chore: Refractors with respect to gemini review comments and keeping only AuthorizedSession in the tests

agrawalradhika-cell · agrawalradhika-cell · commit ae799f073d3d · 2026-02-16T17:35:41.000-08:00
Signed-off-by: Radhika Agrawal &lt;agrawalradhika@google.com&gt;
diff --git a/google/auth/aio/transport/aiohttp.py b/google/auth/aio/transport/aiohttp.py
@@ -113,7 +113,7 @@ class Request(transport.Request):
     .. automethod:: __call__
     """
 
-    def __init__(self, session: aiohttp.ClientSession = None):
+    def __init__(self, session: Optional[aiohttp.ClientSession] = None):
         self._session = session
         self._closed = False
 
diff --git a/google/auth/aio/transport/mtls.py b/google/auth/aio/transport/mtls.py
@@ -43,15 +43,15 @@ def _create_temp_file(content: bytes):
         str: The path to the temporary file.
     """
     # Create a temporary file that is readable only by the owner.
-    fd, path = tempfile.mkstemp()
+    fd, file_path = tempfile.mkstemp()
     try:
         with os.fdopen(fd, "wb") as f:
             f.write(content)
-        yield path
+        yield file_path
     finally:
         # Securely delete the file after use.
-        if os.path.exists(path):
-            os.remove(path)
+        if os.path.exists(file_path):
+            os.remove(file_path)
 
 
 def make_client_cert_ssl_context(
@@ -140,7 +140,7 @@ def default_client_cert_source():
             client certificate bytes and private key bytes, both in PEM format.
 
     Raises:
-        google.auth.exceptions.DefaultClientCertSourceError: If the default
+        google.auth.exceptions.MutualTLSChannelError: If the default
             client SSL credentials don't exist or are malformed.
     """
     if not has_default_client_cert_source():
@@ -215,13 +215,11 @@ async def get_client_cert_and_key(client_cert_callback=None):
             the cert and key.
     """
     if client_cert_callback:
-        try:
-            # If it's awaitable, this works.
-            cert, key = await client_cert_callback()
-        except TypeError:
-            # If it's not awaitable (e.g., a tuple), result is already the data.
-            cert, key = client_cert_callback()
-
+        result = client_cert_callback()
+        if asyncio.iscoroutine(result):
+            cert, key = await result
+        else:
+            cert, key = result        
         return True, cert, key
 
     has_cert, cert, key, _ = await get_client_ssl_credentials()
diff --git a/google/auth/aio/transport/sessions.py b/google/auth/aio/transport/sessions.py
@@ -128,7 +128,7 @@ def __init__(
         if not _auth_request and AIOHTTP_INSTALLED:
             _auth_request = AiohttpRequest()
         self._is_mtls = False
-        self._cached_Cert = None
+        self._cached_cert = None
         if _auth_request is None:
             raise exceptions.TransportError(
                 "`auth_request` must either be configured or the external package `aiohttp` must be installed to use the default value."
@@ -177,7 +177,7 @@ async def configure_mtls_channel(self, client_cert_callback=None):
                 )
 
                 # Re-create the auth request with the new SSL context
-                if isinstance(self._auth_request, AiohttpRequest):
+                if AIOHTTP_INSTALLED and isinstance(self._auth_request, AiohttpRequest):
                     connector = aiohttp.TCPConnector(ssl=ssl_context)
                     new_session = aiohttp.ClientSession(connector=connector)
                     await self._auth_request.close()
diff --git a/noxfile.py b/noxfile.py
@@ -91,7 +91,7 @@ def blacken(session):
 @nox.session(python=DEFAULT_PYTHON_VERSION)
 def mypy(session):
     """Verify type hints are mypy compatible."""
-    session.install("-e", ".")
+    session.install("-e", ".[aiohttp]")
     session.install(
         "mypy",
         "types-certifi",
diff --git a/tests/transport/aio/test_sessions_mtls.py b/tests/transport/aio/test_sessions_mtls.py
@@ -56,7 +56,6 @@ async def test_configure_mtls_channel(
 
         mock_creds = mock.Mock(spec=credentials.Credentials)
         session = sessions.AsyncAuthorizedSession(mock_creds)
-
         await session.configure_mtls_channel()
 
         assert session._is_mtls is True
@@ -71,10 +70,7 @@ async def test_configure_mtls_channel_disabled(self, mock_exists):
         mock_exists.return_value = False
         mock_creds = mock.Mock(spec=credentials.Credentials)
 
-        try:
-            session = sessions.AsyncAuthorizedSession(mock_creds)
-        except AttributeError:
-            session = sessions.Session()
+        session = sessions.AsyncAuthorizedSession(mock_creds)
         await session.configure_mtls_channel()
 
         # If the file doesn't exist, it shouldn't error; it just won't use mTLS
@@ -92,13 +88,9 @@ async def test_configure_mtls_channel_invalid_format(self, mock_file, mock_exist
         mock_exists.return_value = True
         mock_creds = mock.Mock(spec=credentials.Credentials)
 
-        try:
-            session = sessions.AsyncAuthorizedSession(mock_creds)
-        except AttributeError:
-            session = sessions.Session()
+        session = sessions.AsyncAuthorizedSession(mock_creds)
         with pytest.raises(
-            exceptions.MutualTLSChannelError, match="is in an invalid format"
-        ):
+            exceptions.MutualTLSChannelError):
             await session.configure_mtls_channel()
 
     @pytest.mark.asyncio
