fix: report auth errors instead of silently proceeding unauthenticated#446
fix: report auth errors instead of silently proceeding unauthenticated#446anshul-garg27 wants to merge 1 commit intogoogleworkspace:mainfrom
Conversation
🦋 Changeset detectedLatest commit: 28d7393 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
googleworkspace-bot
added
the
area: core
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request significantly improves the user experience by enhancing error reporting for authentication failures across several helper commands. Instead of silently proceeding unauthenticated and leading to obscure API errors, these commands now provide clear and actionable Highlights
Changelog
Activity
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request fixes an issue where authentication failures were silently ignored in several helper commands by making them report auth errors. This change improves user experience by providing clear feedback. The implementation also correctly preserves existing --dry-run functionality. My review includes one suggestion to improve maintainability by refactoring the new, duplicated error handling logic into a shared function.
Six helpers (chat, drive, sheets, docs, calendar, script) silently swallowed auth failures and proceeded with AuthMethod::None, causing confusing 401 API errors downstream. Now they return a clear GwsError::Auth message, with an exception for --dry-run mode where auth is not needed. Consistent with the pattern already used in gmail helpers.
anshul-garg27
force-pushed
the
fix/auth-error-consistency
branch
from
7dfd190 to
28d7393
Compare
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request correctly fixes a critical issue where authentication failures were being silently ignored across several helper commands. The change to explicitly return an authentication error is a significant improvement for usability and security. I have one suggestion to further improve the maintainability of this new error handling logic by refactoring the duplicated code into a shared helper function.
| let (token, auth_method) = match auth::get_token(&scopes_str).await { | ||
| Ok(t) => (Some(t), executor::AuthMethod::OAuth), | ||
| Err(_) => (None, executor::AuthMethod::None), | ||
| Err(_) if matches.get_flag("dry-run") => { | ||
| (None, executor::AuthMethod::None) | ||
| } | ||
| Err(e) => { | ||
| return Err(GwsError::Auth(format!("Calendar auth failed: {e}"))) | ||
| } | ||
| }; |
There was a problem hiding this comment.
This new authentication handling logic is a great improvement. However, this exact match block has been duplicated across multiple helper files (calendar.rs, chat.rs, docs.rs, drive.rs, script.rs, and sheets.rs), and a similar pattern already exists in gmail.rs.
To improve maintainability and avoid potential inconsistencies in the future, consider abstracting this logic into a single, shared helper function. This would centralize the authentication flow, making it easier to update if needed.
For example, you could create a function like this in a shared module (e.g., a new src/helpers/auth_utils.rs or within src/auth.rs):
pub async fn get_auth_token_or_fail(
scopes: &[&str],
matches: &clap::ArgMatches,
service_name: &str,
) -> Result<(Option<String>, crate::executor::AuthMethod), crate::error::GwsError> {
match crate::auth::get_token(scopes).await {
Ok(t) => Ok((Some(t), crate::executor::AuthMethod::OAuth)),
Err(_) if matches.get_flag("dry-run") => Ok((None, crate::executor::AuthMethod::None)),
Err(e) => Err(crate::error::GwsError::Auth(format!(
"{} auth failed: {}",
service_name, e
))),
}
}Then, each call site could be simplified to a single line:
let (token, auth_method) = crate::helpers::auth_utils::get_auth_token_or_fail(&scopes_str, matches, "Calendar").await?;2 participants
Summary
AuthMethod::None, causing confusing 401 API errors downstreamGwsError::Authmessage with the underlying error--dry-runmode still works without auth (consistent with gmail helper pattern)Affected helpers
src/helpers/chat.rs+sendsrc/helpers/drive.rs+uploadsrc/helpers/sheets.rs+append,+readsrc/helpers/docs.rs+writesrc/helpers/calendar.rs+insertsrc/helpers/script.rs+pushRoot cause
These helpers used a silent fallback pattern:
The gmail helper already uses the correct pattern:
Test plan
--dry-runexception preserved for all helpers