tests/TeamUp.IntegrationTests/McpServerRegistryTests.cs

using System.Net;
using System.Net.Http.Headers;
using System.Net.Http.Json;
using Xunit;

namespace TeamUp.IntegrationTests;

/// <summary>
/// The MCP server registry: owner-only to create (ManageApiKeys), team-owners may list (to bind),
/// auth-header values are encrypted and never returned (only their names), and an unreachable server
/// fails the test endpoint gracefully rather than throwing.
/// </summary>
public sealed class McpServerRegistryTests(PostgresFixture postgres) : IClassFixture<PostgresFixture>
{
    private sealed record BootstrapResponse(string Token, Guid MemberId, Guid OrganizationId);

    private sealed record AuthResponse(string Token, Guid MemberId);

    private sealed record InviteResponse(Guid InvitationId, string Token);

    private sealed record McpServerDto(Guid Id, string Name, string Endpoint, bool Enabled, List<string> HeaderNames);

    private sealed record McpTestResultDto(bool Success, string? Error, int ToolCount, List<string> ToolNames);

    [Fact]
    public async Task Owner_registers_a_server_with_encrypted_headers_and_a_member_cannot()
    {
        await using var factory = new TeamUpWebFactory(postgres.ConnectionString);
        using var anon = factory.CreateClient();

        var owner = await PostOk<BootstrapResponse>(anon, "/api/identity/bootstrap", new
        {
            organizationName = "AliaSaaS",
            ownerEmail = "owner@alia.test",
            ownerDisplayName = "Owner",
            ownerPassword = "Passw0rd!",
        });
        using var client = Authed(factory, owner.Token);

        // Create with an auth header — the response exposes only the header NAME, never its value.
        var created = await PostOk<McpServerDto>(client, "/api/integrations/mcp-servers", new
        {
            organizationId = owner.OrganizationId,
            name = "GitHub MCP",
            endpoint = "https://mcp.example.com/mcp",
            headers = new Dictionary<string, string> { ["Authorization"] = "Bearer super-secret-token" },
        });
        Assert.Equal("GitHub MCP", created.Name);
        Assert.True(created.Enabled);
        Assert.Equal(["Authorization"], created.HeaderNames);

        // Listing also never leaks the value.
        var list = await client.GetFromJsonAsync<List<McpServerDto>>(
            $"/api/integrations/mcp-servers?organizationId={owner.OrganizationId}");
        var server = Assert.Single(list!);
        Assert.Equal(["Authorization"], server.HeaderNames);

        // A bad endpoint is rejected.
        var bad = await client.PostAsJsonAsync("/api/integrations/mcp-servers", new
        {
            organizationId = owner.OrganizationId,
            name = "Bad",
            endpoint = "not-a-url",
            headers = (object?)null,
        });
        Assert.Equal(HttpStatusCode.BadRequest, bad.StatusCode);

        // Test endpoint on an unreachable server fails gracefully (no throw), reporting the reason.
        var test = await client.PostAsync($"/api/integrations/mcp-servers/{created.Id}/test", content: null);
        Assert.Equal(HttpStatusCode.OK, test.StatusCode);
        var result = await test.Content.ReadFromJsonAsync<McpTestResultDto>();
        Assert.False(result!.Success);
        Assert.NotNull(result.Error);

        // A plain Member cannot register a server (ManageApiKeys is owner-only).
        var invite = await PostOk<InviteResponse>(client, "/api/identity/invitations", new
        {
            email = "dev@alia.test",
            scopeType = "Organization",
            scopeId = owner.OrganizationId,
            role = "Member",
            organizationId = owner.OrganizationId,
        });
        var member = await PostOk<AuthResponse>(anon, "/api/identity/invitations/accept",
            new { token = invite.Token, displayName = "Dev", password = "Passw0rd!" });
        using var memberClient = Authed(factory, member.Token);

        var forbidden = await memberClient.PostAsJsonAsync("/api/integrations/mcp-servers", new
        {
            organizationId = owner.OrganizationId,
            name = "Nope",
            endpoint = "https://mcp.example.com/mcp",
            headers = (object?)null,
        });
        Assert.Equal(HttpStatusCode.Forbidden, forbidden.StatusCode);

        // The owner can delete it.
        var deleted = await client.DeleteAsync($"/api/integrations/mcp-servers/{created.Id}");
        Assert.Equal(HttpStatusCode.NoContent, deleted.StatusCode);
    }

    private static HttpClient Authed(TeamUpWebFactory factory, string token)
    {
        var client = factory.CreateClient();
        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
        return client;
    }

    private static async Task<T> PostOk<T>(HttpClient client, string url, object body)
    {
        var response = await client.PostAsJsonAsync(url, body);
        Assert.Equal(HttpStatusCode.OK, response.StatusCode);
        var value = await response.Content.ReadFromJsonAsync<T>();
        Assert.NotNull(value);
        return value!;
    }
}
MCP compatibility for AI agents: server registry, JSON-RPC client, gateway, run-time tool catalog 2026-06-13 19:25:43 +03:30			`using System.Net;`
			`using System.Net.Http.Headers;`
			`using System.Net.Http.Json;`
			`using Xunit;`

			`namespace TeamUp.IntegrationTests;`

			`/// <summary>`
			`/// The MCP server registry: owner-only to create (ManageApiKeys), team-owners may list (to bind),`
			`/// auth-header values are encrypted and never returned (only their names), and an unreachable server`
			`/// fails the test endpoint gracefully rather than throwing.`
			`/// </summary>`
			`public sealed class McpServerRegistryTests(PostgresFixture postgres) : IClassFixture<PostgresFixture>`
			`{`
			`private sealed record BootstrapResponse(string Token, Guid MemberId, Guid OrganizationId);`

			`private sealed record AuthResponse(string Token, Guid MemberId);`

			`private sealed record InviteResponse(Guid InvitationId, string Token);`

			`private sealed record McpServerDto(Guid Id, string Name, string Endpoint, bool Enabled, List<string> HeaderNames);`

			`private sealed record McpTestResultDto(bool Success, string? Error, int ToolCount, List<string> ToolNames);`

			`[Fact]`
			`public async Task Owner_registers_a_server_with_encrypted_headers_and_a_member_cannot()`
			`{`
			`await using var factory = new TeamUpWebFactory(postgres.ConnectionString);`
			`using var anon = factory.CreateClient();`

			`var owner = await PostOk<BootstrapResponse>(anon, "/api/identity/bootstrap", new`
			`{`
			`organizationName = "AliaSaaS",`
			`ownerEmail = "owner@alia.test",`
			`ownerDisplayName = "Owner",`
			`ownerPassword = "Passw0rd!",`
			`});`
			`using var client = Authed(factory, owner.Token);`

			`// Create with an auth header — the response exposes only the header NAME, never its value.`
			`var created = await PostOk<McpServerDto>(client, "/api/integrations/mcp-servers", new`
			`{`
			`organizationId = owner.OrganizationId,`
			`name = "GitHub MCP",`
			`endpoint = "https://mcp.example.com/mcp",`
			`headers = new Dictionary<string, string> { ["Authorization"] = "Bearer super-secret-token" },`
			`});`
			`Assert.Equal("GitHub MCP", created.Name);`
			`Assert.True(created.Enabled);`
			`Assert.Equal(["Authorization"], created.HeaderNames);`

			`// Listing also never leaks the value.`
			`var list = await client.GetFromJsonAsync<List<McpServerDto>>(`
			`$"/api/integrations/mcp-servers?organizationId={owner.OrganizationId}");`
			`var server = Assert.Single(list!);`
			`Assert.Equal(["Authorization"], server.HeaderNames);`

			`// A bad endpoint is rejected.`
			`var bad = await client.PostAsJsonAsync("/api/integrations/mcp-servers", new`
			`{`
			`organizationId = owner.OrganizationId,`
			`name = "Bad",`
			`endpoint = "not-a-url",`
			`headers = (object?)null,`
			`});`
			`Assert.Equal(HttpStatusCode.BadRequest, bad.StatusCode);`

			`// Test endpoint on an unreachable server fails gracefully (no throw), reporting the reason.`
			`var test = await client.PostAsync($"/api/integrations/mcp-servers/{created.Id}/test", content: null);`
			`Assert.Equal(HttpStatusCode.OK, test.StatusCode);`
			`var result = await test.Content.ReadFromJsonAsync<McpTestResultDto>();`
			`Assert.False(result!.Success);`
			`Assert.NotNull(result.Error);`

			`// A plain Member cannot register a server (ManageApiKeys is owner-only).`
			`var invite = await PostOk<InviteResponse>(client, "/api/identity/invitations", new`
			`{`
			`email = "dev@alia.test",`
			`scopeType = "Organization",`
			`scopeId = owner.OrganizationId,`
			`role = "Member",`
			`organizationId = owner.OrganizationId,`
			`});`
			`var member = await PostOk<AuthResponse>(anon, "/api/identity/invitations/accept",`
			`new { token = invite.Token, displayName = "Dev", password = "Passw0rd!" });`
			`using var memberClient = Authed(factory, member.Token);`

			`var forbidden = await memberClient.PostAsJsonAsync("/api/integrations/mcp-servers", new`
			`{`
			`organizationId = owner.OrganizationId,`
			`name = "Nope",`
			`endpoint = "https://mcp.example.com/mcp",`
			`headers = (object?)null,`
			`});`
			`Assert.Equal(HttpStatusCode.Forbidden, forbidden.StatusCode);`

			`// The owner can delete it.`
			`var deleted = await client.DeleteAsync($"/api/integrations/mcp-servers/{created.Id}");`
			`Assert.Equal(HttpStatusCode.NoContent, deleted.StatusCode);`
			`}`

			`private static HttpClient Authed(TeamUpWebFactory factory, string token)`
			`{`
			`var client = factory.CreateClient();`
			`client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);`
			`return client;`
			`}`

			`private static async Task<T> PostOk<T>(HttpClient client, string url, object body)`
			`{`
			`var response = await client.PostAsJsonAsync(url, body);`
			`Assert.Equal(HttpStatusCode.OK, response.StatusCode);`
			`var value = await response.Content.ReadFromJsonAsync<T>();`
			`Assert.NotNull(value);`
			`return value!;`
			`}`
			`}`