From b20c9c6203560afd1d2d43a58cea0afcff90c2e2 Mon Sep 17 00:00:00 2001
From: Chris Coutinho <chris@coutinho.io>
Date: Tue, 4 Nov 2025 00:29:49 +0100
Subject: [PATCH] fix: remove remaining references to deleted oauth_callback
 and oauth_token
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes import errors in MCP servers by removing references to the deleted
Hybrid Flow functions (oauth_callback and oauth_token).

Changes:
- Remove oauth_callback and oauth_token from imports in app.py
- Remove route registrations for /oauth/callback and /oauth/token
- Update comments to reference Progressive Consent Flow 1

This fixes the container restart loop caused by ImportError.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 nextcloud_mcp_server/app.py | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

diff --git a/nextcloud_mcp_server/app.py b/nextcloud_mcp_server/app.py
index 9a98d14..da5835d 100644
--- a/nextcloud_mcp_server/app.py
+++ b/nextcloud_mcp_server/app.py
@@ -915,12 +915,8 @@ def get_app(transport: str = "sse", enabled_apps: list[str] | None = None):
     logger.info("Health check endpoints enabled: /health/live, /health/ready")
 
     if oauth_enabled:
-        # Import OAuth routes (ADR-004 Hybrid Flow)
-        from nextcloud_mcp_server.auth.oauth_routes import (
-            oauth_authorize,
-            oauth_callback,
-            oauth_token,
-        )
+        # Import OAuth routes (ADR-004 Progressive Consent)
+        from nextcloud_mcp_server.auth.oauth_routes import oauth_authorize
 
         def oauth_protected_resource_metadata(request):
             """RFC 9728 Protected Resource Metadata endpoint.
@@ -976,13 +972,9 @@ def get_app(transport: str = "sse", enabled_apps: list[str] | None = None):
             "Protected Resource Metadata (PRM) endpoints enabled (path-based + root)"
         )
 
-        # Add OAuth login routes (ADR-004 Hybrid Flow)
+        # Add OAuth login routes (ADR-004 Progressive Consent Flow 1)
         routes.append(Route("/oauth/authorize", oauth_authorize, methods=["GET"]))
-        routes.append(Route("/oauth/callback", oauth_callback, methods=["GET"]))
-        routes.append(Route("/oauth/token", oauth_token, methods=["POST"]))
-        logger.info(
-            "OAuth login routes enabled: /oauth/authorize, /oauth/callback, /oauth/token"
-        )
+        logger.info("OAuth login routes enabled: /oauth/authorize (Flow 1)")
 
     # Add browser OAuth login routes (OAuth mode only)
     if oauth_enabled: