Skip to content

[auth]: revision of support oauth client_secret_basic / none / custom methods #723

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Conversation

jaredhanson
Copy link
Contributor

This is based on #720, but makes a couple changes to addClientAuthentication, as follows:

Function signature changed from:

addClientAuthentication?(url: URL, headers: Headers, params: URLSearchParams): void | Promise<void>;

to:

addClientAuthentication?(headers: Headers, params: URLSearchParams, url: string | URL, metadata?: OAuthMetadata): void | Promise<void>;

The most important change here has passing metadata, which allows the custom authentication method to fully negotiate based on authorization server capabilities. The url argument was moved to the third argument for aesthetic reasons, keeping it next to metadata.

The url argument was also changed to accept the authorizationServerUrl, rather than tokenUrl, so it could resolve any URLs present in metadata correctly.

Motivation and Context

This allows OAuthClientProviders to implement custom authentication methods, such as private_key_jwt.

How Has This Been Tested?

Unit tests. Custom OAuthClientProvider implementations implementing custom authentication methods.

Breaking Changes

N/A

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

Additional context

@ochafik ochafik merged commit b797e9c into modelcontextprotocol:ochafik/auth-merge-531-552 Jul 3, 2025
@ochafik
Copy link
Contributor

ochafik commented Jul 3, 2025

This is great, thanks a lot @jaredhanson!

@jaredhanson
Copy link
Contributor Author

You're welcome!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants