fix(pipeline): Typing in oauth2 (#111754)

evanpurkhiser · web-flow · commit 331e2b0d99f3 · 2026-03-30T18:52:49.000Z
diff --git a/src/sentry/identity/oauth2.py b/src/sentry/identity/oauth2.py
@@ -32,6 +32,7 @@
     IntegrationPipelineViewEvent,
     IntegrationPipelineViewType,
 )
+from sentry.pipeline.base import Pipeline
 from sentry.pipeline.types import PipelineStepResult
 from sentry.pipeline.views.base import PipelineView
 from sentry.shared_integrations.exceptions import ApiError, ApiInvalidRequestError, ApiUnauthorized
@@ -282,7 +283,7 @@ def __init__(
         self.bind_key = bind_key
         self.extra_authorize_params = extra_authorize_params or {}
 
-    def get_step_data(self, pipeline: Any, request: HttpRequest) -> dict[str, str]:
+    def get_step_data(self, pipeline: Pipeline[Any, Any], request: HttpRequest) -> dict[str, str]:
         params = urlencode(
             {
                 "client_id": self.client_id,
@@ -301,7 +302,7 @@ def get_serializer_cls(self) -> type:
     def handle_post(
         self,
         validated_data: dict[str, str],
-        pipeline: Any,
+        pipeline: Pipeline[Any, Any],
         request: HttpRequest,
     ) -> PipelineStepResult:
         code = validated_data["code"]
diff --git a/tests/sentry/identity/test_oauth2.py b/tests/sentry/identity/test_oauth2.py
@@ -2,7 +2,7 @@
 
 from collections import namedtuple
 from functools import cached_property
-from typing import Any
+from typing import Any, cast
 from unittest import TestCase
 from unittest.mock import MagicMock, patch
 from urllib.parse import parse_qs, parse_qsl, urlparse
@@ -16,6 +16,7 @@
 from sentry.identity.pipeline import IdentityPipeline
 from sentry.identity.providers.dummy import DummyProvider
 from sentry.integrations.types import EventLifecycleOutcome
+from sentry.pipeline.base import Pipeline
 from sentry.pipeline.types import PipelineStepAction
 from sentry.shared_integrations.exceptions import ApiUnauthorized
 from sentry.testutils.asserts import assert_failure_metric, assert_slo_metric
@@ -245,7 +246,7 @@ def step(self) -> OAuth2ApiStep:
         )
 
     def test_returns_oauth_url(self) -> None:
-        ctx = _FakePipelineContext(signature="abc123")
+        ctx = cast(Pipeline, _FakePipelineContext(signature="abc123"))
         request = RequestFactory().get("/")
         data = self.step.get_step_data(ctx, request)
 
@@ -299,7 +300,7 @@ def test_exchange_token_success(self) -> None:
             "https://example.org/oauth/token",
             json={"access_token": "a-fake-token"},
         )
-        ctx = _FakePipelineContext(signature="valid-state")
+        ctx = cast(Pipeline, _FakePipelineContext(signature="valid-state"))
         result = self.step.handle_post(
             {"code": "auth-code", "state": "valid-state"}, ctx, self.request
         )
@@ -315,7 +316,7 @@ def test_exchange_token_success(self) -> None:
         assert data["client_secret"] == "secret-value"
 
     def test_invalid_state(self) -> None:
-        ctx = _FakePipelineContext(signature="correct-state")
+        ctx = cast(Pipeline, _FakePipelineContext(signature="correct-state"))
         result = self.step.handle_post(
             {"code": "auth-code", "state": "wrong-state"}, ctx, self.request
         )
@@ -331,7 +332,7 @@ def ssl_error(request):
         responses.add_callback(
             responses.POST, "https://example.org/oauth/token", callback=ssl_error
         )
-        ctx = _FakePipelineContext(signature="valid-state")
+        ctx = cast(Pipeline, _FakePipelineContext(signature="valid-state"))
         result = self.step.handle_post(
             {"code": "auth-code", "state": "valid-state"}, ctx, self.request
         )
@@ -347,7 +348,7 @@ def connection_error(request):
         responses.add_callback(
             responses.POST, "https://example.org/oauth/token", callback=connection_error
         )
-        ctx = _FakePipelineContext(signature="valid-state")
+        ctx = cast(Pipeline, _FakePipelineContext(signature="valid-state"))
         result = self.step.handle_post(
             {"code": "auth-code", "state": "valid-state"}, ctx, self.request
         )
@@ -358,7 +359,7 @@ def connection_error(request):
     @responses.activate
     def test_empty_response_body(self) -> None:
         responses.add(responses.POST, "https://example.org/oauth/token", body="")
-        ctx = _FakePipelineContext(signature="valid-state")
+        ctx = cast(Pipeline, _FakePipelineContext(signature="valid-state"))
         result = self.step.handle_post(
             {"code": "auth-code", "state": "valid-state"}, ctx, self.request
         )
@@ -374,7 +375,7 @@ def test_api_error_401(self) -> None:
             json={"error": "unauthorized"},
             status=401,
         )
-        ctx = _FakePipelineContext(signature="valid-state")
+        ctx = cast(Pipeline, _FakePipelineContext(signature="valid-state"))
         result = self.step.handle_post(
             {"code": "auth-code", "state": "valid-state"}, ctx, self.request
         )
