Skip to content

feat(mcp): structured AuthError for 401 responses#47

Open
ysyneu wants to merge 1 commit into
feat/ai-srefrom
p1-auth-error-transport
Open

feat(mcp): structured AuthError for 401 responses#47
ysyneu wants to merge 1 commit into
feat/ai-srefrom
p1-auth-error-transport

Conversation

@ysyneu
Copy link
Copy Markdown
Collaborator

@ysyneu ysyneu commented May 22, 2026

Summary

Captures 401 status + WWW-Authenticate + resource_metadata URL on remote MCP server responses, wraps in *AuthError, surfaces to fc-safari via new additive fields on MCPResultPayload.

What's in this PR

  • mcp/auth_error.goAuthError struct + errors.Unwrap support
  • mcp/transport.go::headerTransport.RoundTrip — 401 capture + WWW-Authenticate parser
  • protocol/messages.go::MCPResultPayload — additive ErrorType + AuthMetadata fields
  • ws/handler.go::handleMCPCall — populates new fields when error is *AuthError

Companion PRs

Part of cross-repo per-user auth work — see fc-safari, fc-event, go-pkg, ai-sre-web, fc-foundation-app.

Test plan

  • go test ./mcp/ -run TestRoundTripWrapsAuthError -v — PASS
  • go test ./... -count=1 — no regressions
  • go build ./... clean

@ysyneu
feat(mcp): structured AuthError for 401 responses
ca1b389 
Captures status code + WWW-Authenticate + resource_metadata URL on 401,
wraps in *AuthError, propagates via errors.As back to fc-safari through
new ErrorType / AuthMetadata fields on MCPResultPayload. Old MCPResult
senders omit the new fields — fc-safari falls back to opaque-error path.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ysyneu