fix: validate DCR redirect URIs

[fengjikui]

Summary

Fixes #2629.

• validate dynamic client registration redirect URIs before storing the client
• reject non-HTTPS, non-loopback, and fragmented redirect URIs with invalid_redirect_uri
• keep HTTPS redirect URIs with query strings and loopback HTTP redirect URIs valid
• update the interaction requirement now that the bundled registration handler enforces this boundary

Validation

• uv run ruff check src/mcp/server/auth/handlers/register.py tests/interaction/auth/test_as_handlers.py tests/interaction/_requirements.py
• uv run ruff format --check src/mcp/server/auth/handlers/register.py tests/interaction/auth/test_as_handlers.py tests/interaction/_requirements.py
• uv run pyright src/mcp/server/auth/handlers/register.py tests/interaction/auth/test_as_handlers.py tests/interaction/_requirements.py
• env -u ALL_PROXY -u all_proxy -u HTTP_PROXY -u http_proxy -u HTTPS_PROXY -u https_proxy uv run pytest tests/interaction/auth/test_as_handlers.py tests/interaction/test_coverage.py -q
• env -u ALL_PROXY -u all_proxy -u HTTP_PROXY -u http_proxy -u HTTPS_PROXY -u https_proxy uv run pytest tests/server/mcpserver/auth/test_auth_integration.py -k client_registration -q
• env -u ALL_PROXY -u all_proxy -u HTTP_PROXY -u http_proxy -u HTTPS_PROXY -u https_proxy uv run coverage erase && env -u ALL_PROXY -u all_proxy -u HTTP_PROXY -u http_proxy -u HTTPS_PROXY -u https_proxy uv run coverage run -m pytest -n auto && env -u ALL_PROXY -u all_proxy -u HTTP_PROXY -u http_proxy -u HTTPS_PROXY -u https_proxy uv run coverage combine && env -u ALL_PROXY -u all_proxy -u HTTP_PROXY -u http_proxy -u HTTPS_PROXY -u https_proxy uv run coverage report -> 2598 passed, 5 skipped, 9 xfailed, TOTAL 100.00%