Make Www-Authenticate resource optional#1041
Make Www-Authenticate resource optional#1041ptrstr wants to merge 2 commits intomodelcontextprotocol:mainfrom
Conversation
| catch | ||
| { | ||
| ThrowFailedToHandleUnauthorizedResponse($"Authorization server selection returned null. Available servers: {string.Join(", ", availableAuthorizationServers)}"); | ||
| protectedResourceMetadata = null; |
There was a problem hiding this comment.
We shouldn't blindly catch all exceptions. For example, this swallows the throw McpException($"Failed to fetch resource metadata") this PR adds to ExtractProtectedResourceMetadata even though this should be enough to cause McpClient.CreateAsync to throw due to an authentication failure.
| ["response_type"] = "code", | ||
| ["code_challenge"] = codeChallenge, | ||
| ["code_challenge_method"] = "S256", | ||
| ["resource"] = protectedResourceMetadata.Resource.ToString(), |
There was a problem hiding this comment.
This resource is not optional. This is part of the reason why we cannot swallow exceptions from ExtractProtectedResourceMetadata. If we cannot get the appropriate metadata using either the WWW-Authenticate header or the .well-known/oauth-protected-resource endpoint, we need to fail to connect.
8. Resource Parameter Implementation
MCP clients MUST implement Resource Indicators for OAuth 2.0 as defined in RFC 8707
to explicitly specify the target resource for which the token is being requested. Theresourceparameter:
- MUST be included in both authorization requests and token requests.
- MUST identify the MCP server that the client intends to use the token with.
- MUST use the canonical URI of the MCP server as defined in RFC 8707 Section 2.
The spec mandates this, because otherwise the OAuth server has no way to know where the client plans to and therefore could not prevent a phishing attack causing the client to send tokens to an untrusted MCP server. This is explained in https://den.dev/blog/mcp-authorization-resource/.
|
Thanks for taking the time to submit this PR. We are tracking client support for the |
2 participants
Makes Www-Authenticate not need to send back a
resource_metadatafield and adds fallback to well known URIs.Motivation and Context
The specification states that:
https://modelcontextprotocol.io/specification/2025-11-25/basic/authorization#protected-resource-metadata-discovery-requirements
modelcontextprotocol/modelcontextprotocol#985
How Has This Been Tested?
I tested using the Atlassian MCP with
ProtectedMcpClientand seeing if it worked, as it does not return aresource_metadata.Breaking Changes
I don't believe so, since it will take the previously defined behavior first, and only fallback if necessary.
Types of changes
Checklist