Make Www-Authenticate resource optional

[ptrstr]

Makes Www-Authenticate not need to send back a resource_metadata field and adds fallback to well known URIs.

Motivation and Context

The specification states that:

MCP clients MUST support both discovery mechanisms and use the resource metadata URL from the parsed WWW-Authenticate headers when present; otherwise, they MUST fall back to constructing and requesting the well-known URIs in the order listed above.

https://modelcontextprotocol.io/specification/2025-11-25/basic/authorization#protected-resource-metadata-discovery-requirements

modelcontextprotocol/modelcontextprotocol#985

How Has This Been Tested?

I tested using the Atlassian MCP with ProtectedMcpClient and seeing if it worked, as it does not return a resource_metadata.

Breaking Changes

I don't believe so, since it will take the previously defined behavior first, and only fallback if necessary.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update

Checklist

• I have read the MCP Documentation
• My code follows the repository's style guidelines
• New and existing tests pass locally
• I have added appropriate error handling
• I have added or updated documentation as needed

[halter73]

We shouldn't blindly catch all exceptions. For example, this swallows the throw McpException($"Failed to fetch resource metadata") this PR adds to ExtractProtectedResourceMetadata even though this should be enough to cause McpClient.CreateAsync to throw due to an authentication failure.

[halter73]

This resource is not optional. This is part of the reason why we cannot swallow exceptions from ExtractProtectedResourceMetadata. If we cannot get the appropriate metadata using either the WWW-Authenticate header or the .well-known/oauth-protected-resource endpoint, we need to fail to connect.

8. Resource Parameter Implementation

MCP clients MUST implement Resource Indicators for OAuth 2.0 as defined in RFC 8707
to explicitly specify the target resource for which the token is being requested. The resource parameter:

1. MUST be included in both authorization requests and token requests.
2. MUST identify the MCP server that the client intends to use the token with.
3. MUST use the canonical URI of the MCP server as defined in RFC 8707 Section 2.

https://modelcontextprotocol.io/specification/2025-11-25/basic/authorization#resource-parameter-implementation

The spec mandates this, because otherwise the OAuth server has no way to know where the client plans to and therefore could not prevent a phishing attack causing the client to send tokens to an untrusted MCP server. This is explained in https://den.dev/blog/mcp-authorization-resource/.

[halter73]

Thanks for taking the time to submit this PR. We are tracking client support for the .well-known/oauth-protected-resource endpoint with #773. I should have a PR open by next week that addresses the issue and adds test coverage.