@@ -688,7 +688,7 @@ describe("OAuth Authorization", () => {
688
688
describe ( "buildDiscoveryUrls" , ( ) => {
689
689
it ( "generates correct URLs for server without path" , ( ) => {
690
690
const urls = buildDiscoveryUrls ( "https://auth.example.com" ) ;
691
-
691
+
692
692
expect ( urls ) . toHaveLength ( 2 ) ;
693
693
expect ( urls . map ( u => ( { url : u . url . toString ( ) , type : u . type } ) ) ) . toEqual ( [
694
694
{
@@ -704,7 +704,7 @@ describe("OAuth Authorization", () => {
704
704
705
705
it ( "generates correct URLs for server with path" , ( ) => {
706
706
const urls = buildDiscoveryUrls ( "https://auth.example.com/tenant1" ) ;
707
-
707
+
708
708
expect ( urls ) . toHaveLength ( 4 ) ;
709
709
expect ( urls . map ( u => ( { url : u . url . toString ( ) , type : u . type } ) ) ) . toEqual ( [
710
710
{
@@ -728,7 +728,7 @@ describe("OAuth Authorization", () => {
728
728
729
729
it ( "handles URL object input" , ( ) => {
730
730
const urls = buildDiscoveryUrls ( new URL ( "https://auth.example.com/tenant1" ) ) ;
731
-
731
+
732
732
expect ( urls ) . toHaveLength ( 4 ) ;
733
733
expect ( urls [ 0 ] . url . toString ( ) ) . toBe ( "https://auth.example.com/.well-known/oauth-authorization-server/tenant1" ) ;
734
734
} ) ;
@@ -761,7 +761,7 @@ describe("OAuth Authorization", () => {
761
761
ok : false ,
762
762
status : 404 ,
763
763
} ) ;
764
-
764
+
765
765
// Second OAuth URL (root) succeeds
766
766
mockFetch . mockResolvedValueOnce ( {
767
767
ok : true ,
@@ -774,7 +774,7 @@ describe("OAuth Authorization", () => {
774
774
) ;
775
775
776
776
expect ( metadata ) . toEqual ( validOAuthMetadata ) ;
777
-
777
+
778
778
// Verify it tried the URLs in the correct order
779
779
const calls = mockFetch . mock . calls ;
780
780
expect ( calls . length ) . toBe ( 2 ) ;
@@ -808,14 +808,32 @@ describe("OAuth Authorization", () => {
808
808
) . rejects . toThrow ( "does not support S256 code challenge method required by MCP specification" ) ;
809
809
} ) ;
810
810
811
- it ( "throws on non-404 errors" , async ( ) => {
811
+ it ( "continues on 4xx errors" , async ( ) => {
812
+ mockFetch . mockResolvedValueOnce ( {
813
+ ok : false ,
814
+ status : 400 ,
815
+ } ) ;
816
+
817
+ mockFetch . mockResolvedValueOnce ( {
818
+ ok : true ,
819
+ status : 200 ,
820
+ json : async ( ) => validOpenIdMetadata ,
821
+ } ) ;
822
+
823
+ const metadata = await discoverAuthorizationServerMetadata ( "https://mcp.example.com" ) ;
824
+
825
+ expect ( metadata ) . toEqual ( validOpenIdMetadata ) ;
826
+
827
+ } ) ;
828
+
829
+ it ( "throws on non-4xx errors" , async ( ) => {
812
830
mockFetch . mockResolvedValueOnce ( {
813
831
ok : false ,
814
832
status : 500 ,
815
833
} ) ;
816
834
817
835
await expect (
818
- discoverAuthorizationServerMetadata ( "https://mcp.example.com" , undefined )
836
+ discoverAuthorizationServerMetadata ( "https://mcp.example.com" )
819
837
) . rejects . toThrow ( "HTTP 500" ) ;
820
838
} ) ;
821
839
0 commit comments