Skip to content

Commit 8714650

Browse files
waleedlatif1claude
waleedlatif1
and
claude
committed
fix(mcp): preserve oauthClientSecret on POST upsert when not provided
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
1 parent 3f4196a commit 8714650

1 file changed

Lines changed: 29 additions & 25 deletions

File tree

apps/sim/app/api/mcp/servers/route.ts

Lines changed: 29 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -127,9 +127,11 @@ export const POST = withRouteHandler(
127127
// User-supplied client credentials imply OAuth; pin authType regardless of probe.
128128
if (body.oauthClientId) resolvedAuthType = 'oauth'
129129

130+
const oauthClientSecretProvided = body.oauthClientSecret !== undefined
130131
const oauthClientSecretEncrypted = body.oauthClientSecret
131132
? (await encryptSecret(body.oauthClientSecret)).encrypted
132133
: null
134+
const oauthClientIdProvided = body.oauthClientId !== undefined
133135
const oauthClientId = body.oauthClientId || null
134136

135137
const [existingServer] = await db
@@ -150,18 +152,20 @@ export const POST = withRouteHandler(
150152
)
151153

152154
const urlChanged = existingServer.url !== body.url
153-
const clientIdChanged = (oauthClientId || null) !== (existingServer.oauthClientId ?? null)
155+
const clientIdChanged =
156+
oauthClientIdProvided &&
157+
(oauthClientId || null) !== (existingServer.oauthClientId ?? null)
154158
let clientSecretChanged = false
155-
if (body.oauthClientSecret) {
156-
if (!existingServer.oauthClientSecret) {
159+
if (oauthClientSecretProvided) {
160+
if (!body.oauthClientSecret) {
161+
clientSecretChanged = existingServer.oauthClientSecret != null
162+
} else if (!existingServer.oauthClientSecret) {
157163
clientSecretChanged = true
158164
} else {
159165
const currentPlaintext = (await decryptSecret(existingServer.oauthClientSecret))
160166
.decrypted
161167
clientSecretChanged = currentPlaintext !== body.oauthClientSecret
162168
}
163-
} else if (existingServer.oauthClientSecret) {
164-
clientSecretChanged = true
165169
}
166170
const oauthCredsChanged = clientIdChanged || clientSecretChanged
167171

@@ -172,26 +176,26 @@ export const POST = withRouteHandler(
172176
if (shouldClearOauth) {
173177
await tx.delete(mcpServerOauth).where(eq(mcpServerOauth.mcpServerId, serverId))
174178
}
175-
await tx
176-
.update(mcpServers)
177-
.set({
178-
name: body.name,
179-
description: body.description,
180-
transport: body.transport,
181-
url: body.url,
182-
authType: resolvedAuthType,
183-
oauthClientId,
184-
oauthClientSecret: oauthClientSecretEncrypted,
185-
headers: body.headers || {},
186-
timeout: body.timeout || 30000,
187-
retries: body.retries || 3,
188-
enabled: body.enabled !== false,
189-
connectionStatus: resolvedAuthType === 'oauth' ? 'disconnected' : 'connected',
190-
lastConnected: resolvedAuthType === 'oauth' ? null : new Date(),
191-
updatedAt: new Date(),
192-
deletedAt: null,
193-
})
194-
.where(eq(mcpServers.id, serverId))
179+
const updateValues: Record<string, unknown> = {
180+
name: body.name,
181+
description: body.description,
182+
transport: body.transport,
183+
url: body.url,
184+
authType: resolvedAuthType,
185+
headers: body.headers || {},
186+
timeout: body.timeout || 30000,
187+
retries: body.retries || 3,
188+
enabled: body.enabled !== false,
189+
connectionStatus: resolvedAuthType === 'oauth' ? 'disconnected' : 'connected',
190+
lastConnected: resolvedAuthType === 'oauth' ? null : new Date(),
191+
updatedAt: new Date(),
192+
deletedAt: null,
193+
}
194+
if (oauthClientIdProvided) updateValues.oauthClientId = oauthClientId
195+
if (oauthClientSecretProvided) {
196+
updateValues.oauthClientSecret = oauthClientSecretEncrypted
197+
}
198+
await tx.update(mcpServers).set(updateValues).where(eq(mcpServers.id, serverId))
195199
})
196200

197201
if (shouldClearOauth) {

0 commit comments

Comments
 (0)