fix: Disable Progressive Consent for mcp-oauth to enable Hybrid Flow tests

The test_adr004_hybrid_flow test expects Hybrid Flow mode where the MCP
server intercepts OAuth callbacks and stores refresh tokens. However,
ENABLE_PROGRESSIVE_CONSENT defaults to true, which causes the IdP to
redirect directly to the client, bypassing the MCP server callback.

This resulted in timeouts waiting for MCP authorization codes that never
arrived because the OAuth flow completed without server interception.

Sets ENABLE_PROGRESSIVE_CONSENT=false for mcp-oauth service to enable
Hybrid Flow mode for ADR-004 testing.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Chris Coutinho
2025-11-03 17:17:21 +01:00
committed by Chris Coutinho
parent 027fc0b2d6
commit 64864db736
+4
View File
@@ -103,6 +103,10 @@ services:
- TOKEN_ENCRYPTION_KEY=ESF1BvEQdGYsCluwMx9Cxvw3uh5pFowPH7Rg_nIliyo=
- TOKEN_STORAGE_DB=/app/data/tokens.db
# ADR-004: Use Hybrid Flow (server intercepts OAuth callback)
# Set to false to enable Hybrid Flow tests - server stores refresh token and issues MCP codes
- ENABLE_PROGRESSIVE_CONSENT=false
# NO admin credentials - using OAuth with Dynamic Client Registration (DCR)
# Client credentials registered via RFC 7591 and stored in volume
# JWT token type is used for testing (faster validation, scopes embedded in token)