packages/api/src/mcp/__tests__/detectOAuth.integration.dev.ts

// Integration tests for OAuth detection against real public MCP servers
// These tests verify the actual behavior against live endpoints
//
// DEVELOPMENT ONLY: This file is excluded from the test suite (.dev.ts extension)
// Use this for development and debugging OAuth detection behavior
//
// To run manually from packages/api directory:
//   npx jest --testMatch="**/detectOAuth.integration.dev.ts"

import { detectOAuthRequirement } from '~/mcp/oauth';

describe('OAuth Detection Integration Tests', () => {
  const NETWORK_TIMEOUT = 10000;

  interface TestServer {
    name: string;
    url: string;
    expectedOAuth: boolean;
    expectedMethod: string;
    withMeta: boolean;
  }

  const testServers: TestServer[] = [
    {
      name: 'GitHub Copilot MCP Server',
      url: 'https://api.githubcopilot.com/mcp',
      expectedOAuth: true,
      expectedMethod: 'protected-resource-metadata',
      withMeta: true,
    },
    {
      name: 'GitHub API (401 without metadata)',
      url: 'https://api.github.com/user',
      expectedOAuth: true,
      expectedMethod: 'no-metadata-found',
      withMeta: false,
    },
    {
      name: 'Stytch Todo MCP Server',
      url: 'https://mcp-stytch-consumer-todo-list.maxwell-gerber42.workers.dev',
      expectedOAuth: true,
      expectedMethod: 'protected-resource-metadata',
      withMeta: true,
    },
    {
      name: 'StackOverflow MCP (HEAD=405, POST=401+Bearer)',
      url: 'https://mcp.stackoverflow.com',
      expectedOAuth: true,
      expectedMethod: '401-challenge-metadata',
      withMeta: false,
    },
    {
      name: 'HTTPBin (Non-OAuth)',
      url: 'https://httpbin.org',
      expectedOAuth: false,
      expectedMethod: 'no-metadata-found',
      withMeta: false,
    },
    {
      name: 'Unreachable Server',
      url: 'https://definitely-not-a-real-server-12345.com',
      expectedOAuth: false,
      expectedMethod: 'no-metadata-found',
      withMeta: false,
    },
  ];

  describe('detectOAuthRequirement integration', () => {
    testServers.forEach((server) => {
      it(
        `should handle ${server.name}`,
        async () => {
          const result = await detectOAuthRequirement(server.url);

          expect(result.requiresOAuth).toBe(server.expectedOAuth);
          expect(result.method).toBe(server.expectedMethod);
          expect(result.metadata == null).toBe(!server.withMeta);
        },
        NETWORK_TIMEOUT,
      );
    });
  });
});