MCPcopy
hub / github.com/github/github-mcp-server / TestSendAuthChallenge

Function TestSendAuthChallenge

pkg/http/middleware/token_test.go:263–321  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

261}
262
263func TestSendAuthChallenge(t *testing.T) {
264 tests := []struct {
265 name string
266 oauthCfg *oauth.Config
267 requestPath string
268 expectedContains []string
269 }{
270 {
271 name: "with base URL configured",
272 oauthCfg: &oauth.Config{
273 BaseURL: "https://mcp.example.com",
274 },
275 requestPath: "/api/test",
276 expectedContains: []string{
277 "Bearer",
278 "resource_metadata=",
279 "https://mcp.example.com/.well-known/oauth-protected-resource",
280 },
281 },
282 {
283 name: "with nil config uses request host",
284 oauthCfg: nil,
285 requestPath: "/api/test",
286 expectedContains: []string{
287 "Bearer",
288 "resource_metadata=",
289 "/.well-known/oauth-protected-resource",
290 },
291 },
292 {
293 name: "with resource path configured",
294 oauthCfg: &oauth.Config{
295 BaseURL: "https://mcp.example.com",
296 ResourcePath: "/mcp",
297 },
298 requestPath: "/api/test",
299 expectedContains: []string{
300 "Bearer",
301 "resource_metadata=",
302 "/mcp",
303 },
304 },
305 }
306
307 for _, tt := range tests {
308 t.Run(tt.name, func(t *testing.T) {
309 rr := httptest.NewRecorder()
310 req := httptest.NewRequest(http.MethodGet, tt.requestPath, nil)
311
312 sendAuthChallenge(rr, req, tt.oauthCfg)
313
314 assert.Equal(t, http.StatusUnauthorized, rr.Code)
315 wwwAuth := rr.Header().Get("WWW-Authenticate")
316 for _, expected := range tt.expectedContains {
317 assert.Contains(t, wwwAuth, expected)
318 }
319 })
320 }

Callers

nothing calls this directly

Calls 2

sendAuthChallengeFunction · 0.85
HeaderMethod · 0.80

Tested by

no test coverage detected