Skip to content

Support falling back to OIDC metadata for auth #1061

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

LucaButBoring
Copy link
Contributor

Implements basic OIDC support for working with authorization servers that don't expose OAuth metadata, following the semantics described in RFC 8414 Section 5.

As part of this change, I modified the internal fallback behavior from a simple boolean flag to instead represent discovery as a stack of methods, which are consumed sequentially until one fallback method succeeds. This also helps clean up the duplicated code from working with AsyncGenerator.

Motivation and Context

Enables falling back to OIDC 1.0 metadata when a server does not support OAuth metadata according to RFC 8414.

How Has This Been Tested?

Added/updated unit tests.

Breaking Changes

None

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

Additional context

#976

@ihrpr
Copy link
Contributor

ihrpr commented Jul 7, 2025

Thank you! Sorry, we had back and forth with this spec changes. For now it's on hold until modelcontextprotocol/modelcontextprotocol#797 is merged

@ihrpr ihrpr added this to the auth milestone Jul 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants