fix(opencode): pass MCP OAuth scope to client metadata

[joshuapbritz]

Issue for this PR

Fixes #26301

Type of change

• Bug fix
• New feature
• Refactor / code improvement
• Documentation

What does this PR do?

Adds a fix to the opencode package to pass through the scope of a package through to the client metadata. This addresses and issue where oAuth authentication is rejected due to invalid scope. The fix made added the scope from config if it is present.

In full disclosure, I have not worked on this codebase before and made strong use of GPT5.5 in figuring this out. The session is available to view here: https://opncd.ai/share/nwfye43n

How did you verify your code works?

• I did a preliminary test pass with bun test
• I also followed the below steps:
  • Create environment using:

    export OC_TEST_HOME="$(mktemp -d)"
    export XDG_CONFIG_HOME="$OC_TEST_HOME/config"
    export XDG_DATA_HOME="$OC_TEST_HOME/data"
    export XDG_CACHE_HOME="$OC_TEST_HOME/cache"
    export XDG_STATE_HOME="$OC_TEST_HOME/state"

  • Create an example opencode.json:

    mkdir -p "$XDG_CONFIG_HOME/opencode"
    
    cat > "$XDG_CONFIG_HOME/opencode/opencode.json" <<'JSON'
    {
       "$schema": "https://opencode.ai/config.json",
       "mcp": {
          "medusa": {
             "type": "remote",
             "enabled": true,
             "url": "https://docs.medusajs.com/mcp",
             "oauth": {
                "scope": "openid email profile"
             }
         }
       }
    }
    JSON

  • And then ran:
    bun run --conditions=browser ./src/index.ts --print-logs --log-level DEBUG mcp debug medusa 2>&1 | tee "$OC_TEST_HOME/mcp-debug.log" and verified that scope was included in the url.

Checklist

• I have tested my changes locally
• I have not included unrelated changes in this PR

If you do not follow this template your PR will be automatically rejected.

[joshuapbritz]

This is my first open source PR, so I am not sure I am doing everything correctly here. I really don't want to mess time but had this weird issue as detailed in #26301. I had managed to get around the issue I was having with the specific MCP I was trying to connect to, but found that another user had a similar problem and so I thought I would try to do a fix. I did make use of AI in investigating and fixing this but did review the code myself.

I am happy to change anything needed if this is the wrong place to fix this, though I might need some guidance from someone with more experience on the codebase.