[test] Add tests for mcp.NewHTTPConnection with OIDC provider#9341
Merged
lpcox merged 2 commits intoJul 14, 2026
Conversation
Test the previously-uncovered oidcProvider != nil branch in NewHTTPConnection. Two new table-style tests: - TestNewHTTPConnection_WithOIDCProvider: verifies that a non-nil oidcProvider causes the OIDC round-tripper to inject a Bearer token on every outgoing request. - TestNewHTTPConnection_WithOIDCAndStaticHeaders: verifies that static (non-Authorization) headers are preserved while the OIDC token overrides a static Authorization header. Coverage for NewHTTPConnection rises from 82.1% → 89.3%. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Collaborator
|
@copilot fix the failing lint check https://github.com/github/gh-aw-mcpg/actions/runs/29352703106/job/87158869644?pr=9341 |
Contributor
There was a problem hiding this comment.
Pull request overview
Adds integration-style coverage for OIDC-authenticated HTTP MCP connections.
Changes:
- Tests OIDC bearer-token injection.
- Tests OIDC precedence over static authorization while preserving custom headers.
Show a summary per file
| File | Description |
|---|---|
internal/mcp/oidc_connection_test.go |
Adds OIDC connection and header-layering tests. |
Review details
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 1/1 changed files
- Comments generated: 0
- Review effort level: Medium
Contributor
Fixed in commit |
This was referenced Jul 14, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Test Coverage Improvement:
NewHTTPConnectionFunction Analyzed
internal/mcpNewHTTPConnectionWhy This Function?
NewHTTPConnectionis the primary entry point for establishing HTTP-based MCP connections. It has a meaningfuloidcProvider != nilbranch that builds a dedicated OIDC-authenticated HTTP client, but every existing test passednilfor the OIDC provider, leaving the branch entirely untested.Tests Added
TestNewHTTPConnection_WithOIDCProvider— confirms that a non-niloidcProvidercausesbuildHTTPClientWithOIDCto be invoked and that the resulting connection includes an OIDCBearertoken on every outgoing request.TestNewHTTPConnection_WithOIDCAndStaticHeaders— confirms that non-Authorization static headers are preserved while the OIDC round-tripper correctly overrides any staticAuthorizationheader.Both tests use the existing
newTestOIDCServer/makeTestJWTtest helpers fromhttp_transport_test.go.Coverage Report
Test Execution
All tests pass:
Generated by Test Coverage Improver
Next run will target the next most complex under-tested function
Warning
Firewall blocked 8 domains
The following domains were blocked by the firewall during workflow execution:
awmgmcpggo.opentelemetry.iogo.yaml.ingolang.orggoogle.golang.orggopkg.inproxy.golang.orgreleaseassets.githubusercontent.comSee Network Configuration for more information.