relax validation (#879)

2025-12-19 14:54:24 +01:00 · 2025-06-09 14:21:01 -04:00
parent 2cbc435c6c
commit 1a9ead07f5
4 changed files with 41 additions and 34 deletions
--- a/src/mcp/shared/auth.py
+++ b/src/mcp/shared/auth.py
@@ -1,6 +1,6 @@
 from typing import Any, Literal

-from pydantic import AnyHttpUrl, AnyUrl, BaseModel, Field
+from pydantic import AnyHttpUrl, AnyUrl, BaseModel, Field, field_validator


 class OAuthToken(BaseModel):
@@ -9,11 +9,20 @@ class OAuthToken(BaseModel):
    """

    access_token: str
-    token_type: Literal["bearer"] = "bearer"
+    token_type: Literal["Bearer"] = "Bearer"
    expires_in: int | None = None
    scope: str | None = None
    refresh_token: str | None = None

+    @field_validator("token_type", mode="before")
+    @classmethod
+    def normalize_token_type(cls, v: str | None) -> str | None:
+        if isinstance(v, str):
+            # Bearer is title-cased in the spec, so we normalize it
+            # https://datatracker.ietf.org/doc/html/rfc6750#section-4
+            return v.title()
+        return v
+

 class InvalidScopeError(Exception):
    def __init__(self, message: str):
@@ -111,27 +120,19 @@ class OAuthMetadata(BaseModel):
    token_endpoint: AnyHttpUrl
    registration_endpoint: AnyHttpUrl | None = None
    scopes_supported: list[str] | None = None
-    response_types_supported: list[Literal["code"]] = ["code"]
+    response_types_supported: list[str] = ["code"]
    response_modes_supported: list[Literal["query", "fragment"]] | None = None
-    grant_types_supported: (
-        list[Literal["authorization_code", "refresh_token"]] | None
-    ) = None
-    token_endpoint_auth_methods_supported: (
-        list[Literal["none", "client_secret_post"]] | None
-    ) = None
+    grant_types_supported: list[str] | None = None
+    token_endpoint_auth_methods_supported: list[str] | None = None
    token_endpoint_auth_signing_alg_values_supported: None = None
    service_documentation: AnyHttpUrl | None = None
    ui_locales_supported: list[str] | None = None
    op_policy_uri: AnyHttpUrl | None = None
    op_tos_uri: AnyHttpUrl | None = None
    revocation_endpoint: AnyHttpUrl | None = None
-    revocation_endpoint_auth_methods_supported: (
-        list[Literal["client_secret_post"]] | None
-    ) = None
+    revocation_endpoint_auth_methods_supported: list[str] | None = None
    revocation_endpoint_auth_signing_alg_values_supported: None = None
    introspection_endpoint: AnyHttpUrl | None = None
-    introspection_endpoint_auth_methods_supported: (
-        list[Literal["client_secret_post"]] | None
-    ) = None
+    introspection_endpoint_auth_methods_supported: list[str] | None = None
    introspection_endpoint_auth_signing_alg_values_supported: None = None
-    code_challenge_methods_supported: list[Literal["S256"]] | None = None
+    code_challenge_methods_supported: list[str] | None = None