Describe the solution you'd like
We have used this library to create an Oauth server for our MCP server to pass authentication to. We started the implementation of the Oauth server leveraging the ProxyOAuthServerProvider but found a couple limitations that made integration with our authorization server difficult.
- The registerClient is not customizable. The getClient can be supplied but the registerClient is not customizable. Our register process took a couple calls so we had to have the ability to override in some way.
- The exchangeTokens and exchangeRefreshTokens just takes the scopes from the request. In our situation, we didn't see scopes coming in from the clients we have tested against so we needed a way to supply a default list of scopes to supply to our token API.
Describe alternatives you've considered
For now we implemented out own instance of the OAuthServerProvider interface so that we could make these overrides. A lot of it is from the ProxyOAuthServerProvider, so it'd be nice to have these options so we don't have to maintain our own.
Describe the solution you'd like
We have used this library to create an Oauth server for our MCP server to pass authentication to. We started the implementation of the Oauth server leveraging the ProxyOAuthServerProvider but found a couple limitations that made integration with our authorization server difficult.
Describe alternatives you've considered
For now we implemented out own instance of the OAuthServerProvider interface so that we could make these overrides. A lot of it is from the ProxyOAuthServerProvider, so it'd be nice to have these options so we don't have to maintain our own.