Merge pull request #24 from sacha-development-stuff/codex/resolve-github-merge-conflicts-for-oauth-support

Resolve upstream merge conflicts while preserving OAuth extensions

Author: SoldierSacha

src/mcp/client/auth/oauth2.py

@@ -461,16 +461,12 @@ def _get_token_endpoint(self) -> str:
             token_url = urljoin(auth_base_url, "/token")
         return token_url
 
-<<<<<<< HEAD:src/mcp/client/auth.py
-        token_data = {
-            "grant_type": "authorization_code",
-            "code": auth_code,
-            "redirect_uri": str(self.context.client_metadata.redirect_uris[0]),
-            "code_verifier": code_verifier,
-        }
-=======
     async def _exchange_token_authorization_code(
-        self, auth_code: str, code_verifier: str, *, token_data: dict[str, Any] | None = {}
+        self,
+        auth_code: str,
+        code_verifier: str,
+        *,
+        token_data: dict[str, Any] | None = None,
     ) -> httpx.Request:
         """Build token exchange request for authorization_code flow."""
         if self.context.client_metadata.redirect_uris is None:
@@ -489,7 +485,6 @@ async def _exchange_token_authorization_code(
                 "code_verifier": code_verifier,
             }
         )
->>>>>>> upstream/main:src/mcp/client/auth/oauth2.py
 
         # Only include resource param if conditions are met
         if self.context.should_include_resource_param(self.context.protocol_version):
@@ -671,7 +666,6 @@ async def async_auth_flow(self, request: httpx.Request) -> AsyncGenerator[httpx.
                         logger.exception("OAuth flow error")
                         raise
 
-<<<<<<< HEAD:src/mcp/client/auth.py
                     # Retry with new tokens
                     self._add_auth_header(request)
                     yield request
@@ -950,8 +944,3 @@ async def async_auth_flow(self, request: httpx.Request) -> AsyncGenerator[httpx.
         response = yield request
         if response.status_code == 401:
             self._current_tokens = None
-=======
-                # Retry with new tokens
-                self._add_auth_header(request)
-                yield request
->>>>>>> upstream/main:src/mcp/client/auth/oauth2.py

src/mcp/shared/auth.py

@@ -42,30 +42,21 @@ class OAuthClientMetadata(BaseModel):
     for the full specification.
     """
 
-<<<<<<< HEAD
-    redirect_uris: list[AnyUrl] = Field(..., min_length=1)
-    # token_endpoint_auth_method: this implementation only supports none &
-    # client_secret_post;
-    # ie: we do not support client_secret_basic
-    token_endpoint_auth_method: Literal["none", "client_secret_post"] = "client_secret_post"
+    redirect_uris: list[AnyUrl] | None = Field(default=None, min_length=1)
+    # supported auth methods for the token endpoint
+    token_endpoint_auth_method: Literal["none", "client_secret_post", "private_key_jwt"] = "client_secret_post"
     # grant_types: this implementation supports authorization_code, refresh_token, client_credentials, token_exchange,
-    # and allows additional grant types provided by the client (e.g. device code)
+    # and allows additional grant types provided by the client (e.g. device code or JWT bearer)
     grant_types: list[
         Literal[
             "authorization_code",
             "refresh_token",
             "client_credentials",
             "token_exchange",
             "device_code",
+            "urn:ietf:params:oauth:grant-type:jwt-bearer",
         ]
-=======
-    redirect_uris: list[AnyUrl] | None = Field(..., min_length=1)
-    # supported auth methods for the token endpoint
-    token_endpoint_auth_method: Literal["none", "client_secret_post", "private_key_jwt"] = "client_secret_post"
-    # supported grant_types of this implementation
-    grant_types: list[
-        Literal["authorization_code", "refresh_token", "urn:ietf:params:oauth:grant-type:jwt-bearer"] | str
->>>>>>> upstream/main
+        | str
     ] = [
         "authorization_code",
         "refresh_token",

tests/client/test_auth.py

@@ -478,13 +478,9 @@ async def test_oauth_discovery_fallback_conditions(self, oauth_provider: OAuthCl
         )
 
         # Mock the authorization process to minimize unnecessary state in this test
-<<<<<<< HEAD
-        oauth_provider._perform_authorization = AsyncMock(return_value=("test_auth_code", "test_code_verifier"))
-=======
-        oauth_provider._perform_authorization_code_grant = mock.AsyncMock(
+        oauth_provider._perform_authorization_code_grant = AsyncMock(
             return_value=("test_auth_code", "test_code_verifier")
         )
->>>>>>> upstream/main
 
         # Next request should fall back to legacy behavior: register then obtain token
         registration_request = await auth_flow.asend(oauth_metadata_response_3)
@@ -881,13 +877,9 @@ async def test_auth_flow_with_no_tokens(self, oauth_provider: OAuthClientProvide
         )
 
         # Mock the authorization process
-<<<<<<< HEAD
-        oauth_provider._perform_authorization = AsyncMock(return_value=("test_auth_code", "test_code_verifier"))
-=======
-        oauth_provider._perform_authorization_code_grant = mock.AsyncMock(
+        oauth_provider._perform_authorization_code_grant = AsyncMock(
             return_value=("test_auth_code", "test_code_verifier")
         )
->>>>>>> upstream/main
 
         # Next request should be to exchange token
         token_request = await auth_flow.asend(registration_response)

tests/issues/test_88_random_error.py

@@ -83,21 +83,8 @@ async def client(
         write_stream: MemoryObjectSendStream[SessionMessage],
         scope: anyio.CancelScope,
     ):
-<<<<<<< HEAD
-        # Use a timeout that's:
-        # - Long enough for fast operations (>10ms)
-        # - Short enough for slow operations (<200ms)
-        # - Not too short to avoid flakiness
-        async with ClientSession(
-            read_stream,
-            write_stream,
-            # Increased to 150ms to avoid flakiness on slower platforms
-            read_timeout_seconds=timedelta(milliseconds=150),
-        ) as session:
-=======
         # No session-level timeout to avoid race conditions with fast operations
         async with ClientSession(read_stream, write_stream) as session:
->>>>>>> upstream/main
             await session.initialize()
 
             # First call should work (fast operation, no timeout)

tests/shared/test_streamable_http.py

@@ -7,11 +7,8 @@
 import json
 import multiprocessing
 import socket
-<<<<<<< HEAD
 import sys
 import time
-=======
->>>>>>> upstream/main
 from collections.abc import Generator
 from typing import Any