔐 Authentication
 
-3. **Authenticate with Google:**
-   - On first run, the proxy will display an authentication URL
-   - Open the URL in your browser and sign in with your Google account
-   - Grant the necessary permissions
-   - The browser will show "Authentication successful!" when complete
-   - The proxy will automatically save your credentials for future use
+The API supports multiple authentication methods:
 
-4. **Project ID Detection:**
-   - If `GEMINI_PROJECT_ID` is set in the `.env` file, it will be used
-   - Otherwise, the proxy will automatically detect and cache your Google Cloud project ID
-   - This only happens once - subsequent runs will use the cached project ID
+1. **Bearer Token**: `Authorization: Bearer YOUR_PASSWORD`
+2. **Basic Auth**: `Authorization: Basic base64(username:YOUR_PASSWORD)`
+3. **Query Parameter**: `?key=YOUR_PASSWORD`
+4. **Google Header**: `x-goog-api-key: YOUR_PASSWORD`
 
-### Regular Usage
+## 🐳 Docker Usage
 
-After initial setup, simply run:
 ```bash
-python gemini_proxy.py
-```
-
-The proxy server will start on `http://localhost:8888` and display:
-```
-Starting Gemini proxy server on http://localhost:8888
-Send your Gemini API requests to this address.
+# Build the image
+docker build -t geminicli2api .
+
+# Run on default port 8888 (compatibility)
+docker run -p 8888:8888 \
+  -e GEMINI_AUTH_PASSWORD=your_password \
+  -e GEMINI_CREDENTIALS='{"client_id":"...","token":"..."}' \
+  -e PORT=8888 \
+  geminicli2api
+
+# Run on port 7860 (Hugging Face compatible)
+docker run -p 7860:7860 \
+  -e GEMINI_AUTH_PASSWORD=your_password \
+  -e GEMINI_CREDENTIALS='{"client_id":"...","token":"..."}' \
+  -e PORT=7860 \
+  geminicli2api
 ```
 
-### Using with API Clients
+### Docker Compose
 
-Configure your Gemini API client to use `http://localhost:8888` as the base URL. The proxy accepts standard Gemini API requests and handles the authentication automatically.
-
-Example request:
 ```bash
-curl -X POST "http://localhost:8888/v1/models/gemini-pro:generateContent?key=123456" \
-  -H "Content-Type: application/json" \
-  -d '{
-    "contents": [{
-      "parts": [{"text": "Hello, how are you?"}]
-    }]
-  }'
-```
-
-**Note:** The proxy supports multiple authentication methods. The `key` query parameter is the most compatible with standard Gemini clients.
-
-### Safety Settings
-
-The proxy automatically sets default safety settings to `BLOCK_NONE` for all categories if no safety settings are specified in the request. This provides maximum flexibility for content generation. The default categories are:
+# Default setup (port 8888)
+docker-compose up -d
 
-- `HARM_CATEGORY_HARASSMENT`
-- `HARM_CATEGORY_HATE_SPEECH`
-- `HARM_CATEGORY_SEXUALLY_EXPLICIT`
-- `HARM_CATEGORY_DANGEROUS_CONTENT`
-
-You can override these defaults by including your own `safetySettings` in the request payload.
-
-## Authentication
-
-The proxy supports multiple authentication methods for maximum compatibility:
+# Hugging Face setup (port 7860)
+docker-compose --profile hf up -d geminicli2api-hf
+```
 
-- **Default Password:** `123456`
-- **Configuration:** Set `GEMINI_AUTH_PASSWORD` in `.env` file to change the password
+## 🤗 Hugging Face Spaces
 
-### Authentication Methods
+This project is configured for Hugging Face Spaces deployment:
 
-1. **API Key (Query Parameter)** - Compatible with standard Gemini clients:
-   ```bash
-   curl -X POST "http://localhost:8888/v1/models/gemini-pro:generateContent?key=123456" \
-     -H "Content-Type: application/json" \
-     -d '{"contents": [{"parts": [{"text": "Hello!"}]}]}'
-   ```
+1. Fork this repository
+2. Create a new Space on Hugging Face
+3. Connect your repository
+4. Set the required environment variables in Space settings:
+   - `GEMINI_AUTH_PASSWORD`
+   - `GEMINI_CREDENTIALS` (or other credential source)
 
-2. **Bearer Token** - Standard API token format:
-   ```bash
-   curl -X POST http://localhost:8888/v1/models/gemini-pro:generateContent \
-     -H "Authorization: Bearer 123456" \
-     -H "Content-Type: application/json" \
-     -d '{"contents": [{"parts": [{"text": "Hello!"}]}]}'
-   ```
+The Space will automatically build and deploy using the included Dockerfile.
 
-3. **HTTP Basic Authentication** - Traditional username/password:
-   ```bash
-   curl -u "user:123456" -X POST http://localhost:8888/v1/models/gemini-pro:generateContent \
-     -H "Content-Type: application/json" \
-     -d '{"contents": [{"parts": [{"text": "Hello!"}]}]}'
-   ```
+## 📝 OpenAI API Example
 
-**Python examples:**
 ```python
-import requests
-from requests.auth import HTTPBasicAuth
+import openai
 
-# Method 1: Query parameter
-response = requests.post(
-    "http://localhost:8888/v1/models/gemini-pro:generateContent?key=123456",
-    json={"contents": [{"parts": [{"text": "Hello!"}]}]}
+# Configure client to use your proxy
+client = openai.OpenAI(
+    base_url="http://localhost:8888/v1",  # or 7860 for HF
+    api_key="your_password"  # Your GEMINI_AUTH_PASSWORD
 )
 
-# Method 2: Bearer token
-response = requests.post(
-    "http://localhost:8888/v1/models/gemini-pro:generateContent",
-    headers={"Authorization": "Bearer 123456"},
-    json={"contents": [{"parts": [{"text": "Hello!"}]}]}
+# Use like normal OpenAI API
+response = client.chat.completions.create(
+    model="gemini-2.0-flash-exp",
+    messages=[
+        {"role": "user", "content": "Hello, how are you?"}
+    ],
+    stream=True
 )
 
-# Method 3: Basic auth
-response = requests.post(
-    "http://localhost:8888/v1/models/gemini-pro:generateContent",
-    auth=HTTPBasicAuth("user", "123456"),
-    json={"contents": [{"parts": [{"text": "Hello!"}]}]}
-)
+for chunk in response:
+    print(chunk.choices[0].delta.content, end="")
 ```
 
-## Configuration
+## 🔧 Native Gemini API Example
 
-The proxy uses the following configuration:
-- **Port:** 8888 (default, configurable via `.env`)
-- **Credential file:** `oauth_creds.json` (automatically created)
-- **Configuration file:** `.env` (optional settings)
-- **Scopes:** Cloud Platform, User Info (email/profile), OpenID
-
-### Configuration File (.env)
+```python
+import requests
 
-You can create a `.env` file in the same directory as the script to configure the proxy:
+headers = {
+    "Authorization": "Bearer your_password",
+    "Content-Type": "application/json"
+}
 
-```bash
-# Set your Google Cloud Project ID to skip automatic detection
-GEMINI_PROJECT_ID=my-gcp-project-123
+data = {
+    "contents": [
+        {
+            "role": "user", 
+            "parts": [{"text": "Hello, how are you?"}]
+        }
+    ]
+}
 
-# Set a custom port (default is 8888)
-GEMINI_PORT=9000
+response = requests.post(
+    "http://localhost:8888/v1beta/models/gemini-2.0-flash-exp:generateContent",  # or 7860 for HF
+    headers=headers,
+    json=data
+)
 
-# Set authentication password (default is 123456)
-GEMINI_AUTH_PASSWORD=your-secure-password
+print(response.json())
 ```
 
-**Note:** The `.env` file is automatically excluded from version control via `.gitignore`.
-
-## File Structure
-
-- `gemini_proxy.py` - Main proxy server
-- `oauth_creds.json` - Cached OAuth credentials and project ID (auto-generated)
-- `requirements.txt` - Python dependencies
-- `.env` - Configuration file (optional, create as needed)
-- `.gitignore` - Prevents credential and config files from being committed
-
-## Troubleshooting
-
-### Port Already in Use
-If you see "error while attempting to bind on address", another instance is already running. Stop the existing process or use a different port.
-
-### Authentication Issues (Google OAuth)
-- Delete `oauth_creds.json` and restart to re-authenticate
-- Ensure your Google account has access to Google Cloud and Gemini API
-- Check that the required scopes are granted during authentication
-
-### Authentication Issues (Proxy Access)
-- If you get 401 Unauthorized errors, check your authentication method
-- Default password is `123456` unless changed in `.env` file
-- Try different authentication methods:
-  - Query parameter: `?key=123456`
-  - Bearer token: `Authorization: Bearer 123456`
-  - Basic auth: `Authorization: Basic base64(user:123456)`
-- Most Gemini clients work best with the query parameter method (`?key=password`)
-
-### Project ID Issues
-- The proxy automatically detects your project ID on first run
-- If detection fails, you can manually set `GEMINI_PROJECT_ID` in the `.env` file
-- Check your Google Cloud project permissions if auto-detection fails
-- Delete `oauth_creds.json` to force re-detection
-- Project ID in `.env` file takes priority over cached and auto-detected project IDs
+## 🎯 Supported Models
 
-## Security Notes
+- `gemini-2.0-flash-exp`
+- `gemini-1.5-flash`
+- `gemini-1.5-flash-8b`
+- `gemini-1.5-pro`
+- `gemini-1.0-pro`
 
-- **Never commit `oauth_creds.json`** - it contains sensitive authentication tokens
-- The `.gitignore` file is configured to prevent accidental commits
-- Credentials are stored locally and refreshed automatically when expired
-- The proxy runs on localhost only for security
+## 📄 License
 
-## API Compatibility
+MIT License - see LICENSE file for details.
 
-This proxy converts between:
-- **Input:** Standard Gemini API format
-- **Output:** Standard Gemini API responses
-- **Internal:** Google's Cloud Code Assist API format
+## 🤝 Contributing
 
-The conversion is transparent to API clients.
+Contributions are welcome! Please feel free to submit a Pull Request.

requirements.txt

@@ -1,6 +1,6 @@
 fastapi
-uvicorn
+uvicorn[standard]
 requests
 python-dotenv
 google-auth-oauthlib
-asyncio
+pydantic

run.py

@@ -1,5 +1,8 @@
+import os
 import uvicorn
 from src.main import app
 
 if __name__ == "__main__":
-    uvicorn.run(app, host="0.0.0.0", port=8888)
+    host = os.getenv("HOST", "0.0.0.0")
+    port = int(os.getenv("PORT", "8888"))
+    uvicorn.run(app, host=host, port=port)

src/auth.py

@@ -22,6 +22,7 @@ from .config import (
 credentials = None
 user_project_id = None
 onboarding_complete = False
+credentials_from_env = False  # Track if credentials came from environment variable
 
 security = HTTPBasic()
 
@@ -80,6 +81,11 @@ def authenticate_user(request: Request):
     )
 
 def save_credentials(creds, project_id=None):
+    global credentials_from_env
+    
+    # Don't save to file if credentials came from environment variable
+    if credentials_from_env:
+        return
     
     creds_data = {
         "client_id": CLIENT_ID,
@@ -116,17 +122,18 @@ def save_credentials(creds, project_id=None):
 
 def get_credentials():
     """Loads credentials matching gemini-cli OAuth2 flow."""
-    global credentials
+    global credentials, credentials_from_env
     
     if credentials and credentials.token:
         return credentials
     
-    env_creds = os.getenv("GOOGLE_APPLICATION_CREDENTIALS")
-    if env_creds and os.path.exists(env_creds):
+    # Check for credentials in environment variable (JSON string)
+    env_creds_json = os.getenv("GEMINI_CREDENTIALS")
+    if env_creds_json:
         try:
-            with open(env_creds, "r") as f:
-                creds_data = json.load(f)
+            creds_data = json.loads(env_creds_json)
             credentials = Credentials.from_authorized_user_info(creds_data, SCOPES)
+            credentials_from_env = True  # Mark as environment credentials
 
             if credentials.refresh_token:
                 try:
@@ -137,7 +144,8 @@ def get_credentials():
             return credentials
         except Exception as e:
             pass  # Fall through to file-based credentials
-
+    
+    # Check for credentials file (CREDENTIAL_FILE now includes GOOGLE_APPLICATION_CREDENTIALS path if set)
     if os.path.exists(CREDENTIAL_FILE):
         try:
             with open(CREDENTIAL_FILE, "r") as f:
@@ -151,6 +159,8 @@ def get_credentials():
                 creds_data["scopes"] = creds_data["scope"].split()
             
             credentials = Credentials.from_authorized_user_info(creds_data, SCOPES)
+            # Mark as environment credentials if GOOGLE_APPLICATION_CREDENTIALS was used
+            credentials_from_env = bool(os.getenv("GOOGLE_APPLICATION_CREDENTIALS"))
 
             if credentials.refresh_token:
                 try:
@@ -208,6 +218,7 @@ def get_credentials():
     try:
         flow.fetch_token(code=auth_code)
         credentials = flow.credentials
+        credentials_from_env = False  # Mark as file-based credentials
         save_credentials(credentials)
         print("Authentication successful! Credentials saved.")
         return credentials
@@ -312,12 +323,6 @@ def get_user_project_id(creds):
         save_credentials(creds, user_project_id)
         return user_project_id
 
-    gemini_env_project_id = os.getenv("GEMINI_PROJECT_ID")
-    if gemini_env_project_id:
-        user_project_id = gemini_env_project_id
-        save_credentials(creds, user_project_id)
-        return user_project_id
-
     if os.path.exists(CREDENTIAL_FILE):
         try:
             with open(CREDENTIAL_FILE, "r") as f:

src/config.py

@@ -21,7 +21,7 @@ SCOPES = [
 
 # File Paths
 SCRIPT_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-CREDENTIAL_FILE = os.path.join(SCRIPT_DIR, "oauth_creds.json")
+CREDENTIAL_FILE = os.path.join(SCRIPT_DIR, os.getenv("GOOGLE_APPLICATION_CREDENTIALS", "oauth_creds.json"))
 
 # Authentication
 GEMINI_AUTH_PASSWORD = os.getenv("GEMINI_AUTH_PASSWORD", "123456")

src/main.py

@@ -48,5 +48,11 @@ async def handle_preflight(request: Request, full_path: str):
         }
     )
 
+# Health check endpoint for Docker/Hugging Face
+@app.get("/health")
+async def health_check():
+    """Health check endpoint for container orchestration."""
+    return {"status": "healthy", "service": "geminicli2api"}
+
 app.include_router(openai_router)
 app.include_router(gemini_router)