CI fixes

Author: ihrpr

README.md

@@ -801,31 +801,50 @@ async def main():
 The SDK includes [authorization support](https://modelcontextprotocol.io/specification/2025-03-26/basic/authorization) for connecting to protected MCP servers:
 
 ```python
-from mcp.client.auth import OAuthClientProvider
+from mcp.client.auth import OAuthClientProvider, TokenStorage
+from mcp.client.session import ClientSession
 from mcp.client.streamable_http import streamablehttp_client
-from mcp.shared.auth import OAuthClientMetadata
-import webbrowser
-
-# Set up OAuth authentication
-oauth_auth = OAuthClientProvider(
-    server_url="https://api.example.com",
-    client_metadata=OAuthClientMetadata(
-        client_name="My Client",
-        redirect_uris=["http://localhost:3000/callback"],
-        grant_types=["authorization_code", "refresh_token"],
-        response_types=["code"],
-        scope="read write"
-    ),
-    storage=InMemoryTokenStorage(),  # Implement TokenStorage protocol
-    redirect_handler=lambda url: webbrowser.open(url),
-    callback_handler=handle_oauth_callback,  # Handle OAuth callback
-)
+from mcp.shared.auth import OAuthClientInformationFull, OAuthClientMetadata, OAuthToken
+
+
+class CustomTokenStorage(TokenStorage):
+    """Simple in-memory token storage implementation."""
+
+    async def get_tokens(self) -> OAuthToken | None:
+        pass
+
+    async def set_tokens(self, tokens: OAuthToken) -> None:
+        pass
+
+    async def get_client_info(self) -> OAuthClientInformationFull | None:
+        pass
+
+    async def set_client_info(self, client_info: OAuthClientInformationFull) -> None:
+        pass
 
-# Use with streamable HTTP client
-async with streamablehttp_client("https://api.example.com/mcp", auth=oauth_auth) as (read, write, _):
-    async with ClientSession(read, write) as session:
-        await session.initialize()
-        # Authenticated session ready
+
+async def main():
+    # Set up OAuth authentication
+    oauth_auth = OAuthClientProvider(
+        server_url="https://api.example.com",
+        client_metadata=OAuthClientMetadata(
+            client_name="My Client",
+            redirect_uris=["http://localhost:3000/callback"],
+            grant_types=["authorization_code", "refresh_token"],
+            response_types=["code"],
+        ),
+        storage=CustomTokenStorage(),
+        redirect_handler=lambda url: print(f"Visit: {url}"),
+        callback_handler=lambda: ("auth_code", None),
+    )
+
+    # Use with streamable HTTP client
+    async with streamablehttp_client(
+        "https://api.example.com/mcp", auth=oauth_auth
+    ) as (read, write, _):
+        async with ClientSession(read, write) as session:
+            await session.initialize()
+            # Authenticated session ready
 ```
 
 For a complete working example, see [`examples/clients/simple-auth-client/`](examples/clients/simple-auth-client/).

src/mcp/client/auth.py

@@ -113,7 +113,7 @@ def _generate_code_challenge(self, code_verifier: str) -> str:
     def _get_authorization_base_url(self, server_url: str) -> str:
         """
         Extract base URL by removing path component.
-        
+
         Per MCP spec 2.3.2: https://api.example.com/v1/mcp -> https://api.example.com
         """
         from urllib.parse import urlparse, urlunparse
@@ -176,7 +176,11 @@ async def _register_oauth_client(
             registration_url = urljoin(auth_base_url, "/register")
 
         # Handle default scope
-        if client_metadata.scope is None and metadata and metadata.scopes_supported is not None:
+        if (
+            client_metadata.scope is None
+            and metadata
+            and metadata.scopes_supported is not None
+        ):
             client_metadata.scope = " ".join(metadata.scopes_supported)
 
         # Serialize client metadata
@@ -245,7 +249,7 @@ def _has_valid_token(self) -> bool:
     async def _validate_token_scopes(self, token_response: OAuthToken) -> None:
         """
         Validate returned scopes against requested scopes.
-        
+
         Per OAuth 2.1 Section 3.3: server may grant subset, not superset.
         """
         if not token_response.scope:
@@ -360,7 +364,9 @@ async def _perform_oauth_flow(self) -> None:
         if returned_state is None or not secrets.compare_digest(
             returned_state, self._auth_state
         ):
-            raise Exception(f"State parameter mismatch: {returned_state} != {self._auth_state}")
+            raise Exception(
+                f"State parameter mismatch: {returned_state} != {self._auth_state}"
+            )
 
         # Clear state after validation
         self._auth_state = None