Skip to content

Commit 03bcc2e

Browse files
EpochexEpochex
committed
test(oauth): keep resource off refresh tokens
1 parent 1c96a05 commit 03bcc2e

1 file changed

Lines changed: 1 addition & 30 deletions

File tree

tests/client/test_auth.py

Lines changed: 1 addition & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -649,35 +649,6 @@ async def test_refresh_token_request(self, oauth_provider: OAuthClientProvider,
649649
assert "client_id=test_client" in content
650650
assert "client_secret=test_secret" in content
651651

652-
@pytest.mark.anyio
653-
async def test_refresh_token_request_omits_resource_even_when_required_by_protocol(
654-
self, client_metadata: OAuthClientMetadata, mock_storage: MockTokenStorage
655-
) -> None:
656-
"""refresh_token request should not include RFC8707 resource parameter."""
657-
provider = OAuthClientProvider(
658-
server_url="https://api.example.com/v1/mcp",
659-
client_metadata=client_metadata,
660-
storage=mock_storage,
661-
)
662-
provider._initialized = True
663-
provider.context.protocol_version = "2025-06-18"
664-
provider.context.current_tokens = OAuthToken(
665-
access_token="test_access_token",
666-
token_type="Bearer",
667-
expires_in=3600,
668-
refresh_token="test_refresh_token",
669-
)
670-
provider.context.client_info = OAuthClientInformationFull(
671-
client_id="test_client",
672-
client_secret="test_secret",
673-
redirect_uris=[AnyUrl("http://localhost:3030/callback")],
674-
token_endpoint_auth_method="client_secret_post",
675-
)
676-
677-
request = await provider._refresh_token()
678-
content = request.content.decode()
679-
assert "resource=" not in content
680-
681652
@pytest.mark.anyio
682653
async def test_basic_auth_token_exchange(self, oauth_provider: OAuthClientProvider):
683654
"""Test token exchange with client_secret_basic authentication."""
@@ -817,7 +788,7 @@ async def test_resource_param_included_with_recent_protocol_version(self, oauth_
817788
)
818789
refresh_request = await oauth_provider._refresh_token()
819790
refresh_content = refresh_request.content.decode()
820-
assert "resource=" in refresh_content
791+
assert "resource=" not in refresh_content
821792

822793
@pytest.mark.anyio
823794
async def test_resource_param_excluded_with_old_protocol_version(self, oauth_provider: OAuthClientProvider):

0 commit comments

Comments
 (0)