Drop iss slash-stripping workaround now that empty paths are preserved

With url_preserve_empty_path on the OAuth metadata models (#2925), the issuer
parsed from the wire keeps its empty path, so str(oauth_metadata.issuer) is
already the byte-exact value the authorization server transmitted. Remove
_strip_authority_trailing_slash / raw_issuer and compare directly.

This also fixes the false rejection the heuristic introduced for an issuer that
genuinely ends in a trailing slash (e.g. Auth0's https://tenant.auth0.com/):
its redirect iss now matches its advertised issuer instead of being stripped.

Author: Kludex

src/mcp/client/auth/utils.py

@@ -211,23 +211,6 @@ async def handle_auth_metadata_response(response: Response) -> tuple[bool, OAuth
     return True, None
 
 
-def _strip_authority_trailing_slash(url: str) -> str:
-    """Drop the lone trailing slash `AnyHttpUrl` appends to a path-less authority.
-
-    RFC 9207 / SEP-2468 mandate simple string comparison (RFC 3986 section 6.2.1), so issuers
-    must be compared as sent. `AnyHttpUrl` rewrites `https://as` to `https://as/`, which would
-    defeat the comparison; undo only that, leaving issuers with a real path untouched.
-    """
-    if url.endswith("/") and urlparse(url).path == "/":
-        return url[:-1]
-    return url
-
-
-def raw_issuer(oauth_metadata: OAuthMetadata) -> str:
-    """Return the issuer as the authorization server transmitted it, before URL normalization."""
-    return _strip_authority_trailing_slash(str(oauth_metadata.issuer))
-
-
 def validate_authorization_response_iss(iss: str | None, oauth_metadata: OAuthMetadata | None) -> None:
     """Validate the RFC 9207 `iss` authorization-response parameter.
 
@@ -241,7 +224,7 @@ def validate_authorization_response_iss(iss: str | None, oauth_metadata: OAuthMe
         OAuthFlowError: If `iss` is present and does not match, or is absent when the
             authorization server advertised support.
     """
-    expected = raw_issuer(oauth_metadata) if oauth_metadata else None
+    expected = str(oauth_metadata.issuer) if oauth_metadata else None
 
     if iss is not None:
         if iss != expected:
@@ -261,10 +244,9 @@ def validate_metadata_issuer(oauth_metadata: OAuthMetadata, expected_issuer: str
     Raises:
         OAuthFlowError: If the metadata issuer does not match `expected_issuer`.
     """
-    expected = _strip_authority_trailing_slash(expected_issuer)
-    if raw_issuer(oauth_metadata) != expected:
+    if str(oauth_metadata.issuer) != expected_issuer:
         raise OAuthFlowError(
-            f"Authorization server metadata issuer mismatch: {raw_issuer(oauth_metadata)} != {expected}"
+            f"Authorization server metadata issuer mismatch: {oauth_metadata.issuer} != {expected_issuer}"
         )
 
 

tests/client/test_auth.py

@@ -24,7 +24,6 @@
     get_client_metadata_scopes,
     handle_registration_response,
     is_valid_client_metadata_url,
-    raw_issuer,
     should_use_client_metadata_url,
     validate_authorization_response_iss,
     validate_metadata_issuer,
@@ -2642,31 +2641,35 @@ async def callback_handler() -> AuthorizationCodeResult:
             pass
 
 
-# A path-bearing issuer so a trailing slash is a genuine difference under simple string comparison
-# (AnyHttpUrl normalizes a bare host to a trailing slash, which would hide the distinction).
-_ISSUER = "https://as.example.com/tenant"
+_ISSUER = "https://as.example.com"
 
 
 def _issuer_metadata(*, issuer: str = _ISSUER, iss_supported: bool | None = None) -> OAuthMetadata:
-    return OAuthMetadata(
-        issuer=AnyHttpUrl(issuer),
-        authorization_endpoint=AnyHttpUrl(f"{issuer}/authorize"),
-        token_endpoint=AnyHttpUrl(f"{issuer}/token"),
-        authorization_response_iss_parameter_supported=iss_supported,
+    # Validate from string inputs so url_preserve_empty_path keeps the issuer as transmitted,
+    # matching the wire path (model_validate_json) rather than normalizing a bare authority.
+    return OAuthMetadata.model_validate(
+        {
+            "issuer": issuer,
+            "authorization_endpoint": f"{issuer}/authorize",
+            "token_endpoint": f"{issuer}/token",
+            "authorization_response_iss_parameter_supported": iss_supported,
+        }
     )
 
 
 @pytest.mark.parametrize(
-    ("iss", "iss_supported"),
+    ("issuer", "iss", "iss_supported"),
     [
-        pytest.param(_ISSUER, True, id="advertised-and-correct"),
-        pytest.param(None, None, id="not-advertised-and-omitted"),
-        pytest.param(_ISSUER, None, id="not-advertised-but-correct"),
+        pytest.param(_ISSUER, _ISSUER, True, id="advertised-and-correct"),
+        pytest.param(_ISSUER, None, None, id="not-advertised-and-omitted"),
+        pytest.param(_ISSUER, _ISSUER, None, id="not-advertised-but-correct"),
+        # An issuer that genuinely ends in a slash (e.g. Auth0) must match its own iss.
+        pytest.param("https://as.example.com/", "https://as.example.com/", True, id="trailing-slash-issuer"),
     ],
 )
-def test_validate_authorization_response_iss_accepts(iss: str | None, iss_supported: bool | None):
+def test_validate_authorization_response_iss_accepts(issuer: str, iss: str | None, iss_supported: bool | None):
     """RFC 9207: a matching or legitimately absent iss is accepted."""
-    validate_authorization_response_iss(iss, _issuer_metadata(iss_supported=iss_supported))
+    validate_authorization_response_iss(iss, _issuer_metadata(issuer=issuer, iss_supported=iss_supported))
 
 
 @pytest.mark.parametrize(
@@ -2692,20 +2695,9 @@ def test_validate_authorization_response_iss_without_metadata():
 
 
 def test_validate_metadata_issuer_accepts_match():
-    validate_metadata_issuer(_issuer_metadata(issuer=_ISSUER), str(AnyHttpUrl(_ISSUER)))
+    validate_metadata_issuer(_issuer_metadata(issuer=_ISSUER), _ISSUER)
 
 
 def test_validate_metadata_issuer_rejects_mismatch():
     with pytest.raises(OAuthFlowError, match="metadata issuer mismatch"):
-        validate_metadata_issuer(_issuer_metadata(issuer="https://attacker.example.com"), str(AnyHttpUrl(_ISSUER)))
-
-
-def test_raw_issuer_strips_only_authority_trailing_slash():
-    """The slash AnyHttpUrl adds to a bare authority is dropped; a real path keeps its slash."""
-    assert raw_issuer(_issuer_metadata(issuer="https://as.example.com")) == "https://as.example.com"
-    assert raw_issuer(_issuer_metadata(issuer="https://as.example.com/tenant")) == "https://as.example.com/tenant"
-
-
-def test_validate_metadata_issuer_ignores_authority_trailing_slash():
-    """A bare-authority issuer matches whether or not the discovery URL carries the slash."""
-    validate_metadata_issuer(_issuer_metadata(issuer="https://as.example.com"), "https://as.example.com")
+        validate_metadata_issuer(_issuer_metadata(issuer="https://attacker.example.com"), _ISSUER)

tests/interaction/auth/_provider.py

@@ -57,10 +57,11 @@ def __init__(
         issuer: str | None = None,
     ) -> None:
         self._default_scopes = list(default_scopes) if default_scopes is not None else ["mcp"]
-        # The authorization-response iss must match the AS issuer the client recorded (RFC 9207
-        # simple string comparison); the client strips the trailing slash AnyHttpUrl adds to a
-        # path-less issuer, so the redirect carries the bare origin. Path-issuer tests pass it.
-        self._issuer = issuer if issuer is not None else BASE_URL
+        # The authorization-response iss must equal the AS metadata issuer the client recorded
+        # (RFC 9207 simple string comparison). `real_asm` builds the issuer from an AnyHttpUrl
+        # object, so it carries the trailing slash; the redirect iss matches it. Path-issuer
+        # tests pass the recorded issuer explicitly.
+        self._issuer = issuer if issuer is not None else f"{BASE_URL}/"
         self._deny_authorize = deny_authorize
         self._issue_expired_first = issue_expired_first
         self._fail_next_refresh = fail_next_refresh

tests/interaction/auth/test_discovery.py

@@ -19,7 +19,6 @@
 
 from mcp import types
 from mcp.client.auth import OAuthFlowError, OAuthRegistrationError
-from mcp.client.auth.utils import raw_issuer
 from mcp.server import Server, ServerRequestContext
 from mcp.shared.auth import OAuthMetadata, ProtectedResourceMetadata
 from mcp.types import ListToolsResult, Tool
@@ -240,7 +239,7 @@ async def test_as_metadata_discovery_falls_back_through_the_spec_endpoint_order(
     asm = real_asm()
     asm.issuer = AnyHttpUrl(authorization_server)
     # The redirect iss must equal the issuer the client records from this metadata.
-    provider = InMemoryAuthorizationServerProvider(issuer=raw_issuer(asm))
+    provider = InMemoryAuthorizationServerProvider(issuer=str(asm.issuer))
     server = Server("guarded", on_list_tools=list_tools)
 
     prm = ProtectedResourceMetadata(