fix client example

pcarleton · pcarleton · commit b4e8dcda13d1 · 2025-05-19T11:30:12.000+01:00
diff --git a/src/examples/server/demoInMemoryOAuthProvider.ts b/src/examples/server/demoInMemoryOAuthProvider.ts
@@ -44,6 +44,9 @@ export class DemoInMemoryAuthProvider implements OAuthServerProvider {
     const searchParams = new URLSearchParams({
       code,
     });
+    if (params.state !== undefined) {
+      searchParams.set('state', params.state);
+    }
 
     this.codes.set(code, {
       client,
@@ -102,7 +105,7 @@ export class DemoInMemoryAuthProvider implements OAuthServerProvider {
 
     return {
       access_token: token,
-      token_type: 'Bearer',
+      token_type: 'bearer',
       expires_in: 3600,
       scope: (codeData.params.scopes || []).join(' '),
     };
diff --git a/src/examples/server/simpleStreamableHttp.ts b/src/examples/server/simpleStreamableHttp.ts
@@ -3,7 +3,7 @@ import { randomUUID } from 'node:crypto';
 import { z } from 'zod';
 import { McpServer } from '../../server/mcp.js';
 import { StreamableHTTPServerTransport } from '../../server/streamableHttp.js';
-import { mcpAuthRouter, mcpProtectedResourceRouter, getOAuthProtectedResourceMetadataUrl } from '../../server/auth/router.js';
+import { mcpAuthRouter, getOAuthProtectedResourceMetadataUrl } from '../../server/auth/router.js';
 import { requireBearerAuth } from '../../server/auth/middleware/bearerAuth.js';
 import { CallToolResult, GetPromptResult, isInitializeRequest, ReadResourceResult } from '../../types.js';
 import { InMemoryEventStore } from '../shared/inMemoryEventStore.js';
@@ -188,7 +188,6 @@ if (useOAuth) {
   authApp.use(mcpAuthRouter({
     provider,
     issuerUrl: authServerUrl,
-    baseUrl: authServerUrl,
     scopesSupported: ['mcp:tools'],
     // This endpoint is set up on the Authorization server, but really shouldn't be.
     protectedResourceOptions: {
@@ -202,12 +201,15 @@ if (useOAuth) {
     console.log(`OAuth Authorization Server listening on port ${AUTH_PORT}`);
   });
 
-  // Add protected resource metadata to the main MCP server
-  app.use(mcpProtectedResourceRouter({
+  // Add both resource metadata and oauth server metadata (for backwards compatiblity) to the main MCP server
+  app.use(mcpAuthRouter({
+    provider,
     issuerUrl: authServerUrl,
-    serverUrl: mcpServerUrl,
     scopesSupported: ['mcp:tools'],
-    resourceName: 'MCP Demo Server',
+    protectedResourceOptions: {
+      serverUrl: mcpServerUrl,
+      resourceName: 'MCP Demo Server',
+    },
   }));
 
   authMiddleware = requireBearerAuth({
