MCPcopy Create free account
hub / github.com/coder/coder / TestMCPHTTP_E2E_RFC6750_UnauthenticatedRequest

Function TestMCPHTTP_E2E_RFC6750_UnauthenticatedRequest

coderd/mcp/mcp_e2e_test.go:429–458  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

427}
428
429func TestMCPHTTP_E2E_RFC6750_UnauthenticatedRequest(t *testing.T) {
430 t.Parallel()
431
432 // Setup Coder server
433 _, closer, api := coderdtest.NewWithAPI(t, nil)
434 defer closer.Close()
435
436 // Make a request without any authentication headers
437 req := &http.Request{
438 Method: "POST",
439 URL: mustParseURL(t, api.AccessURL.String()+mcpserver.MCPEndpoint),
440 Header: make(http.Header),
441 }
442
443 client := &http.Client{}
444 resp, err := client.Do(req)
445 require.NoError(t, err)
446 defer resp.Body.Close()
447
448 // Should get 401 Unauthorized
449 require.Equal(t, http.StatusUnauthorized, resp.StatusCode)
450
451 // RFC 6750 requires WWW-Authenticate header on 401 responses
452 wwwAuth := resp.Header.Get("WWW-Authenticate")
453 require.NotEmpty(t, wwwAuth, "RFC 6750 requires WWW-Authenticate header for 401 responses")
454 require.Contains(t, wwwAuth, "Bearer", "WWW-Authenticate header should indicate Bearer authentication")
455 require.Contains(t, wwwAuth, `realm="coder"`, "WWW-Authenticate header should include realm")
456
457 t.Logf("RFC 6750 WWW-Authenticate header test successful: %s", wwwAuth)
458}
459
460func TestMCPHTTP_E2E_OAuth2_EndToEnd(t *testing.T) {
461 t.Parallel()

Callers

nothing calls this directly

Calls 10

NewWithAPIFunction · 0.92
mustParseURLFunction · 0.85
NotEmptyMethod · 0.80
CloseMethod · 0.65
DoMethod · 0.65
GetMethod · 0.65
LogfMethod · 0.65
StringMethod · 0.45
EqualMethod · 0.45
ContainsMethod · 0.45

Tested by

no test coverage detected