Marco Sadjadi 86cf89ef42 fix(oauth): serve AS metadata at the RFC 8414 strict path ... Root cause of Claude Desktop's repeated "Registrierung beim Anmeldedienst fehlgeschlagen" reference ofid_897eda676d452435: RFC 8414 §3 constructs the well-known discovery URL by INSERTING "/.well-known/oauth-authorization-server" between the host and the issuer path. For issuer https://api.buildmymcpserver.com/oauth the correct location is https://api.buildmymcpserver.com/.well-known/oauth-authorization-server/oauth We previously served only the issuer-appended form (/oauth/.well-known/...), which is the historically common but RFC-incorrect placement. Claude Desktop's MCP SDK is strict per RFC 8414, hit the 404, and bailed out of discovery before ever reaching /oauth/register — so the DCR fix from earlier never had a chance to run. Now serves the same metadata at four paths via a single handler: - /.well-known/oauth-authorization-server/oauth (RFC 8414 strict) - /.well-known/oauth-authorization-server (root fallback) - /oauth/.well-known/oauth-authorization-server (historical) - /.well-known/openid-configuration (OIDC fallback) A single buildAsMetadata() helper keeps them in sync.		2026-05-28 19:47:47 +02:00
..
api	fix(oauth): serve AS metadata at the RFC 8414 strict path	2026-05-28 19:47:47 +02:00
generator	fix(runner): correct PUBLIC_URL + mount runner-map volume	2026-05-28 17:54:56 +02:00
runner-template	fix(docker): healthcheck must hit 127.0.0.1, not localhost	2026-05-21 18:07:01 +02:00
web	fix(oauth): allow generic RFC 7591 DCR + expand install snippets	2026-05-28 17:20:01 +02:00