fix: Add more debugging for OAuth flow requests

Author: clareliguori

e2e_tests/typescript/src/server_clients/automated_oauth.ts

@@ -470,12 +470,6 @@ export class AutomatedOAuthClient extends Server {
     });
     const resourceMetadataUrl = extractResourceMetadataUrl(response);
 
-    if (!resourceMetadataUrl) {
-      throw new Error(
-        "No resource metadata URL found in WWW-Authenticate header"
-      );
-    }
-
     logger.debug(`Discovered resource metadata URL: ${resourceMetadataUrl}`);
     logger.debug("Fetching OAuth protected resource metadata...");
 
@@ -530,7 +524,9 @@ export class AutomatedOAuthClient extends Server {
       // This is a temporary workaround for AgentCore Gateways,
       // which currently return 404 on GET requests, instead of the expected 405
       fetch: async (url, init) => {
+        logger.debug(`Fetch request: ${init?.method || 'GET'} ${url}`);
         if (init?.method === "GET") {
+          logger.debug("Blocking GET request, returning 405");
           return new Response(null, {
             status: 405,
             statusText: "Method Not Allowed",

examples/chatbots/typescript/src/server_clients/interactive_oauth.ts

@@ -490,7 +490,13 @@ export class InteractiveOAuthClient extends Server {
     logger.debug("Making initial request to discover OAuth metadata...");
 
     const serverUrl = this.config.serverUrl;
-    const response = await fetch(serverUrl);
+    const response = await fetch(serverUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+      },
+      body: JSON.stringify({ jsonrpc: "2.0", method: "ping", id: 1 }),
+    });
     const resourceMetadataUrl = extractResourceMetadataUrl(response);
 
     logger.debug(`Discovered resource metadata URL: ${resourceMetadataUrl}`);
@@ -526,6 +532,20 @@ export class InteractiveOAuthClient extends Server {
     const baseUrl = new URL(this.config.serverUrl);
     const transport = new StreamableHTTPClientTransport(baseUrl, {
       authProvider: oauthProvider,
+      // Override fetch to handle POST-only endpoints
+      // This is a temporary workaround for AgentCore Gateways,
+      // which currently return 404 on GET requests, instead of the expected 405
+      fetch: async (url, init) => {
+        logger.debug(`Fetch request: ${init?.method || 'GET'} ${url}`);
+        if (init?.method === "GET") {
+          logger.debug("Blocking GET request, returning 405");
+          return new Response(null, {
+            status: 405,
+            statusText: "Method Not Allowed",
+          });
+        }
+        return fetch(url, init);
+      },
     });
 
     try {