Skip to content

--allow-http flag does not propagate to MCP OAuth resource-URL check #1664

Closed
Closed
--allow-http flag does not propagate to MCP OAuth resource-URL check#1664
Labels
claude-triaged
@bokelley

Description

@bokelley
bokelley
opened on May 11, 2026

Summary

The CLI's --allow-http flag is plumbed through comply, storyboard, and grade subcommands but does NOT reach MCPOAuthProvider.validateResourceURL. As a result, any attempt to OAuth against a local-dev MCP server (http://localhost:...) fails with Server at <url> advertised non-HTTPS resource URL: <url> even when --allow-http is passed.

Repro

# Spin up any AdCP-compliant MCP server on http://localhost:3000/<platform>/mcp
# Then:
npx @adcp/sdk@latest --allow-http http://localhost:3000/figma/mcp --save-auth figma-local --oauth

Result:

🔍 Auto-detecting protocol...
✓ Detected protocol: MCP

Connecting to MCP agent...

❌ ERROR

Server at http://localhost:3000/figma/mcp advertised non-HTTPS resource URL: http://localhost:3000/figma

Root cause

MCPOAuthProvider.validateResourceURL in lib/auth/oauth/MCPOAuthProvider.js:86-95 throws unconditionally on non-HTTPS resource:

async validateResourceURL(serverUrl, resource) {
    if (!resource) return undefined;
    const resourceURL = new URL(resource);
    if (resourceURL.protocol !== 'https:') {
        throw new Error(`Server at ${serverUrl} advertised non-HTTPS resource URL: ${resource}`);
    }
    return resourceURL;
}

There's no allowHttp parameter on this method. The CLI's bin/adcp.js parses --allow-http (line 793, 2805, 2858) and threads it into comply / storyboard / grade via opts.allowHttp (lines 3390, 3648, 3849), but the --oauth path doesn't carry it down.

The same package's ClientCredentialsFlow.js:135 already has a localhost / loopback carve-out for the client-credentials flow — the auth-code flow's validateResourceURL is just missing the equivalent.

Expected behavior

One of:

  1. --allow-http propagates to MCPOAuthProvider, allowing HTTP resource URLs when set.
  2. MCPOAuthProvider.validateResourceURL always allows loopback hosts (localhost, 127.0.0.1, [::1]) — matching ClientCredentialsFlow.js and the RFC 6749 §3.1.2.1 carve-out for loopback redirects.
  3. Both: loopback always allowed; non-loopback HTTP gated on --allow-http.

Option 2 or 3 unblocks local-dev workflows without requiring every developer to remember a flag.

Also: --allow-http is missing from top-level --help

The flag works for comply/storyboard/grade but doesn't show up in npx adcp --help under OPTIONS. Worth documenting either way, plus the propagation fix above.

Context

Surfaced building a Figma creative agent — fully spec-compliant MCP server on http://localhost:3000/figma/mcp. The wrapper itself correctly returns a 401 + WWW-Authenticate pointing at /.well-known/oauth-protected-resource, the metadata document is well-formed, the only obstacle to a clean OAuth dance is this validator throwing on the local resource. Current workaround: front the wrapper with ngrok to get an HTTPS URL.

Metadata

Metadata

Assignees

No one assigned

    Labels

    claude-triaged

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions