Goose should initiate oauth flow in response to 401/www-authenticate from any messages, not just initialization

Open jamadeo opened this issue 3 months ago • 3 comments

This might need some work in rmcp

Sep 10 '25 18:09 jamadeo

Yeah, I ran into the same issue. It seems that Goose OAuth is following the outdated 202503-26 version of spec.

Sep 11 '25 04:09 zhaohuabing

Yes please! This is highly irritating when developing a server that requires auth.

Sep 15 '25 21:09 kentcdodds

checking if this is still in progress?

Oct 28 '25 23:10 zanesq

@zanesq I don't know of anything in progress for this on the goose side specifically, but rmcp has seen a decent amount of recent oauth-related development: https://github.com/modelcontextprotocol/rust-sdk/pulls?q=is%3Apr+oauth

Oct 29 '25 16:10 jamadeo