( serverName: string, serverConfig: McpSSEServerConfig | McpHTTPServerConfig, )
| 347 | * /mcp to authenticate. |
| 348 | */ |
| 349 | export function hasMcpDiscoveryButNoToken( |
| 350 | serverName: string, |
| 351 | serverConfig: McpSSEServerConfig | McpHTTPServerConfig, |
| 352 | ): boolean { |
| 353 | // XAA servers can silently re-auth via cached id_token even without an |
| 354 | // access/refresh token — tokens() fires the xaaRefresh path. Skipping the |
| 355 | // connection here would make that auto-auth branch unreachable after |
| 356 | // invalidateCredentials('tokens') clears the stored tokens. |
| 357 | if (isXaaEnabled() && serverConfig.oauth?.xaa) { |
| 358 | return false |
| 359 | } |
| 360 | const serverKey = getServerKey(serverName, serverConfig) |
| 361 | const entry = getSecureStorage().read()?.mcpOAuth?.[serverKey] |
| 362 | return entry !== undefined && !entry.accessToken && !entry.refreshToken |
| 363 | } |
| 364 | |
| 365 | /** |
| 366 | * Revokes a single token on the OAuth server. |
no test coverage detected