fix: validate PRM resource match and handle DCR failure with pre-registered credentials

Two conformance auth scenario fixes:

1. Resource mismatch validation (RFC 8707): After discovering Protected
   Resource Metadata, validate that the resource field matches the
   server URL before proceeding with authorization. If the PRM returns
   a resource from a different origin, raise OAuthFlowError.

2. Pre-registration fallback: When Dynamic Client Registration fails
   (e.g. server returns 404), fall back to pre-registered client
   credentials from storage instead of crashing. The conformance
   client now pre-loads client credentials from MCP_CONFORMANCE_CONTEXT
   when available.

Author: pcarleton

.github/actions/conformance/client.py

@@ -275,6 +275,27 @@ async def run_client_credentials_basic(server_url: str) -> None:
 async def run_auth_code_client(server_url: str) -> None:
     """Authorization code flow (default for auth/* scenarios)."""
     callback_handler = ConformanceOAuthCallbackHandler()
+    storage = InMemoryTokenStorage()
+
+    # Check for pre-registered client credentials from context
+    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")
+    if context_json:
+        try:
+            context = json.loads(context_json)
+            client_id = context.get("client_id")
+            client_secret = context.get("client_secret")
+            if client_id:
+                await storage.set_client_info(
+                    OAuthClientInformationFull(
+                        client_id=client_id,
+                        client_secret=client_secret,
+                        redirect_uris=[AnyUrl("http://localhost:3000/callback")],
+                        token_endpoint_auth_method="client_secret_basic" if client_secret else "none",
+                    )
+                )
+                logger.debug(f"Pre-loaded client credentials: client_id={client_id}")
+        except json.JSONDecodeError:
+            pass
 
     oauth_auth = OAuthClientProvider(
         server_url=server_url,
@@ -284,7 +305,7 @@ async def run_auth_code_client(server_url: str) -> None:
             grant_types=["authorization_code", "refresh_token"],
             response_types=["code"],
         ),
-        storage=InMemoryTokenStorage(),
+        storage=storage,
         redirect_handler=callback_handler.handle_redirect,
         callback_handler=callback_handler.handle_callback,
         client_metadata_url="https://conformance-test.local/client-metadata.json",

src/mcp/client/auth/oauth2.py

@@ -18,7 +18,7 @@
 import httpx
 from pydantic import BaseModel, Field, ValidationError
 
-from mcp.client.auth.exceptions import OAuthFlowError, OAuthTokenError
+from mcp.client.auth.exceptions import OAuthFlowError, OAuthRegistrationError, OAuthTokenError
 from mcp.client.auth.utils import (
     build_oauth_authorization_server_metadata_discovery_urls,
     build_protected_resource_metadata_discovery_urls,
@@ -476,6 +476,15 @@ async def _handle_oauth_metadata_response(self, response: httpx.Response) -> Non
         metadata = OAuthMetadata.model_validate_json(content)
         self.context.oauth_metadata = metadata
 
+    def _validate_resource_match(self, prm: ProtectedResourceMetadata) -> None:
+        """Validate that PRM resource matches the server URL per RFC 8707."""
+        if not prm.resource:
+            return
+        default_resource = resource_url_from_server_url(self.context.server_url)
+        prm_resource = str(prm.resource)
+        if not check_resource_allowed(requested_resource=default_resource, configured_resource=prm_resource):
+            raise OAuthFlowError(f"Protected resource {prm_resource} does not match expected {default_resource}")
+
     async def async_auth_flow(self, request: httpx.Request) -> AsyncGenerator[httpx.Request, httpx.Response]:
         """HTTPX auth flow integration."""
         async with self.context.lock:
@@ -517,6 +526,8 @@ async def async_auth_flow(self, request: httpx.Request) -> AsyncGenerator[httpx.
 
                         prm = await handle_protected_resource_response(discovery_response)
                         if prm:
+                            # Validate PRM resource matches server URL (RFC 8707)
+                            self._validate_resource_match(prm)
                             self.context.protected_resource_metadata = prm
 
                             # todo: try all authorization_servers to find the OASM
@@ -575,9 +586,18 @@ async def async_auth_flow(self, request: httpx.Request) -> AsyncGenerator[httpx.
                                 self.context.get_authorization_base_url(self.context.server_url),
                             )
                             registration_response = yield registration_request
-                            client_information = await handle_registration_response(registration_response)
-                            self.context.client_info = client_information
-                            await self.context.storage.set_client_info(client_information)
+                            try:
+                                client_information = await handle_registration_response(registration_response)
+                                self.context.client_info = client_information
+                                await self.context.storage.set_client_info(client_information)
+                            except OAuthRegistrationError:
+                                # DCR failed — check for pre-registered client credentials
+                                stored_client_info = await self.context.storage.get_client_info()
+                                if stored_client_info:
+                                    logger.debug("DCR failed, using pre-registered client credentials")
+                                    self.context.client_info = stored_client_info
+                                else:
+                                    raise
 
                     # Step 5: Perform authorization and complete token exchange
                     token_response = yield await self._perform_authorization()