diff --git a/apps/server/src/openapi/metadata.test.ts b/apps/server/src/openapi/metadata.test.ts new file mode 100644 index 000000000..ebf622cd6 --- /dev/null +++ b/apps/server/src/openapi/metadata.test.ts @@ -0,0 +1,42 @@ +import { describe, expect, it, vi } from "vitest"; + +const mocks = vi.hoisted(() => ({ + auth: {}, + env: { + APP_URL: "https://rxresu.me", + }, +})); + +vi.mock("@better-auth/oauth-provider", () => ({ + oauthProviderAuthServerMetadata: vi.fn(() => vi.fn(() => Response.json({}))), + oauthProviderOpenIdConfigMetadata: vi.fn(() => vi.fn(() => Response.json({}))), +})); + +vi.mock("@reactive-resume/auth/config", () => ({ + auth: mocks.auth, +})); + +vi.mock("@reactive-resume/env/server", () => ({ + env: mocks.env, +})); + +vi.mock("@reactive-resume/mcp/server-card", () => ({ + buildMcpServerCard: vi.fn(() => ({})), +})); + +vi.mock("../app-version", () => ({ + appVersion: "test", +})); + +describe("handleOAuthProtectedResource", () => { + it("advertises the mounted auth issuer as the authorization server", async () => { + const { handleOAuthProtectedResource } = await import("./metadata"); + + const response = await handleOAuthProtectedResource(); + + await expect(response.json()).resolves.toMatchObject({ + resource: "https://rxresu.me", + authorization_servers: ["https://rxresu.me/api/auth"], + }); + }); +}); diff --git a/apps/server/src/openapi/metadata.ts b/apps/server/src/openapi/metadata.ts index a100133bc..9972a92a4 100644 --- a/apps/server/src/openapi/metadata.ts +++ b/apps/server/src/openapi/metadata.ts @@ -32,7 +32,7 @@ export async function handleOAuthProtectedResource() { const metadata = { resource: env.APP_URL, bearer_methods_supported: ["header"], - authorization_servers: [env.APP_URL, `${env.APP_URL}/api/auth`], + authorization_servers: [`${env.APP_URL}/api/auth`], }; return Response.json(metadata, {