feat: add conformance tests for SEP-990

[sagar-okta]

Description:

Adds conformance tests for SEP-990 which introduces Enterprise Managed OAuth for machine-to-machine authentication using enterprise identity providers without user interaction.

Summary

• Server test: Validates complete SEP-990 flow: IDP ID token → ID-JAG → access token
• Server test: Validates RFC 8693 token exchange at IdP (IDP ID token → ID-JAG)
• Server test: Validates RFC 7523 JWT bearer grant at Auth Server (ID-JAG → access token)
• Server test: Validates proper token types (oauth-id-jag+jwt), audience claims, and confidential client authentication

Motivation and Context

SEP-990 introduces Enterprise Managed OAuth, enabling machine-to-machine authentication flows for cross-app access in enterprise environments. This allows applications to authenticate using enterprise identity providers (IdPs) through a two-step OAuth flow:

1. Token Exchange (RFC 8693): Exchange IDP ID token for ID-bound JSON Assertion Grant (ID-JAG)
2. JWT Bearer Grant (RFC 7523): Exchange ID-JAG for access token

These conformance tests ensure SDK implementations correctly handle the complete cross-app access flow including proper endpoint separation, token type validation, and audience claim verification.

How Has This Been Tested?

• All conformance checks pass against TypeScript SDK implementation
• Tests verify: IdP/Auth Server separation, token exchange flow, jwt-bearer grant flow, ID-JAG format validation, audience claim correctness, confidential client authentication methods
• Removed redundant partial test scenarios, kept only complete end-to-end flow test

Breaking Changes

None.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update

Checklist

• I have read the MCP Documentation
• My code follows the repository's style guidelines
• New and existing tests pass locally
• I have added appropriate error handling
• I have added or updated documentation as needed

References

• SEP-990 Specification
• RFC 8693 - Token Exchange
• RFC 7523 - JWT Bearer Grant

[pcarleton]

🙌 thanks for this! will aim to get you comments by tomorrow, but i'm very excited to have a test for this.

one thing missing from this tool currently is marking tests as optional. Current state is MUST = FAIL, SHOULD = WARNING, and for tiering we want SHOULD to be required (want the best SDK's to do the SHOULD's).

extensions are a new axis, where we want to say "this feature is optional, but within the test, the same MUST/SHOULD logic applies" which will apply here and to client credentials which is currently not differentiated.

I'm just noting the concept we need to add, not in the scope of this PR.

[pcarleton]

A few high level comments:

• The top of the PR description seems outdated / copy pasted? (the SSE polling bit)
• It looks like we're mixing AS and IdP endpoints, let's keep those separate w/ separate handlers
• let's stick to 1 end-to-end test to start w/ many checks. each test that spins up a server is a cost on CI for every SDK, so we want to keep the # low.
• I stuck with comments on the test since that's the most important part, but the example will also need some changes.
• if you could include a negative test (i.e. an example client that implements it incorrectly, and so it will fail the test), that'd be great.
• please add this to the "extensions" list of tests (may need to manage merge conflicts, this jostled a bit for the tiering kickoff)

[pcarleton]

i believe this should be client_secret_basic or private_key_jwt since ID-JAG is only supposed to work with confidential clients.

[sagar-okta]

Added the tokenEndpointAuthMethodsSupported to mentioned parameters. However currently client_secret_basic is considered and private_key_jwt would be checked upon later.

[pcarleton]

the IdP ID token should not have the auth server as its audience. it should be the "idp_client_id" which is distinct from the client id used to talk to the authorization server.

it's the id-jag that should have the authServer as its audience.

[sagar-okta]

Thanks for pointing this out, since ID token would generally be provided by user kept this as a bypass value initially but now it is been corrected.

[pcarleton]

the auth server shouldn't bet getting a token-exchange request, that request should be going to the IdP.

[sagar-okta]

Separated the ID-JAG and access token exchange steps.

[pcarleton]

This is the ID-JAG flow, so should be urn:ietf:params:oauth:token-type:id-jag

[sagar-okta]

Done.

[pcarleton]

let's start with just 1 test for the full flow. each test adds integration cost, and these 2 are redundant with the full e2e test.

[sagar-okta]

Done. Removed two separate flow check methods and kept only one full flow step.

[pcarleton]

the auth server doesn't need to support token-exchange, I think you've combined the IdP and AS in this test.

[sagar-okta]

Separated the ID-JAG and access token exchange steps.

[pcarleton]

the id_token should never be hitting the AS url, this function is called in the AS.

[sagar-okta]

Separated the ID-JAG and access token exchange steps.

[pcarleton]

.setProtectedHeader({ alg: 'ES256', typ: 'oauth-id-jag+jwt' })

[sagar-okta]

Done.

[pcarleton]

i don't think this field is respected. since this handler needs to be on the IdP anyway, it's probably better to implement a handler on the fake IdP directly rather than try to shoehorn into the createAuthServer interfaces

[pkg-pr-new]

Open in StackBlitz

npx https://pkg.pr.new/modelcontextprotocol/conformance/@modelcontextprotocol/conformance@110

commit: ec2e5ab

[sagar-okta]

Hi @pcarleton , Thanks for the review. I've made the changes as required and rebased with latest main, please have a look at the new changes once you are available.