Open
Description
Describe the bug
The current implementation of OauthMetadata is too restrictive
To Reproduce
Steps to reproduce the behavior:
- Initialize an OAuth config as described in the README
- Use the paypal MCP server (https://mcp.paypal.com/sse) as an SSE endpoint
- Initialize the MCP server
- Observe the logs producing pydantic incompatibility errors.
Expected behavior
I would expect the pedantic schema for OAuthMetadata to be less restrictive and hence it would not produce errors if the schema is a little bit off.
Additional context
ERROR:mcp.client.auth:Failed to discover OAuth metadata
Traceback (most recent call last):
File ".../.venv/lib/python3.13/site-packages/mcp/client/auth.py", line 154, in _discover_oauth_metadata
return OAuthMetadata.model_validate(metadata_json)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^
File ".../.venv/lib/python3.13/site-packages/pydantic/main.py", line 705, in model_validate
return cls.__pydantic_validator__.validate_python(
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
obj, strict=strict, from_attributes=from_attributes, context=context, by_alias=by_alias, by_name=by_name
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
)
^
pydantic_core._pydantic_core.ValidationError: 2 validation errors for OAuthMetadata
token_endpoint_auth_methods_supported.0
Input should be 'none' or 'client_secret_post' [type=literal_error, input_value='client_secret_basic', input_type=str]
For further information visit https://errors.pydantic.dev/2.11/v/literal_error
code_challenge_methods_supported.0
Input should be 'S256' [type=literal_error, input_value='plain', input_type=str]
For further information visit https://errors.pydantic.dev/2.11/v/literal_error
Metadata
Metadata
Assignees
Labels
No labels