Skip to content

Allow Auth Via google.oauth2.credentials Credentials(token=".")#205

Merged
prachib29 merged 3 commits intogoogle:mainfrom
hisn-io:main
Apr 28, 2026
Merged

Allow Auth Via google.oauth2.credentials Credentials(token=".")#205
prachib29 merged 3 commits intogoogle:mainfrom
hisn-io:main

Conversation

@TimDiam0nd
Copy link
Copy Markdown
Contributor

@TimDiam0nd TimDiam0nd commented Mar 19, 2026

When using the Credentials class from google.oauth2.credentials it is possible to provide a token param, which is an OAuth 2.0 bearer token.
i.e.

from google.oauth2.credentials import Credentials
creds = Credentials(token="ey.....")

Currently this fails (when passing to the secops lib) with the following error:

   Traceback (most recent call last):
     File "/home/temp/secops-wrapper/src/secops/auth.py", line 191, in _get_credentials
       google_credentials = credentials.with_scopes(self.scopes)
                            ^^^^^^^^^^^^^^^^^^^^^^^
   AttributeError: 'Credentials' object has no attribute 'with_scopes'. Did you mean: 'has_scopes'?

   The above exception was the direct cause of the following exception:

   Traceback (most recent call last):
     File "<console>", line 1, in <module>
     File "/home/temp/secops-wrapper/src/secops/client.py", line 46, in __init__
       self.auth = SecOpsAuth(
                   ~~~~~~~~~~^
           credentials=credentials,
           ^^^^^^^^^^^^^^^^^^^^^^^^
       ...<3 lines>...
           retry_config=retry_config,
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
       )
       ^
     File "/home/temp/secops-wrapper/src/secops/auth.py", line 171, in __init__
       self.credentials = self._get_credentials(
                          ~~~~~~~~~~~~~~~~~~~~~^
           credentials,
           ^^^^^^^^^^^^
       ...<2 lines>...
           impersonate_service_account,
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       )
       ^
     File "/home/temp/secops-wrapper/src/secops/auth.py", line 221, in _get_credentials
       raise AuthenticationError(
           f"Failed to get credentials: {str(e)}"
       ) from e
   secops.exceptions.AuthenticationError: Failed to get credentials: 'Credentials' object has no attribute 'with_scopes'

This is because the scopes are already included as part of the Oauth token.

minimal reproducible:

from secops import SecOpsClient
from google.oauth2.credentials import Credentials
chronicle = SecOpsClient(
    credentials=Credentials(
        token="ey........" # replace with a bearer token nicked from the chronicle ui
    )
).chronicle(
    customer_id="your customer id",
    project_id="your project id",
    region="your region"
)

@TimDiam0nd
Handle credentials with or without scopes
6393778 
Add check for 'with_scopes' method in credentials.
@TimDiam0nd TimDiam0nd requested a review from mihirvala08 as a code owner March 19, 2026 23:40
@mihirvala08 mihirvala08 requested a review from prachib29 as a code owner April 23, 2026 12:20
@prachib29 prachib29 merged commit 4c87cbe into google:main Apr 28, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@prachib29 prachib29 prachib29 approved these changes

@mihirvala08 mihirvala08 mihirvala08 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@TimDiam0nd @prachib29 @mihirvala08