fix: update tests for community server registration visibility

Tests previously asserted community servers were skipped for Desktop
registration when the flag was ON. Now that registration is for OAuth
tab visibility (not lifecycle ownership), tests expect registration
to happen for both catalog and community servers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: saucow

cmd/docker-mcp/server/enable_oauth_test.go

@@ -144,8 +144,9 @@ func TestEnable_OAuthServer_DesktopCommunityFlagOn(t *testing.T) {
 }
 
 // TestEnable_DynamicDiscovery_GatewayOwns verifies that a community remote
-// server without explicit OAuth does not trigger dynamic discovery when
-// Gateway owns OAuth.
+// server without explicit OAuth still triggers dynamic discovery when Gateway
+// owns OAuth. Registration is for OAuth tab visibility — Gateway still owns
+// the authorize/revoke lifecycle.
 func TestEnable_DynamicDiscovery_GatewayOwns(t *testing.T) {
 	ctx, _, docker, dockerCli := setup(t,
 		withEmptyRegistryYaml(),
@@ -158,8 +159,8 @@ func TestEnable_DynamicDiscovery_GatewayOwns(t *testing.T) {
 	err := Enable(ctx, docker, dockerCli, []string{"community-remote"}, true)
 	require.NoError(t, err)
 
-	assert.Empty(t, *discoveryCalls,
-		"Gateway-owned OAuth should not trigger dynamic discovery")
+	assert.Equal(t, []string{"community-remote"}, *discoveryCalls,
+		"Gateway-owned OAuth should still trigger dynamic discovery for OAuth tab visibility")
 }
 
 // Verify the function pointers are wired to the real functions by default.

pkg/workingset/oauth_mixed_mode_test.go

@@ -94,8 +94,8 @@ func TestRegisterOAuthProviders_MixedCatalogAndCommunity_FlagOn(t *testing.T) {
 
 	RegisterOAuthProvidersForServers(context.Background(), servers)
 
-	assert.Equal(t, []string{"catalog-oauth"}, registeredServers,
-		"flag ON: only catalog server should be registered with Desktop")
+	assert.Equal(t, []string{"catalog-oauth", "community-oauth"}, registeredServers,
+		"flag ON: both catalog and community servers should be registered with Desktop for OAuth tab visibility")
 }
 
 // TestRegisterOAuthProviders_MixedCatalogAndCommunity_FlagOff verifies that
@@ -145,8 +145,9 @@ func newCommunityRemoteServer(name, url string) Server {
 }
 
 // TestRegisterOAuthProviders_CommunityDynamicDiscovery_FlagOn verifies that
-// community servers with a URL but no explicit OAuth are NOT registered for
-// dynamic discovery when the McpGatewayOAuth flag is ON (Gateway owns OAuth).
+// community servers with a URL but no explicit OAuth ARE registered for
+// dynamic discovery when the McpGatewayOAuth flag is ON. Registration is for
+// OAuth tab visibility — Gateway still owns the authorize/revoke lifecycle.
 func TestRegisterOAuthProviders_CommunityDynamicDiscovery_FlagOn(t *testing.T) {
 	mockDesktopModeWithGatewayOAuth(t, true)
 
@@ -165,8 +166,8 @@ func TestRegisterOAuthProviders_CommunityDynamicDiscovery_FlagOn(t *testing.T) {
 
 	RegisterOAuthProvidersForServers(context.Background(), servers)
 
-	assert.Empty(t, discoveredServers,
-		"flag ON: community remote server should NOT trigger dynamic discovery (Gateway owns OAuth)")
+	assert.Equal(t, []string{"community-remote"}, discoveredServers,
+		"flag ON: community remote server should trigger dynamic discovery for OAuth tab visibility")
 }
 
 // TestRegisterOAuthProviders_CommunityDynamicDiscovery_FlagOff verifies that