jubnl 895f34deba refactor: extract getOAuthMetadata() shared by both discovery endpoints ...

Both /.well-known/oauth-authorization-server (via SDK router) and
/.well-known/openid-configuration now serve the same OAuthMetadata
object built once from a shared lazy getter.

The MCP spec explicitly states clients try OIDC Discovery or RFC 8414
depending on server support — ChatGPT uses OIDC Discovery first.
Serving the OAuth AS metadata at the OIDC URL is the correct approach;
clients only read the OAuth fields (authorization_endpoint,
token_endpoint, registration_endpoint) from it.

2026-05-05 14:32:59 +02:00

..

assets

refactor: move airports.json out of server/data into server/assets

2026-04-18 02:02:09 +02:00

public

chore(CRLF): normalize index.html line endings to LF

2026-04-05 04:35:17 +02:00

scripts

docs: add full wiki with 74 pages, assets, and CI workflow

2026-04-20 10:11:53 +02:00

src

refactor: extract getOAuthMetadata() shared by both discovery endpoints

2026-05-05 14:32:59 +02:00

tests

feat: migrate OAuth public endpoints to MCP SDK auth handlers

2026-05-05 13:01:32 +02:00

.env.example

fix: add APP_VERSION fallback and HOST bind address env var (#952 #953) (#955)

2026-05-04 14:21:55 +02:00

package-lock.json

chore: bump version to 3.0.15 [skip ci]

2026-05-04 12:22:15 +00:00

package.json

chore: bump version to 3.0.15 [skip ci]

2026-05-04 12:22:15 +00:00

reset-admin.js

Stabilize core: better-sqlite3, versioned migrations, graceful shutdown

2026-03-22 17:52:24 +01:00

tsconfig.json

feat: migrate OAuth public endpoints to MCP SDK auth handlers

2026-05-05 13:01:32 +02:00

vitest.config.ts

refactor(mcp): replace direct DB access with service layer calls

2026-04-04 18:12:53 +02:00