address good feedback from @localden

Author: kentcdodds

epicshop/epic-me/app/routes/test-auth.tsx

@@ -52,7 +52,7 @@ export async function loader({ request, context }: Route.LoaderArgs) {
 			if (users.length === 0) {
 				return Response.json({ error: 'No users available' }, { status: 400 })
 			}
-			userId = String(users[0].id)
+			userId = String(users[0]?.id)
 		}
 
 		const user = await context.db.getUserById(Number(userId))

epicshop/epic-me/tsconfig.cloudflare.json

@@ -9,6 +9,7 @@
 		"workers/**/*",
 		"types/**/*"
 	],
+	"exclude": ["**/node_modules/**/*", "**/dist/**/*"],
 	"compilerOptions": {
 		"composite": true,
 		"strict": true,

exercises/01.start/01.solution/package.json

@@ -5,7 +5,8 @@
   "scripts": {
     "dev": "mcp-dev stdio",
     "dev:mcp": "tsx src/index.ts",
-    "test": "vitest",
+    "test": "vitest run",
+    "test:watch": "vitest --watch",
     "typecheck": "tsc",
     "inspect": "mcp-inspector"
   },

exercises/02.start/01.solution/package.json

@@ -3,7 +3,8 @@
   "private": true,
   "type": "module",
   "scripts": {
-    "test": "vitest",
+    "test": "vitest run",
+    "test:watch": "vitest --watch",
     "pretypecheck": "wrangler types ./types/worker-configuration.d.ts",
     "typecheck": "tsc",
     "build": "wrangler build",

exercises/99.finished/99.solution/package.json

@@ -3,7 +3,8 @@
   "private": true,
   "type": "module",
   "scripts": {
-    "test": "vitest",
+    "test": "vitest run",
+    "test:watch": "vitest --watch",
     "pretypecheck": "wrangler types ./types/worker-configuration.d.ts",
     "typecheck": "tsc",
     "build": "wrangler build",

exercises/99.finished/99.solution/src/client.ts

@@ -67,7 +67,8 @@ export function initiateOAuthFlow(request: Request) {
 	return new Response('Unauthorized', {
 		status: 401,
 		headers: {
-			'WWW-Authenticate': `OAuth realm="EpicMe", authorization_url="${authUrl.toString()}"`,
+			'WWW-Authenticate': 'OAuth realm="EpicMe"',
+			Location: authUrl.toString(),
 		},
 	})
 }
@@ -84,7 +85,7 @@ export async function getOAuthAuthorizationServerConfig() {
 export async function getOAuthProtectedResourceConfig() {
 	// This server is the protected resource server, so we return our own configuration
 	return {
-		resource: 'epicme-mcp',
+		resource: `${EPIC_ME_SERVER_URL}/mcp`,
 		scopes: ['read', 'write'],
 		resource_owner: 'epicme',
 		resource_server: {

exercises/99.finished/99.solution/test/index.test.ts

@@ -86,18 +86,14 @@ test('OAuth integration flow works end-to-end', async () => {
 		wwwAuthHeader,
 		'🚨 WWW-Authenticate header should contain OAuth realm',
 	).toContain('OAuth realm="EpicMe"')
-	expect(
-		wwwAuthHeader,
-		'🚨 WWW-Authenticate header should contain authorization_url',
-	).toContain('authorization_url=')
 
-	// Extract the authorization URL from the header
-	const authUrlMatch = wwwAuthHeader?.match(/authorization_url="([^"]+)"/)
+	// Extract the authorization URL from the Location header
+	const locationHeader = unauthorizedResponse.headers.get('Location')
 	expect(
-		authUrlMatch,
-		'🚨 Could not extract authorization URL from WWW-Authenticate header',
+		locationHeader,
+		'🚨 Location header should be present with authorization URL',
 	).toBeTruthy()
-	const authorizationUrl = authUrlMatch![1]
+	const authorizationUrl = locationHeader
 	expect(
 		authorizationUrl,
 		'🚨 Authorization URL should not be empty',
@@ -138,7 +134,7 @@ test('OAuth integration flow works end-to-end', async () => {
 	expect(
 		protectedResourceConfig.resource,
 		'🚨 Resource identifier should be present',
-	).toBe('epicme-mcp')
+	).toBe(`${EPIC_ME_SERVER_URL}/mcp`)
 	expect(
 		protectedResourceConfig.scopes,
 		'🚨 Scopes should be present',