remove CAPI specific header

Author: mattdholloway

pkg/http/headers/headers.go

@@ -26,10 +26,6 @@ const (
 	// ForwardedProtoHeader is a standard HTTP Header for preserving the original protocol when proxying.
 	ForwardedProtoHeader = "X-Forwarded-Proto"
 
-	// OriginalPathHeader is set to preserve the original request path
-	// before the /mcp prefix was stripped during proxying.
-	OriginalPathHeader = "X-GitHub-Original-Path"
-
 	// RequestHmacHeader is used to authenticate requests to the Raw API.
 	RequestHmacHeader = "Request-Hmac"
 

pkg/http/oauth/oauth.go

@@ -132,21 +132,10 @@ func (h *AuthHandler) routesForPattern(pattern string) []string {
 }
 
 // GetEffectiveResourcePath returns the resource path for OAuth protected resource URLs.
-// It checks for the X-GitHub-Original-Path header set by GitHub, which contains
-// the exact path the client requested before the /mcp prefix was stripped.
-// If the header is not present, it falls back to
-// restoring the /mcp prefix.
+// It uses the request's URL path directly. For deployments where a prefix like /mcp
+// is stripped by a proxy, the proxy should set the BaseURL config appropriately.
 func GetEffectiveResourcePath(r *http.Request) string {
-	// Check for the original path header from GitHub (preferred method)
-	if originalPath := r.Header.Get(headers.OriginalPathHeader); originalPath != "" {
-		return originalPath
-	}
-
-	// Fallback: GitHub strips /mcp prefix, so we need to restore it for the external URL
-	if r.URL.Path == "/" {
-		return "/mcp"
-	}
-	return "/mcp" + r.URL.Path
+	return r.URL.Path
 }
 
 // GetProtectedResourceData builds the OAuth protected resource data for a request.

pkg/http/oauth/oauth_test.go

@@ -185,38 +185,32 @@ func TestGetEffectiveResourcePath(t *testing.T) {
 		expectedPath string
 	}{
 		{
-			name: "root path without original path header",
+			name: "root path",
 			setupRequest: func() *http.Request {
-				req := httptest.NewRequest(http.MethodGet, "/", nil)
-				return req
+				return httptest.NewRequest(http.MethodGet, "/", nil)
 			},
-			expectedPath: "/mcp",
+			expectedPath: "/",
 		},
 		{
-			name: "non-root path without original path header",
+			name: "mcp path",
 			setupRequest: func() *http.Request {
-				req := httptest.NewRequest(http.MethodGet, "/readonly", nil)
-				return req
+				return httptest.NewRequest(http.MethodGet, "/mcp", nil)
 			},
-			expectedPath: "/mcp/readonly",
+			expectedPath: "/mcp",
 		},
 		{
-			name: "with X-GitHub-Original-Path header",
+			name: "readonly path",
 			setupRequest: func() *http.Request {
-				req := httptest.NewRequest(http.MethodGet, "/readonly", nil)
-				req.Header.Set(headers.OriginalPathHeader, "/mcp/x/repos/readonly")
-				return req
+				return httptest.NewRequest(http.MethodGet, "/readonly", nil)
 			},
-			expectedPath: "/mcp/x/repos/readonly",
+			expectedPath: "/readonly",
 		},
 		{
-			name: "original path header takes precedence",
+			name: "nested path",
 			setupRequest: func() *http.Request {
-				req := httptest.NewRequest(http.MethodGet, "/something-else", nil)
-				req.Header.Set(headers.OriginalPathHeader, "/mcp/custom/path")
-				return req
+				return httptest.NewRequest(http.MethodGet, "/mcp/x/repos", nil)
 			},
-			expectedPath: "/mcp/custom/path",
+			expectedPath: "/mcp/x/repos",
 		},
 	}