Fix union-attr mypy errors in enterprise code (#13176)

Co-authored-by: openhands <openhands@all-hands.dev>
2026-03-22 13:47:19 +08:00 · 2026-03-03 15:22:54 -05:00
parent 117ea0466d
commit 6dff07ea35
7 changed files with 35 additions and 3 deletions
--- a/enterprise/server/middleware.py
+++ b/enterprise/server/middleware.py
@@ -43,13 +43,15 @@ class SetAuthCookieMiddleware:
            if not user_auth or user_auth.auth_type != AuthType.COOKIE:
                return response
            if user_auth.refreshed:
+                if user_auth.access_token is None:
+                    return response
                set_response_cookie(
                    request=request,
                    response=response,
                    keycloak_access_token=user_auth.access_token.get_secret_value(),
                    keycloak_refresh_token=user_auth.refresh_token.get_secret_value(),
                    secure=False if request.url.hostname == 'localhost' else True,
-                    accepted_tos=user_auth.accepted_tos,
+                    accepted_tos=user_auth.accepted_tos or False,
                )

                # On re-authentication (token refresh), kick off background sync for GitLab repos
--- a/enterprise/server/routes/billing.py
+++ b/enterprise/server/routes/billing.py
@@ -91,6 +91,8 @@ async def get_credits(user_id: str = Depends(get_user_id)) -> GetCreditsResponse
    if not stripe_service.STRIPE_API_KEY:
        return GetCreditsResponse()
    user = await UserStore.get_user_by_id_async(user_id)
+    if user is None:
+        raise HTTPException(status.HTTP_404_NOT_FOUND, detail='User not found')
    user_team_info = await LiteLlmManager.get_user_team_info(
        user_id, str(user.current_org_id)
    )
@@ -247,6 +249,8 @@ async def success_callback(session_id: str, request: Request):
            raise HTTPException(status.HTTP_400_BAD_REQUEST)

        user = await UserStore.get_user_by_id_async(billing_session.user_id)
+        if user is None:
+            raise HTTPException(status.HTTP_404_NOT_FOUND, detail='User not found')
        user_team_info = await LiteLlmManager.get_user_team_info(
            billing_session.user_id, str(user.current_org_id)
        )
--- a/enterprise/server/routes/email.py
+++ b/enterprise/server/routes/email.py
@@ -77,13 +77,18 @@ async def update_email(
        )

        # need to set auth cookie to the new tokens
+        if user_auth.access_token is None:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail='Access token not found',
+            )
        set_response_cookie(
            request=request,
            response=response,
            keycloak_access_token=user_auth.access_token.get_secret_value(),
            keycloak_refresh_token=user_auth.refresh_token.get_secret_value(),
            secure=False if request.url.hostname == 'localhost' else True,
-            accepted_tos=user_auth.accepted_tos,
+            accepted_tos=user_auth.accepted_tos or False,
        )

        await verify_email(request=request, user_id=user_id)
@@ -156,13 +161,17 @@ async def verified_email(request: Request):
    response = RedirectResponse(redirect_uri, status_code=302)

    # need to set auth cookie to the new tokens
+    if user_auth.access_token is None:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED, detail='Access token not found'
+        )
    set_response_cookie(
        request=request,
        response=response,
        keycloak_access_token=user_auth.access_token.get_secret_value(),
        keycloak_refresh_token=user_auth.refresh_token.get_secret_value(),
        secure=False if request.url.hostname == 'localhost' else True,
-        accepted_tos=user_auth.accepted_tos,
+        accepted_tos=user_auth.accepted_tos or False,
    )

    logger.info(f'Email {user_auth.email} verified.')