Skip to content

Add test for ProtectedResourceMetadataParsing #1236

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

Add test for ProtectedResourceMetadataParsing #1236

wants to merge 19 commits into from
+56 −9

Conversation

yannj-fr
Copy link
Contributor

@yannj-fr yannj-fr commented Aug 4, 2025

Motivation and Context

Add tests cases for insurring ProtectedResourceMetadata validation is correctly done

How Has This Been Tested?

with pytest

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

@yannj-fr yannj-fr requested a review from a team as a code owner August 4, 2025 20:15
@yannj-fr yannj-fr requested a review from pcarleton August 4, 2025 20:15
@yannj-fr yannj-fr marked this pull request as draft August 4, 2025 20:35
@yannj-fr yannj-fr marked this pull request as ready for review August 4, 2025 20:36
pcarleton
pcarleton requested changes Aug 5, 2025
View reviewed changes
Kludex
Kludex reviewed Aug 5, 2025
View reviewed changes
Copy link
Member

@Kludex Kludex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR is not testing the fact that the new fields are supported. It's testing that the class is properly validated, which it seems we are testing Pydantic here. The same can be said about the tests above.

I think an ideal test would be to use the new added literal fields in an auth flow. But that's an issue that comes from before, because we actually don't have tests for it...

Anyway, I'm okay with either merging or closing this.

tests/shared/test_auth.py Outdated
@@ -37,3 +38,84 @@ def test_oidc(self):
"userinfo_endpoint": "https://example.com/oauth2/userInfo",
}
)


class TestProtectedResourceMetadataInvalid:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need a PR to drop those classes. They are following a very old Python testing layout.

You can ignore this comment.

yannj-fr and others added 2 commits August 5, 2025 12:10
@yannj-fr @pcarleton
Update tests/shared/test_auth.py
e8bfe35 
Co-authored-by: Paul Carleton <paulcarletonjr@gmail.com>
@yannj-fr @pcarleton
Update tests/shared/test_auth.py
79e1b16 
Co-authored-by: Paul Carleton <paulcarletonjr@gmail.com>
Kludex
Kludex previously approved these changes Aug 5, 2025
View reviewed changes
@Kludex Kludex dismissed their stale review August 5, 2025 13:15

Actually, I don't think this is the way to go.

@yannj-fr
Copy link
Contributor Author

yannj-fr commented Aug 6, 2025

@Kludex tests updated

Kludex
Kludex reviewed Aug 6, 2025
View reviewed changes
@yannj-fr
Copy link
Contributor Author

yannj-fr commented Aug 6, 2025

@Kludex done with the requested changes

Kludex
Kludex previously approved these changes Aug 6, 2025
View reviewed changes
tests/server/fastmcp/auth/test_auth_integration.py Outdated
Comment on lines 1238 to 1239
metadata = response.json()
assert metadata == snapshot(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
metadata = response.json()
assert metadata == snapshot(
assert response.json() == snapshot(

tests/shared/test_auth.py Outdated
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are the tests you added in here necessary?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To me it prevents someone to introduce regression in the model description by checking against a realistic payload

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it will have that effect... People that modify the model class will just update the test... The assertion is just making sure the validation passes, there's no assertion that makes use of any further logic.

@Kludex
Copy link
Member

Kludex commented Aug 6, 2025

Maybe we could benefit more if we move the test you added to a new file, so we can actually don't mix bad practices with good ones.

@yannj-fr
Copy link
Contributor Author

yannj-fr commented Aug 6, 2025

I will create a separated file, actually could be directly in the test/server/auth/test_proctected_resource.py

Kludex
Kludex reviewed Aug 6, 2025
View reviewed changes
tests/shared/test_auth.py Outdated
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it will have that effect... People that modify the model class will just update the test... The assertion is just making sure the validation passes, there's no assertion that makes use of any further logic.

yannj-fr and others added 2 commits August 6, 2025 12:44
@yannj-fr @Kludex
Update tests/server/auth/test_protected_resource.py
82852be 
Co-authored-by: Marcelo Trylesinski <marcelotryle@gmail.com>
@yannj-fr @Kludex
Update tests/server/auth/test_protected_resource.py
0826232 
Co-authored-by: Marcelo Trylesinski <marcelotryle@gmail.com>
Kludex
Kludex previously approved these changes Aug 6, 2025
View reviewed changes
@yannj-fr
Copy link
Contributor Author

yannj-fr commented Aug 6, 2025

As per your advice, I removed the test that is just on the model, and fixed naming.
Just one question, it is not good practice to have test case in a class?

@Kludex
Copy link
Member

Kludex commented Aug 6, 2025
edited
Loading

Just one question, it is not good practice to have test case in a class?

I don't think you get anything from it, it's more often seen in old test suites and when using unittest (https://docs.python.org/3/library/unittest.html#basic-example).

I prefer to stick with what modern packages do: not have wrapper classes.

This is my opinion tho.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pcarleton pcarleton pcarleton requested changes

@Kludex Kludex Kludex left review comments

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@yannj-fr @Kludex @pcarleton