fix: e2e ui tests for mcp registry

[sammaji]

Summary

Refactors the OAuth e2e test flow to use a direct API-based approach instead of relying on browser popup events. This resolves flakiness caused by waiting for popup windows to open and close during OAuth authorization in tests.

Changes

• Introduced a completeOAuthFlow helper that navigates to the authorization URL in a new page, completes the login form, then polls the OAuth status endpoint until authorized and calls the complete-oauth endpoint directly — bypassing the need to intercept popup events.
• Added createOAuthClient method to MCPRegistryPage that intercepts the pending_oauth API response and returns the authorize_url, oauth_config_id, and related fields for use in completeOAuthFlow.
• Updated selectAuthType to reflect the new UI split between auth type (e.g., oauth) and auth scope (e.g., shared vs per_user). per_user_oauth is now expressed as auth type oauth + scope per_user.
• Added selectAuthScope method to handle the new auth-scope-select dropdown.
• Added expandOAuthAdvancedIfCollapsed to expand the collapsible OAuth advanced section before interacting with fields like client ID and secret.
• Updated OAuth input locators to prefer data-testid attributes with placeholder-based selectors as fallbacks.
• Updated viewClientDetails to open the actions menu and click "Edit" rather than clicking the row directly.

Type of change

• Bug fix
• Refactor
• Feature
• Documentation
• Chore/CI

Affected areas

• Core (Go)
• Transports (HTTP)
• Providers/Integrations
• Plugins
• UI (React)
• Docs

How to test

Run the MCP registry e2e tests with the OAuth demo server running:

MCP_SSE_HEADERS=1 npx playwright test tests/e2e/features/mcp-registry/mcp-registry.spec.ts

Verify that the OAuth and per-user OAuth client creation tests complete without flakiness, and that the created clients appear as connected in the registry table.

Screenshots/Recordings

N/A — no UI visual changes.

Breaking changes

• Yes
• No

Related issues

N/A

Security considerations

No new auth flows or secrets handling introduced. The test helper uses the existing OAuth demo server and status/complete endpoints already present in the application.

Checklist

• I read docs/contributing/README.md and followed the guidelines
• I added/updated tests where appropriate
• I updated documentation where needed
• I verified builds succeed (Go and UI)
• I verified the CI pipeline passes locally if applicable

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: cf8ea24c-1b6e-49d8-bcc1-41c8475a42c9

📥 Commits

Reviewing files that changed from the base of the PR and between 696b27a and bd8e1d7.

📒 Files selected for processing (2)

• tests/e2e/features/mcp-registry/mcp-registry.spec.ts
• tests/e2e/features/mcp-registry/pages/mcp-registry.page.ts

🚧 Files skipped from review as they are similar to previous changes (2)

• tests/e2e/features/mcp-registry/mcp-registry.spec.ts
• tests/e2e/features/mcp-registry/pages/mcp-registry.page.ts

---

📝 Walkthrough

Summary by CodeRabbit

• Tests
  • Improved end-to-end OAuth flow testing by centralizing authorization completion in a shared helper.
  • Updated OAuth client creation flows to use a new OAuth-specific creation helper and streamlined UI interactions.
  • Enhanced the registry page test support to select OAuth auth scope, auto-expand “OAuth Advanced” controls, and reliably wait for authorizer actions before asserting results.

Walkthrough

The MCP registry OAuth e2e tests are refactored to use a centralized completeOAuthFlow helper that drives popup login and polls authorization status. The page object gains authScopeSelect, reworked selectAuthType/selectAuthScope, new expandOAuthAdvancedIfCollapsed and waitForOAuthAuthorizerAction helpers, a createOAuthClient method with pending_oauth response validation, and an updated viewClientDetails.

Changes

MCP Registry OAuth E2E Test Refactor

Layer / File(s)	Summary
Page object locators and OAuth input selectors tests/e2e/features/mcp-registry/pages/mcp-registry.page.ts	Adds authScopeSelect locator field, initializes it in the constructor, and updates OAuth input locators with fallback selectors for client id/secret, authorize URL, token URL, and scopes.
Auth type/scope selection and OAuth advanced expansion helpers tests/e2e/features/mcp-registry/pages/mcp-registry.page.ts	Reworks selectAuthType to map per_user_oauth to the oauth kind, adds selectAuthScope, expandOAuthAdvancedIfCollapsed, and waitForOAuthAuthorizerAction; wires expandOAuthAdvancedIfCollapsed into the form fill path.
createOAuthClient and pending_oauth handling tests/e2e/features/mcp-registry/pages/mcp-registry.page.ts	Modifies createClient to detect pending_oauth and return early after waiting for the authorizer action; adds createOAuthClient validating the pending_oauth shape; updates viewClientDetails to use the actions menu.
completeOAuthFlow helper and updated spec tests tests/e2e/features/mcp-registry/mcp-registry.spec.ts	Adds completeOAuthFlow that submits the popup login, polls the status endpoint, and POSTs to complete; updates standard and per-user OAuth test cases to use createOAuthClient and the new helper, and calls expandOAuthAdvancedIfCollapsed when selecting auth type.

Sequence Diagram(s)

sequenceDiagram
  participant Spec as Test Spec
  participant Page as MCPRegistryPage
  participant Popup as OAuth Popup
  participant Status as Status Endpoint
  participant Complete as Complete Endpoint

  Spec->>Page: createOAuthClient(config)
  Page-->>Spec: { authorize_url, status_url, complete_url, ... }
  Spec->>Popup: open authorize_url, fill login form, submit
  loop poll until status == authorized
    Spec->>Status: GET status_url
    Status-->>Spec: { status }
  end
  Spec->>Complete: POST complete_url
  Complete-->>Spec: 200 OK
  Spec->>Page: goto()
  Spec->>Page: assertClientExists()

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• maximhq/bifrost#3467: Directly adds the OAuth and per-user OAuth e2e coverage and page/data changes in the MCP registry tests that this PR refactors.
• maximhq/bifrost#3799: Introduced the split kind/scope dropdowns and OAuth fields accordion in mcpClientForm.tsx that the new selectAuthScope and expandOAuthAdvancedIfCollapsed page helpers target.

Suggested reviewers

• akshaydeo
• danpiths

Poem

🐇 Hop, hop! No more popup juggling woes,
A completeOAuthFlow helper now flows,
Poll the status, POST complete, back to the page,
Auth scopes expanded on every stage,
The registry tests now dance in a row —
This bunny approves of the OAuth show! 🎉

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix: e2e ui tests for mcp registry' accurately describes the main change—refactoring OAuth e2e tests—but uses a broad 'fix' label when the description clarifies this is a refactor, not a bug fix.
Description check	✅ Passed	The PR description comprehensively covers all required template sections including summary, detailed changes, type of change (refactor), affected areas, testing instructions, breaking changes, and security considerations.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch 06-19-fix_e2e_ui_tests_for_mcp_registry

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sammaji]

• fix: e2e ui tests for mcp registry #4558 👈 (View in Graphite)
• fix: e2e ui tests for model limts #4519
• fix: e2e ui tests for providers management #4517
• fix: adds explicit content type header for container delete #4490
• dev

This stack of pull requests is managed by Graphite. Learn more about stacking.

[greptile-apps]

Confidence Score: 5/5

Safe to merge — changes are confined to e2e test infrastructure with no production code touched.

The refactor correctly replaces fragile popup-event interception with a well-guarded polling loop. The complete-oauth fallback URL correctly uses oauth_config_id (confirmed against the Go handler and the existing UI mcpApi.ts). The only noteworthy code issue is that createClient's pendingOAuth branch discards the locator returned by waitForOAuthAuthorizerAction without clicking it, but OAuth tests no longer go through that path, so it has no effect on the current suite.

The pendingOAuth branch in createClient inside mcp-registry.page.ts is worth cleaning up to avoid future confusion, but it is not reachable by any test in this PR.

Important Files Changed

Filename	Overview
tests/e2e/features/mcp-registry/mcp-registry.spec.ts	Refactors OAuth and per-user OAuth test cases to use new createOAuthClient + completeOAuthFlow helpers; adds completeOAuthFlow helper with polling loop, proper ok() guard, and safe error handling.
tests/e2e/features/mcp-registry/pages/mcp-registry.page.ts	Adds createOAuthClient, selectAuthScope, expandOAuthAdvancedIfCollapsed, and waitForOAuthAuthorizerAction methods; the pendingOAuth fallback branch in createClient calls waitForOAuthAuthorizerAction but discards the returned locator without clicking it.

_{Reviews (2): Last reviewed commit: "fix: e2e ui tests for mcp registry" | Re-trigger Greptile}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

tests/e2e/features/mcp-registry/mcp-registry.spec.ts (2)

14-14: ⚡ Quick win

Replace any types with proper Playwright types for type safety.

The page parameter uses any for both context() return and request, which loses type safety and violates the TypeScript strictness guideline. Use Playwright's Page type directly.

♻️ Suggested fix

+import { Page } from '`@playwright/test`'
+
-async function completeOAuthFlow(page: { context: () => any; request: any }, flow: {
+async function completeOAuthFlow(page: Page, flow: {
   authorize_url: string
   oauth_config_id: string
   complete_url?: string
   status_url?: string
 }) {

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/e2e/features/mcp-registry/mcp-registry.spec.ts` at line 14, The
completeOAuthFlow function parameter page uses any types for both context() and
request properties, losing type safety. Replace the page parameter type
annotation with Playwright's proper Page type instead of the current object
definition with any values. Make sure to import the Page type from the
Playwright testing library if it is not already imported at the top of the file.

Source: Coding guidelines

---

39-39: ⚡ Quick win

Add a descriptive failure message to the polling timeout assertion.

When the polling loop exhausts all 30 attempts without reaching authorized, the assertion expect(authorized).toBe(true) fails with a generic message. Adding context helps diagnose flaky test failures.

♻️ Suggested fix

-  expect(authorized).toBe(true)
+  expect(authorized, `OAuth status did not become 'authorized' after polling ${statusUrl} for 15s`).toBe(true)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/e2e/features/mcp-registry/mcp-registry.spec.ts` at line 39, The expect
assertion for authorized in the polling loop lacks a descriptive failure
message, making it difficult to diagnose why the test fails. Modify the
expect(authorized).toBe(true) statement to include a custom failure message as
the second parameter that provides context about what was being waited for and
how many polling attempts were made. This will help clarify the root cause when
the 30-attempt polling timeout is exhausted.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tests/e2e/features/mcp-registry/pages/mcp-registry.page.ts`:
- Around line 514-519: The return type declares mcp_client_id as a required
string field, but the validation check only verifies status, authorize_url, and
oauth_config_id properties. Add mcp_client_id to the existing condition
validation alongside the other required fields to ensure the API response
actually contains this required property before returning the body, preventing
the caller from receiving undefined values despite the type contract.

---

Nitpick comments:
In `@tests/e2e/features/mcp-registry/mcp-registry.spec.ts`:
- Line 14: The completeOAuthFlow function parameter page uses any types for both
context() and request properties, losing type safety. Replace the page parameter
type annotation with Playwright's proper Page type instead of the current object
definition with any values. Make sure to import the Page type from the
Playwright testing library if it is not already imported at the top of the file.
- Line 39: The expect assertion for authorized in the polling loop lacks a
descriptive failure message, making it difficult to diagnose why the test fails.
Modify the expect(authorized).toBe(true) statement to include a custom failure
message as the second parameter that provides context about what was being
waited for and how many polling attempts were made. This will help clarify the
root cause when the 30-attempt polling timeout is exhausted.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: dae01e9b-8447-45ab-a520-59742c7c188e

📥 Commits

Reviewing files that changed from the base of the PR and between eee4550 and 696b27a.

📒 Files selected for processing (2)

• tests/e2e/features/mcp-registry/mcp-registry.spec.ts
• tests/e2e/features/mcp-registry/pages/mcp-registry.page.ts

[akshaydeo]

Merge activity

• Jun 19, 6:09 PM UTC: A user started a stack merge that includes this pull request via Graphite.
• Jun 19, 6:12 PM UTC: @akshaydeo merged this pull request with Graphite.

The base branch was changed.