fix: gracefully fallback on legacy credentials instead of bailing

[haunchen]

Summary

Fixes #156, #151, #137

gws auth login without --account calls fetch_userinfo_email() to get the user's email. If this fails (e.g., scope insufficient, network issue), credentials are saved as legacy credentials.enc without accounts.json. Subsequently, resolve_account() bails with "Legacy credentials found" — creating a deadlock where login output is rejected by auth.

Multiple users reported this: login succeeds with "account": "(unknown)", then all API calls return 401.

Changes

• resolve_account(): Replace bail! on legacy credentials.enc with eprintln note + Ok(None), so get_token falls back to the legacy file directly
• handle_login(): Add warning when credentials are saved in legacy format (email unavailable)
• fetch_userinfo_email(): Add stderr logging on HTTP client build failure and non-success status codes
• Test: test_resolve_account_legacy_credentials_returns_none — verifies credentials.enc without accounts.json returns Ok(None), not Err

Test plan

• cargo test — 413 tests pass
• cargo clippy -- -D warnings — no warnings
• Manual: delete accounts.json, keep credentials.enc, run gws drive files list --params '{"pageSize":1}' — should succeed with a note about legacy format
• Manual: gws auth login without --account — should warn about legacy format if email fetch fails

[changeset-bot]

🦋 Changeset detected

Latest commit: 0fa605e

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
@googleworkspace/cli	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a critical deadlock scenario where the CLI would fail to operate if legacy credentials (credentials.enc) existed without the newer multi-account accounts.json registry. The changes enable a graceful fallback mechanism, allowing the CLI to continue functioning with legacy credentials while providing clear warnings to the user about the situation and how to upgrade. This improves the robustness of the authentication flow and user experience by preventing unexpected 401 errors after a seemingly successful login.

Highlights

• Graceful Fallback for Legacy Credentials: The resolve_account() function no longer bails out when legacy credentials.enc are found without an accounts.json registry. Instead, it prints a warning and allows the system to fall back to using the legacy file directly, preventing a deadlock.
• Improved User Feedback during Login: A warning message is now displayed during gws auth login if the user's email cannot be fetched, indicating that credentials are being saved in the legacy format and suggesting how to upgrade to multi-account support.
• Enhanced Error Logging for User Info Fetch: The fetch_userinfo_email() function now includes stderr logging for failures in building the HTTP client or when the user info request returns a non-success status code, providing better diagnostics.
• New Test Case: A new test, test_resolve_account_legacy_credentials_returns_none, was added to verify that resolve_account() correctly returns Ok(None) when only legacy credentials exist, ensuring the intended fallback behavior.

Changelog

• .changeset/auth-legacy-credentials-fallback.md
  • Added a new changeset file documenting the authentication fallback fix.
• src/auth.rs
  • Updated resolve_account function documentation to reflect new behavior.
  • Modified resolve_account to print a warning and return Ok(None) instead of bailing when legacy credentials are found without an account registry.
  • Added test_resolve_account_legacy_credentials_returns_none to verify the new fallback behavior.
• src/auth_commands.rs
  • Added a warning message to handle_login when credentials are saved in the legacy format due to an unavailable email.
  • Added stderr logging to fetch_userinfo_email for HTTP client build failures.
  • Added stderr logging to fetch_userinfo_email when the userinfo request returns a non-success status code.

Activity

• The author has run cargo test, ensuring 413 tests pass.
• The author has run cargo clippy -- -D warnings, confirming no warnings are present.
• Manual tests are outlined to verify the legacy credential fallback and login warning messages.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request addresses a deadlock issue in the gws auth login command when legacy credentials exist without an accounts.json file. The changes include modifying resolve_account() to gracefully fallback to legacy credentials, adding a warning message in handle_login() when credentials are saved in legacy format, and adding stderr logging in fetch_userinfo_email() for HTTP client build failures and non-success status codes. A new test case is also added to verify the behavior of resolve_account() with legacy credentials. The changes improve the user experience by preventing the deadlock and providing informative messages when legacy credentials are used or when email fetching fails.

I am having trouble creating individual review comments. Click here to see my feedback.

src/auth.rs (138-143)

This anyhow::bail! will immediately exit the function with an error, which is what the PR is trying to avoid. The new code changes this to a warning message, which is an improvement.

src/auth_commands.rs (407-409)

Returning None without logging the error makes it difficult to diagnose issues. The added logging improves error visibility.

src/auth_commands.rs (414-417)

Adding a warning log here is a good way to notify the user that the email could not be determined. This provides better feedback to the user.

src/auth_commands.rs (417)

Returning None without logging the HTTP status code makes it difficult to diagnose issues. The added logging improves error visibility.

src/auth_commands.rs (426-430)

Adding a warning log here is a good way to notify the user that the email could not be determined. This provides better feedback to the user.

[jpoehnelt]

/gemini review

[codecov]

Codecov Report

❌ Patch coverage is 72.72727% with 6 lines in your changes missing coverage. Please review.
✅ Project coverage is 55.36%. Comparing base (f6d74b0) to head (95a795b).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
src/auth_commands.rs	0.00%	6 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #173      +/-   ##
==========================================
+ Coverage   55.19%   55.36%   +0.16%     
==========================================
  Files          38       38              
  Lines       13166    13187      +21     
==========================================
+ Hits         7267     7301      +34     
+ Misses       5899     5886      -13     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[gemini-code-assist]

Code Review

This pull request addresses a deadlock issue with legacy credentials by gracefully falling back instead of erroring out. The changes involve updating resolve_account to print a note and return Ok(None), and adding warnings in handle_login and more detailed error logging in fetch_userinfo_email when user info cannot be fetched. A new test case is also added to verify the new behavior for legacy credentials. The changes look good and effectively solve the reported issues. I have one suggestion regarding the new test to improve its robustness.

_{Note: Security Review did not run due to the size of the PR.}