Skip to content

Comments

feat: add pre-registration conformance test#120

Merged
pcarleton merged 3 commits intomainfrom
feat/pre-registration-tests
Jan 23, 2026
Merged

feat: add pre-registration conformance test#120
pcarleton merged 3 commits intomainfrom
feat/pre-registration-tests

Conversation

@pcarleton
Copy link
Member

@pcarleton pcarleton commented Jan 23, 2026

Summary

Add conformance test for OAuth pre-registration flow where the server does NOT support Dynamic Client Registration (DCR) and clients must use pre-configured static credentials.

This addresses issue #34 (Client Registration Methods) - specifically the pre-registration section that was previously not covered.

Changes

  • Add disableDynamicRegistration option to createAuthServer helper
  • Add auth/pre-registration scenario with pre-registered client credentials
  • Add MCP_PREREGISTRATION spec reference
  • Add context schema for pre-registration credentials
  • Add withOAuthRetryWithProvider helper for pre-configured providers
  • Add negative test client (auth-test-attempts-dcr.ts) that ignores pre-registered credentials and fails

How it works

The scenario:

  1. Configures server with disableDynamicRegistration: true (no registration_endpoint in OAuth metadata)
  2. Passes pre-registered client_id and client_secret via context
  3. Validates client uses correct credentials at token endpoint via Basic auth
  4. Fails if client doesn't make a token request (e.g., tries DCR and fails)

Testing

# Run the pre-registration test
node dist/index.js client \
  --command 'npx tsx examples/clients/typescript/everything-client.ts' \
  --scenario auth/pre-registration

# Run the negative test (should fail)
node dist/index.js client \
  --command 'npx tsx examples/clients/typescript/auth-test-attempts-dcr.ts' \
  --scenario auth/pre-registration

Closes #34

@pcarleton
feat: add pre-registration conformance test
b579483 
Add conformance test for OAuth pre-registration flow where the server
does NOT support Dynamic Client Registration (DCR) and clients must
use pre-configured static credentials.

This addresses issue #34 (Client Registration Methods) - specifically
the pre-registration section that was previously not covered.

Changes:
- Add disableDynamicRegistration option to createAuthServer helper
- Add auth/pre-registration scenario with pre-registered client creds
- Add MCP_PREREGISTRATION spec reference
- Add context schema for pre-registration credentials
- Add withOAuthRetryWithProvider helper for pre-configured providers
- Add negative test client (auth-test-attempts-dcr.ts) that ignores
  pre-registered credentials and fails

The scenario verifies that when a server does not advertise
registration_endpoint in its OAuth metadata, compliant clients
use pre-registered credentials passed via context instead of
attempting DCR.

Closes #34
@pkg-pr-new
Copy link

pkg-pr-new bot commented Jan 23, 2026
edited
Loading

Open in StackBlitz

npx https://pkg.pr.new/modelcontextprotocol/conformance/@modelcontextprotocol/conformance@120

commit: a8bbf89

@pcarleton pcarleton merged commit 245e44e into main Jan 23, 2026
8 checks passed
@pcarleton pcarleton deleted the feat/pre-registration-tests branch January 23, 2026 11:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Client Auth: Client Registration Methods

1 participant

@pcarleton