From 64864db7365716c26c5a39af1a64824bc9253457 Mon Sep 17 00:00:00 2001 From: Chris Coutinho Date: Mon, 3 Nov 2025 17:17:21 +0100 Subject: [PATCH] fix: Disable Progressive Consent for mcp-oauth to enable Hybrid Flow tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The test_adr004_hybrid_flow test expects Hybrid Flow mode where the MCP server intercepts OAuth callbacks and stores refresh tokens. However, ENABLE_PROGRESSIVE_CONSENT defaults to true, which causes the IdP to redirect directly to the client, bypassing the MCP server callback. This resulted in timeouts waiting for MCP authorization codes that never arrived because the OAuth flow completed without server interception. Sets ENABLE_PROGRESSIVE_CONSENT=false for mcp-oauth service to enable Hybrid Flow mode for ADR-004 testing. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- docker-compose.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 430982e..a7455e7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -103,6 +103,10 @@ services: - TOKEN_ENCRYPTION_KEY=ESF1BvEQdGYsCluwMx9Cxvw3uh5pFowPH7Rg_nIliyo= - TOKEN_STORAGE_DB=/app/data/tokens.db + # ADR-004: Use Hybrid Flow (server intercepts OAuth callback) + # Set to false to enable Hybrid Flow tests - server stores refresh token and issues MCP codes + - ENABLE_PROGRESSIVE_CONSENT=false + # NO admin credentials - using OAuth with Dynamic Client Registration (DCR) # Client credentials registered via RFC 7591 and stored in volume # JWT token type is used for testing (faster validation, scopes embedded in token)