marco/buildmymcpserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3a05766f88
buildmymcpserver/packages/db/migrations/0002_oauth_clients_nullable_server.sql

9 lines
447 B
MySQL
Raw Normal View History

fix(oauth): allow generic RFC 7591 DCR + expand install snippets - /oauth/register: drop resource_required check, accept generic registrations (Claude Desktop omits resource in DCR body per spec). serverId stored as NULL; /authorize still enforces org-ownership + access-token aud claim still pinned to resource. Fixes Claude Desktop DCR failure (ofid_d7e39530c109fa7f). - /oauth/authorize: skip strict server.id check when client.serverId is NULL (generic client); org check remains the security boundary. - schema: oauth_clients.server_id no longer NOT NULL. - migration 0002: ALTER COLUMN server_id DROP NOT NULL (already applied on prod). - install-snippets: add Claude Code (CLI), VS Code, Codex, raw URL tabs. Claude Desktop now shows form-field values (Name / Remote MCP Server URL / OAuth Client ID / Secret) matching the new Custom Connector UI instead of the obsolete JSON config. - types: InstallTarget enum extended. - hero-video: clicking the audio toggle restarts the video from frame 0 so unmute aligns with the spoken opening. - marketing: drop em-dashes from rendered copy.
2026-05-28 17:20:01 +02:00
-- Allow generic RFC 7591 Dynamic Client Registration:
-- a client may register without binding to a specific MCP server.
-- /oauth/authorize still enforces the org-ownership check on every
-- authorization, and the access-token `aud` claim is pinned to the
-- resource declared at /token, so a generic client cannot mint a
-- token usable against a server outside the user's org.
ALTER TABLE oauth_clients
ALTER COLUMN server_id DROP NOT NULL;
Reference in New Issue Copy Permalink