Skip to content

fix(auth): add Accept header to token and refresh requests#2699

Open
william-xue wants to merge 1 commit into
modelcontextprotocol:mainfrom
william-xue:fix/auth-accept-json-header
Open

fix(auth): add Accept header to token and refresh requests#2699
william-xue wants to merge 1 commit into
modelcontextprotocol:mainfrom
william-xue:fix/auth-accept-json-header

Conversation

@william-xue
Copy link
Copy Markdown

@william-xue william-xue commented May 27, 2026

Summary

OAuth token and refresh requests do not include an Accept: application/json header. Servers that default to form-encoded responses (e.g. GitHub's OAuth token endpoint) will not return JSON, causing handle_token_response_scopes to fail with a parse error.

This adds Accept: application/json to both _build_token_request and _refresh_token so servers know to respond with JSON.

Fixes #1523

Test plan

  • Added Accept header assertions to existing test_token_exchange_request_authorization_code and test_refresh_token_request tests
  • All 96 existing auth tests pass: uv run --frozen pytest tests/client/test_auth.py

Risk

Minimal — only adds a standard HTTP header to outgoing requests. No behavioral change for servers already returning JSON.

fix(auth): add Accept header to token and refresh requests
d6981b3 
OAuthClientProvider._build_token_request and _refresh_token did not
include an Accept header, so servers that default to form-encoded
responses (e.g. GitHub's OAuth token endpoint) would not return JSON.
This caused token exchange to fail with a parse error.

Added Accept: application/json to both token exchange and refresh
requests so servers know to respond with JSON.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

OAuthClientProvider._handle_token_response expect json

1 participant

@william-xue