From ae25f47a7eec97c9a3f78559a7288dbcfe775f5d Mon Sep 17 00:00:00 2001
From: wyattscarpenter <wyattscarpenter@gmail.com>
Date: Tue, 20 Aug 2024 14:27:12 -0700
Subject: [PATCH 01/22] fix: add types to verify_token and request __init__

Recently, I've been using this library with mypy strict mode, which doesn't like the fact that these functions are unannotated (they're the only functions I use, and thus the only ones mypy complains about to me). I'm happy to see that this project has py.typed, so these annotations should fix the problem!
---
 google/auth/transport/requests.py |  2 +-
 google/oauth2/id_token.py         | 15 +++++++++------
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/google/auth/transport/requests.py b/google/auth/transport/requests.py
index 68f67c59b..3a38357a3 100644
--- a/google/auth/transport/requests.py
+++ b/google/auth/transport/requests.py
@@ -137,7 +137,7 @@ class Request(transport.Request):
     .. automethod:: __call__
     """
 
-    def __init__(self, session=None):
+    def __init__(self, session: requests.Session | None = None) -> None:
         if not session:
             session = requests.Session()
 
diff --git a/google/oauth2/id_token.py b/google/oauth2/id_token.py
index e5dda508d..60db8aed0 100644
--- a/google/oauth2/id_token.py
+++ b/google/oauth2/id_token.py
@@ -62,6 +62,9 @@
 from google.auth import environment_vars
 from google.auth import exceptions
 from google.auth import jwt
+from google.auth import transport
+
+from typing import Any, Mapping, Union
 
 
 # The URL that provides public certificates for verifying ID tokens issued
@@ -104,12 +107,12 @@ def _fetch_certs(request, certs_url):
 
 
 def verify_token(
-    id_token,
-    request,
-    audience=None,
-    certs_url=_GOOGLE_OAUTH2_CERTS_URL,
-    clock_skew_in_seconds=0,
-):
+    id_token: Union[str, bytes],
+    request: transport.Request,
+    audience: str | list[str] | None = None,
+    certs_url: str = _GOOGLE_OAUTH2_CERTS_URL,
+    clock_skew_in_seconds: int = 0,
+) -> Mapping[str, Any]:
     """Verifies an ID token and returns the decoded token.
 
     Args:

From bfd3deebc7fa0e31893762a2cab5a341cab75194 Mon Sep 17 00:00:00 2001
From: wyattscarpenter <wyattscarpenter@gmail.com>
Date: Tue, 5 Aug 2025 18:42:39 -0700
Subject: [PATCH 02/22] type default based on comments

---
 google/auth/_default.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index cf0cdd772..4cd06ce42 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -21,11 +21,15 @@
 import json
 import logging
 import os
+from collections.abc import Sequence
+from typing import Optional
 import warnings
 
 from google.auth import environment_vars
 from google.auth import exceptions
 import google.auth.transport._http_client
+from google.auth.credentials import Credentials
+
 
 _LOGGER = logging.getLogger(__name__)
 
@@ -532,7 +536,12 @@ def _apply_quota_project_id(credentials, quota_project_id):
     return credentials
 
 
-def default(scopes=None, request=None, quota_project_id=None, default_scopes=None):
+def default(
+        scopes: Sequence[str],
+        request: Optional[google.auth.transport.Request] = None,
+        quota_project_id: Optional[str] = None,
+        default_scopes: Optional[Sequence[str]] = None,
+        ) -> tuple[Credentials, Optional[str]]:
     """Gets the default credentials for the current environment.
 
     `Application Default Credentials`_ provides an easy way to obtain

From e93ddd1380dbc0f7d9004b33332dde690ac00322 Mon Sep 17 00:00:00 2001
From: wyattscarpenter <wyattscarpenter@gmail.com>
Date: Tue, 5 Aug 2025 22:03:19 -0400
Subject: [PATCH 03/22] Update _default.py: wait actually I do want it to be
 Noneable, that's the point of default kind of.

---
 google/auth/_default.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index 4cd06ce42..3b1333292 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -537,7 +537,7 @@ def _apply_quota_project_id(credentials, quota_project_id):
 
 
 def default(
-        scopes: Sequence[str],
+        scopes: Sequence[str]|None = None,
         request: Optional[google.auth.transport.Request] = None,
         quota_project_id: Optional[str] = None,
         default_scopes: Optional[Sequence[str]] = None,

From 72e40a9df26c1cf423fc5a146fbbe5f55baa4fb5 Mon Sep 17 00:00:00 2001
From: wyattscarpenter <wyattscarpenter@gmail.com>
Date: Tue, 5 Aug 2025 22:04:40 -0400
Subject: [PATCH 04/22] Update _default.py: it's probably better to use the
 more-supported syntax

---
 google/auth/_default.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index 3b1333292..409039b14 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -537,7 +537,7 @@ def _apply_quota_project_id(credentials, quota_project_id):
 
 
 def default(
-        scopes: Sequence[str]|None = None,
+        scopes: Optional[Sequence[str]] = None,
         request: Optional[google.auth.transport.Request] = None,
         quota_project_id: Optional[str] = None,
         default_scopes: Optional[Sequence[str]] = None,

From 6ab82cd9c30930b099b4ef3cfc87dd99ed0996f5 Mon Sep 17 00:00:00 2001
From: wyattscarpenter <wyattscarpenter@gmail.com>
Date: Tue, 5 Aug 2025 22:13:31 -0400
Subject: [PATCH 05/22] Update _default.py: attempt to avoid circular import

---
 google/auth/_default.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index 409039b14..0a5ff67f4 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -27,9 +27,9 @@
 
 from google.auth import environment_vars
 from google.auth import exceptions
-import google.auth.transport._http_client
 from google.auth.credentials import Credentials
-
+from google.auth.transport import Request
+import google.auth.transport._http_client
 
 _LOGGER = logging.getLogger(__name__)
 
@@ -538,7 +538,7 @@ def _apply_quota_project_id(credentials, quota_project_id):
 
 def default(
         scopes: Optional[Sequence[str]] = None,
-        request: Optional[google.auth.transport.Request] = None,
+        request: Optional[Request] = None,
         quota_project_id: Optional[str] = None,
         default_scopes: Optional[Sequence[str]] = None,
         ) -> tuple[Credentials, Optional[str]]:

From 5e7e3f55f3b4f3ca7a5937ab915b55b61626389a Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 07:29:27 -0500
Subject: [PATCH 06/22] Update google/auth/_default.py

---
 google/auth/_default.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index 5866f1297..516672adf 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -594,7 +594,7 @@ def _apply_quota_project_id(credentials, quota_project_id):
 
 def default(
         scopes: Optional[Sequence[str]] = None,
-        request: Optional[Request] = None,
+        request: Optional["Request"] = None,
         quota_project_id: Optional[str] = None,
         default_scopes: Optional[Sequence[str]] = None,
         ) -> tuple[Credentials, Optional[str]]:

From 45306de51a4c143691640fffb133636de7bc256b Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 07:29:35 -0500
Subject: [PATCH 07/22] Update google/auth/_default.py

---
 google/auth/_default.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index 516672adf..ab2de61c9 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -597,7 +597,7 @@ def default(
         request: Optional["Request"] = None,
         quota_project_id: Optional[str] = None,
         default_scopes: Optional[Sequence[str]] = None,
-        ) -> tuple[Credentials, Optional[str]]:
+        ) -> tuple["Credentials", Optional[str]]:
     """Gets the default credentials for the current environment.
 
     `Application Default Credentials`_ provides an easy way to obtain

From 2e6829e3ceadc07b376dec3b3cb31e2f31d6b4e0 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 07:29:41 -0500
Subject: [PATCH 08/22] Update google/auth/_default.py

---
 google/auth/_default.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index ab2de61c9..4cb5a5b0e 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -27,8 +27,9 @@
 
 from google.auth import environment_vars
 from google.auth import exceptions
-from google.auth.credentials import Credentials
-from google.auth.transport import Request
+if TYPE_CHECKING:
+    from google.auth.credentials import Credentials
+    from google.auth.transport import Request
 import google.auth.transport._http_client
 
 _LOGGER = logging.getLogger(__name__)

From 448d752e383040fb721086688196daebe767a989 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 07:29:51 -0500
Subject: [PATCH 09/22] Update google/auth/_default.py

---
 google/auth/_default.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index 4cb5a5b0e..d1075a903 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -22,7 +22,7 @@
 import logging
 import os
 from collections.abc import Sequence
-from typing import Optional
+from typing import TYPE_CHECKING, Optional
 import warnings
 
 from google.auth import environment_vars

From f4540e36c620ec927c63dd8a13b5314cdaf7b139 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 07:31:08 -0500
Subject: [PATCH 10/22] Update google/oauth2/id_token.py

---
 google/oauth2/id_token.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/oauth2/id_token.py b/google/oauth2/id_token.py
index 09e3c0ca2..324fc22a5 100644
--- a/google/oauth2/id_token.py
+++ b/google/oauth2/id_token.py
@@ -108,7 +108,7 @@ def _fetch_certs(request, certs_url):
 
 
 def verify_token(
-    id_token: Union[str, bytes],
+    id_token: str | bytes,
     request: transport.Request,
     audience: str | list[str] | None = None,
     certs_url: str = _GOOGLE_OAUTH2_CERTS_URL,

From 0a99a32b3335d7eb4a9d29d97c515fcb371a7ae7 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 08:25:28 -0500
Subject: [PATCH 11/22] Update google/oauth2/id_token.py

---
 google/oauth2/id_token.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/oauth2/id_token.py b/google/oauth2/id_token.py
index 324fc22a5..f5b9e17b8 100644
--- a/google/oauth2/id_token.py
+++ b/google/oauth2/id_token.py
@@ -110,7 +110,7 @@ def _fetch_certs(request, certs_url):
 def verify_token(
     id_token: str | bytes,
     request: transport.Request,
-    audience: str | list[str] | None = None,
+    audience: Union[str, list[str], None] = None,
     certs_url: str = _GOOGLE_OAUTH2_CERTS_URL,
     clock_skew_in_seconds: int = 0,
 ) -> Mapping[str, Any]:

From ae81aff8753cc6a18e91fff4b0206cd6045f91e3 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 08:25:40 -0500
Subject: [PATCH 12/22] Update google/oauth2/id_token.py

---
 google/oauth2/id_token.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/oauth2/id_token.py b/google/oauth2/id_token.py
index f5b9e17b8..b85fbed09 100644
--- a/google/oauth2/id_token.py
+++ b/google/oauth2/id_token.py
@@ -108,7 +108,7 @@ def _fetch_certs(request, certs_url):
 
 
 def verify_token(
-    id_token: str | bytes,
+    id_token: Union[str, bytes],
     request: transport.Request,
     audience: Union[str, list[str], None] = None,
     certs_url: str = _GOOGLE_OAUTH2_CERTS_URL,

From be198899c6c14e0555a370decd1200ae25f83055 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 08:25:49 -0500
Subject: [PATCH 13/22] Update google/auth/transport/requests.py

---
 google/auth/transport/requests.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/auth/transport/requests.py b/google/auth/transport/requests.py
index c195242b0..467639ac7 100644
--- a/google/auth/transport/requests.py
+++ b/google/auth/transport/requests.py
@@ -137,7 +137,7 @@ class Request(transport.Request):
     .. automethod:: __call__
     """
 
-    def __init__(self, session: requests.Session | None = None) -> None:
+    def __init__(self, session: [Optional[requests.Session] = None) -> None:
         if not session:
             session = requests.Session()
 

From 7bf82e8006e96104498bb67e1da481b0a0092566 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 08:25:58 -0500
Subject: [PATCH 14/22] Update google/auth/transport/requests.py

---
 google/auth/transport/requests.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/google/auth/transport/requests.py b/google/auth/transport/requests.py
index 467639ac7..ffaa1c43b 100644
--- a/google/auth/transport/requests.py
+++ b/google/auth/transport/requests.py
@@ -21,6 +21,7 @@
 import logging
 import numbers
 import time
+from typing import Optional
 
 try:
     import requests

From 58d8a8840b266aa900a0c68b7f1c2e77dadc3844 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 09:01:38 -0500
Subject: [PATCH 15/22] Update google/auth/transport/requests.py

---
 google/auth/transport/requests.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/auth/transport/requests.py b/google/auth/transport/requests.py
index ffaa1c43b..e536b0880 100644
--- a/google/auth/transport/requests.py
+++ b/google/auth/transport/requests.py
@@ -138,7 +138,7 @@ class Request(transport.Request):
     .. automethod:: __call__
     """
 
-    def __init__(self, session: [Optional[requests.Session] = None) -> None:
+    def __init__(self, session: [Optional[requests.Session]] = None) -> None:
         if not session:
             session = requests.Session()
 

From 958292afad8bdd841396e21e77b7ba25b4b38185 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 11:17:44 -0500
Subject: [PATCH 16/22] Update google/auth/transport/requests.py

---
 google/auth/transport/requests.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/auth/transport/requests.py b/google/auth/transport/requests.py
index e536b0880..574191fda 100644
--- a/google/auth/transport/requests.py
+++ b/google/auth/transport/requests.py
@@ -138,7 +138,7 @@ class Request(transport.Request):
     .. automethod:: __call__
     """
 
-    def __init__(self, session: [Optional[requests.Session]] = None) -> None:
+    def __init__(self, session: Optional[requests.Session] = None) -> None:
         if not session:
             session = requests.Session()
 

From 4be069287e58e808af8077393a27e00e58cbd7eb Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 12:23:11 -0500
Subject: [PATCH 17/22] Update _default.py

Update to deal with linting issues.
---
 google/auth/_default.py | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index d1075a903..00f0d5caf 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -17,16 +17,17 @@
 Implements application default credentials and project ID detection.
 """
 
+from collections.abc import Sequence
 import io
 import json
 import logging
 import os
-from collections.abc import Sequence
-from typing import TYPE_CHECKING, Optional
+from typing import Optional, TYPE_CHECKING
 import warnings
 
 from google.auth import environment_vars
 from google.auth import exceptions
+
 if TYPE_CHECKING:
     from google.auth.credentials import Credentials
     from google.auth.transport import Request
@@ -594,11 +595,11 @@ def _apply_quota_project_id(credentials, quota_project_id):
 
 
 def default(
-        scopes: Optional[Sequence[str]] = None,
-        request: Optional["Request"] = None,
-        quota_project_id: Optional[str] = None,
-        default_scopes: Optional[Sequence[str]] = None,
-        ) -> tuple["Credentials", Optional[str]]:
+    scopes: Optional[Sequence[str]] = None,
+    request: Optional["Request"] = None,
+    quota_project_id: Optional[str] = None,
+    default_scopes: Optional[Sequence[str]] = None,
+) -> tuple["Credentials", Optional[str]]:
     """Gets the default credentials for the current environment.
 
     `Application Default Credentials`_ provides an easy way to obtain

From 152bc0e6b06295664e99d0f42a5ee5523ed1d361 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 12:24:06 -0500
Subject: [PATCH 18/22] Update id_token.py

Updates to correct linting issues.
---
 google/oauth2/id_token.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/google/oauth2/id_token.py b/google/oauth2/id_token.py
index b85fbed09..f0a85ffdb 100644
--- a/google/oauth2/id_token.py
+++ b/google/oauth2/id_token.py
@@ -58,14 +58,13 @@
 import http.client as http_client
 import json
 import os
+from typing import Any, Mapping, Union
 
 from google.auth import environment_vars
 from google.auth import exceptions
 from google.auth import jwt
 from google.auth import transport
 
-from typing import Any, Mapping, Union
-
 
 # The URL that provides public certificates for verifying ID tokens issued
 # by Google's OAuth 2.0 authorization server.

From f5ca5e4a8e8facfdad4e1109933356b76d6a4afd Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 15:40:56 -0500
Subject: [PATCH 19/22] Update _default.py

fixes to deal with linting and coverage errors.
---
 google/auth/_default.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index 00f0d5caf..eea42b3a9 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -28,7 +28,7 @@
 from google.auth import environment_vars
 from google.auth import exceptions
 
-if TYPE_CHECKING:
+if TYPE_CHECKING: # pragma: NO COVER
     from google.auth.credentials import Credentials
     from google.auth.transport import Request
 import google.auth.transport._http_client
@@ -596,10 +596,10 @@ def _apply_quota_project_id(credentials, quota_project_id):
 
 def default(
     scopes: Optional[Sequence[str]] = None,
-    request: Optional["Request"] = None,
+    request: Optional["google.auth.transport.Request"] = None,
     quota_project_id: Optional[str] = None,
     default_scopes: Optional[Sequence[str]] = None,
-) -> tuple["Credentials", Optional[str]]:
+) -> tuple["google.auth.credentials.Credentials", Optional[str]]:
     """Gets the default credentials for the current environment.
 
     `Application Default Credentials`_ provides an easy way to obtain

From 6d75ce2c53780b33c509e109832f753565de2920 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 16:52:08 -0500
Subject: [PATCH 20/22] Apply suggestion from @chalmerlowe
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

missing a dadgum space character after the comment octothorpe. 🤯
---
 google/auth/_default.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index eea42b3a9..0baf1e23c 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -28,7 +28,7 @@
 from google.auth import environment_vars
 from google.auth import exceptions
 
-if TYPE_CHECKING: # pragma: NO COVER
+if TYPE_CHECKING:  # pragma: NO COVER
     from google.auth.credentials import Credentials
     from google.auth.transport import Request
 import google.auth.transport._http_client

From 82f1422f8dcb95ae3bf246daa0102b2d86347c80 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Tue, 23 Dec 2025 18:34:03 -0500
Subject: [PATCH 21/22] Apply suggestion from @chalmerlowe

more linting stuff related to flake8 not liking our type hinting.
---
 google/auth/_default.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index 0baf1e23c..f1f3479e0 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -29,8 +29,10 @@
 from google.auth import exceptions
 
 if TYPE_CHECKING:  # pragma: NO COVER
-    from google.auth.credentials import Credentials
-    from google.auth.transport import Request
+    # flake8 raises an error because these lines are not used in the code,
+    # they are only used for type-hinting, hence the F401 pragma. 
+    from google.auth.credentials import Credentials  # noqa: F401
+    from google.auth.transport import Request  # noqa: F401
 import google.auth.transport._http_client
 
 _LOGGER = logging.getLogger(__name__)

From 539e9ad706691d5ef355ae3d95e557b2d1f22c71 Mon Sep 17 00:00:00 2001
From: Chalmer Lowe <chalmerlowe@google.com>
Date: Fri, 26 Dec 2025 06:35:25 -0500
Subject: [PATCH 22/22] Apply suggestion from @chalmerlowe

Updates order of imports and removes explanatory comments. flake8 does not like them, it does not match the expected pattern for this situation.
---
 google/auth/_default.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/google/auth/_default.py b/google/auth/_default.py
index f1f3479e0..d854163c4 100644
--- a/google/auth/_default.py
+++ b/google/auth/_default.py
@@ -27,13 +27,11 @@
 
 from google.auth import environment_vars
 from google.auth import exceptions
+import google.auth.transport._http_client
 
 if TYPE_CHECKING:  # pragma: NO COVER
-    # flake8 raises an error because these lines are not used in the code,
-    # they are only used for type-hinting, hence the F401 pragma. 
     from google.auth.credentials import Credentials  # noqa: F401
     from google.auth.transport import Request  # noqa: F401
-import google.auth.transport._http_client
 
 _LOGGER = logging.getLogger(__name__)