fix(auth): preserve user-agent through oauth flow

[go165]

Summary

Preserve a caller-supplied User-Agent header across the OAuth discovery and token exchange requests issued by OAuthClientProvider.

This keeps auth-flow requests compliant with environments that require User-Agent on all requests, such as AWS WAF baselines, while only propagating the header that is safe to carry across the resource-server/auth-server boundary.

What changed

• Thread User-Agent from the original MCP request into OAuth metadata discovery requests.
• Carry it into client registration and token / refresh requests.
• Extend the auth interaction harness to accept caller headers.
• Add an end-to-end regression test that proves the OAuth flow preserves a custom User-Agent.

Validation

• PYTHONPATH=src /home/ubuntu/modelcontextprotocol-python-sdk/.venv/bin/python -m pytest tests/interaction/auth/test_flow.py::test_oauth_flow_preserves_custom_user_agent_on_auth_requests -q
• PYTHONPATH=src /home/ubuntu/modelcontextprotocol-python-sdk/.venv/bin/python -m pytest tests/interaction/auth/test_flow.py::test_an_unauthenticated_request_is_challenged_then_the_full_oauth_flow_connects tests/interaction/auth/test_flow.py::test_oauth_flow_preserves_custom_user_agent_on_auth_requests -q
• PYTHONPATH=src /home/ubuntu/modelcontextprotocol-python-sdk/.venv/bin/python -m pytest tests/client/test_auth.py::TestAuthFlow::test_auth_flow_with_valid_tokens -q
• PYTHONPATH=src /home/ubuntu/modelcontextprotocol-python-sdk/.venv/bin/python -m pytest tests/client/test_auth.py::TestOAuthFallback::test_refresh_token_request tests/client/test_auth.py::TestOAuthFallback::test_basic_auth_refresh_token -q
• /home/ubuntu/modelcontextprotocol-python-sdk/.venv/bin/python -m ruff check src/mcp/client/auth/oauth2.py src/mcp/client/auth/utils.py tests/interaction/auth/_harness.py tests/interaction/auth/test_flow.py
• /home/ubuntu/modelcontextprotocol-python-sdk/.venv/bin/python -m ruff format --check src/mcp/client/auth/oauth2.py src/mcp/client/auth/utils.py tests/interaction/auth/_harness.py tests/interaction/auth/test_flow.py
• /home/ubuntu/modelcontextprotocol-python-sdk/.venv/bin/python -m pyright --pythonpath /home/ubuntu/modelcontextprotocol-python-sdk/.venv/bin/python src/mcp/client/auth/oauth2.py src/mcp/client/auth/utils.py

[go165]

Validation update for latest head 2205c37: GitHub CI is now green across pre-commit, readme snippets, the full Python test matrix, client/server conformance, zizmor, and all-green.

Local checks also passed:

• PYTHONPATH=src python -m pytest tests/client/test_auth.py tests/client/auth/extensions/test_client_credentials.py tests/interaction/auth/test_flow.py -q (123 passed, 1 xfailed)
• python -m ruff check src/mcp/client/auth/oauth2.py src/mcp/client/auth/utils.py src/mcp/client/auth/extensions/client_credentials.py tests/interaction/auth/_harness.py tests/interaction/auth/test_flow.py tests/client/auth/extensions/test_client_credentials.py
• python -m ruff format --check src/mcp/client/auth/oauth2.py src/mcp/client/auth/utils.py src/mcp/client/auth/extensions/client_credentials.py tests/interaction/auth/_harness.py tests/interaction/auth/test_flow.py tests/client/auth/extensions/test_client_credentials.py
• commit signature verified locally with the configured SSH signing key.