function names

Author: dogacancolak

src/mcp/client/auth.py

@@ -272,14 +272,13 @@ async def _handle_protected_resource_response(self, response: httpx.Response) ->
         else:
             raise OAuthFlowError(f"Protected Resource Metadata request failed: {response.status_code}")
 
-    def _configure_scope_selection(self, init_response: httpx.Response) -> None:
+    def _select_scopes(self, init_response: httpx.Response) -> None:
         """Select scopes as outlined in the 'Scope Selection Strategy in the MCP spec."""
         # Per MCP spec, scope selection priority order:
         # 1. Use scope from WWW-Authenticate header (if provided)
         # 2. Use all scopes from PRM scopes_supported (if available)
         # 3. Omit scope parameter if neither is available
         #
-        # Step 1: Extract scope from WWW-Authenticate header
         www_authenticate_scope = self._extract_scope_from_www_auth(init_response)
         if www_authenticate_scope is not None:
             # Priority 1: WWW-Authenticate header scope
@@ -555,7 +554,7 @@ async def async_auth_flow(self, request: httpx.Request) -> AsyncGenerator[httpx.
                     await self._handle_protected_resource_response(discovery_response)
 
                     # Step 2: Apply scope selection strategy
-                    self._configure_scope_selection(response)
+                    self._select_scopes(response)
 
                     # Step 3: Discover OAuth metadata (with fallback for legacy servers)
                     discovery_urls = self._get_discovery_urls()
@@ -600,7 +599,7 @@ async def async_auth_flow(self, request: httpx.Request) -> AsyncGenerator[httpx.
                 if error == "insufficient_scope":
                     try:
                         # Step 2a: Update the required scopes
-                        self._configure_scope_selection(response)
+                        self._select_scopes(response)
 
                         # Step 2b: Perform (re-)authorization
                         auth_code, code_verifier = await self._perform_authorization()

tests/client/test_auth.py

@@ -449,7 +449,7 @@ async def test_prioritize_www_auth_scope_over_prm(
         await oauth_provider._handle_protected_resource_response(prm_metadata_response)
 
         # Process the scope selection with WWW-Authenticate header
-        oauth_provider._configure_scope_selection(init_response_with_www_auth_scope)
+        oauth_provider._select_scopes(init_response_with_www_auth_scope)
 
         # Verify that WWW-Authenticate scope is used (not PRM scopes)
         assert oauth_provider.context.client_metadata.scope == "special:scope from:www-authenticate"
@@ -466,7 +466,7 @@ async def test_prioritize_prm_scopes_when_no_www_auth_scope(
         await oauth_provider._handle_protected_resource_response(prm_metadata_response)
 
         # Process the scope selection without WWW-Authenticate scope
-        oauth_provider._configure_scope_selection(init_response_without_www_auth_scope)
+        oauth_provider._select_scopes(init_response_without_www_auth_scope)
 
         # Verify that PRM scopes are used
         assert oauth_provider.context.client_metadata.scope == "resource:read resource:write"
@@ -483,7 +483,7 @@ async def test_omit_scope_when_no_prm_scopes_or_www_auth(
         await oauth_provider._handle_protected_resource_response(prm_metadata_without_scopes_response)
 
         # Process the scope selection without WWW-Authenticate scope
-        oauth_provider._configure_scope_selection(init_response_without_www_auth_scope)
+        oauth_provider._select_scopes(init_response_without_www_auth_scope)
 
         # Verify that scope is omitted
         assert oauth_provider.context.client_metadata.scope is None