fixed lint issues

patvice · patvice · commit a3738477b092 · 2025-11-23T19:29:31.000-05:00
diff --git a/examples/oauth/browser_oauth.rb b/examples/oauth/browser_oauth.rb
@@ -82,6 +82,3 @@
 puts "4. Uncomment the authentication code above"
 puts "5. Run: ruby #{__FILE__}"
 puts "=" * 60
-
-
-
diff --git a/examples/oauth/custom_storage.rb b/examples/oauth/custom_storage.rb
@@ -275,6 +275,3 @@ def get_token(server_url)
 EXAMPLES
 
 puts "=" * 60
-
-
-
diff --git a/examples/oauth/standard_oauth.rb b/examples/oauth/standard_oauth.rb
@@ -126,6 +126,3 @@
 puts "4. Uncomment the interactive code above"
 puts "5. Run: ruby #{__FILE__}"
 puts "=" * 60
-
-
-
diff --git a/lib/ruby_llm/mcp/adapters/mcp_transports/sse.rb b/lib/ruby_llm/mcp/adapters/mcp_transports/sse.rb
@@ -12,10 +12,12 @@ def initialize(url:, headers: {}, version: :http2, request_timeout: 10_000)
 
       @native_transport = RubyLLM::MCP::Native::Transports::SSE.new(
         url: url,
-        headers: headers,
-        version: version,
         coordinator: @coordinator,
-        request_timeout: request_timeout
+        request_timeout: request_timeout,
+        options: {
+          headers: headers,
+          version: version
+        }
       )
     end
 
diff --git a/lib/ruby_llm/mcp/auth/oauth_provider.rb b/lib/ruby_llm/mcp/auth/oauth_provider.rb
@@ -164,16 +164,17 @@ def handle_authentication_challenge(www_authenticate: nil, resource_metadata_url
           logger.debug("  Requested scope: #{requested_scope}") if requested_scope
 
           # Parse WWW-Authenticate header if provided
+          final_requested_scope = requested_scope
           if www_authenticate
             challenge_info = parse_www_authenticate(www_authenticate)
-            resource_metadata_url ||= challenge_info[:resource_metadata_url]
-            requested_scope ||= challenge_info[:scope]
+            final_requested_scope ||= challenge_info[:scope]
+            # NOTE: resource_metadata_url from challenge_info could be used for future discovery
           end
 
           # Update scope if server requested different scope
-          if requested_scope && requested_scope != scope
-            logger.debug("Updating scope from '#{scope}' to '#{requested_scope}'")
-            self.scope = requested_scope
+          if final_requested_scope && final_requested_scope != scope
+            logger.debug("Updating scope from '#{scope}' to '#{final_requested_scope}'")
+            self.scope = final_requested_scope
           end
 
           # Try to refresh existing token
diff --git a/lib/ruby_llm/mcp/native/transport.rb b/lib/ruby_llm/mcp/native/transport.rb
@@ -58,9 +58,23 @@ def build_transport
             transport_config.merge!(options)
           end
 
+          # Handle SSE transport specially - it uses options hash pattern
+          if transport_type == :sse
+            url = transport_config.delete(:url) || transport_config.delete("url")
+            request_timeout = transport_config.delete(:request_timeout) ||
+                              transport_config.delete("request_timeout") ||
+                              MCP.config.request_timeout
+            # Everything else goes into options
+            options_hash = transport_config.dup
+            transport_config.clear
+            transport_config[:url] = url
+            transport_config[:request_timeout] = request_timeout
+            transport_config[:options] = options_hash
+          end
+
           # Remove OAuth-specific params from transports that don't support them
           # This allows other arbitrary params (like timeout) to pass through for testing
-          unless %i[streamable streamable_http].include?(transport_type)
+          unless %i[streamable streamable_http sse].include?(transport_type)
             transport_config.delete(:oauth_provider)
             transport_config.delete(:oauth)
           end
diff --git a/lib/ruby_llm/mcp/native/transports/sse.rb b/lib/ruby_llm/mcp/native/transports/sse.rb
@@ -9,16 +9,17 @@ class SSE
 
           attr_reader :headers, :id, :coordinator
 
-          def initialize(url:, coordinator:, request_timeout:, version: :http2, headers: {}, oauth_provider: nil, options: {})
+          def initialize(url:, coordinator:, request_timeout:, options: {})
             @event_url = url
             @messages_url = nil
             @coordinator = coordinator
             @request_timeout = request_timeout
-            @version = version
 
-            # Extract oauth_provider from options if present
+            # Extract options
             extracted_options = options.dup
-            oauth_provider = extracted_options.delete(:oauth_provider) || oauth_provider
+            @version = extracted_options.delete(:version) || :http2
+            headers = extracted_options.delete(:headers) || {}
+            oauth_provider = extracted_options.delete(:oauth_provider)
 
             uri = URI.parse(url)
             @root_url = "#{uri.scheme}://#{uri.host}"
@@ -118,7 +119,7 @@ def send_request(body, request_id)
             case response.status
             when 200, 202
               # Success
-              return
+              nil
             when 401
               handle_authentication_challenge(response, body, request_id)
             else
@@ -150,61 +151,65 @@ def build_request_headers
           end
 
           def handle_authentication_challenge(response, original_body, request_id)
-            # If we've already attempted auth retry, don't try again
-            if @auth_retry_attempted
-              RubyLLM::MCP.logger.warn("Authentication retry already attempted, raising error")
-              @auth_retry_attempted = false
-              raise Errors::AuthenticationRequiredError.new(
-                message: "OAuth authentication required (401 Unauthorized) - retry failed"
-              )
-            end
-
-            unless @oauth_provider
-              raise Errors::AuthenticationRequiredError.new(
-                message: "OAuth authentication required (401 Unauthorized) but no OAuth provider configured"
-              )
-            end
+            check_retry_guard!
+            check_oauth_provider_configured!
 
             RubyLLM::MCP.logger.info("Received 401 Unauthorized, attempting automatic authentication")
 
             www_authenticate = response.headers["www-authenticate"]
             resource_metadata_url = response.headers["mcp-resource-metadata-url"]
             @resource_metadata_url = resource_metadata_url if resource_metadata_url
 
-            begin
-              @auth_retry_attempted = true
+            attempt_authentication_retry(www_authenticate, resource_metadata_url, original_body, request_id)
+          end
 
-              success = @oauth_provider.handle_authentication_challenge(
-                www_authenticate: www_authenticate,
-                resource_metadata_url: resource_metadata_url,
-                requested_scope: nil
-              )
+          def check_retry_guard!
+            return unless @auth_retry_attempted
 
-              if success
-                RubyLLM::MCP.logger.info("Authentication challenge handled successfully, retrying request")
+            RubyLLM::MCP.logger.warn("Authentication retry already attempted, raising error")
+            @auth_retry_attempted = false
+            raise Errors::AuthenticationRequiredError.new(
+              message: "OAuth authentication required (401 Unauthorized) - retry failed"
+            )
+          end
 
-                # Retry the original request (flag stays true to prevent loop)
-                send_request(original_body, request_id)
+          def check_oauth_provider_configured!
+            return if @oauth_provider
 
-                # Only reset flag after successful retry
-                @auth_retry_attempted = false
-                return
-              end
-            rescue Errors::AuthenticationRequiredError => e
-              @auth_retry_attempted = false
-              raise e
-            rescue StandardError => e
+            raise Errors::AuthenticationRequiredError.new(
+              message: "OAuth authentication required (401 Unauthorized) but no OAuth provider configured"
+            )
+          end
+
+          def attempt_authentication_retry(www_authenticate, resource_metadata_url, original_body, request_id)
+            @auth_retry_attempted = true
+
+            success = @oauth_provider.handle_authentication_challenge(
+              www_authenticate: www_authenticate,
+              resource_metadata_url: resource_metadata_url,
+              requested_scope: nil
+            )
+
+            if success
+              RubyLLM::MCP.logger.info("Authentication challenge handled successfully, retrying request")
+              send_request(original_body, request_id)
               @auth_retry_attempted = false
-              RubyLLM::MCP.logger.error("Authentication challenge handling failed: #{e.message}")
-              raise Errors::AuthenticationRequiredError.new(
-                message: "OAuth authentication failed: #{e.message}"
-              )
+              return
             end
 
             @auth_retry_attempted = false
             raise Errors::AuthenticationRequiredError.new(
               message: "OAuth authentication required (401 Unauthorized)"
             )
+          rescue Errors::AuthenticationRequiredError => e
+            @auth_retry_attempted = false
+            raise e
+          rescue StandardError => e
+            @auth_retry_attempted = false
+            RubyLLM::MCP.logger.error("Authentication challenge handling failed: #{e.message}")
+            raise Errors::AuthenticationRequiredError.new(
+              message: "OAuth authentication failed: #{e.message}"
+            )
           end
 
           def start_sse_listener
diff --git a/lib/ruby_llm/mcp/native/transports/streamable_http.rb b/lib/ruby_llm/mcp/native/transports/streamable_http.rb
@@ -73,24 +73,24 @@ def initialize( # rubocop:disable Metrics/ParameterLists
             @protocol_version = nil
             @session_id = session_id
 
-          @resource_metadata_url = nil
-          @client_id = SecureRandom.uuid
-
-          @reconnection_options = ReconnectionOptions.new(**reconnection)
-          @oauth_provider = oauth_provider
-          @rate_limiter = Support::RateLimiter.new(**rate_limit) if rate_limit
-
-          @id_counter = 0
-          @id_mutex = Mutex.new
-          @pending_requests = {}
-          @pending_mutex = Mutex.new
-          @running = true
-          @abort_controller = nil
-          @sse_thread = nil
-          @sse_mutex = Mutex.new
-
-          # Track if we've attempted auth flow to prevent infinite loops
-          @auth_retry_attempted = false
+            @resource_metadata_url = nil
+            @client_id = SecureRandom.uuid
+
+            @reconnection_options = ReconnectionOptions.new(**reconnection)
+            @oauth_provider = oauth_provider
+            @rate_limiter = Support::RateLimiter.new(**rate_limit) if rate_limit
+
+            @id_counter = 0
+            @id_mutex = Mutex.new
+            @pending_requests = {}
+            @pending_mutex = Mutex.new
+            @running = true
+            @abort_controller = nil
+            @sse_thread = nil
+            @sse_mutex = Mutex.new
+
+            # Track if we've attempted auth flow to prevent infinite loops
+            @auth_retry_attempted = false
 
             # Thread-safe collection of all HTTPX clients
             @clients = []
@@ -489,67 +489,64 @@ def extract_resource_metadata_url(response)
           end
 
           def handle_authentication_challenge(response, request_id, original_message)
-            # If we've already attempted auth retry, don't try again (prevent infinite loop)
-            if @auth_retry_attempted
-              RubyLLM::MCP.logger.warn("Authentication retry already attempted, raising error")
-              @auth_retry_attempted = false # Reset for next request
-              raise Errors::AuthenticationRequiredError.new(
-                message: "OAuth authentication required (401 Unauthorized) - retry failed"
-              )
-            end
-
-            # No OAuth provider configured - can't handle challenge
-            unless @oauth_provider
-              raise Errors::AuthenticationRequiredError.new(
-                message: "OAuth authentication required (401 Unauthorized) but no OAuth provider configured"
-              )
-            end
+            check_retry_guard!
+            check_oauth_provider_configured!
 
             RubyLLM::MCP.logger.info("Received 401 Unauthorized, attempting automatic authentication")
 
-            # Extract challenge information from response
             www_authenticate = response.headers["www-authenticate"]
             resource_metadata_url = extract_resource_metadata_url(response)
 
-            begin
-              # Set flag to prevent infinite retry loop
-              @auth_retry_attempted = true
-
-              # Ask OAuth provider to handle the challenge
-              success = @oauth_provider.handle_authentication_challenge(
-                www_authenticate: www_authenticate,
-                resource_metadata_url: resource_metadata_url&.to_s,
-                requested_scope: nil
-              )
+            attempt_authentication_retry(www_authenticate, resource_metadata_url, request_id, original_message)
+          end
 
-              if success
-                RubyLLM::MCP.logger.info("Authentication challenge handled successfully, retrying request")
+          def check_retry_guard!
+            return unless @auth_retry_attempted
 
-                # Retry the original request with new auth (flag stays true to prevent loop)
-                result = send_http_request(original_message, request_id, is_initialization: false)
+            RubyLLM::MCP.logger.warn("Authentication retry already attempted, raising error")
+            @auth_retry_attempted = false
+            raise Errors::AuthenticationRequiredError.new(
+              message: "OAuth authentication required (401 Unauthorized) - retry failed"
+            )
+          end
 
-                # Only reset flag after successful retry
-                @auth_retry_attempted = false
-                return result
-              end
-            rescue Errors::AuthenticationRequiredError => e
-              # Reset flag and re-raise
-              @auth_retry_attempted = false
-              raise e
-            rescue StandardError => e
-              # Reset flag and wrap error
+          def check_oauth_provider_configured!
+            return if @oauth_provider
+
+            raise Errors::AuthenticationRequiredError.new(
+              message: "OAuth authentication required (401 Unauthorized) but no OAuth provider configured"
+            )
+          end
+
+          def attempt_authentication_retry(www_authenticate, resource_metadata_url, request_id, original_message)
+            @auth_retry_attempted = true
+
+            success = @oauth_provider.handle_authentication_challenge(
+              www_authenticate: www_authenticate,
+              resource_metadata_url: resource_metadata_url&.to_s,
+              requested_scope: nil
+            )
+
+            if success
+              RubyLLM::MCP.logger.info("Authentication challenge handled successfully, retrying request")
+              result = send_http_request(original_message, request_id, is_initialization: false)
               @auth_retry_attempted = false
-              RubyLLM::MCP.logger.error("Authentication challenge handling failed: #{e.message}")
-              raise Errors::AuthenticationRequiredError.new(
-                message: "OAuth authentication failed: #{e.message}"
-              )
+              return result
             end
 
-            # If we get here, authentication didn't succeed
             @auth_retry_attempted = false
             raise Errors::AuthenticationRequiredError.new(
               message: "OAuth authentication required (401 Unauthorized)"
             )
+          rescue Errors::AuthenticationRequiredError => e
+            @auth_retry_attempted = false
+            raise e
+          rescue StandardError => e
+            @auth_retry_attempted = false
+            RubyLLM::MCP.logger.error("Authentication challenge handling failed: #{e.message}")
+            raise Errors::AuthenticationRequiredError.new(
+              message: "OAuth authentication failed: #{e.message}"
+            )
           end
 
           def start_sse_stream(options = StartSSEOptions.new)
diff --git a/spec/ruby_llm/mcp/auth/browser_oauth_provider_spec.rb b/spec/ruby_llm/mcp/auth/browser_oauth_provider_spec.rb
@@ -1238,20 +1238,19 @@
       before do
         allow(oauth_provider).to receive(:handle_authentication_challenge)
           .and_raise(RubyLLM::MCP::Errors::AuthenticationRequiredError.new(message: "Interactive auth required"))
-        allow(oauth_provider).to receive(:start_authorization_flow).and_return(auth_url)
         allow(TCPServer).to receive(:new).and_return(tcp_server)
         allow(tcp_server).to receive(:close)
-        allow(tcp_server).to receive(:closed?).and_return(false)
         allow(tcp_server).to receive(:wait_readable).and_return(true, false)
-        allow(tcp_server).to receive(:accept).and_return(client_socket)
+        allow(tcp_server).to receive_messages(closed?: false, accept: client_socket)
         allow(client_socket).to receive(:setsockopt)
         allow(client_socket).to receive(:gets).and_return(
           "GET /callback?code=test&state=test HTTP/1.1\r\n",
           "\r\n"
         )
         allow(client_socket).to receive(:write)
         allow(client_socket).to receive(:close)
-        allow(oauth_provider).to receive(:complete_authorization_flow).and_return(token)
+        allow(oauth_provider).to receive_messages(start_authorization_flow: auth_url,
+                                                  complete_authorization_flow: token)
       end
 
       it "falls back to browser-based authentication" do
diff --git a/spec/ruby_llm/mcp/native/transport_spec.rb b/spec/ruby_llm/mcp/native/transport_spec.rb
diff --git a/spec/ruby_llm/mcp/native/transports/sse_spec.rb b/spec/ruby_llm/mcp/native/transports/sse_spec.rb
