cardosofelipe/fast-next-template
Template
1
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Add OAuth provider mode and MCP integration

Browse Source 
- Introduced full OAuth 2.0 Authorization Server functionality for MCP clients.
- Updated documentation with details on endpoints, scopes, and consent management.
- Added a new frontend OAuth consent page for user authorization flows.
- Implemented database models for authorization codes, refresh tokens, and user consents.
- Created unit tests for service methods (PKCE verification, client validation, scope handling).
- Included comprehensive integration tests for OAuth provider workflows.
This commit is contained in:
Felipe Cardoso
2025-11-25 23:18:19 +01:00
parent fbb030da69
commit 48f052200f
12 changed files with 3335 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
backend/tests/api/test_oauth.py
View File

@@ -344,8 +344,8 @@ class TestOAuthProviderEndpoints:
assert response.status_code == 404
@pytest.mark.asyncio
async def test_provider_authorize_skeleton(self, client, async_test_db):
"""Test provider authorize returns not implemented (skeleton)."""
async def test_provider_authorize_requires_auth(self, client, async_test_db):
"""Test provider authorize requires authentication."""
_test_engine, AsyncTestingSessionLocal = async_test_db
# Create a test client
@@ -374,12 +374,12 @@ class TestOAuthProviderEndpoints:
"redirect_uri": "http://localhost:3000/callback",
},
)
# Should return 501 Not Implemented (skeleton)
assert response.status_code == 501
# Authorize endpoint requires authentication
assert response.status_code == 401
@pytest.mark.asyncio
async def test_provider_token_skeleton(self, client):
"""Test provider token returns not implemented (skeleton)."""
async def test_provider_token_requires_client_id(self, client):
"""Test provider token requires client_id."""
with patch("app.api.routes.oauth_provider.settings") as mock_settings:
mock_settings.OAUTH_PROVIDER_ENABLED = True
@@ -390,5 +390,5 @@ class TestOAuthProviderEndpoints:
"code": "test_code",
},
)
# Should return 501 Not Implemented (skeleton)
assert response.status_code == 501
# Missing client_id returns 401 (invalid_client)
assert response.status_code == 401