Pass proxy/verify settings when fetching OAuth consumer

[matin]

Summary

When behind a proxy, the initial OAuth consumer fetch would fail because proxy and SSL verification settings from the parent session weren't being passed to the requests.get() call.

This fix passes the parent session's proxies and verify settings when fetching the OAuth consumer JSON.

Closes #66

Test plan

• Existing SSO tests pass
• Lint and type checks pass

🤖 Generated with Claude Code

Summary by CodeRabbit

• Bug Fixes
  • Fixed propagation of proxy and SSL verification settings during authentication initialization, ensuring session configurations are now properly applied to all requests.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The change modifies GarminOAuth1Session.__init__ to conditionally propagate proxy and SSL verification settings from the parent session when fetching OAuth consumer credentials via HTTP request, instead of performing a plain GET request without session configuration.

Changes

Cohort / File(s)	Summary
OAuth Session Proxy Support src/garth/sso.py	Modified GarminOAuth1Session.__init__ to build request kwargs and conditionally forward proxies and verify settings from parent Session to the GET request for OAUTH_CONSUMER_URL

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Pass proxy/verify settings when fetching OAuth consumer' accurately describes the main change: forwarding proxy and SSL verification settings to the OAuth consumer fetch request.
Linked Issues check	✅ Passed	The PR successfully addresses issue #66 by passing parent session's proxies and verify settings to the OAuth consumer fetch request, matching the exact solution proposed in the issue.
Out of Scope Changes check	✅ Passed	All changes are directly related to resolving issue #66; no out-of-scope modifications are present in the changeset.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-proxy-oauth-consumer

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (a8f8583) to head (e7cc261).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #155   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           58        58           
  Lines         2599      2603    +4     
=========================================
+ Hits          2599      2603    +4     

Flag	Coverage Δ
unittests	100.00% <100.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @src/garth/sso.py:
- Around line 36-42: The requests.get call that loads OAUTH_CONSUMER (using
OAUTH_CONSUMER_URL and request_kwargs) needs a timeout to avoid blocking; update
the invocation of requests.get to pass a timeout parameter (use parent.timeout
or parent.adapters/session timeout if available, otherwise a sensible default
like 5–10s) and ensure request_kwargs still propagates proxies and verify before
calling requests.get(..., timeout=...).

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a8f8583 and e7cc261.

📒 Files selected for processing (1)

• src/garth/sso.py

🧰 Additional context used

📓 Path-based instructions (2)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: Use make format to auto-format Python source files using ruff
Use make lint to lint Python source files (ruff format check, ruff check, mypy)

Files:

• src/garth/sso.py

**/sso.py

📄 CodeRabbit inference engine (CLAUDE.md)

Single Sign-On authentication logic for Garmin services should be implemented in sso.py

Files:

• src/garth/sso.py

🧠 Learnings (1)

📚 Learning: 2026-01-08T00:25:14.763Z

Learnt from: CR
Repo: matin/garth PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-01-08T00:25:14.763Z
Learning: Applies to **/sso.py : Single Sign-On authentication logic for Garmin services should be implemented in `sso.py`

Applied to files:

• src/garth/sso.py

🪛 Ruff (0.14.10)

src/garth/sso.py

40-40: Probable use of requests call without timeout

(S113)

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Proxy and verify settings correctly propagated; add timeout parameter to prevent hangs.

The conditional propagation of proxies and verify settings correctly addresses issue #66 and ensures the library works for users behind proxies. However, the requests.get() call lacks a timeout parameter, which can cause the application to hang indefinitely if the network is slow or the server is unresponsive. This is particularly problematic since it blocks object initialization.

⏱️ Proposed fix to add timeout parameter

            request_kwargs: dict[str, Any] = {}
            if parent is not None:
                request_kwargs["proxies"] = parent.proxies
                request_kwargs["verify"] = parent.verify
+           # Use a reasonable default timeout to prevent indefinite hangs
+           request_kwargs["timeout"] = 30
            OAUTH_CONSUMER = requests.get(
                OAUTH_CONSUMER_URL, **request_kwargs
            ).json()

Alternatively, if a timeout attribute is available from the parent session context, you could use that instead of a hardcoded value.

Based on static analysis hints (Ruff S113).

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	request_kwargs: dict[str, Any] = {}
	if parent is not None:
	request_kwargs["proxies"] = parent.proxies
	request_kwargs["verify"] = parent.verify
	OAUTH_CONSUMER = requests.get(
	OAUTH_CONSUMER_URL, **request_kwargs
	).json()
	request_kwargs: dict[str, Any] = {}
	if parent is not None:
	request_kwargs["proxies"] = parent.proxies
	request_kwargs["verify"] = parent.verify
	# Use a reasonable default timeout to prevent indefinite hangs
	request_kwargs["timeout"] = 30
	OAUTH_CONSUMER = requests.get(
	OAUTH_CONSUMER_URL, **request_kwargs
	).json()

🧰 Tools

🪛 Ruff (0.14.10)

40-40: Probable use of requests call without timeout

(S113)

🤖 Prompt for AI Agents

In @src/garth/sso.py around lines 36 - 42, The requests.get call that loads
OAUTH_CONSUMER (using OAUTH_CONSUMER_URL and request_kwargs) needs a timeout to
avoid blocking; update the invocation of requests.get to pass a timeout
parameter (use parent.timeout or parent.adapters/session timeout if available,
otherwise a sensible default like 5–10s) and ensure request_kwargs still
propagates proxies and verify before calling requests.get(..., timeout=...).