drop redundant resource canonicalization tests

Author: ochafik

src/client/auth.test.ts

@@ -907,54 +907,6 @@ describe("OAuth Authorization", () => {
  );
  });
 
- it("canonicalizes resource URI by removing fragment", async () => {
- // Mock successful metadata discovery
- mockFetch.mockImplementation((url) => {
- const urlString = url.toString();
- if (urlString.includes("/.well-known/oauth-authorization-server")) {
- return Promise.resolve({
- ok: true,
- status: 200,
- json: async () => ({
- issuer: "https://auth.example.com",
- authorization_endpoint: "https://auth.example.com/authorize",
- token_endpoint: "https://auth.example.com/token",
- response_types_supported: ["code"],
- code_challenge_methods_supported: ["S256"],
- }),
- });
- }
- return Promise.resolve({ ok: false, status: 404 });
- });
-
- // Mock provider methods
- (mockProvider.clientInformation as jest.Mock).mockResolvedValue({
- client_id: "test-client",
- client_secret: "test-secret",
- });
- (mockProvider.tokens as jest.Mock).mockResolvedValue(undefined);
- (mockProvider.saveCodeVerifier as jest.Mock).mockResolvedValue(undefined);
- (mockProvider.redirectToAuthorization as jest.Mock).mockResolvedValue(undefined);
-
- // Call the auth function with a resource that has a fragment
- const result = await auth(mockProvider, {
- serverUrl: "https://api.example.com/mcp-server#fragment",
- });
-
- expect(result).toBe("REDIRECT");
-
- // Verify redirectToAuthorization was called with the canonicalized resource
- expect(mockProvider.redirectToAuthorization).toHaveBeenCalledWith(
- expect.objectContaining({
- searchParams: expect.any(URLSearchParams),
- })
- );
-
- const redirectCall = (mockProvider.redirectToAuthorization as jest.Mock).mock.calls[0];
- const authUrl: URL = redirectCall[0];
- expect(authUrl.searchParams.get("resource")).toBe("https://api.example.com/mcp-server");
- });
-
  it("passes resource parameter through authorization flow", async () => {
  // Mock successful metadata discovery
  mockFetch.mockImplementation((url) => {
@@ -1125,91 +1077,6 @@ describe("OAuth Authorization", () => {
  expect(body.get("refresh_token")).toBe("refresh123");
  });
 
- it("handles derived resource parameter from serverUrl", async () => {
- // Mock successful metadata discovery
- mockFetch.mockImplementation((url) => {
- const urlString = url.toString();
- if (urlString.includes("/.well-known/oauth-authorization-server")) {
- return Promise.resolve({
- ok: true,
- status: 200,
- json: async () => ({
- issuer: "https://auth.example.com",
- authorization_endpoint: "https://auth.example.com/authorize",
- token_endpoint: "https://auth.example.com/token",
- response_types_supported: ["code"],
- code_challenge_methods_supported: ["S256"],
- }),
- });
- }
- return Promise.resolve({ ok: false, status: 404 });
- });
-
- // Mock provider methods
- (mockProvider.clientInformation as jest.Mock).mockResolvedValue({
- client_id: "test-client",
- client_secret: "test-secret",
- });
- (mockProvider.tokens as jest.Mock).mockResolvedValue(undefined);
- (mockProvider.saveCodeVerifier as jest.Mock).mockResolvedValue(undefined);
- (mockProvider.redirectToAuthorization as jest.Mock).mockResolvedValue(undefined);
-
- // Call auth with just serverUrl (resource is derived from it)
- const result = await auth(mockProvider, {
- serverUrl: "https://api.example.com/mcp-server",
- });
-
- expect(result).toBe("REDIRECT");
-
- // Verify that resource parameter is always included (derived from serverUrl)
- const redirectCall = (mockProvider.redirectToAuthorization as jest.Mock).mock.calls[0];
- const authUrl: URL = redirectCall[0];
- expect(authUrl.searchParams.has("resource")).toBe(true);
- expect(authUrl.searchParams.get("resource")).toBe("https://api.example.com/mcp-server");
- });
-
- it("handles resource with multiple fragments", async () => {
- // Mock successful metadata discovery
- mockFetch.mockImplementation((url) => {
- const urlString = url.toString();
- if (urlString.includes("/.well-known/oauth-authorization-server")) {
- return Promise.resolve({
- ok: true,
- status: 200,
- json: async () => ({
- issuer: "https://auth.example.com",
- authorization_endpoint: "https://auth.example.com/authorize",
- token_endpoint: "https://auth.example.com/token",
- response_types_supported: ["code"],
- code_challenge_methods_supported: ["S256"],
- }),
- });
- }
- return Promise.resolve({ ok: false, status: 404 });
- });
-
- // Mock provider methods
- (mockProvider.clientInformation as jest.Mock).mockResolvedValue({
- client_id: "test-client",
- client_secret: "test-secret",
- });
- (mockProvider.tokens as jest.Mock).mockResolvedValue(undefined);
- (mockProvider.saveCodeVerifier as jest.Mock).mockResolvedValue(undefined);
- (mockProvider.redirectToAuthorization as jest.Mock).mockResolvedValue(undefined);
-
- // Call auth with resource containing multiple # symbols
- const result = await auth(mockProvider, {
- serverUrl: "https://api.example.com/mcp-server#fragment#another",
- });
-
- expect(result).toBe("REDIRECT");
-
- // Verify the resource is properly canonicalized (everything after first # removed)
- const redirectCall = (mockProvider.redirectToAuthorization as jest.Mock).mock.calls[0];
- const authUrl: URL = redirectCall[0];
- expect(authUrl.searchParams.get("resource")).toBe("https://api.example.com/mcp-server");
- });
-
  it("verifies resource parameter distinguishes between different paths on same domain", async () => {
  // Mock successful metadata discovery
  mockFetch.mockImplementation((url) => {