Conflict with google-auth-oauthlib-0.6.0 on MacOS

[grantbuster]

Currently have a minor conflict between the latest h5pyd and google-auth-oauthlib on MacOS. See traceback and steps to reproduce below. Hoping to just pin the google auth version for mac users but I'm sure @jreadey has a better long-term solution.

Traceback:

Python 3.9.13 | packaged by conda-forge | (main, May 27 2022, 17:01:00)
[Clang 13.0.1 ] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import h5pyd
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/opt/homebrew/Caskroom/miniforge/base/envs/rex_test/lib/python3.9/site-packages/h5pyd/__init__.py", line 31, in <module>
    from ._hl.files import File, is_hdf5
  File "/opt/homebrew/Caskroom/miniforge/base/envs/rex_test/lib/python3.9/site-packages/h5pyd/_hl/files.py", line 21, in <module>
    from .httpconn import HttpConn
  File "/opt/homebrew/Caskroom/miniforge/base/envs/rex_test/lib/python3.9/site-packages/h5pyd/_hl/httpconn.py", line 32, in <module>
    from . import openid
  File "/opt/homebrew/Caskroom/miniforge/base/envs/rex_test/lib/python3.9/site-packages/h5pyd/_hl/openid.py", line 14, in <module>
    from google_auth_oauthlib.flow import InstalledAppFlow as GoogleInstalledAppFlow
  File "/opt/homebrew/Caskroom/miniforge/base/envs/rex_test/lib/python3.9/site-packages/google_auth_oauthlib/__init__.py", line 21, in <module>
    from .interactive import get_user_credentials
  File "/opt/homebrew/Caskroom/miniforge/base/envs/rex_test/lib/python3.9/site-packages/google_auth_oauthlib/interactive.py", line 27, in <module>
    import google_auth_oauthlib.flow
  File "/opt/homebrew/Caskroom/miniforge/base/envs/rex_test/lib/python3.9/site-packages/google_auth_oauthlib/flow.py", line 69, in <module>
    import google_auth_oauthlib.helpers
  File "/opt/homebrew/Caskroom/miniforge/base/envs/rex_test/lib/python3.9/site-packages/google_auth_oauthlib/helpers.py", line 27, in <module>
    from google.auth import external_account_authorized_user
ImportError: cannot import name 'external_account_authorized_user' from 'google.auth' (/opt/homebrew/Caskroom/miniforge/base/envs/rex_test/lib/python3.9/site-packages/google/auth/__init__.py)

Steps to reproduce:

conda create -n h5pyd_test
conda activate h5pyd_test
conda config --env --set subdir osx-64  # only if on Mac M1
conda install python=3.9
pip install h5pyd

# should fail on google-auth-oauthlib error
python -c 'import h5pyd'

# should work
pip install google-auth-oauthlib==0.5.3
python -c 'import h5pyd'

[jreadey]

@grantbuster - the above fix seems to work for my intel system. Can you confirm on Mac M1?

[grantbuster]

@jreadey yes when building an ARM-native h5pyd environment, mini forge actually defaults to google-auth-oauthlib==0.5.3. I think the issue is only on an x86 h5pyd environment on Mac.

But yes that fix works!

[jreadey]

doing the build I notice that there were a few packages that were deprecated, but I guess this is good for now. At some point I'll need to get all the versions caught up (as much as that is possible).

[grantbuster]

Isn't code maintenance fun? At least this seems like an easy fix. Thanks John!

[pkgh-mp]

Hi, thanks for the quick fix! We saw a similiar issue when importing h5pyd, apparently linked to google-auth (ImportError: cannot import name 'external_account_authorized_user' from 'google.auth') The merged fix helped us as well, so thanks!

[jreadey]

I've merged with master. Closing issue!

[grantbuster]

hey @jreadey, can you pin google-auth-oauthlib<=0.5.3 instead of google-auth-oauthlib==0.5.3? Seems like older versions work fine too but pinning 0.5.3 explicitly has conflicts with some other packages we use.

[pkgh-mp]

BTW the Google folks seem to have fixed the issue with google-auth-oauthlib 0.7.0, see https://github.com/googleapis/google-auth-library-python-oauthlib/issues/246

---

Von: Grant Buster @.***> Gesendet: Dienstag, 1. November 2022 23:11 An: HDFGroup/h5pyd Cc: pkgh-mp; Comment Betreff: Re: [HDFGroup/h5pyd] Conflict with google-auth-oauthlib-0.6.0 on MacOS (Issue #126)

hey @jreadeyhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fjreadey&data=05%7C01%7CPatrick.Gmelch%40ul.com%7Cffbac0b41e064def75b608dabc560610%7C701159540ccd45f087bd03b2a3587569%7C0%7C0%7C638029374926597849%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=7aPndsKhtL9Ke25vR9msLvR%2BFXGlAUlvvfgMAsqaZBY%3D&reserved=0, can you pin <=0.5.3 instead of ==0.5.3? Seems like older versions work fine too but pinning 0.5.3 explicitly has conflicts with some other packages we use.

— Reply to this email directly, view it on GitHubhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FHDFGroup%2Fh5pyd%2Fissues%2F126%23issuecomment-1299293578&data=05%7C01%7CPatrick.Gmelch%40ul.com%7Cffbac0b41e064def75b608dabc560610%7C701159540ccd45f087bd03b2a3587569%7C0%7C0%7C638029374926597849%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=PhaNTq2y05g5SgVWuO3EQhAGMZ1FJtaAb5fU32kSUbA%3D&reserved=0, or unsubscribehttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAUDZTDGP3X3K3YLBW4PDNB3WGGIP7ANCNFSM6AAAAAARNLIWMQ&data=05%7C01%7CPatrick.Gmelch%40ul.com%7Cffbac0b41e064def75b608dabc560610%7C701159540ccd45f087bd03b2a3587569%7C0%7C0%7C638029374926597849%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=RYWMvboKbT6K%2FOwh%2FHG%2Fipv8y%2BH7SvK3ThbcrFLthag%3D&reserved=0. You are receiving this because you commented.Message ID: @.***>

This e-mail may contain privileged or confidential information. If you are not the intended recipient: (1) you may not disclose, use, distribute, copy or rely upon this message or attachment(s); and (2) please notify the sender by reply e-mail, and then delete this message and its attachment(s). Underwriters Laboratories Inc. and its affiliates disclaim all liability for any errors, omissions, corruption or virus in this message or any attachments.

[grantbuster]

Nice! It looks like 0.6.0 got yanked (everyone probably got angry lol) so maybe we dont need this req after all.

[jreadey]

Hey, I'm reverting this change then (was seeing some deprecated package warnings otherwise).

[grantbuster]

Thanks for the heads up, should be fine with the new google-auth-oauthlib 0.7.0, hopefully all issues are resolved when they yanked 0.6.0