(t *testing.T)
| 427 | } |
| 428 | |
| 429 | func TestMCPHTTP_E2E_RFC6750_UnauthenticatedRequest(t *testing.T) { |
| 430 | t.Parallel() |
| 431 | |
| 432 | // Setup Coder server |
| 433 | _, closer, api := coderdtest.NewWithAPI(t, nil) |
| 434 | defer closer.Close() |
| 435 | |
| 436 | // Make a request without any authentication headers |
| 437 | req := &http.Request{ |
| 438 | Method: "POST", |
| 439 | URL: mustParseURL(t, api.AccessURL.String()+mcpserver.MCPEndpoint), |
| 440 | Header: make(http.Header), |
| 441 | } |
| 442 | |
| 443 | client := &http.Client{} |
| 444 | resp, err := client.Do(req) |
| 445 | require.NoError(t, err) |
| 446 | defer resp.Body.Close() |
| 447 | |
| 448 | // Should get 401 Unauthorized |
| 449 | require.Equal(t, http.StatusUnauthorized, resp.StatusCode) |
| 450 | |
| 451 | // RFC 6750 requires WWW-Authenticate header on 401 responses |
| 452 | wwwAuth := resp.Header.Get("WWW-Authenticate") |
| 453 | require.NotEmpty(t, wwwAuth, "RFC 6750 requires WWW-Authenticate header for 401 responses") |
| 454 | require.Contains(t, wwwAuth, "Bearer", "WWW-Authenticate header should indicate Bearer authentication") |
| 455 | require.Contains(t, wwwAuth, `realm="coder"`, "WWW-Authenticate header should include realm") |
| 456 | |
| 457 | t.Logf("RFC 6750 WWW-Authenticate header test successful: %s", wwwAuth) |
| 458 | } |
| 459 | |
| 460 | func TestMCPHTTP_E2E_OAuth2_EndToEnd(t *testing.T) { |
| 461 | t.Parallel() |
nothing calls this directly
no test coverage detected