Skip to content

fix: clear cached DCR client on Guided OAuth Flow and add clear dialog#1123

Open
peschee wants to merge 2 commits intomodelcontextprotocol:mainfrom
peschee:fix/guided-oauth-fresh-dcr-and-clear-dialog
Open

fix: clear cached DCR client on Guided OAuth Flow and add clear dialog#1123
peschee wants to merge 2 commits intomodelcontextprotocol:mainfrom
peschee:fix/guided-oauth-fresh-dcr-and-clear-dialog

Conversation

@peschee
Copy link

@peschee peschee commented Feb 27, 2026

Summary

  • Bug: Guided OAuth Flow Step 2 was displaying cached client_id from sessionStorage without making an actual DCR network request. Users saw stale data and couldn't verify that DCR was working correctly.
  • Fix: Clear the cached DCR client info when starting the Guided OAuth Flow so Step 2 always performs a fresh registration. Quick OAuth Flow is unaffected.
  • UX improvement: Replace the immediate "Clear OAuth State" button with a confirmation dialog that offers an optional checkbox to also clear the registered DCR client information. This prevents accidental state loss.
  • Also fixes a pre-existing test parse error (Babel as never in mock factory).

Depends on: #1121 (preserve DCR client info on disconnect). This PR includes that change as its base commit. Please merge #1121 first.

Test plan

  • npm run build-client passes
  • cd client && npm run lint passes
  • cd client && npm test passes (new and existing tests)
  • Manual test: open Guided OAuth Flow — Step 2 should always make a fresh DCR request
  • Manual test: click "Clear OAuth State" — should show confirmation dialog with DCR checkbox

@peschee
fix: preserve DCR client info on disconnect to avoid re-registration …
18a365e 
…errors

Stop clearing dynamically registered client information from
sessionStorage in clear(). The DCR-obtained client_id remains valid
at the IDP, so discarding it on disconnect/reconnect forces an
unnecessary re-registration that IDPs like Keycloak reject.
@peschee
fix: clear cached DCR client on Guided OAuth Flow and add clear dialog
4bdbef0 
Guided OAuth Flow Step 2 was showing cached client_id from sessionStorage
without making an actual DCR network request. Now clears the cached DCR
client info when starting the Guided flow so Step 2 always performs a
fresh registration. Quick OAuth Flow is unaffected.

Also replaces the immediate "Clear OAuth State" action with a
confirmation dialog that offers an optional checkbox to also clear the
registered DCR client information.

Fixes pre-existing test parse error (Babel `as never` in mock factory).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@peschee