Skip to content

[codex] support OAuth client id negotiation#277

Merged
Rabithua merged 1 commit into
developfrom
codex/oauth-client-id-negotiation
Jul 3, 2026
Merged

[codex] support OAuth client id negotiation#277
Rabithua merged 1 commit into
developfrom
codex/oauth-client-id-negotiation

Conversation

@Rabithua

@Rabithua Rabithua commented Jul 3, 2026

Copy link
Copy Markdown
Owner

Summary

  • Add client-initiated OAuth client resolution for HTTP MCP authorization.
  • Support OAuth Client ID Metadata Document clients and native public reverse-DNS client IDs with private-use redirect URIs.
  • Advertise client_id_metadata_document_supported in authorization server metadata and add coverage to OAuth/MCP tests.
  • Preserve /oauth/authorize?requestId=... through login so unauthenticated HTTP MCP authorization returns to the consent page instead of /home.

Why

Some MCP/OAuth clients begin authorization with a stable client_id before dynamic registration. Previously those requests failed with invalid_client, including native clients using custom redirect schemes.

Unauthenticated users could also lose the original authorization target during login and land on the app home page, which prevented the OAuth consent step from appearing.

Validation

  • cd server && bun run lint
  • cd server && bun run build
  • cd server && POSTGRESQL_URL=postgresql://rote:rote_password_123@localhost:5433/rote TEST_BASE_URL=http://127.0.0.1:3004 bun run tests/oauth-mcp.test.ts
  • cd web && bun run lint
  • cd web && bun run build
  • Browser smoke: unauthenticated /oauth/authorize?requestId=... redirected to /login?redirect=...; after login it returned to /oauth/authorize?requestId=... and displayed 拒绝 / 允许.

@Rabithua Rabithua marked this pull request as ready for review July 3, 2026 05:17
@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@Rabithua Rabithua merged commit e682565 into develop Jul 3, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant