@vellumai/assistant 0.6.2 → 0.6.3

package/src/__tests__/oauth-connect-orchestrator.test.ts

@@ -13,7 +13,7 @@ let lastStartArgs: {
 } | null = null;
 
 let mockPrepareResult: {
-  authUrl: string;
+  authorizeUrl: string;
   state: string;
   completion: Promise<{
     tokens: { accessToken: string; refreshToken?: string };
@@ -21,7 +21,7 @@ let mockPrepareResult: {
     rawTokenResponse: Record<string, unknown>;
   }>;
 } = {
-  authUrl: "https://provider.example.com/authorize?prepared",
+  authorizeUrl: "https://provider.example.com/authorize?prepared",
   state: "mock-state-123",
   completion: new Promise(() => {}), // never resolves by default
 };
@@ -86,21 +86,25 @@ mock.module("../oauth/scope-policy.js", () => ({
 
 // Provider store mock — configurable per test
 type ProviderRow = {
-  providerKey: string;
-  authUrl: string;
-  tokenUrl: string;
-  tokenEndpointAuthMethod: string | null;
+  provider: string;
+  authorizeUrl: string;
+  tokenExchangeUrl: string;
+  refreshUrl: string | null;
+  tokenEndpointAuthMethod: string;
   userinfoUrl: string | null;
   baseUrl: string | null;
   defaultScopes: string;
   scopePolicy: string;
-  extraParams: string | null;
+  scopeSeparator: string;
+  authorizeParams: string | null;
   pingUrl: string | null;
   pingMethod: string | null;
   pingHeaders: string | null;
   pingBody: string | null;
+  revokeUrl: string | null;
+  revokeBodyTemplate: string | null;
   managedServiceConfigKey: string | null;
-  displayName: string | null;
+  displayLabel: string | null;
   description: string | null;
   dashboardUrl: string | null;
   clientIdPlaceholder: string | null;
@@ -157,25 +161,29 @@ import { orchestrateOAuthConnect } from "../oauth/connect-orchestrator.js";
 // ---------------------------------------------------------------------------
 
 function makeProviderRow(
-  overrides: Partial<ProviderRow> & { providerKey: string },
+  overrides: Partial<ProviderRow> & { provider: string },
 ): ProviderRow {
   const now = Date.now();
   return {
-    authUrl: "https://provider.example.com/authorize",
-    tokenUrl: "https://provider.example.com/token",
-    tokenEndpointAuthMethod: null,
+    authorizeUrl: "https://provider.example.com/authorize",
+    tokenExchangeUrl: "https://provider.example.com/token",
+    refreshUrl: null,
+    tokenEndpointAuthMethod: "client_secret_post",
     userinfoUrl: null,
     baseUrl: null,
     defaultScopes: '["openid","email"]',
     scopePolicy:
       '{"allowAdditionalScopes":false,"allowedOptionalScopes":[],"forbiddenScopes":[]}',
-    extraParams: null,
+    scopeSeparator: " ",
+    authorizeParams: null,
     pingUrl: null,
     pingMethod: null,
     pingHeaders: null,
     pingBody: null,
+    revokeUrl: null,
+    revokeBodyTemplate: null,
     managedServiceConfigKey: null,
-    displayName: null,
+    displayLabel: null,
     description: null,
     dashboardUrl: null,
     clientIdPlaceholder: null,
@@ -200,19 +208,21 @@ function makeProviderRow(
 
 // Shared provider definitions used across tests
 const GOOGLE_PROVIDER = makeProviderRow({
-  providerKey: "google",
-  authUrl: "https://accounts.google.com/o/oauth2/v2/auth",
-  tokenUrl: "https://oauth2.googleapis.com/token",
+  provider: "google",
+  authorizeUrl: "https://accounts.google.com/o/oauth2/v2/auth",
+  tokenExchangeUrl: "https://oauth2.googleapis.com/token",
   loopbackPort: 17332,
-  displayName: "Google",
+  displayLabel: "Google",
 });
 
 const OUTLOOK_PROVIDER = makeProviderRow({
-  providerKey: "outlook",
-  authUrl: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
-  tokenUrl: "https://login.microsoftonline.com/common/oauth2/v2.0/token",
+  provider: "outlook",
+  authorizeUrl:
+    "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
+  tokenExchangeUrl:
+    "https://login.microsoftonline.com/common/oauth2/v2.0/token",
   loopbackPort: 17334,
-  displayName: "Outlook",
+  displayLabel: "Outlook",
 });
 
 // ---------------------------------------------------------------------------
@@ -227,7 +237,7 @@ beforeEach(() => {
   mockProviderStore = {};
 
   mockPrepareResult = {
-    authUrl: "https://provider.example.com/authorize?prepared",
+    authorizeUrl: "https://provider.example.com/authorize?prepared",
     state: "mock-state-123",
     completion: new Promise(() => {}),
   };
@@ -689,7 +699,7 @@ describe("orchestrateOAuthConnect — transport selection", () => {
   describe("provider without loopbackPort", () => {
     test("loopback transport passes undefined loopbackPort when provider has none", async () => {
       mockProviderStore["custom"] = makeProviderRow({
-        providerKey: "custom",
+        provider: "custom",
         loopbackPort: null, // no fixed port
       });
 
@@ -706,4 +716,86 @@ describe("orchestrateOAuthConnect — transport selection", () => {
       });
     });
   });
+
+  // -------------------------------------------------------------------------
+  // Scope separator propagation
+  // -------------------------------------------------------------------------
+
+  describe("scope separator propagation", () => {
+    test("comma separator from providerRow propagates to oauthConfig (deferred)", async () => {
+      mockProviderStore["linear"] = makeProviderRow({
+        provider: "linear",
+        scopeSeparator: ",",
+      });
+
+      await orchestrateOAuthConnect({
+        service: "linear",
+        clientId: "client-id",
+        isInteractive: false,
+        callbackTransport: "loopback",
+      });
+
+      expect(lastPrepareArgs).not.toBeNull();
+      const capturedConfig = lastPrepareArgs!.config as {
+        scopeSeparator: string;
+      };
+      expect(capturedConfig.scopeSeparator).toBe(",");
+    });
+
+    test("space separator (default) from providerRow propagates to oauthConfig (deferred)", async () => {
+      mockProviderStore["google"] = GOOGLE_PROVIDER;
+
+      await orchestrateOAuthConnect({
+        service: "google",
+        clientId: "client-id",
+        isInteractive: false,
+        callbackTransport: "loopback",
+      });
+
+      expect(lastPrepareArgs).not.toBeNull();
+      const capturedConfig = lastPrepareArgs!.config as {
+        scopeSeparator: string;
+      };
+      expect(capturedConfig.scopeSeparator).toBe(" ");
+    });
+
+    test("comma separator from providerRow propagates to oauthConfig (interactive)", async () => {
+      mockProviderStore["linear"] = makeProviderRow({
+        provider: "linear",
+        scopeSeparator: ",",
+      });
+
+      await orchestrateOAuthConnect({
+        service: "linear",
+        clientId: "client-id",
+        isInteractive: true,
+        callbackTransport: "loopback",
+        openUrl: () => {},
+      });
+
+      expect(lastStartArgs).not.toBeNull();
+      const capturedConfig = lastStartArgs!.config as {
+        scopeSeparator: string;
+      };
+      expect(capturedConfig.scopeSeparator).toBe(",");
+    });
+
+    test("space separator from providerRow propagates to oauthConfig (interactive)", async () => {
+      mockProviderStore["google"] = GOOGLE_PROVIDER;
+
+      await orchestrateOAuthConnect({
+        service: "google",
+        clientId: "client-id",
+        isInteractive: true,
+        callbackTransport: "loopback",
+        openUrl: () => {},
+      });
+
+      expect(lastStartArgs).not.toBeNull();
+      const capturedConfig = lastStartArgs!.config as {
+        scopeSeparator: string;
+      };
+      expect(capturedConfig.scopeSeparator).toBe(" ");
+    });
+  });
 });

package/src/__tests__/oauth-provider-seed-logos.test.ts

@@ -0,0 +1,23 @@
+import { describe, expect, test } from "bun:test";
+
+import { PROVIDER_SEED_DATA } from "../oauth/seed-providers.js";
+
+describe("PROVIDER_SEED_DATA logo URLs", () => {
+  test("every well-known provider has a Simple Icons CDN logoUrl", () => {
+    const missing: string[] = [];
+    const invalid: Array<{ provider: string; logoUrl: string }> = [];
+
+    for (const [key, seed] of Object.entries(PROVIDER_SEED_DATA)) {
+      if (!seed.logoUrl) {
+        missing.push(key);
+        continue;
+      }
+      if (!seed.logoUrl.startsWith("https://cdn.simpleicons.org/")) {
+        invalid.push({ provider: key, logoUrl: seed.logoUrl });
+      }
+    }
+
+    expect(missing).toEqual([]);
+    expect(invalid).toEqual([]);
+  });
+});

package/src/__tests__/oauth-provider-serializer.test.ts

@@ -10,24 +10,29 @@ import {
 function makeRow(overrides: Partial<OAuthProviderRow> = {}): OAuthProviderRow {
   const now = Date.now();
   return {
-    providerKey: "test-provider",
-    authUrl: "https://auth.example.com/authorize",
-    tokenUrl: "https://auth.example.com/token",
-    tokenEndpointAuthMethod: null,
+    provider: "test-provider",
+    authorizeUrl: "https://auth.example.com/authorize",
+    tokenExchangeUrl: "https://auth.example.com/token",
+    refreshUrl: null,
+    tokenEndpointAuthMethod: "client_secret_post",
     userinfoUrl: null,
     baseUrl: null,
     defaultScopes: "[]",
     scopePolicy: "{}",
-    extraParams: null,
+    scopeSeparator: " ",
+    authorizeParams: null,
     pingUrl: null,
     pingMethod: null,
     pingHeaders: null,
     pingBody: null,
+    revokeUrl: null,
+    revokeBodyTemplate: null,
     managedServiceConfigKey: null,
-    displayName: null,
+    displayLabel: null,
     description: null,
     dashboardUrl: null,
     clientIdPlaceholder: null,
+    logoUrl: null,
     requiresClientSecret: 1,
     loopbackPort: null,
     injectionTemplates: null,
@@ -52,7 +57,7 @@ describe("serializeProvider", () => {
     const row = makeRow({
       defaultScopes: JSON.stringify(["openid", "email"]),
       scopePolicy: JSON.stringify({ required: ["openid"] }),
-      extraParams: JSON.stringify({ access_type: "offline" }),
+      authorizeParams: JSON.stringify({ access_type: "offline" }),
       pingHeaders: JSON.stringify({ "X-Api-Version": "2" }),
       pingBody: JSON.stringify({ query: "{ me { id } }" }),
       injectionTemplates: JSON.stringify([
@@ -167,13 +172,103 @@ describe("serializeProvider", () => {
   test("returns null for null input", () => {
     expect(serializeProvider(null)).toBeNull();
   });
+
+  test("emits scopeSeparator from the row when set to ','", () => {
+    const row = makeRow({ scopeSeparator: "," });
+    const result = serializeProvider(row)!;
+    expect(result.scopeSeparator).toBe(",");
+  });
+
+  test("emits scopeSeparator default ' ' when row uses the default", () => {
+    const row = makeRow({ scopeSeparator: " " });
+    const result = serializeProvider(row)!;
+    expect(result.scopeSeparator).toBe(" ");
+  });
+
+  test("emits refreshUrl from the row when set to a URL", () => {
+    const row = makeRow({
+      refreshUrl: "https://refresh.example.com/token",
+    });
+    const result = serializeProvider(row)!;
+    expect(result.refreshUrl).toBe("https://refresh.example.com/token");
+  });
+
+  test("emits refreshUrl as null when the row value is null", () => {
+    const row = makeRow({ refreshUrl: null });
+    const result = serializeProvider(row)!;
+    expect(result.refreshUrl).toBeNull();
+  });
+
+  test("emits revokeUrl from the row and parses revokeBodyTemplate JSON", () => {
+    const row = makeRow({
+      revokeUrl: "https://revoke.example.com",
+      revokeBodyTemplate: JSON.stringify({ token: "{access_token}" }),
+    });
+    const result = serializeProvider(row)!;
+    expect(result.revokeUrl).toBe("https://revoke.example.com");
+    expect(result.revokeBodyTemplate).toEqual({ token: "{access_token}" });
+    // Make sure it's a parsed object, not a string.
+    expect(typeof result.revokeBodyTemplate).toBe("object");
+    expect(result.revokeBodyTemplate).not.toBe(
+      JSON.stringify({ token: "{access_token}" }),
+    );
+  });
+
+  test("emits revokeUrl and revokeBodyTemplate as null when the row values are null", () => {
+    const row = makeRow({
+      revokeUrl: null,
+      revokeBodyTemplate: null,
+    });
+    const result = serializeProvider(row)!;
+    expect(result.revokeUrl).toBeNull();
+    expect(result.revokeBodyTemplate).toBeNull();
+  });
+
+  test("normalizes empty string revokeUrl to null on the serialized output", () => {
+    // Legacy rows or rows that reached the store via an empty-string update
+    // may persist `revokeUrl: ""`. The serializer should normalize this to
+    // null so wire consumers (CLI --json, HTTP API) see a consistent
+    // "disabled" signal.
+    const row = makeRow({ revokeUrl: "" });
+    const result = serializeProvider(row)!;
+    expect(result.revokeUrl).toBeNull();
+  });
+
+  test("preserves all keys in a complex revokeBodyTemplate", () => {
+    const template = {
+      token: "{access_token}",
+      client_id: "{client_id}",
+      token_type_hint: "access_token",
+      extra_field: "static-value",
+    };
+    const row = makeRow({
+      revokeUrl: "https://revoke.example.com/oauth/revoke",
+      revokeBodyTemplate: JSON.stringify(template),
+    });
+    const result = serializeProvider(row)!;
+    expect(result.revokeBodyTemplate).toEqual(template);
+  });
+
+  test("serializeProvider exposes logoUrl", () => {
+    const row = makeRow({
+      logoUrl: "https://cdn.simpleicons.org/notion",
+    });
+    const result = serializeProvider(row)!;
+    expect(result.logoUrl).toBe("https://cdn.simpleicons.org/notion");
+  });
+
+  test("serializeProvider emits logoUrl as null when row value is null", () => {
+    const row = makeRow({ logoUrl: null });
+    const result = serializeProvider(row)!;
+    expect(result.logoUrl).toBeNull();
+  });
 });
 
 describe("serializeProviderSummary", () => {
   test("returns the expected subset of fields in snake_case", () => {
     const row = makeRow({
-      providerKey: "google",
-      displayName: "Google",
+      provider: "google",
+      displayLabel: "Google",
       description: "Google OAuth 2.0",
       dashboardUrl: "https://console.cloud.google.com",
       clientIdPlaceholder: "your-client-id.apps.googleusercontent.com",
@@ -190,6 +285,7 @@ describe("serializeProviderSummary", () => {
       dashboard_url: "https://console.cloud.google.com",
       client_id_placeholder: "your-client-id.apps.googleusercontent.com",
       requires_client_secret: true,
+      logo_url: null,
       supports_managed_mode: true,
       feature_flag: null,
     });
@@ -197,7 +293,7 @@ describe("serializeProviderSummary", () => {
 
   test("nullifies missing optional fields", () => {
     const row = makeRow({
-      displayName: null,
+      displayLabel: null,
       description: null,
       dashboardUrl: null,
       clientIdPlaceholder: null,
@@ -230,4 +326,44 @@ describe("serializeProviderSummary", () => {
   test("returns null for undefined input", () => {
     expect(serializeProviderSummary(undefined)).toBeNull();
   });
+
+  test("does NOT include scope_separator (intentionally omitted from the HTTP summary)", () => {
+    const row = makeRow({ scopeSeparator: "," });
+    const result = serializeProviderSummary(row)!;
+    expect(result).not.toHaveProperty("scope_separator");
+    expect(result).not.toHaveProperty("scopeSeparator");
+  });
+
+  test("does NOT include refresh_url (intentionally omitted from the HTTP summary)", () => {
+    const row = makeRow({ refreshUrl: "https://refresh.example.com/token" });
+    const result = serializeProviderSummary(row)!;
+    expect(result).not.toHaveProperty("refresh_url");
+    expect(result).not.toHaveProperty("refreshUrl");
+  });
+
+  test("does NOT include revoke_url or revoke_body_template (internal protocol details)", () => {
+    const row = makeRow({
+      revokeUrl: "https://revoke.example.com",
+      revokeBodyTemplate: JSON.stringify({ token: "{access_token}" }),
+    });
+    const result = serializeProviderSummary(row)!;
+    expect(result).not.toHaveProperty("revoke_url");
+    expect(result).not.toHaveProperty("revokeUrl");
+    expect(result).not.toHaveProperty("revoke_body_template");
+    expect(result).not.toHaveProperty("revokeBodyTemplate");
+  });
+
+  test("serializeProviderSummary exposes logo_url", () => {
+    const row = makeRow({
+      logoUrl: "https://cdn.simpleicons.org/notion",
+    });
+    const result = serializeProviderSummary(row)!;
+    expect(result).toHaveProperty("logo_url");
+    expect(result.logo_url).toBe("https://cdn.simpleicons.org/notion");
+  });
+
+  test("logo_url is null when row logoUrl is null", () => {
+    const result = serializeProviderSummary({ ...makeRow(), logoUrl: null })!;
+    expect(result.logo_url).toBeNull();
+  });
 });

package/src/__tests__/oauth-provider-visibility.test.ts

@@ -51,18 +51,16 @@ describe("isProviderVisible", () => {
   test("returns true when featureFlag is null", () => {
     seedProviders([
       {
-        providerKey: "no-flag-provider",
-        authUrl: "https://example.com/auth",
-        tokenUrl: "https://example.com/token",
+        provider: "no-flag-provider",
+        authorizeUrl: "https://example.com/auth",
+        tokenExchangeUrl: "https://example.com/token",
         defaultScopes: ["read"],
         scopePolicy: {},
       },
     ]);
 
     const providers = listProviders();
-    const provider = providers.find(
-      (p) => p.providerKey === "no-flag-provider",
-    );
+    const provider = providers.find((p) => p.provider === "no-flag-provider");
     expect(provider).toBeDefined();
     expect(provider!.featureFlag).toBeNull();
 
@@ -75,9 +73,9 @@ describe("isProviderVisible", () => {
 
     seedProviders([
       {
-        providerKey: "gated-provider",
-        authUrl: "https://example.com/auth",
-        tokenUrl: "https://example.com/token",
+        provider: "gated-provider",
+        authorizeUrl: "https://example.com/auth",
+        tokenExchangeUrl: "https://example.com/token",
         defaultScopes: ["read"],
         scopePolicy: {},
         featureFlag: "test-gate",
@@ -85,7 +83,7 @@ describe("isProviderVisible", () => {
     ]);
 
     const providers = listProviders();
-    const provider = providers.find((p) => p.providerKey === "gated-provider");
+    const provider = providers.find((p) => p.provider === "gated-provider");
     expect(provider).toBeDefined();
     expect(provider!.featureFlag).toBe("test-gate");
 
@@ -98,9 +96,9 @@ describe("isProviderVisible", () => {
 
     seedProviders([
       {
-        providerKey: "gated-provider",
-        authUrl: "https://example.com/auth",
-        tokenUrl: "https://example.com/token",
+        provider: "gated-provider",
+        authorizeUrl: "https://example.com/auth",
+        tokenExchangeUrl: "https://example.com/token",
         defaultScopes: ["read"],
         scopePolicy: {},
         featureFlag: "test-gate",
@@ -108,7 +106,7 @@ describe("isProviderVisible", () => {
     ]);
 
     const providers = listProviders();
-    const provider = providers.find((p) => p.providerKey === "gated-provider");
+    const provider = providers.find((p) => p.provider === "gated-provider");
     expect(provider).toBeDefined();
 
     const config = makeConfig();
@@ -120,16 +118,16 @@ describe("isProviderVisible", () => {
 
     seedProviders([
       {
-        providerKey: "visible-provider",
-        authUrl: "https://example.com/auth",
-        tokenUrl: "https://example.com/token",
+        provider: "visible-provider",
+        authorizeUrl: "https://example.com/auth",
+        tokenExchangeUrl: "https://example.com/token",
         defaultScopes: ["read"],
         scopePolicy: {},
       },
       {
-        providerKey: "gated-provider",
-        authUrl: "https://gated.example.com/auth",
-        tokenUrl: "https://gated.example.com/token",
+        provider: "gated-provider",
+        authorizeUrl: "https://gated.example.com/auth",
+        tokenExchangeUrl: "https://gated.example.com/token",
         defaultScopes: ["read"],
         scopePolicy: {},
         featureFlag: "test-gate",
@@ -144,6 +142,6 @@ describe("isProviderVisible", () => {
       isProviderVisible(p, config),
     );
     expect(visibleProviders).toHaveLength(1);
-    expect(visibleProviders[0]!.providerKey).toBe("visible-provider");
+    expect(visibleProviders[0]!.provider).toBe("visible-provider");
   });
 });

package/src/__tests__/oauth-providers-routes.test.ts

@@ -2,26 +2,31 @@ import { describe, expect, mock, test } from "bun:test";
 
 const mockListProviders = mock(() => [
   {
-    providerKey: "google",
-    displayName: "Google",
+    provider: "google",
+    displayLabel: "Google",
     description: "Google OAuth provider",
     dashboardUrl: "https://console.cloud.google.com/apis/credentials",
     clientIdPlaceholder: null,
+    logoUrl: "https://cdn.simpleicons.org/google",
     requiresClientSecret: 1,
     managedServiceConfigKey: "google-oauth",
-    authUrl: "https://accounts.google.com/o/oauth2/v2/auth",
-    tokenUrl: "https://oauth2.googleapis.com/token",
-    tokenEndpointAuthMethod: null,
+    authorizeUrl: "https://accounts.google.com/o/oauth2/v2/auth",
+    tokenExchangeUrl: "https://oauth2.googleapis.com/token",
+    refreshUrl: null,
+    tokenEndpointAuthMethod: "client_secret_post",
     userinfoUrl: null,
     baseUrl: null,
     defaultScopes: "[]",
     scopePolicy: "[]",
-    extraParams: null,
+    scopeSeparator: null,
+    authorizeParams: null,
 
     pingUrl: null,
     pingMethod: null,
     pingHeaders: null,
     pingBody: null,
+    revokeUrl: null,
+    revokeBodyTemplate: null,
     loopbackPort: null,
     injectionTemplates: null,
     appType: null,
@@ -38,26 +43,31 @@ const mockListProviders = mock(() => [
     updatedAt: 1735689550000,
   },
   {
-    providerKey: "github",
-    displayName: "GitHub",
+    provider: "github",
+    displayLabel: "GitHub",
     description: "GitHub OAuth provider",
     dashboardUrl: "https://github.com/settings/developers",
     clientIdPlaceholder: null,
+    logoUrl: null,
     requiresClientSecret: 1,
     managedServiceConfigKey: null,
-    authUrl: "https://github.com/login/oauth/authorize",
-    tokenUrl: "https://github.com/login/oauth/access_token",
-    tokenEndpointAuthMethod: null,
+    authorizeUrl: "https://github.com/login/oauth/authorize",
+    tokenExchangeUrl: "https://github.com/login/oauth/access_token",
+    refreshUrl: null,
+    tokenEndpointAuthMethod: "client_secret_post",
     userinfoUrl: null,
     baseUrl: null,
     defaultScopes: "[]",
     scopePolicy: "[]",
-    extraParams: null,
+    scopeSeparator: null,
+    authorizeParams: null,
 
     pingUrl: null,
     pingMethod: null,
     pingHeaders: null,
     pingBody: null,
+    revokeUrl: null,
+    revokeBodyTemplate: null,
     loopbackPort: null,
     injectionTemplates: null,
     appType: null,
@@ -75,9 +85,9 @@ const mockListProviders = mock(() => [
   },
 ]);
 
-const mockGetProvider = mock((providerKey: string) => {
+const mockGetProvider = mock((provider: string) => {
   const all = mockListProviders();
-  return all.find((p) => p.providerKey === providerKey) ?? undefined;
+  return all.find((p) => p.provider === provider) ?? undefined;
 });
 
 mock.module("../oauth/oauth-store.js", () => ({
@@ -149,6 +159,7 @@ describe("GET /v1/oauth/providers", () => {
       "dashboard_url",
       "client_id_placeholder",
       "requires_client_secret",
+      "logo_url",
       "supports_managed_mode",
       "feature_flag",
     ];
@@ -158,6 +169,31 @@ describe("GET /v1/oauth/providers", () => {
     }
   });
 
+  test("response includes logo_url for each provider", async () => {
+    const req = new Request("http://localhost/v1/oauth/providers");
+    const url = new URL(req.url);
+    const res = await getRoute("GET", "oauth/providers").handler({
+      req,
+      url,
+      server: null as never,
+      authContext: null as never,
+      params: {},
+    });
+
+    expect(res.status).toBe(200);
+    const body = (await res.json()) as {
+      providers: Array<{
+        provider_key: string;
+        logo_url: string | null;
+      }>;
+    };
+
+    expect(body.providers[0]!.logo_url).toBe(
+      "https://cdn.simpleicons.org/google",
+    );
+    expect(body.providers[1]!.logo_url).toBeNull();
+  });
+
   test("supports_managed_mode=true returns only managed providers", async () => {
     const req = new Request(
       "http://localhost/v1/oauth/providers?supports_managed_mode=true",