Switch to returning an empty set when there are invalid auth scopes

auth/scopes.py

@@ -100,12 +100,13 @@ def scopes_from_scope_string(scopes):
   # Note: The scopes string should be space seperated according to the spec:
   # https://tools.ietf.org/html/rfc6749#section-3.3
   # However, we also support commas for backwards compatibility with existing callers to our code.
-  return {ALL_SCOPES.get(scope, None) for scope in re.split(' |,', scopes)}
+  scope_set = {ALL_SCOPES.get(scope, None) for scope in re.split(' |,', scopes)}
+  return scope_set if not None in scope_set else {}
 
 
 def validate_scope_string(scopes):
   decoded = scopes_from_scope_string(scopes)
-  return None not in decoded and len(decoded) > 0
+  return len(decoded) > 0
 
 
 def is_subset_string(full_string, expected_string):
@@ -113,6 +114,9 @@ def is_subset_string(full_string, expected_string):
       in full_string.
   """
   full_scopes = scopes_from_scope_string(full_string)
+  if not full_scopes:
+    return False
+
   full_implied_scopes = set.union(*[IMPLIED_SCOPES[scope] for scope in full_scopes])
   expected_scopes = scopes_from_scope_string(expected_string)
   return expected_scopes.issubset(full_implied_scopes)
@@ -122,13 +126,12 @@ def get_scope_information(scopes_string):
   scopes = scopes_from_scope_string(scopes_string)
   scope_info = []
   for scope in scopes:
-    if scope:
-      scope_info.append({
-        'title': scope.title,
-        'scope': scope.scope,
-        'description': scope.description,
-        'icon': scope.icon,
-        'dangerous': scope.dangerous,
-      })
+    scope_info.append({
+      'title': scope.title,
+      'scope': scope.scope,
+      'description': scope.description,
+      'icon': scope.icon,
+      'dangerous': scope.dangerous,
+    })
 
   return scope_info