fix(mcp): clear OAuth tokens on POST upsert; validate https; OAuthClientProvider conformance

- POST upsert now clears mcp_server_oauth rows when URL or client credentials change
- Validate https: scheme on authorizationUrl before window.open to prevent javascript: URI execution
- SimMcpOauthProvider now declares 'implements OAuthClientProvider' so SDK upgrades surface as compile errors
- Edit form only sends oauthClientId when changed, mirroring oauthClientSecret behavior

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

Author: waleedlatif1

apps/sim/app/api/mcp/servers/route.ts

@@ -1,14 +1,14 @@
 import { AuditAction, AuditResourceType, recordAudit } from '@sim/audit'
 import { db } from '@sim/db'
-import { mcpServers } from '@sim/db/schema'
+import { mcpServerOauth, mcpServers } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { toError } from '@sim/utils/errors'
 import { generateId } from '@sim/utils/id'
 import { and, eq, isNull } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
 import { createMcpServerBodySchema, deleteMcpServerByQuerySchema } from '@/lib/api/contracts/mcp'
 import { validationErrorResponse } from '@/lib/api/server'
-import { encryptSecret } from '@/lib/core/security/encryption'
+import { decryptSecret, encryptSecret } from '@/lib/core/security/encryption'
 import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
 import {
   McpDnsResolutionError,
@@ -133,7 +133,13 @@ export const POST = withRouteHandler(
         const oauthClientId = body.oauthClientId || null
 
         const [existingServer] = await db
-          .select({ id: mcpServers.id, deletedAt: mcpServers.deletedAt })
+          .select({
+            id: mcpServers.id,
+            deletedAt: mcpServers.deletedAt,
+            url: mcpServers.url,
+            oauthClientId: mcpServers.oauthClientId,
+            oauthClientSecret: mcpServers.oauthClientSecret,
+          })
           .from(mcpServers)
           .where(and(eq(mcpServers.id, serverId), eq(mcpServers.workspaceId, workspaceId)))
           .limit(1)
@@ -143,6 +149,29 @@ export const POST = withRouteHandler(
             `[${requestId}] Server with ID ${serverId} already exists, updating instead of creating`
           )
 
+          const urlChanged = existingServer.url !== body.url
+          const clientIdChanged = (oauthClientId || null) !== (existingServer.oauthClientId ?? null)
+          let clientSecretChanged = false
+          if (body.oauthClientSecret) {
+            if (!existingServer.oauthClientSecret) {
+              clientSecretChanged = true
+            } else {
+              const currentPlaintext = (await decryptSecret(existingServer.oauthClientSecret))
+                .decrypted
+              clientSecretChanged = currentPlaintext !== body.oauthClientSecret
+            }
+          } else if (existingServer.oauthClientSecret) {
+            clientSecretChanged = true
+          }
+          const oauthCredsChanged = clientIdChanged || clientSecretChanged
+
+          if (urlChanged || oauthCredsChanged) {
+            await db.delete(mcpServerOauth).where(eq(mcpServerOauth.mcpServerId, serverId))
+            logger.info(
+              `[${requestId}] Cleared OAuth credentials for server ${serverId} due to ${urlChanged ? 'URL' : 'OAuth credential'} change`
+            )
+          }
+
           await db
             .update(mcpServers)
             .set({

apps/sim/app/workspace/[workspaceId]/settings/components/mcp/components/mcp-server-form-modal/mcp-server-form-modal.tsx

@@ -507,6 +507,8 @@ export function McpServerFormModal({
       const headers = headersToRecord(formData.headers)
       const oauthClientId = formData.oauthClientId?.trim()
       const oauthClientSecret = formData.oauthClientSecret?.trim()
+      const originalClientId = (originalData.oauthClientId || '').trim()
+      const oauthClientIdChanged = (oauthClientId || '') !== originalClientId
 
       const connectionResult = await testConnection({
         name: formData.name,
@@ -538,7 +540,12 @@ export function McpServerFormModal({
         url: formData.url!,
         headers,
         timeout: formData.timeout || 30000,
-        oauthClientId: mode === 'edit' ? (oauthClientId ?? '') : oauthClientId || undefined,
+        oauthClientId:
+          mode === 'edit'
+            ? oauthClientIdChanged
+              ? (oauthClientId ?? '')
+              : undefined
+            : oauthClientId || undefined,
         oauthClientSecret:
           mode === 'edit'
             ? oauthClientSecretTouched
@@ -565,6 +572,7 @@ export function McpServerFormModal({
     onOpenChange,
     mode,
     oauthClientSecretTouched,
+    originalData,
   ])
 
   const handleSubmitJson = useCallback(async () => {

apps/sim/hooks/queries/mcp.ts

@@ -185,6 +185,10 @@ export function useStartMcpOauth() {
         query: { serverId, workspaceId },
       })
       if (result.status === 'redirect') {
+        const parsedUrl = new URL(result.authorizationUrl)
+        if (parsedUrl.protocol !== 'https:') {
+          throw new Error('Authorization URL must use HTTPS')
+        }
         const popup = window.open(
           result.authorizationUrl,
           'mcp-oauth',

apps/sim/lib/mcp/oauth/provider.ts

@@ -1,3 +1,4 @@
+import type { OAuthClientProvider } from '@modelcontextprotocol/sdk/client/auth.js'
 import type {
   OAuthClientInformationMixed,
   OAuthClientMetadata,
@@ -43,7 +44,7 @@ interface SimMcpOauthProviderInit {
   preregistered?: PreregisteredClient
 }
 
-export class SimMcpOauthProvider {
+export class SimMcpOauthProvider implements OAuthClientProvider {
   private row: McpOauthRow
   private readonly scope?: string
   private readonly preregistered?: PreregisteredClient