diff --git a/.github/workflows/unittest.yml b/.github/workflows/unittest.yml index 9636224..8abe364 100644 --- a/.github/workflows/unittest.yml +++ b/.github/workflows/unittest.yml @@ -5,7 +5,7 @@ on: name: unittest jobs: unit: - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 strategy: matrix: python: ['3.6', '3.7', '3.8', '3.9', '3.10', '3.11'] diff --git a/google_auth_oauthlib/helpers.py b/google_auth_oauthlib/helpers.py index 41259c5..25462f4 100644 --- a/google_auth_oauthlib/helpers.py +++ b/google_auth_oauthlib/helpers.py @@ -145,6 +145,7 @@ def credentials_from_session(session, client_config=None): client_id=client_config.get("client_id"), client_secret=client_config.get("client_secret"), scopes=session.scope, + granted_scopes=session.token.get("scope"), ) credentials.expiry = datetime.datetime.utcfromtimestamp(session.token["expires_at"]) return credentials diff --git a/owlbot.py b/owlbot.py index 15f9a4d..8c3623d 100644 --- a/owlbot.py +++ b/owlbot.py @@ -14,7 +14,8 @@ ) s.move(templated_files, excludes=[ "docs/multiprocessing.rst", - "README.rst" + "README.rst", + ".github/workflows/unittest.yml" #remove this exclusion when removing 3.6 from unit test ]) # Change black paths diff --git a/setup.py b/setup.py index 03ec093..f983fb2 100644 --- a/setup.py +++ b/setup.py @@ -20,7 +20,7 @@ TOOL_DEPENDENCIES = "click>=6.0.0" -DEPENDENCIES = ("google-auth>=2.14.0", "requests-oauthlib>=0.7.0") +DEPENDENCIES = ("google-auth>=2.15.0", "requests-oauthlib>=0.7.0") with io.open("README.rst", "r") as fh: diff --git a/testing/constraints-3.6.txt b/testing/constraints-3.6.txt index 8d99e9d..ccd76e7 100644 --- a/testing/constraints-3.6.txt +++ b/testing/constraints-3.6.txt @@ -5,6 +5,6 @@ # # e.g., if setup.py has "foo >= 1.14.0, < 2.0.0dev", # Then this file should have foo==1.14.0 -google-auth==2.14.0 +google-auth==2.15.0 requests-oauthlib==0.7.0 click==6.0.0 diff --git a/testing/constraints-3.7.txt b/testing/constraints-3.7.txt index 8d99e9d..ccd76e7 100644 --- a/testing/constraints-3.7.txt +++ b/testing/constraints-3.7.txt @@ -5,6 +5,6 @@ # # e.g., if setup.py has "foo >= 1.14.0, < 2.0.0dev", # Then this file should have foo==1.14.0 -google-auth==2.14.0 +google-auth==2.15.0 requests-oauthlib==0.7.0 click==6.0.0 diff --git a/tests/unit/test_helpers.py b/tests/unit/test_helpers.py index 20bf9c9..9df49de 100644 --- a/tests/unit/test_helpers.py +++ b/tests/unit/test_helpers.py @@ -96,6 +96,31 @@ def test_credentials_from_session(session): assert credentials._client_secret == CLIENT_SECRETS_INFO["web"]["client_secret"] assert credentials._token_uri == CLIENT_SECRETS_INFO["web"]["token_uri"] assert credentials.scopes == session.scope + assert credentials.granted_scopes is None + + +def test_credentials_from_session_granted_scopes(session): + granted_scopes = ["scope1", "scope2"] + session.token = { + "access_token": mock.sentinel.access_token, + "refresh_token": mock.sentinel.refresh_token, + "id_token": mock.sentinel.id_token, + "expires_at": 643969200.0, + "scope": granted_scopes, + } + + credentials = helpers.credentials_from_session(session, CLIENT_SECRETS_INFO["web"]) + + assert isinstance(credentials, google.oauth2.credentials.Credentials) + assert credentials.token == mock.sentinel.access_token + assert credentials.expiry == datetime.datetime(1990, 5, 29, 8, 20, 0) + assert credentials._refresh_token == mock.sentinel.refresh_token + assert credentials.id_token == mock.sentinel.id_token + assert credentials._client_id == CLIENT_SECRETS_INFO["web"]["client_id"] + assert credentials._client_secret == CLIENT_SECRETS_INFO["web"]["client_secret"] + assert credentials._token_uri == CLIENT_SECRETS_INFO["web"]["token_uri"] + assert credentials.scopes == session.scope + assert credentials.granted_scopes == granted_scopes def test_credentials_from_session_3pi(session):