Skip to content

Commit 97d21f9

Browse files
galatanovidiugalatanovidiu
committed
Add authorization header handling in McpTransportIntegrationTest
- Included logic to add the 'Authorization' header from $_SERVER if it is set in multiple request creation methods. - Enhanced test cases to ensure proper handling of authorization in transport requests, improving integration test coverage.
1 parent f263222 commit 97d21f9

File tree

1 file changed

+20
-0
lines changed

1 file changed

+20
-0
lines changed

tests/phpunit/McpTransportIntegrationTest.php

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -240,6 +240,12 @@ private function create_stdio_request( string $method, array $params = array() )
240240
'params' => $params,
241241
) ) );
242242
$request->add_header( 'Content-Type', 'application/json' );
243+
244+
// Include authorization header from $_SERVER if set.
245+
if ( isset( $_SERVER['HTTP_AUTHORIZATION'] ) ) {
246+
$request->add_header( 'Authorization', sanitize_text_field( wp_unslash( $_SERVER['HTTP_AUTHORIZATION'] ) ) );
247+
}
248+
243249
return $request;
244250
}
245251

@@ -260,6 +266,12 @@ private function create_streamable_request( string $method, array $params = arra
260266
) ) );
261267
$request->add_header( 'Content-Type', 'application/json' );
262268
$request->add_header( 'Accept', 'application/json, text/event-stream' );
269+
270+
// Include authorization header from $_SERVER if set.
271+
if ( isset( $_SERVER['HTTP_AUTHORIZATION'] ) ) {
272+
$request->add_header( 'Authorization', sanitize_text_field( wp_unslash( $_SERVER['HTTP_AUTHORIZATION'] ) ) );
273+
}
274+
263275
return $request;
264276
}
265277

@@ -452,6 +464,10 @@ public function test_request_header_requirements(): void {
452464
'method' => 'ping',
453465
) ) );
454466
$streamable_request->add_header( 'Content-Type', 'application/json' );
467+
// Include authorization header from $_SERVER if set.
468+
if ( isset( $_SERVER['HTTP_AUTHORIZATION'] ) ) {
469+
$streamable_request->add_header( 'Authorization', sanitize_text_field( wp_unslash( $_SERVER['HTTP_AUTHORIZATION'] ) ) );
470+
}
455471
// Missing Accept header
456472
$streamable_response = rest_do_request( $streamable_request );
457473
$this->assertEquals( 400, $streamable_response->get_status(), 'Streamable should require Accept header' );
@@ -488,6 +504,10 @@ public function test_backward_compatibility_differences(): void {
488504
) ) );
489505
$streamable_request->add_header( 'Content-Type', 'application/json' );
490506
$streamable_request->add_header( 'Accept', 'application/json, text/event-stream' );
507+
// Include authorization header from $_SERVER if set.
508+
if ( isset( $_SERVER['HTTP_AUTHORIZATION'] ) ) {
509+
$streamable_request->add_header( 'Authorization', sanitize_text_field( wp_unslash( $_SERVER['HTTP_AUTHORIZATION'] ) ) );
510+
}
491511
$streamable_response = rest_do_request( $streamable_request );
492512
$this->assertEquals( 400, $streamable_response->get_status(), 'Streamable should require strict JSON-RPC format' );
493513
}

0 commit comments

Comments
 (0)