refactor: fall back to default grant types for config validation#22
Merged
refactor: fall back to default grant types for config validation#22
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅ 📢 Thoughts on this report? Let us know! |
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds a fallback to default grant types during server config validation and updates tests to cover scenarios when no or invalid grant types are provided.
- Introduce
AuthorizationServerMetadataDefaultswith default grant and response mode lists. - Update
validate_server_configto use defaults whengrant_types_supportedis missing. - Add and rename tests for no grant types and invalid grant types.
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| tests/utils/validate_server_config_test.py | Added tests for missing and invalid grant types, renamed existing test for clarity |
| mcpauth/utils/_validate_server_config.py | Updated validation to fallback to default grant types |
| mcpauth/config.py | Defined new AuthorizationServerMetadataDefaults enum with defaults |
Comments suppressed due to low confidence (2)
mcpauth/config.py:121
- [nitpick] Enum members should follow constant naming conventions (e.g.,
GRANT_TYPES_SUPPORTED) to align with PEP8 and make them easily distinguishable from instance attributes.
grant_types_supported = ["authorization_code", "implicit"]
mcpauth/config.py:122
- [nitpick] You’ve defined a default for
response_modes_supportedbut haven’t applied it invalidate_server_config. Either implement the fallback logic there or remove this default to avoid confusion.
response_modes_supported = ["query", "fragment"]
xiaoyijun
approved these changes
May 22, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
When validating the server's config,
grant_type_supportedshould fall back to["authorization_code", "implicit"]if the value is not present in the provided data. This behavior aligns with the specifications described in mcp-auth/js#27.