fix(auth): allow configuring OAuth prompt parameter#5818
fix(auth): allow configuring OAuth prompt parameter#5818RaghunandanKumar wants to merge 2 commits into
Conversation
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
|
Response from ADK Triaging Agent Hello @RaghunandanKumar, thank you for creating this PR! We appreciate your contribution to improve the flexibility of OAuth prompt configuration. To help us review and merge your PR more efficiently, please address the following items from our contribution guidelines:
Thank you! |
|
Hi @RaghunandanKumar , Thank you for your contribution! It appears you haven't yet signed the Contributor License Agreement (CLA). Please visit https://cla.developers.google.com/ to complete the signing process. Once the CLA is signed, we'll be able to proceed with the review of your PR. Thank you! |
rohityan
added
request clarification
AuthHandler always sent prompt=consent when generating OAuth authorization URLs, which blocked silent-auth flows even when the tool configuration needed a different prompt mode. Add an optional prompt field to OAuth2Auth, preserve consent as the default, and honor custom values such as prompt=none when building the authorization URL. Extend auth handler tests to cover both the default and a custom override.
RaghunandanKumar
force-pushed
the
fix/oauth-prompt-configurable
branch
from
f09ca89 to
f8e0ac8
Compare
|
I signed the CLA, but the Repo-side status update remains unchanged: focused auth tests for this patch pass locally ( |
|
I followed the repo development setup locally and ran the full unit test suite. Local verification:
Result:
This includes coverage for this PR's auth change, including The remaining blocker on the PR appears to be the CLA check rather than test verification. |
3 participants
Closes #3046
Summary
AuthHandler.generate_auth_uri()currently hardcodesprompt=consentwhen building OAuth authorization URLs.That makes app-level OAuth configuration less flexible than the underlying providers allow. Flows that need
prompt=none(or another prompt mode) cannot express that throughOAuth2Auth, even though the rest of the OAuth request metadata is already configurable.This change adds an optional
promptfield toOAuth2Auth, preservesconsentas the default, and uses the configured value when generating the authorization URL.Changes
src/google/adk/auth/auth_credential.pypromptfield toOAuth2Auth.src/google/adk/auth/auth_handler.pyauth_credential.oauth2.prompt or "consent"when populating OAuth authorization params.tests/unittests/auth/test_auth_handler.pypromptin generated auth URIs.prompt=consent.prompt="none"override.Test plan
python3.12 -m py_compile src/google/adk/auth/auth_credential.py src/google/adk/auth/auth_handler.py tests/unittests/auth/test_auth_handler.pyPYTHONPATH=src .venv/bin/python -m pytest tests/unittests/auth/test_auth_handler.py -qgoogle.adkfor this test path pulls additional runtime dependencies (google.genai,opentelemetry.semconv, and friends). I stopped after confirming the touched files compile cleanly rather than trying to recreate the repo's fulluv sync --all-extrasenvironment by hand.