-
Notifications
You must be signed in to change notification settings - Fork 303
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Credentials object works even when incorrect access_code is provided #1370
Comments
A cursory look: I imagine the credential is marked as invalid and automatically refreshed using the refresh token. You could add a print statement to check if the token is valid after creation |
Tried this. But it says that the credentials are valid event when I change my access code. For example, I tried this:
And the output to this was:
When I call the calendar service with the same credentials, it returns all the relevant information. But when I try printing the credentials validity and token again, it is the exact same. If the object is mutable, any refresh happening at the service should be reflected afterwards.
which displays:
|
Okay, can you provide more information so I can work on reproducing? Can you share what credential class you are instantiating? Could you share a docker image or repo that has a repro? |
Surely. I'll create a clean repo with the issue and share the link in this thread. |
Hi @clundin25, I have created a repo but it has to be kept private based on our company policy. I have added you as a collaborator - https://github.com/psambit9791/google_auth_test/. Can you please try and take a look? |
@clundin25 any update on this at all? |
@psambit9791 I have been on vacation. Once I have caught up I will take a look at your test repo. Thank you for creating it! |
So, taking a look, it looks like you are using the Oauth2.0 base credential type. Here we see that it always refreshes the credentials before using them https://github.com/googleapis/google-auth-library-python/blob/main/google/oauth2/credentials.py#L543. Here is where the underlying HTTP library is applying the credentials https://github.com/googleapis/google-auth-library-python-httplib2/blob/d7f949b112213f0959c233fe38050616093ba3c6/google_auth_httplib2.py#L209. You could probably set a breakpoint on the credential's refresh method, to see where it gets called. I'm not sure why the credential appears to stay invalid, given that it is a self mutating method, but I don't see any print statements in the repro |
Please re-open this with more information if this is still an issue! |
I am trying to use
google.auth
andgoogleapiclient
to pull calendar information from user. The problem I am encountering is that when I am creating aCredentials object
using:and instead of using the
actual token
I hardcode any value like:and I make a call to the calendar API like this:
it still pulls all the information despite the access_code being incorrect.
Environment details
google-auth
version: 2.22.0Prerequisites
I have setup a consent screen and an OAuth2 client to access calendar for a test account in Google Cloud API & Services.
Steps to reproduce
load_google_credentials()
to accept a hardcoded token:The data still comes though.
I am not sure if this is expected behaviour or not. It does not appear to be since the access code is now incorrect.
The text was updated successfully, but these errors were encountered: