/heath for http, see (#225)

Author: gossion

internal/auth/oauth/endpoints.go

@@ -119,9 +119,6 @@ func (em *EndpointManager) RegisterEndpoints(mux *http.ServeMux) {
 
 	// OAuth 2.0 token endpoint for Authorization Code exchange
 	mux.HandleFunc("/oauth2/v2.0/token", em.tokenHandler())
-
-	// Health check endpoint (unauthenticated)
-	mux.HandleFunc("/health", em.healthHandler())
 }
 
 // authServerMetadataProxyHandler proxies authorization server metadata from Azure AD
@@ -375,38 +372,6 @@ func (em *EndpointManager) tokenIntrospectionHandler() http.HandlerFunc {
 	}
 }
 
-// healthHandler provides a simple health check endpoint
-func (em *EndpointManager) healthHandler() http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		// Set CORS headers for all requests
-		em.setCORSHeaders(w, r)
-
-		// Handle preflight OPTIONS request
-		if r.Method == http.MethodOptions {
-			w.WriteHeader(http.StatusNoContent)
-			return
-		}
-
-		if r.Method != http.MethodGet {
-			http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
-			return
-		}
-
-		response := map[string]interface{}{
-			"status": "healthy",
-			"oauth": map[string]interface{}{
-				"enabled": em.cfg.OAuthConfig.Enabled,
-			},
-		}
-
-		w.Header().Set("Content-Type", "application/json")
-		if err := json.NewEncoder(w).Encode(response); err != nil {
-			http.Error(w, "Failed to encode response", http.StatusInternalServerError)
-			return
-		}
-	}
-}
-
 // protectedResourceMetadataHandler handles OAuth 2.0 Protected Resource Metadata requests
 func (em *EndpointManager) protectedResourceMetadataHandler() http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {

internal/auth/oauth/endpoints_test.go

@@ -53,7 +53,6 @@ func TestEndpointManager_RegisterEndpoints(t *testing.T) {
 		{"POST", "/oauth/register", http.StatusBadRequest},                                 // Missing required data
 		{"POST", "/oauth/introspect", http.StatusBadRequest},                               // Missing token param
 		{"GET", "/oauth/callback", http.StatusBadRequest},                                  // Missing required params
-		{"GET", "/health", http.StatusOK},
 	}
 
 	for _, tc := range testCases {
@@ -192,41 +191,6 @@ func TestTokenIntrospectionEndpointMissingToken(t *testing.T) {
 	}
 }
 
-func TestHealthEndpoint(t *testing.T) {
-	cfg := createTestConfig()
-
-	provider, _ := NewAzureOAuthProvider(cfg.OAuthConfig)
-	manager := NewEndpointManager(provider, cfg)
-
-	req := httptest.NewRequest("GET", "/health", nil)
-	w := httptest.NewRecorder()
-
-	handler := manager.healthHandler()
-	handler(w, req)
-
-	if w.Code != http.StatusOK {
-		t.Errorf("Expected status 200, got %d", w.Code)
-	}
-
-	var response map[string]interface{}
-	if err := json.Unmarshal(w.Body.Bytes(), &response); err != nil {
-		t.Fatalf("Failed to parse response: %v", err)
-	}
-
-	if response["status"] != "healthy" {
-		t.Errorf("Expected status healthy, got %v", response["status"])
-	}
-
-	oauth, ok := response["oauth"].(map[string]interface{})
-	if !ok {
-		t.Error("Expected oauth object in response")
-	}
-
-	if oauth["enabled"] != true {
-		t.Errorf("Expected oauth enabled true, got %v", oauth["enabled"])
-	}
-}
-
 func TestValidateClientRegistration(t *testing.T) {
 	cfg := createTestConfig()
 
@@ -488,13 +452,13 @@ func TestCORSHeaders(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			req := httptest.NewRequest("GET", "/health", nil)
+			req := httptest.NewRequest("GET", "/.well-known/oauth-protected-resource", nil)
 			if tt.origin != "" {
 				req.Header.Set("Origin", tt.origin)
 			}
 			w := httptest.NewRecorder()
 
-			handler := manager.healthHandler()
+			handler := manager.protectedResourceMetadataHandler()
 			handler(w, req)
 
 			corsOrigin := w.Header().Get("Access-Control-Allow-Origin")

internal/server/server.go

@@ -178,11 +178,39 @@ func (s *Service) registerPrompts() {
 	prompts.RegisterHealthPrompts(s.mcpServer, s.cfg)
 }
 
+// healthHandler provides a simple health check endpoint
+func (s *Service) healthHandler() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != http.MethodGet {
+			http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+			return
+		}
+
+		response := map[string]interface{}{
+			"status":    "healthy",
+			"version":   version.GetVersion(),
+			"transport": s.cfg.Transport,
+			"oauth": map[string]interface{}{
+				"enabled": s.cfg.OAuthConfig.Enabled,
+			},
+		}
+
+		w.Header().Set("Content-Type", "application/json")
+		if err := json.NewEncoder(w).Encode(response); err != nil {
+			http.Error(w, "Failed to encode response", http.StatusInternalServerError)
+			return
+		}
+	}
+}
+
 // createCustomHTTPServerWithHelp404 creates a custom HTTP server that provides
 // helpful 404 responses for the MCP server
 func (s *Service) createCustomHTTPServerWithHelp404(addr string) *http.Server {
 	mux := http.NewServeMux()
 
+	// Register health check endpoint (always available)
+	mux.HandleFunc("/health", s.healthHandler())
+
 	// Register OAuth endpoints if OAuth is enabled
 	if s.cfg.OAuthConfig.Enabled {
 		if s.endpointManager == nil {
@@ -194,7 +222,7 @@ func (s *Service) createCustomHTTPServerWithHelp404(addr string) *http.Server {
 
 	// Handle all other paths with a helpful 404 response
 	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
-		if r.URL.Path != "/mcp" {
+		if r.URL.Path != "/mcp" && r.URL.Path != "/health" {
 			w.Header().Set("Content-Type", "application/json")
 			w.WriteHeader(http.StatusNotFound)
 
@@ -206,6 +234,7 @@ func (s *Service) createCustomHTTPServerWithHelp404(addr string) *http.Server {
 					"requests":   "POST /mcp - Send MCP requests (requires Mcp-Session-Id header)",
 					"listen":     "GET /mcp - Listen for notifications (requires Mcp-Session-Id header)",
 					"terminate":  "DELETE /mcp - Terminate session (requires Mcp-Session-Id header)",
+					"health":     "GET /health - Health check",
 				},
 			}
 
@@ -216,7 +245,6 @@ func (s *Service) createCustomHTTPServerWithHelp404(addr string) *http.Server {
 					"auth-server-metadata": "GET /.well-known/oauth-authorization-server - Authorization server metadata",
 					"client-registration":  "POST /oauth/register - Dynamic client registration",
 					"token-introspection":  "POST /oauth/introspect - Token introspection",
-					"health":               "GET /health - Health check",
 				}
 				for k, v := range oauthEndpoints {
 					response["endpoints"].(map[string]string)[k] = v
@@ -241,6 +269,9 @@ func (s *Service) createCustomHTTPServerWithHelp404(addr string) *http.Server {
 func (s *Service) createCustomSSEServerWithHelp404(sseServer *server.SSEServer, addr string) *http.Server {
 	mux := http.NewServeMux()
 
+	// Register health check endpoint (always available)
+	mux.HandleFunc("/health", s.healthHandler())
+
 	// Register OAuth endpoints if OAuth is enabled
 	if s.cfg.OAuthConfig.Enabled {
 		if s.endpointManager == nil {
@@ -266,7 +297,7 @@ func (s *Service) createCustomSSEServerWithHelp404(sseServer *server.SSEServer,
 
 	// Handle all other paths with a helpful 404 response
 	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
-		if r.URL.Path != "/sse" && r.URL.Path != "/message" {
+		if r.URL.Path != "/sse" && r.URL.Path != "/message" && r.URL.Path != "/health" {
 			w.Header().Set("Content-Type", "application/json")
 			w.WriteHeader(http.StatusNotFound)
 
@@ -276,6 +307,7 @@ func (s *Service) createCustomSSEServerWithHelp404(sseServer *server.SSEServer,
 				"endpoints": map[string]string{
 					"sse":     "GET /sse - Establish SSE connection for real-time notifications",
 					"message": "POST /message - Send MCP JSON-RPC messages",
+					"health":  "GET /health - Health check",
 				},
 			}
 
@@ -292,7 +324,6 @@ func (s *Service) createCustomSSEServerWithHelp404(sseServer *server.SSEServer,
 					"auth-server-metadata": "GET /.well-known/oauth-authorization-server - Authorization server metadata",
 					"client-registration":  "POST /oauth/register - Dynamic client registration",
 					"token-introspection":  "POST /oauth/introspect - Token introspection",
-					"health":               "GET /health - Health check",
 				}
 				for k, v := range oauthEndpoints {
 					response["endpoints"].(map[string]string)[k] = v