Only authenticate batch requests if the credentials are non-null.

This should address googleapis#350.
mgilson · Feb 15, 2017 · c5a7e5b · c5a7e5b
1 parent dfc69e9
commit c5a7e5b
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/googleapiclient/http.py b/googleapiclient/http.py
@@ -1202,7 +1202,14 @@ def _serialize_request(self, request):
 
     if request.http is not None and hasattr(request.http.request,
         'credentials'):
-      request.http.request.credentials.apply(headers)
+      # It is possible to have credentials and still not have an access token.
+      # (e.g. with application default credentials).  If that is the case, do
+      # not serialize the authentication headers with this request.  Instead,
+      # assume that the batch has an authorization header which will trickle
+      # down to all of the individual requests.
+      if (getattr(request.http.request.credentials, 'access_token', None)
+          is not None):
+        request.http.request.credentials.apply(headers)
 
     # MIMENonMultipart adds its own Content-Type header.
     if 'content-type' in headers: