Fix OAuth merge conflict issues

claude · claude · commit aad9cb778621 · 2025-11-04T02:49:00.000Z
This commit resolves two critical issues that arose after merging upstream changes:

1. Export missing OAuth providers: Added ClientCredentialsProvider and
   TokenExchangeProvider to mcp.client.auth module exports. These providers
   are essential for the client credentials and token exchange grant types
   that were added in the OAuth support fork.

2. Add redirect_uris validation: Implemented validation to ensure redirect_uris
   is provided when authorization_code is in the grant_types. This field is
   required for the authorization code flow but optional for client_credentials
   and token_exchange flows which don't use redirect URIs.

These fixes ensure all tests pass while maintaining the integrity of the
OAuth extensions including client credentials and token exchange grant types.
diff --git a/src/mcp/client/auth/__init__.py b/src/mcp/client/auth/__init__.py
@@ -5,19 +5,23 @@
 """
 
 from mcp.client.auth.oauth2 import (
+    ClientCredentialsProvider,
     OAuthClientProvider,
     OAuthFlowError,
     OAuthRegistrationError,
     OAuthTokenError,
     PKCEParameters,
+    TokenExchangeProvider,
     TokenStorage,
 )
 
 __all__ = [
+    "ClientCredentialsProvider",
     "OAuthClientProvider",
     "OAuthFlowError",
     "OAuthRegistrationError",
     "OAuthTokenError",
     "PKCEParameters",
+    "TokenExchangeProvider",
     "TokenStorage",
 ]
diff --git a/src/mcp/server/auth/handlers/register.py b/src/mcp/server/auth/handlers/register.py
@@ -68,7 +68,19 @@ async def handle(self, request: Request) -> Response:
                     ),
                     status_code=400,
                 )
+
+        # Validate redirect_uris is provided for authorization_code grant type
         grant_types_set: set[str] = set(client_metadata.grant_types)
+        if "authorization_code" in grant_types_set and (
+            client_metadata.redirect_uris is None or len(client_metadata.redirect_uris) == 0
+        ):
+            return PydanticJSONResponse(
+                content=RegistrationErrorResponse(
+                    error="invalid_client_metadata",
+                    error_description="redirect_uris: Field required",
+                ),
+                status_code=400,
+            )
         required_sets = [
             {"authorization_code", "refresh_token"},
             {"client_credentials"},
