MCPcopy Index your code
hub / github.com/coder/coder / TestMCPServerConfigsOAuth2AutoDiscovery

Function TestMCPServerConfigsOAuth2AutoDiscovery

coderd/mcp_test.go:549–1125  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

547}
548
549func TestMCPServerConfigsOAuth2AutoDiscovery(t *testing.T) {
550 t.Parallel()
551
552 t.Run("Success", func(t *testing.T) {
553 t.Parallel()
554
555 ctx := testutil.Context(t, testutil.WaitLong)
556
557 // Stand up a mock auth server that serves RFC 8414 metadata and
558 // a RFC 7591 dynamic client registration endpoint.
559 authServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
560 switch r.URL.Path {
561 case "/.well-known/oauth-authorization-server":
562 w.Header().Set("Content-Type", "application/json")
563 _, _ = w.Write([]byte(`{
564 "issuer": "` + r.Host + `",
565 "authorization_endpoint": "` + "http://" + r.Host + `/authorize",
566 "token_endpoint": "` + "http://" + r.Host + `/token",
567 "registration_endpoint": "` + "http://" + r.Host + `/register",
568 "response_types_supported": ["code"],
569 "scopes_supported": ["read", "write"]
570 }`))
571 case "/register":
572 if r.Method != http.MethodPost {
573 http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
574 return
575 }
576 w.Header().Set("Content-Type", "application/json")
577 w.WriteHeader(http.StatusCreated)
578 _, _ = w.Write([]byte(`{
579 "client_id": "auto-discovered-client-id",
580 "client_secret": "auto-discovered-client-secret"
581 }`))
582 default:
583 http.NotFound(w, r)
584 }
585 }))
586 t.Cleanup(authServer.Close)
587
588 // Stand up a mock MCP server that serves RFC 9728 Protected
589 // Resource Metadata at the path-aware well-known URL.
590 // The URL used for the config ends with /v1/mcp, so the
591 // path-aware metadata URL is
592 // /.well-known/oauth-protected-resource/v1/mcp.
593 mcpServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
594 switch r.URL.Path {
595 case "/.well-known/oauth-protected-resource/v1/mcp":
596 w.Header().Set("Content-Type", "application/json")
597 _, _ = w.Write([]byte(`{
598 "resource": "` + "http://" + r.Host + `",
599 "authorization_servers": ["` + authServer.URL + `"]
600 }`))
601 default:
602 http.NotFound(w, r)
603 }
604 }))
605 t.Cleanup(mcpServer.Close)
606

Callers

nothing calls this directly

Calls 15

StatusCodeMethod · 0.95
ContextFunction · 0.92
CreateFirstUserFunction · 0.92
newMCPClientFunction · 0.85
CreateMCPServerConfigMethod · 0.80
FatalMethod · 0.80
RunMethod · 0.65
SetMethod · 0.65
WriteMethod · 0.65
CleanupMethod · 0.65
ParseMethod · 0.65
HeaderMethod · 0.45

Tested by

no test coverage detected