Fix OAuth redirect URI mismatch in debug flow

Register both normal and debug redirect URIs in client metadata to prevent mismatch errors when using the Auth tab's debug mode versus normal connection flow.

Author: bhosmer-ant

client/src/lib/auth.ts

@@ -117,9 +117,14 @@ export class InspectorOAuthClientProvider implements OAuthClientProvider {
     return window.location.origin + "/oauth/callback";
   }
 
+  get debugRedirectUrl() {
+    return window.location.origin + "/oauth/callback/debug";
+  }
+
   get clientMetadata(): OAuthClientMetadata {
+    // Register both redirect URIs to support both normal and debug flows
     return {
-      redirect_uris: [this.redirectUrl],
+      redirect_uris: [this.redirectUrl, this.debugRedirectUrl],
       token_endpoint_auth_method: "none",
       grant_types: ["authorization_code", "refresh_token"],
       response_types: ["code"],
@@ -223,11 +228,13 @@ export class InspectorOAuthClientProvider implements OAuthClientProvider {
   }
 }
 
-// Overrides debug URL and allows saving server OAuth metadata to
+// Overrides redirect URL to use the debug endpoint and allows saving server OAuth metadata to
 // display in debug UI.
 export class DebugInspectorOAuthClientProvider extends InspectorOAuthClientProvider {
   get redirectUrl(): string {
-    return `${window.location.origin}/oauth/callback/debug`;
+    // We can use the debug redirect URL here because it was already registered
+    // in the parent class's clientMetadata along with the normal redirect URL
+    return this.debugRedirectUrl;
   }
 
   saveServerMetadata(metadata: OAuthMetadata) {