fix: don't leak escalated scopes in PRM scopes_supported for step-up test

pcarleton · pcarleton · commit a01476b64089 · 2026-03-25T12:17:27.000Z
diff --git a/src/scenarios/client/auth/scope-handling.ts b/src/scenarios/client/auth/scope-handling.ts
@@ -418,7 +418,7 @@ export class ScopeStepUpAuthScenario implements Scenario {
       {
         prmPath: '/.well-known/oauth-protected-resource/mcp',
         requiredScopes: escalatedScopes,
-        scopesSupported: escalatedScopes,
+        scopesSupported: [initialScope],
         includeScopeInWwwAuth: true,
         authMiddleware: stepUpMiddleware,
         tokenVerifier

Original file line number	Diff line number	Diff line change
`@@ -418,7 +418,7 @@ export class ScopeStepUpAuthScenario implements Scenario {`
`418`	`418`	`{`
`419`	`419`	`prmPath: '/.well-known/oauth-protected-resource/mcp',`
`420`	`420`	`requiredScopes: escalatedScopes,`
`421`		`- scopesSupported: escalatedScopes,`
	`421`	`+ scopesSupported: [initialScope],`
`422`	`422`	`includeScopeInWwwAuth: true,`
`423`	`423`	`authMiddleware: stepUpMiddleware,`
`424`	`424`	`tokenVerifier`