Update pyright settings and remove suppressions

Author: ViktorSky

firebase_admin/_auth_utils.py

@@ -306,7 +306,7 @@ def validate_timestamp(
     if isinstance(timestamp, bool):
         raise ValueError('Boolean value specified as timestamp.')
     try:
-        timestamp_int = int(timestamp)  # type: ignore[reportArgumentType, arg-type]
+        timestamp_int = int(timestamp)  # pyright: ignore[reportArgumentType]
     except TypeError:
         raise ValueError('Invalid type for timestamp value: {0}.'.format(timestamp))
     else:
@@ -385,7 +385,7 @@ def validate_custom_claims(custom_claims: Any, required: bool = False) -> Option
 
     if not isinstance(parsed, dict):
         raise ValueError('Custom claims must be parseable as a JSON object.')
-    invalid_claims = RESERVED_CLAIMS.intersection(set(parsed.keys()))  # type: ignore[reportUnknownArgumentType]
+    invalid_claims = RESERVED_CLAIMS.intersection(set(parsed.keys()))
     if len(invalid_claims) > 1:
         joined = ', '.join(sorted(invalid_claims))
         raise ValueError('Claims "{0}" are reserved, and must not be set.'.format(joined))
@@ -417,7 +417,7 @@ def build_update_mask(params: Dict[str, Any]) -> List[str]:
     mask: List[str] = []
     for key, value in params.items():
         if isinstance(value, dict):
-            child_mask = build_update_mask(value)  # type: ignore[reportUnknownArgumentType]
+            child_mask = build_update_mask(value)
             for child in child_mask:
                 mask.append('{0}.{1}'.format(key, child))
         else:

firebase_admin/_gapic_utils.py

@@ -53,7 +53,7 @@ def handle_platform_error_from_googleapiclient(
         return handle_googleapiclient_error(error)
 
     content = error.content.decode()
-    status_code = cast(int, error.resp.status)  # type: ignore[reportUnknownMemberType]
+    status_code = cast(int, error.resp.status)
     error_dict, message = _utils._parse_platform_error(content, status_code) # pylint: disable=protected-access
     http_response = _http_response_from_googleapiclient_error(error)
     exc = None
@@ -124,7 +124,7 @@ def handle_googleapiclient_error(
             cause=error)
 
     if not code:
-        code = _utils._http_status_to_error_code(error.resp.status)  # pylint: disable=protected-access # type: ignore[reportUnknownMemberType]
+        code = _utils._http_status_to_error_code(error.resp.status)  # pylint: disable=protected-access
     if not message:
         message = str(error)
     if not http_response:
@@ -138,5 +138,5 @@ def _http_response_from_googleapiclient_error(error: googleapiclient.errors.Http
     """Creates a requests HTTP Response object from the given googleapiclient error."""
     resp = requests.Response()
     resp.raw = io.BytesIO(error.content)
-    resp.status_code = cast(int, error.resp.status)  # type: ignore[reportUnknownMemberType]
+    resp.status_code = cast(int, error.resp.status)
     return resp

firebase_admin/_http_client.py

@@ -63,7 +63,7 @@
 if hasattr(retry.Retry.DEFAULT, 'allowed_methods'):
     _ANY_METHOD: Dict[str, Any] = {'allowed_methods': None}
 else:
-    _ANY_METHOD = {'method_whitelist': None}  # type: ignore[reportConstantRedefinition]
+    _ANY_METHOD = {'method_whitelist': None}  # pyright: ignore[reportConstantRedefinition]
 
 # Default retry configuration: Retries once on low-level connection and socket read errors.
 # Retries up to 4 times on HTTP 500 and 503 errors, with exponential backoff. Returns the
@@ -168,7 +168,7 @@ class call this method to send HTTP requests out. Refer to
             kwargs['timeout'] = self.timeout
         kwargs.setdefault('headers', {}).update(METRICS_HEADERS)
         # possible issue: _session can be None
-        resp = self._session.request(method, self.base_url + url, **kwargs)  # type: ignore[reportOptionalMemberAccess]
+        resp = self._session.request(method, self.base_url + url, **kwargs)
         resp.raise_for_status()
         return resp
 
@@ -225,7 +225,7 @@ def apply_auth_headers(
             'Attempting to apply auth headers. Credential validity before: %s',
             self._credential.valid
         )
-        self._credential.before_request(  # type: ignore[reportUnknownMemberType]
+        self._credential.before_request(
             auth_request, request.method, str(request.url), request.headers
         )
         logger.debug('Auth headers applied. Credential validity after: %s', self._credential.valid)
@@ -260,7 +260,7 @@ def auth_flow(self, request: httpx.Request) -> 'Generator[httpx.Request, httpx.R
                         self._max_refresh_attempts
                     )
                     # Explicitly force a credentials refresh
-                    self._credential.refresh(auth_request)  # type: ignore[reportUnknownMemberType]
+                    self._credential.refresh(auth_request)
                     _credential_refresh_attempt += 1
                 else:
                     logger.debug(

firebase_admin/_sseclient.py

@@ -43,7 +43,7 @@ class KeepAuthSession(google.auth.transport.requests.AuthorizedSession):
     """A session that does not drop authentication on redirects between domains."""
 
     def __init__(self, credential: Optional[google.auth.credentials.Credentials]) -> None:
-        super(KeepAuthSession, self).__init__(credential)  # type: ignore[reportUnknownMemberType]
+        super(KeepAuthSession, self).__init__(credential)
 
     def rebuild_auth(self, prepared_request: requests.PreparedRequest, response: requests.Response) -> None:
         pass

firebase_admin/_token_gen.py

@@ -145,7 +145,7 @@ def from_credential(
         cls,
         google_cred: Union[google.oauth2.service_account.Credentials, credentials.Signing]
     ) -> '_SigningProvider':
-        return _SigningProvider(google_cred.signer, google_cred.signer_email)  # type: ignore[reportUnknownMemberType]
+        return _SigningProvider(google_cred.signer, google_cred.signer_email)
 
     @classmethod
     def from_iam(
@@ -203,10 +203,10 @@ def _init_signing_provider(self) -> _SigningProvider:
         # Attempt to discover a service account email from the local Metadata service. Use it
         # with the IAM service to sign bytes.
         resp = self.request(url=METADATA_SERVICE_URL, headers={'Metadata-Flavor': 'Google'})
-        if resp.status != 200:  # type: ignore[reportUnknownMemberType]
+        if resp.status != 200:
             raise ValueError(
-                'Failed to contact the local metadata service: {0}.'.format(resp.data.decode()))  # type: ignore[reportUnknownMemberType]
-        service_account = cast(str, resp.data.decode())  # type: ignore[reportUnknownMemberType]
+                'Failed to contact the local metadata service: {0}.'.format(resp.data.decode()))
+        service_account = cast(str, resp.data.decode())
         return _SigningProvider.from_iam(self.request, google_cred, service_account)
 
     @property
@@ -268,7 +268,7 @@ def create_custom_token(
 
         header = {'alg': signing_provider.alg}
         try:
-            return jwt.encode(signing_provider.signer, payload, header=header)  # type: ignore[reportUnknownMemberType]
+            return jwt.encode(signing_provider.signer, payload, header=header)
         except google.auth.exceptions.TransportError as error:
             msg = 'Failed to sign custom token. {0}'.format(error)
             raise TokenSignError(msg, error)
@@ -343,7 +343,8 @@ def __call__(
     ) -> google.auth.transport.Response:
         timeout = timeout or self.timeout_seconds
         return self._delegate(
-            url, method=method, body=body, headers=headers, timeout=timeout, **kwargs)  # type: ignore[reportArgumentType]
+            url, method=method, body=body, headers=headers,
+            timeout=timeout, **kwargs)  # pyright: ignore[reportArgumentType]
 
 
 class TokenVerifier:
@@ -497,14 +498,15 @@ def verify(
 
         try:
             if emulated:
-                verified_claims: Dict[str, Any] = payload
+                verified_claims = payload
             else:
-                verified_claims = google.oauth2.id_token.verify_token(  # type: ignore[reportUnknownMemberType]
+                verified_claims = google.oauth2.id_token.verify_token(
                     token,
                     request=request,
                     audience=self.project_id,
                     certs_url=self.cert_url,
                     clock_skew_in_seconds=clock_skew_seconds)
+                verified_claims = cast(Dict[str, Any], verified_claims)
             verified_claims['uid'] = verified_claims['sub']
             return verified_claims
         except google.auth.exceptions.TransportError as error:
@@ -519,8 +521,8 @@ def _decode_unverified(
         token: Union[bytes, str],
     ) -> Tuple[Dict[str, str], Dict[str, Any]]:
         try:
-            header = cast('Mapping[str, str]', jwt.decode_header(token))  # type: ignore[reportUnknownMemberType]
-            payload = cast('Mapping[str, Any]', jwt.decode(token, verify=False))  # type: ignore[reportUnknownMemberType]
+            header = cast('Mapping[str, str]', jwt.decode_header(token))
+            payload = cast('Mapping[str, Any]', jwt.decode(token, verify=False))
             return dict(header), dict(payload)
         except ValueError as error:
             raise self._invalid_token_error(str(error), error)

firebase_admin/_user_mgt.py

@@ -519,7 +519,7 @@ def photo_url(self) -> Optional[str]:
     @property
     def provider_id(self) -> str:
         # possible issue: can providerId be `None`?
-        return self._data.get('providerId')  # type: ignore[reportReturnType]
+        return self._data.get('providerId')  # pyright: ignore[reportReturnType]
 
 
 class ActionCodeSettings:

firebase_admin/_utils.py

@@ -326,7 +326,10 @@ def handle_httpx_error(
 
         err_type = _error_code_to_exception_type(code)
         # possible issue: FirebaseError needs accept httpx.Response?
-        return err_type(message=message, cause=error, http_response=error.response)  # type: ignore[reportArgumentType]
+        return err_type(
+            message=message, cause=error,
+            http_response=error.response  # pyright: ignore[reportArgumentType]
+        )
 
     return exceptions.UnknownError(
         message='Unknown error while making a remote service call: {0}'.format(error),

firebase_admin/credentials.py

@@ -81,7 +81,7 @@ def get_access_token(self) -> AccessTokenInfo:
           AccessTokenInfo: An access token obtained using the credential.
         """
         google_cred = self.get_credential()
-        google_cred.refresh(_request)  # type: ignore[reportUnknownMemberType]
+        google_cred.refresh(_request)
         return AccessTokenInfo(google_cred.token, google_cred.expiry)
 
     def get_credential(self) -> GoogleAuthCredentials:
@@ -138,15 +138,15 @@ def __init__(self, cert: Union[StrPath, Dict[str, Any]]) -> None:
             raise ValueError('Invalid service account certificate. Certificate must contain a '
                              '"type" field set to "{0}".'.format(self._CREDENTIAL_TYPE))
         try:
-            self._g_credential = service_account.Credentials.from_service_account_info(  # type: ignore[reportUnknownMemberType]
+            self._g_credential = service_account.Credentials.from_service_account_info(
                 json_data, scopes=_scopes)
         except ValueError as error:
             raise ValueError('Failed to initialize a certificate credential. '
                              'Caused by: "{0}"'.format(error))
 
     @property
     def project_id(self) -> Optional[str]:
-        return self._g_credential.project_id  # type: ignore[reportUnknownMemberType]
+        return self._g_credential.project_id
 
     @property
     def signer(self) -> crypt.Signer:
@@ -174,7 +174,8 @@ def __init__(self) -> None:
         project_id() is called. See those methods for possible errors raised.
         """
         super(ApplicationDefault, self).__init__()
-        self._g_credential: Optional[GoogleAuthCredentials] = None  # Will be lazily-loaded via _load_credential().
+        # Will be lazily-loaded via _load_credential().
+        self._g_credential: Optional[GoogleAuthCredentials] = None
         self._project_id: Optional[str]
 
     def get_credential(self) -> GoogleAuthCredentials:
@@ -202,7 +203,7 @@ def project_id(self) -> Optional[str]:
 
     def _load_credential(self) -> None:
         if not self._g_credential:
-            self._g_credential, self._project_id = google.auth.default(scopes=_scopes)  # type: ignore[reportUnknownMemberType]
+            self._g_credential, self._project_id = google.auth.default(scopes=_scopes)
 
 
 class RefreshToken(Base):
@@ -240,20 +241,19 @@ def __init__(self, refresh_token: Union[StrPath, Dict[str, Any]]) -> None:
         if json_data.get('type') != self._CREDENTIAL_TYPE:
             raise ValueError('Invalid refresh token configuration. JSON must contain a '
                              '"type" field set to "{0}".'.format(self._CREDENTIAL_TYPE))
-        self._g_credential = credentials.Credentials.from_authorized_user_info(  # type: ignore[reportUnknownMemberType]
-            json_data, _scopes)
+        self._g_credential = credentials.Credentials.from_authorized_user_info(json_data, _scopes)
 
     @property
     def client_id(self) -> Optional[str]:
-        return self._g_credential.client_id  # type: ignore[reportUnknownMemberType]
+        return self._g_credential.client_id
 
     @property
     def client_secret(self) -> Optional[str]:
-        return self._g_credential.client_secret  # type: ignore[reportUnknownMemberType]
+        return self._g_credential.client_secret
 
     @property
     def refresh_token(self) -> Optional[str]:
-        return self._g_credential.refresh_token  # type: ignore[reportUnknownMemberType]
+        return self._g_credential.refresh_token
 
     def get_credential(self) -> GoogleAuthCredentials:
         """Returns the underlying Google credential.

firebase_admin/db.py

@@ -255,7 +255,7 @@ def child(self, path: Optional[str]) -> 'Reference':
         return Reference(client=self._client, path=full_path)
 
     @overload
-    def get(  # type: ignore[reportOverlappingOverload]
+    def get(  # pyright: ignore[reportOverlappingOverload]
         self,
         etag: Literal[True],
         shallow: bool = False,
@@ -722,7 +722,7 @@ class _Sorter(Generic[_K, _V]):
     @overload
     def __init__(self, results: Dict[_K, _V], order_by: str) -> None: ...
     @overload
-    def __init__(self: '_Sorter[int, _V]', results: List[_V], order_by: str) -> None: ...  # type: ignore[reportInvalidTypeVarUse]
+    def __init__(self: '_Sorter[int, _V]', results: List[_V], order_by: str) -> None: ...  # pyright: ignore[reportInvalidTypeVarUse]
     def __init__(self, results: Union[Dict[_K, _V], List[_V]], order_by: str) -> None:
         if isinstance(results, dict):
             self.dict_input = True
@@ -825,9 +825,9 @@ def _compare(self, other: '_SortEntry') -> Literal[-1, 0, 1]:
             else:
                 self_key, other_key = self.key, other.key
 
-        if self_key < other_key:  # type: ignore[reportOperatorIssue]
+        if self_key < other_key:  # pyright: ignore[reportOperatorIssue]
             return -1
-        if self_key > other_key:  # type: ignore[reportOperatorIssue]
+        if self_key > other_key:  # pyright: ignore[reportOperatorIssue]
             return 1
 
         return 0
@@ -844,7 +844,7 @@ def __gt__(self, other: '_SortEntry') -> bool:
     def __ge__(self, other: '_SortEntry') -> bool:
         return self._compare(other) >= 0
 
-    def __eq__(self, other: '_SortEntry') -> bool:  # type: ignore[reportIncompatibleMethodOverride]
+    def __eq__(self, other: '_SortEntry') -> bool:  # pyright: ignore[reportIncompatibleMethodOverride]
         return self._compare(other) == 0
 
 

firebase_admin/firestore.py

@@ -26,14 +26,14 @@
 try:
     import google.cloud.firestore
     # firestore defines __all__ for safe import *
-    from google.cloud.firestore import *  # type: ignore[reportWildcardImportFromLibrary]
+    from google.cloud.firestore import *  # pyright: ignore[reportWildcardImportFromLibrary]
     from google.cloud.firestore_v1.base_client import DEFAULT_DATABASE
 except ImportError as error:
     raise ImportError('Failed to import the Cloud Firestore library for Python. Make sure '
                       'to install the "google-cloud-firestore" module.') from error
 
 __all__ = ['client']
-__all__.extend(google.cloud.firestore.__all__)  # type: ignore[reportUnsupportedDunderAll]
+__all__.extend(google.cloud.firestore.__all__)  # pyright: ignore[reportUnsupportedDunderAll]
 
 
 _FIRESTORE_ATTRIBUTE = '_firestore'