Trek_CN/server/tests
jubnl 5b44fe68b1
fix(mcp): narrow OAuth scope to allowed intersection instead of rejecting
When a client requests scopes it is not permitted for, silently drop
them rather than failing the entire authorization flow. The token is
issued with only the intersection of requested and allowed scopes.

Also fix /authorize/validate to always return HTTP 200 so the consent
page can surface the actual error_description instead of a generic
axios failure message.
2026-04-09 23:48:05 +02:00
..
fixtures Add comprehensive backend test suite (#339) 2026-04-03 13:17:53 +02:00
helpers test(mcp): add tests for OAuth 2.1, addon gating, and budget reorder 2026-04-09 23:12:59 +02:00
integration fix(mcp): narrow OAuth scope to allowed intersection instead of rejecting 2026-04-09 23:48:05 +02:00
unit test(mcp): add tests for OAuth 2.1, addon gating, and budget reorder 2026-04-09 23:12:59 +02:00
websocket test: expand test suite to 87.3% backend coverage 2026-04-06 20:08:30 +02:00
setup.ts Add comprehensive backend test suite (#339) 2026-04-03 13:17:53 +02:00