@@ -232,7 +232,7 @@ describe("OAuth Authorization", () => {
232232 ok : false ,
233233 status : 404 ,
234234 } ) ;
235-
235+
236236 // Second call (root fallback) succeeds
237237 mockFetch . mockResolvedValueOnce ( {
238238 ok : true ,
@@ -242,17 +242,17 @@ describe("OAuth Authorization", () => {
242242
243243 const metadata = await discoverOAuthMetadata ( "https://auth.example.com/path/name" ) ;
244244 expect ( metadata ) . toEqual ( validMetadata ) ;
245-
245+
246246 const calls = mockFetch . mock . calls ;
247247 expect ( calls . length ) . toBe ( 2 ) ;
248-
248+
249249 // First call should be path-aware
250250 const [ firstUrl , firstOptions ] = calls [ 0 ] ;
251251 expect ( firstUrl . toString ( ) ) . toBe ( "https://auth.example.com/.well-known/oauth-authorization-server/path/name" ) ;
252252 expect ( firstOptions . headers ) . toEqual ( {
253253 "MCP-Protocol-Version" : LATEST_PROTOCOL_VERSION
254254 } ) ;
255-
255+
256256 // Second call should be root fallback
257257 const [ secondUrl , secondOptions ] = calls [ 1 ] ;
258258 expect ( secondUrl . toString ( ) ) . toBe ( "https://auth.example.com/.well-known/oauth-authorization-server" ) ;
@@ -267,7 +267,7 @@ describe("OAuth Authorization", () => {
267267 ok : false ,
268268 status : 404 ,
269269 } ) ;
270-
270+
271271 // Second call (root fallback) also returns 404
272272 mockFetch . mockResolvedValueOnce ( {
273273 ok : false ,
@@ -276,7 +276,7 @@ describe("OAuth Authorization", () => {
276276
277277 const metadata = await discoverOAuthMetadata ( "https://auth.example.com/path/name" ) ;
278278 expect ( metadata ) . toBeUndefined ( ) ;
279-
279+
280280 const calls = mockFetch . mock . calls ;
281281 expect ( calls . length ) . toBe ( 2 ) ;
282282 } ) ;
@@ -290,10 +290,10 @@ describe("OAuth Authorization", () => {
290290
291291 const metadata = await discoverOAuthMetadata ( "https://auth.example.com/" ) ;
292292 expect ( metadata ) . toBeUndefined ( ) ;
293-
293+
294294 const calls = mockFetch . mock . calls ;
295295 expect ( calls . length ) . toBe ( 1 ) ; // Should not attempt fallback
296-
296+
297297 const [ url ] = calls [ 0 ] ;
298298 expect ( url . toString ( ) ) . toBe ( "https://auth.example.com/.well-known/oauth-authorization-server" ) ;
299299 } ) ;
@@ -307,24 +307,24 @@ describe("OAuth Authorization", () => {
307307
308308 const metadata = await discoverOAuthMetadata ( "https://auth.example.com" ) ;
309309 expect ( metadata ) . toBeUndefined ( ) ;
310-
310+
311311 const calls = mockFetch . mock . calls ;
312312 expect ( calls . length ) . toBe ( 1 ) ; // Should not attempt fallback
313-
313+
314314 const [ url ] = calls [ 0 ] ;
315315 expect ( url . toString ( ) ) . toBe ( "https://auth.example.com/.well-known/oauth-authorization-server" ) ;
316316 } ) ;
317317
318318 it ( "falls back when path-aware discovery encounters CORS error" , async ( ) => {
319319 // First call (path-aware) fails with TypeError (CORS)
320320 mockFetch . mockImplementationOnce ( ( ) => Promise . reject ( new TypeError ( "CORS error" ) ) ) ;
321-
321+
322322 // Retry path-aware without headers (simulating CORS retry)
323323 mockFetch . mockResolvedValueOnce ( {
324324 ok : false ,
325325 status : 404 ,
326326 } ) ;
327-
327+
328328 // Second call (root fallback) succeeds
329329 mockFetch . mockResolvedValueOnce ( {
330330 ok : true ,
@@ -334,10 +334,10 @@ describe("OAuth Authorization", () => {
334334
335335 const metadata = await discoverOAuthMetadata ( "https://auth.example.com/deep/path" ) ;
336336 expect ( metadata ) . toEqual ( validMetadata ) ;
337-
337+
338338 const calls = mockFetch . mock . calls ;
339339 expect ( calls . length ) . toBe ( 3 ) ;
340-
340+
341341 // Final call should be root fallback
342342 const [ lastUrl , lastOptions ] = calls [ 2 ] ;
343343 expect ( lastUrl . toString ( ) ) . toBe ( "https://auth.example.com/.well-known/oauth-authorization-server" ) ;
@@ -645,9 +645,9 @@ describe("OAuth Authorization", () => {
645645 authorizationCode : "code123" ,
646646 codeVerifier : "verifier123" ,
647647 redirectUri : "http://localhost:3000/callback" ,
648- addClientAuthentication : ( url : URL , headers : Headers , params : URLSearchParams ) => {
648+ addClientAuthentication : ( headers : Headers , params : URLSearchParams , url : string | URL ) => {
649649 headers . set ( "Authorization" , "Basic " + btoa ( validClientInfo . client_id + ":" + validClientInfo . client_secret ) ) ;
650- params . set ( "example_url" , url . toString ( ) ) ;
650+ params . set ( "example_url" , typeof url === 'string' ? url : url . toString ( ) ) ;
651651 params . set ( "example_param" , "example_value" ) ;
652652 } ,
653653 } ) ;
@@ -671,7 +671,7 @@ describe("OAuth Authorization", () => {
671671 expect ( body . get ( "code_verifier" ) ) . toBe ( "verifier123" ) ;
672672 expect ( body . get ( "client_id" ) ) . toBeNull ( ) ;
673673 expect ( body . get ( "redirect_uri" ) ) . toBe ( "http://localhost:3000/callback" ) ;
674- expect ( body . get ( "example_url" ) ) . toBe ( "https://auth.example.com/token " ) ;
674+ expect ( body . get ( "example_url" ) ) . toBe ( "https://auth.example.com" ) ;
675675 expect ( body . get ( "example_param" ) ) . toBe ( "example_value" ) ;
676676 expect ( body . get ( "client_secret" ) ) . toBeNull ( ) ;
677677 } ) ;
@@ -775,9 +775,9 @@ describe("OAuth Authorization", () => {
775775 const tokens = await refreshAuthorization ( "https://auth.example.com" , {
776776 clientInformation : validClientInfo ,
777777 refreshToken : "refresh123" ,
778- addClientAuthentication : ( url : URL , headers : Headers , params : URLSearchParams ) => {
778+ addClientAuthentication : ( headers : Headers , params : URLSearchParams , url : string | URL ) => {
779779 headers . set ( "Authorization" , "Basic " + btoa ( validClientInfo . client_id + ":" + validClientInfo . client_secret ) ) ;
780- params . set ( "example_url" , url . toString ( ) ) ;
780+ params . set ( "example_url" , typeof url === 'string' ? url : url . toString ( ) ) ;
781781 params . set ( "example_param" , "example_value" ) ;
782782 } ,
783783 } ) ;
@@ -799,7 +799,7 @@ describe("OAuth Authorization", () => {
799799 expect ( body . get ( "grant_type" ) ) . toBe ( "refresh_token" ) ;
800800 expect ( body . get ( "refresh_token" ) ) . toBe ( "refresh123" ) ;
801801 expect ( body . get ( "client_id" ) ) . toBeNull ( ) ;
802- expect ( body . get ( "example_url" ) ) . toBe ( "https://auth.example.com/token " ) ;
802+ expect ( body . get ( "example_url" ) ) . toBe ( "https://auth.example.com" ) ;
803803 expect ( body . get ( "example_param" ) ) . toBe ( "example_value" ) ;
804804 expect ( body . get ( "client_secret" ) ) . toBeNull ( ) ;
805805 } ) ;
0 commit comments