Merge main into feature/web-search

Author: aws-toolkit-automation

.release-please-manifest.json

@@ -2,7 +2,7 @@
     "chat-client": "0.1.47",
     "core/aws-lsp-core": "0.0.20",
     "server/aws-lsp-antlr4": "0.1.24",
-    "server/aws-lsp-codewhisperer": "0.0.103",
+    "server/aws-lsp-codewhisperer": "0.0.104",
     "server/aws-lsp-json": "0.1.25",
     "server/aws-lsp-partiql": "0.0.22",
     "server/aws-lsp-yaml": "0.1.25"

integration-tests/atx-transform-server/src/tests/atxTransformInteg.test.ts

@@ -59,14 +59,18 @@ describe('ATX .NET Transform Integration Tests', () => {
     const TOKEN_REFRESH_INTERVAL_MS = 25 * 60 * 1000
 
     async function refreshToken(): Promise<void> {
-        console.log('[Token Refresh] Refreshing SSO token...')
-        testSsoToken = refreshTokenFromSecretsManager()
-        await client.sendRequest('aws/credentials/token/update', {
-            data: { token: testSsoToken },
-            credentialkey: 'atx-bearer',
-            metadata: { sso: { startUrl } },
-        })
-        console.log('[Token Refresh] Token updated successfully')
+        try {
+            console.log('[Token Refresh] Refreshing SSO token...')
+            testSsoToken = refreshTokenFromSecretsManager()
+            await client.sendRequest('aws/credentials/token/update', {
+                data: { token: testSsoToken },
+                credentialkey: 'atx-bearer',
+                metadata: { sso: { startUrl } },
+            })
+            console.log('[Token Refresh] Token updated successfully')
+        } catch (error) {
+            console.error('[Token Refresh] Failed:', error)
+        }
     }
 
     function buildStartTransformRequest(jobName: string, sourceFiles: string[]) {
@@ -211,7 +215,9 @@ describe('ATX .NET Transform Integration Tests', () => {
             console.log(`Poll ${i + 1}: Status = ${jobStatus}`)
 
             if (jobStatus === 'FAILED') {
-                console.log('FAILED - Reason:', job.FailureReason || result?.ErrorString || 'unknown')
+                const reason = job.FailureReason || result?.ErrorString || 'unknown'
+                console.log('FAILED - Reason:', reason)
+                throw new Error(`Job failed: ${reason}`)
             }
 
             if (jobStatus === 'AWAITING_HUMAN_INPUT' && planPath) break

package-lock.json

@@ -1,5 +1,16 @@
 # Changelog
 
+## [0.0.104](https://github.com/aws/language-servers/compare/lsp-codewhisperer/v0.0.103...lsp-codewhisperer/v0.0.104) (2026-02-05)
+
+
+### Bug Fixes
+
+* add OAuth client support to MCP manager ([#2607](https://github.com/aws/language-servers/issues/2607)) ([81c1e08](https://github.com/aws/language-servers/commit/81c1e089750e90efb4ea302279a915b08eddc0ad))
+* Add optional `x-amzn-qt-test-id` header to ATX Transform API requests for test traffic classification.   ([#2602](https://github.com/aws/language-servers/issues/2602)) ([2321687](https://github.com/aws/language-servers/commit/2321687b1b6ae7e5c4fdc9fcd15792cd54f138c9))
+* add programming language to chatInteractWithMessageEvent ([#2605](https://github.com/aws/language-servers/issues/2605)) ([af86c21](https://github.com/aws/language-servers/commit/af86c218af8f904a806ca43c8695fcb6053e347c))
+* **amazonq:** disable WCS feature by default ([#2604](https://github.com/aws/language-servers/issues/2604)) ([990f727](https://github.com/aws/language-servers/commit/990f7273d39925beba46035597a7d84983eff19f))
+* **amazonq:** fix for tool permissions in allowed paths per tool ([#2601](https://github.com/aws/language-servers/issues/2601)) ([01ea0d7](https://github.com/aws/language-servers/commit/01ea0d74404baae14462e5557f488b22085bb8d3))
+
 ## [0.0.103](https://github.com/aws/language-servers/compare/lsp-codewhisperer/v0.0.102...lsp-codewhisperer/v0.0.103) (2026-01-26)
 
 

server/aws-lsp-codewhisperer/CHANGELOG.md

@@ -1,6 +1,6 @@
 {
     "name": "@aws/lsp-codewhisperer",
-    "version": "0.0.103",
+    "version": "0.0.104",
     "description": "CodeWhisperer Language Server",
     "main": "out/index.js",
     "repository": {

server/aws-lsp-codewhisperer/package.json

@@ -518,7 +518,21 @@ export class McpManager {
                         try {
                             const headResp = await fetch(base, { method: 'HEAD', headers })
                             const www = headResp.headers.get('www-authenticate') || ''
-                            needsOAuth = headResp.status === 401 || headResp.status === 403 || /bearer/i.test(www)
+                            this.features.logging.info(`MCP: HEAD response status: ${headResp.status}`)
+
+                            if (headResp.status === 401 || headResp.status === 403 || /bearer/i.test(www)) {
+                                needsOAuth = true
+                                this.features.logging.info(`MCP: OAuth detected via HEAD (${headResp.status})`)
+                            } else if (headResp.status === 405 || headResp.status === 404) {
+                                // HEAD not supported (405) or endpoint not found for HEAD (404), try POST-based OAuth detection
+                                this.features.logging.info(
+                                    `MCP: HEAD returned ${headResp.status}, trying POST-based OAuth detection`
+                                )
+                                needsOAuth = await this.detectOAuthFromPostError(base, headers)
+                                if (needsOAuth) {
+                                    this.features.logging.info(`MCP: OAuth detected via POST error`)
+                                }
+                            }
                         } catch {
                             this.features.logging.info(`MCP: HEAD not available`)
                         }
@@ -1489,6 +1503,30 @@ export class McpManager {
         return Array.from(serverNames)
     }
 
+    /**
+     * Detect OAuth requirement from POST error response
+     * Used when HEAD method returns 405 (Method Not Allowed)
+     */
+    private async detectOAuthFromPostError(url: URL, headers: Record<string, string>): Promise<boolean> {
+        try {
+            const testPayload = { jsonrpc: '2.0', method: 'initialize', id: 1 }
+            const response = await fetch(url, {
+                method: 'POST',
+                headers: { ...headers, 'Content-Type': 'application/json' },
+                body: JSON.stringify(testPayload),
+            })
+
+            if (response.status === 401) {
+                const errorText = await response.text()
+                // Check for OAuth-related error messages
+                return /bearer|token|auth|missing.*auth/i.test(errorText)
+            }
+        } catch (e) {
+            // Ignore errors, assume no OAuth required
+        }
+        return false
+    }
+
     /**
      * Get all builtin tool names
      */

server/aws-lsp-codewhisperer/src/language-server/agenticChat/tools/mcp/mcpManager.ts

@@ -141,6 +141,12 @@ export class ATXTransformHandler {
                 }
                 args.request.headers['Authorization'] = `Bearer ${bearerToken}`
 
+                // Add test classification header if running in test mode
+                const testId = process.env.ATX_TEST_ID
+                if (testId) {
+                    args.request.headers['x-amzn-qt-test-id'] = testId
+                }
+
                 if (applicationUrl) {
                     const cleanOrigin = applicationUrl.endsWith('/') ? applicationUrl.slice(0, -1) : applicationUrl
                     args.request.headers['Origin'] = cleanOrigin