oauth router

Signed-off-by: Veeresh K <[email protected]>

Author: nmveeresh

mcpgateway/routers/oauth_router.py

@@ -81,7 +81,6 @@ async def initiate_oauth_flow(gateway_id: str, _request: Request, db: Session =
 async def oauth_callback(
     code: str = Query(..., description="Authorization code from OAuth provider"),
     state: str = Query(..., description="State parameter for CSRF protection"),
-    _request: Request = None,
     db: Session = Depends(get_db),
 ) -> HTMLResponse:
     """Handle the OAuth callback and complete the authorization process.
@@ -93,7 +92,6 @@ async def oauth_callback(
     Args:
         code (str): The authorization code returned by the OAuth provider.
         state (str): The state parameter for CSRF protection, which encodes the gateway ID.
-        _request (Request): The incoming HTTP request object.
         db (Session): The database session dependency.
 
     Returns:

mcpgateway/utils/url_utils.py

@@ -1,3 +1,9 @@
+"""URL utilities for MCP Gateway.
+
+Provides functions for handling URL protocol detection and manipulation,
+especially for proxy environments with forwarded headers.
+"""
+
 # Standard
 from urllib.parse import urlparse, urlunparse
 
@@ -6,16 +12,15 @@
 
 
 def get_protocol_from_request(request: Request) -> str:
-    """
-    Return "https" or "http" based on:
-     1) X-Forwarded-Proto (if set by a proxy)
-     2) request.url.scheme  (e.g. when Gunicorn/Uvicorn is terminating TLS)
+    """Get protocol from request headers or URL scheme.
+    
+    Checks X-Forwarded-Proto header first, then falls back to request.url.scheme.
 
     Args:
-        request (Request): The FastAPI request object.
+        request: The FastAPI request object
 
     Returns:
-        str: The protocol used for the request, either "http" or "https".
+        Protocol string: "http" or "https"
     """
     forwarded = request.headers.get("x-forwarded-proto")
     if forwarded:
@@ -26,14 +31,13 @@ def get_protocol_from_request(request: Request) -> str:
 
 
 def update_url_protocol(request: Request) -> str:
-    """
-    Update the base URL protocol based on the request's scheme or forwarded headers.
+    """Update base URL protocol based on request headers.
 
     Args:
-        request (Request): The FastAPI request object.
+        request: The FastAPI request object
 
     Returns:
-        str: The base URL with the correct protocol.
+        Base URL with correct protocol
     """
     parsed = urlparse(str(request.base_url))
     proto = get_protocol_from_request(request)

tests/unit/mcpgateway/utils/test_url_utils.py

@@ -0,0 +1,18 @@
+import pytest
+from unittest.mock import Mock
+from mcpgateway.utils.url_utils import get_protocol_from_request
+
+
+@pytest.mark.parametrize("headers, expected",
+                         [({"x-forwarded-proto": "http"}, "http"),  # case with header
+                          ({}, "https"),  # fallback to request.url.scheme
+    ],
+)
+def test_get_protocol_from_request(headers, expected):
+    """Test get_protocol_from_request with and without x-forwarded-proto header."""
+    mock_request = Mock()
+    mock_request.headers = headers
+    mock_request.url.scheme = "https"
+
+    result = get_protocol_from_request(mock_request)
+    assert result == expected