mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-17 00:40:14 +01:00
24c76c6cb9
Adds support for MCP servers like StackOverflow that use OAuth but don't provide standard discovery metadata at .well-known endpoints. Changes: - Add fallback OAuth endpoints (/authorize, /token, /register) when discoverAuthorizationServerMetadata returns undefined - Add POST fallback in OAuth detection when HEAD returns non-401 (StackOverflow returns 405 for HEAD, 401 for POST) - Detect OAuth requirement from WWW-Authenticate: Bearer header even without resource_metadata URL - Add fallback /token endpoint for token refresh when metadata discovery fails - Add registration_endpoint to OAuthMetadata type This mirrors the MCP SDK's behavior where it gracefully falls back to default OAuth endpoint paths when .well-known metadata isn't available. Tests: - Add unit tests for detectOAuth.ts (POST fallback, Bearer detection) - Add unit tests for handler.ts (fallback metadata, fallback refresh) - Add StackOverflow to integration test servers Fixes OAuth flow for servers that: - Return 405 for HEAD requests (only support POST) - Return 401 with simple "Bearer" in WWW-Authenticate - Don't have .well-known/oauth-authorization-server endpoint - Use standard /authorize, /token, /register paths |
||
|---|---|---|
| .. | ||
| __tests__ | ||
| agents | ||
| assistants | ||
| edit | ||
| files | ||
| types | ||
| accessPermissions.js | ||
| actions.js | ||
| auth.js | ||
| balance.js | ||
| banner.js | ||
| categories.js | ||
| config.js | ||
| convos.js | ||
| endpoints.js | ||
| index.js | ||
| keys.js | ||
| mcp.js | ||
| memories.js | ||
| messages.js | ||
| models.js | ||
| oauth.js | ||
| plugins.js | ||
| presets.js | ||
| prompts.js | ||
| prompts.test.js | ||
| roles.js | ||
| search.js | ||
| share.js | ||
| static.js | ||
| tags.js | ||
| user.js | ||