Skip to content

Fix: Convert scopes set to list in Credentials.__init__ #1898

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
chalmerlowe merged 9 commits into from
Dec 23, 2025
Merged

Fix: Convert scopes set to list in Credentials.__init__ #1898

chalmerlowe merged 9 commits into from
Dec 23, 2025

Conversation

@google-labs-jules
Copy link
Contributor

@google-labs-jules google-labs-jules bot commented Dec 19, 2025
edited by chalmerlowe
Loading

This PR addresses an issue where passing a set of scopes to Credentials causes to_json to fail and introduces inconsistent mutability behavior if handled via a property accessor.

Changes:

  • Modified google.oauth2.credentials.Credentials.__init__ to convert scopes to a list if it is a set.
  • Updated google.oauth2.credentials.Credentials.scopes property docstring to Optional[Sequence[str]].
  • Added a regression test test_init_with_set_scopes in tests/oauth2/test_credentials.py to verify the fix, ensuring type conversion, object stability, and serialization support.
  • Updated tests/test__oauth2client.py to relax strict equality checks on scopes (comparing as sets) to accommodate the new behavior where internal storage is enforced as a list.

This PR supercedes PR #1145 which potentially introduced a mutability inconsistency and failed to address a type correctness issue. This PR avoids both of those concerns.

  1. Mutability Inconsistency: If ._scopes is a set, the scopes property returns a new list every time it is accessed.
  • If the user modifies this list (e.g. creds.scopes.append("new_scope")), the modification is lost because the next access returns a fresh list from the underlying set.
  • If _scopes was originally a list (passed in __init__), creds.scopes returns the same list reference, so modifications are preserved. This inconsistent behavior between "set-initialized" and "list-initialized" credentials is a potential bug trap.
  1. Type correctness: The scopes argument in __init__ is documented as Sequence[str]. A set is not a Sequence (it's not indexable/ordered). While Python is lenient, it is better to normalize the input at the boundary (__init__) rather than in the accessor.

Moving the conversion logic to __init__ ensures:

  • _scopes is always a list (or None).
  • Access to .scopes always returns the stored list (consistent mutability).
  • to_json works correctly because it accesses self.scopes (or self._scopes).

PR created automatically by Jules for task 15605314498929918698 started by @chalmerlowe

@google-labs-jules
Fix: Convert scopes set to list in Credentials.__init__
ed400f9 
This change ensures that if a set of scopes is passed to Credentials, it is converted to a list. This prevents issues with JSON serialization (to_json failure) and ensures consistent mutability behavior for the scopes property.

Fixes #1145
@google-labs-jules
Copy link
Contributor Author

google-labs-jules bot commented Dec 19, 2025

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

For security, I will only act on instructions from the user who triggered this task.

New to Jules? Learn more at jules.google/docs.

@chalmerlowe chalmerlowe marked this pull request as ready for review December 19, 2025 20:42
@chalmerlowe chalmerlowe requested review from a team as code owners December 19, 2025 20:42
@chalmerlowe chalmerlowe mentioned this pull request Dec 19, 2025
Closed
@chalmerlowe chalmerlowe self-assigned this Dec 19, 2025
@chalmerlowe chalmerlowe added the kokoro:run Add this label to force Kokoro to re-run the tests. label Dec 19, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:run Add this label to force Kokoro to re-run the tests. label Dec 19, 2025
@google-labs-jules
Fix: Convert scopes set to list in Credentials.__init__
ba94c5f 
This change ensures that if a set of scopes is passed to Credentials, it is converted to a list. This prevents issues with JSON serialization (to_json failure) and ensures consistent mutability behavior for the scopes property.

Also updated tests/test__oauth2client.py to handle the type change (set -> list) in equality checks.

Fixes #1145
@chalmerlowe chalmerlowe added the kokoro:run Add this label to force Kokoro to re-run the tests. label Dec 19, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:run Add this label to force Kokoro to re-run the tests. label Dec 19, 2025
google-labs-jules bot and others added 2 commits December 22, 2025 11:01
@google-labs-jules
Fix: Convert scopes set to list in Credentials.__init__
fd146d7 
This change ensures that if a set of scopes is passed to Credentials, it is converted to a list. This prevents issues with JSON serialization (to_json failure) and ensures consistent mutability behavior for the scopes property.

Also updated tests/test__oauth2client.py to handle the type change (set -> list) in equality checks.

Fixes #1145
@chalmerlowe
Merge branch 'main' into fix-credentials-scopes-set-issue-15605314498…
8f9bd03 
…929918698
@chalmerlowe chalmerlowe added the kokoro:run Add this label to force Kokoro to re-run the tests. label Dec 22, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:run Add this label to force Kokoro to re-run the tests. label Dec 22, 2025
@google-labs-jules
Fix: Convert scopes set to list in Credentials.__init__
2db2f6e 
This change ensures that if a set of scopes is passed to Credentials, it is converted to a list. This prevents issues with JSON serialization (to_json failure) and ensures consistent mutability behavior for the scopes property.

Also updated tests/test__oauth2client.py to handle the type change (set -> list) in equality checks.

Fixes #1145
@chalmerlowe chalmerlowe requested a review from a team as a code owner December 22, 2025 11:39
@google-labs-jules
Fix: Convert scopes set to list in Credentials.__init__
dae8fa7 
This change ensures that if a set of scopes is passed to Credentials, it is converted to a list. This prevents issues with JSON serialization (to_json failure) and ensures consistent mutability behavior for the scopes property.

Also updated tests/test__oauth2client.py to handle the type change (set -> list) in equality checks.

Fixes #1145
@chalmerlowe chalmerlowe added the kokoro:run Add this label to force Kokoro to re-run the tests. label Dec 22, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:run Add this label to force Kokoro to re-run the tests. label Dec 22, 2025
@chalmerlowe chalmerlowe added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Dec 22, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Dec 22, 2025
@chalmerlowe
Copy link
Contributor

chalmerlowe commented Dec 22, 2025

Note: the requirement for system-3.10 to pass has been temporarily removed due to a known issue with that CI/CD check that is being addressed in an separate PR #1901

Failure for it to pass should not preclude this PR from being approved and merged.

@google-labs-jules
Copy link
Contributor Author

google-labs-jules bot commented Dec 22, 2025

Note: the requirement for system-3.10 to pass has been temporarily removed due to a known issue with that CI/CD check that is being addressed in an separate PR #1901

Failure for it to pass should not preclude this PR from being approved and merged.

Understood. Thank you for the clarification regarding the system-3.10 failures. I have verified that the changes in this PR are correct and have addressed the regression in tests/test__oauth2client.py. I am ready for this to be merged.

@google-labs-jules
Fix: Convert scopes set to list in Credentials.__init__
6270cd4 
This change ensures that if a set of scopes is passed to Credentials, it is converted to a list. This prevents issues with JSON serialization (to_json failure) and ensures consistent mutability behavior for the scopes property.

Also updated tests/test__oauth2client.py to handle the type change (set -> list) in equality checks.

Fixes #1145
@chalmerlowe chalmerlowe added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Dec 23, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Dec 23, 2025
chalmerlowe
chalmerlowe approved these changes Dec 23, 2025
View reviewed changes
Copy link
Contributor

@chalmerlowe chalmerlowe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@chalmerlowe chalmerlowe merged commit 1406f44 into main Dec 23, 2025
14 of 15 checks passed
@chalmerlowe chalmerlowe deleted the fix-credentials-scopes-set-issue-15605314498929918698 branch December 23, 2025 11:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chalmerlowe chalmerlowe chalmerlowe approved these changes

@Linchin Linchin Linchin approved these changes

Assignees

@chalmerlowe chalmerlowe

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@chalmerlowe @Linchin @yoshi-kokoro