fix: Google Sheets returns 403 PERMISSION_DENIED after completing OAuth#1164
Merged
fix: Google Sheets returns 403 PERMISSION_DENIED after completing OAuth#1164
Conversation
Contributor
|
Warning You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again! |
github-actions
Bot
added
scope: tool/wasm
zmanian
approved these changes
Mar 14, 2026
Collaborator
zmanian
left a comment
zmanian
left a comment
There was a problem hiding this comment.
Review: Add credential fallback from user-specific to default global credentials
Targeted fix for the Google Sheets 403 issue. OAuth tokens stored globally under "default" were inaccessible from routine contexts running under different user IDs.
Positives:
resolve_host_credentialsnow falls back from user-specific to "default" when credential lookup fails- User-specific credentials take precedence (tested)
- Warning log when no secrets store is configured for a tool that needs credentials
- Good test coverage: fallback behavior, user precedence, missing credentials
Minor notes:
- The "default" user fallback is safe in IronClaw's single-user model. If multi-user support is ever added, this should be revisited -- a routine shouldn't silently access another user's credentials.
- E2E tests cover both the credential fallback and routine OAuth injection paths.
LGTM.
ilblackdragon
pushed a commit
that referenced
this pull request
Mar 14, 2026
…th (#1164) * fix: Google Sheets returns 403 PERMISSION_DENIED after completing OAuth * fix: linter * fix: linter * fix: ci * fix * fix * fix * fix
Merged
bkutasi
pushed a commit
to bkutasi/ironclaw
that referenced
this pull request
Mar 28, 2026
…th (nearai#1164) * fix: Google Sheets returns 403 PERMISSION_DENIED after completing OAuth * fix: linter * fix: linter * fix: ci * fix * fix * fix * fix
drchirag1991
pushed a commit
to drchirag1991/ironclaw
that referenced
this pull request
Apr 8, 2026
…th (nearai#1164) * fix: Google Sheets returns 403 PERMISSION_DENIED after completing OAuth * fix: linter * fix: linter * fix: ci * fix * fix * fix * fix
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Change Type
Linked Issue
Validation
cargo fmtcargo clippy --all --benches --tests --examples --all-featuresSecurity Impact
Database Impact
Blast Radius
Rollback Plan
Review track: