PostgreSQL MCP Server

AuthorizationServerDiscovery.test.ts•9.01 KiB

/** * postgres-mcp - Authorization Server Discovery Tests * * Tests for RFC 8414 Authorization Server Metadata discovery. */ import { describe, it, expect, vi, beforeEach, afterEach } from "vitest"; import { AuthorizationServerDiscovery, createAuthServerDiscovery, } from "../AuthorizationServerDiscovery.js"; import { AuthServerDiscoveryError } from "../errors.js"; // Mock global fetch const mockFetch = vi.fn(); global.fetch = mockFetch; describe("AuthorizationServerDiscovery", () => { const defaultConfig = { authServerUrl: "http://localhost:8080/realms/postgres-mcp", }; const validMetadata = { issuer: "http://localhost:8080/realms/postgres-mcp", token_endpoint: "http://localhost:8080/realms/postgres-mcp/protocol/openid-connect/token", jwks_uri: "http://localhost:8080/realms/postgres-mcp/protocol/openid-connect/certs", authorization_endpoint: "http://localhost:8080/realms/postgres-mcp/protocol/openid-connect/auth", registration_endpoint: "http://localhost:8080/realms/postgres-mcp/clients-registrations/openid-connect", grant_types_supported: [ "authorization_code", "client_credentials", "refresh_token", ], }; beforeEach(() => { vi.clearAllMocks(); }); afterEach(() => { vi.useRealTimers(); }); describe("discover", () => { it("should fetch and return authorization server metadata", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve(validMetadata), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); const metadata = await discovery.discover(); expect(metadata.issuer).toBe("http://localhost:8080/realms/postgres-mcp"); expect(metadata.token_endpoint).toBeDefined(); expect(metadata.jwks_uri).toBeDefined(); }); it("should use the correct well-known URL", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve(validMetadata), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); await discovery.discover(); // Just verify correct URL is called - implementation details like signal/headers may vary expect(mockFetch).toHaveBeenCalledTimes(1); const [url] = mockFetch.mock.calls[0] as [string, unknown]; expect(url).toBe( "http://localhost:8080/realms/postgres-mcp/.well-known/oauth-authorization-server", ); }); it("should cache metadata for subsequent calls", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve(validMetadata), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); // First call await discovery.discover(); // Second call - should use cache await discovery.discover(); expect(mockFetch).toHaveBeenCalledTimes(1); }); it("should throw error for HTTP failures", async () => { mockFetch.mockResolvedValueOnce({ ok: false, status: 404, statusText: "Not Found", }); const discovery = new AuthorizationServerDiscovery(defaultConfig); await expect(discovery.discover()).rejects.toThrow( AuthServerDiscoveryError, ); }); it("should throw error for network failures", async () => { mockFetch.mockRejectedValueOnce(new Error("Network error")); const discovery = new AuthorizationServerDiscovery(defaultConfig); await expect(discovery.discover()).rejects.toThrow( AuthServerDiscoveryError, ); }); it("should throw error for invalid metadata (missing issuer)", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ token_endpoint: "something" }), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); await expect(discovery.discover()).rejects.toThrow( AuthServerDiscoveryError, ); }); it("should throw error for invalid metadata (missing token_endpoint)", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ issuer: "something" }), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); await expect(discovery.discover()).rejects.toThrow( AuthServerDiscoveryError, ); }); }); describe("getJwksUri", () => { it("should return JWKS URI from metadata", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve(validMetadata), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); const uri = await discovery.getJwksUri(); expect(uri).toBe( "http://localhost:8080/realms/postgres-mcp/protocol/openid-connect/certs", ); }); it("should throw when metadata has no jwks_uri", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ issuer: validMetadata.issuer, token_endpoint: validMetadata.token_endpoint, // No jwks_uri }), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); await expect(discovery.getJwksUri()).rejects.toThrow( AuthServerDiscoveryError, ); }); }); describe("getTokenEndpoint", () => { it("should return token endpoint from metadata", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve(validMetadata), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); const endpoint = await discovery.getTokenEndpoint(); expect(endpoint).toBe( "http://localhost:8080/realms/postgres-mcp/protocol/openid-connect/token", ); }); }); describe("getRegistrationEndpoint", () => { it("should return registration endpoint when available", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve(validMetadata), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); const endpoint = await discovery.getRegistrationEndpoint(); expect(endpoint).toBeDefined(); }); it("should return undefined when not available", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ issuer: validMetadata.issuer, token_endpoint: validMetadata.token_endpoint, }), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); const endpoint = await discovery.getRegistrationEndpoint(); expect(endpoint).toBeUndefined(); }); }); describe("supportsGrantType", () => { it("should return true for supported grant types", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve(validMetadata), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); expect(await discovery.supportsGrantType("client_credentials")).toBe( true, ); expect(await discovery.supportsGrantType("authorization_code")).toBe( true, ); }); it("should return false for unsupported grant types", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve(validMetadata), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); await discovery.discover(); // Prime the cache mockFetch.mockClear(); expect(await discovery.supportsGrantType("implicit")).toBe(false); expect(mockFetch).not.toHaveBeenCalled(); // Uses cache }); it("should return false when grant_types_supported is missing", async () => { mockFetch.mockResolvedValueOnce({ ok: true, json: () => Promise.resolve({ issuer: validMetadata.issuer, token_endpoint: validMetadata.token_endpoint, }), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); expect(await discovery.supportsGrantType("client_credentials")).toBe( false, ); }); }); describe("invalidateCache", () => { it("should clear the metadata cache", async () => { mockFetch.mockResolvedValue({ ok: true, json: () => Promise.resolve(validMetadata), }); const discovery = new AuthorizationServerDiscovery(defaultConfig); // First call await discovery.discover(); expect(mockFetch).toHaveBeenCalledTimes(1); // Invalidate discovery.invalidateCache(); // Second call - should fetch again await discovery.discover(); expect(mockFetch).toHaveBeenCalledTimes(2); }); }); describe("createAuthServerDiscovery factory", () => { it("should create an AuthorizationServerDiscovery instance", () => { const discovery = createAuthServerDiscovery(defaultConfig); expect(discovery).toBeInstanceOf(AuthorizationServerDiscovery); }); }); });

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/neverinfamous/postgresql-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

AuthorizationServerDiscovery.test.ts•9.01 KiB