Update aud assertion to match AS issuer

LucaButBoring · LucaButBoring · commit 5b1d45beb12d · 2025-10-28T14:32:37.000-07:00
diff --git a/src/mcp/client/auth/extensions/client_credentials.py b/src/mcp/client/auth/extensions/client_credentials.py
@@ -102,14 +102,18 @@ def _add_client_authentication_jwt(self, *, token_data: dict[str, Any]):
         """Add JWT assertion for client authentication to token endpoint parameters."""
         if not self.jwt_parameters:
             raise OAuthTokenError("Missing JWT parameters for private_key_jwt flow")
+        if not self.context.oauth_metadata:
+            raise OAuthTokenError("Missing OAuth metadata for private_key_jwt flow")
 
-        token_url = self._get_token_endpoint()
-        assertion = self.jwt_parameters.to_assertion(with_audience_fallback=token_url)
+        # We need to set the audience to the issuer identifier of the authorization server
+        # https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rfc7523bis-01#name-updates-to-rfc-7523
+        issuer = str(self.context.oauth_metadata.issuer)
+        assertion = self.jwt_parameters.to_assertion(with_audience_fallback=issuer)
 
         # When using private_key_jwt, in a client_credentials flow, we use RFC 7523 Section 2.2
         token_data["client_assertion"] = assertion
         token_data["client_assertion_type"] = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
-        # We need to set the audience to the token endpoint, the audience is difference from the one in claims
+        # We need to set the audience to the resource server, the audience is difference from the one in claims
         # it represents the resource server that will validate the token
         token_data["audience"] = self.context.get_resource_url()
 
@@ -119,9 +123,13 @@ async def _exchange_token_jwt_bearer(self) -> httpx.Request:
             raise OAuthFlowError("Missing client info")
         if not self.jwt_parameters:
             raise OAuthFlowError("Missing JWT parameters")
+        if not self.context.oauth_metadata:
+            raise OAuthTokenError("Missing OAuth metadata")
 
-        token_url = self._get_token_endpoint()
-        assertion = self.jwt_parameters.to_assertion(with_audience_fallback=token_url)
+        # We need to set the audience to the issuer identifier of the authorization server
+        # https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rfc7523bis-01#name-updates-to-rfc-7523
+        issuer = str(self.context.oauth_metadata.issuer)
+        assertion = self.jwt_parameters.to_assertion(with_audience_fallback=issuer)
 
         token_data = {
             "grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer",
@@ -134,6 +142,7 @@ async def _exchange_token_jwt_bearer(self) -> httpx.Request:
         if self.context.client_metadata.scope:
             token_data["scope"] = self.context.client_metadata.scope
 
+        token_url = self._get_token_endpoint()
         return httpx.Request(
             "POST", token_url, data=token_data, headers={"Content-Type": "application/x-www-form-urlencoded"}
         )
diff --git a/tests/client/auth/extensions/test_client_credentials.py b/tests/client/auth/extensions/test_client_credentials.py
@@ -5,7 +5,7 @@
 from pydantic import AnyHttpUrl, AnyUrl
 
 from mcp.client.auth.extensions.client_credentials import JWTParameters, RFC7523OAuthClientProvider
-from mcp.shared.auth import OAuthClientInformationFull, OAuthClientMetadata, OAuthToken
+from mcp.shared.auth import OAuthClientInformationFull, OAuthClientMetadata, OAuthMetadata, OAuthToken
 
 
 class MockTokenStorage:
@@ -75,6 +75,12 @@ async def test_token_exchange_request_jwt_predefined(self, rfc7523_oauth_provide
             redirect_uris=None,
             scope="read write",
         )
+        rfc7523_oauth_provider.context.oauth_metadata = OAuthMetadata(
+            issuer=AnyHttpUrl("https://api.example.com"),
+            authorization_endpoint=AnyHttpUrl("https://api.example.com/authorize"),
+            token_endpoint=AnyHttpUrl("https://api.example.com/token"),
+            registration_endpoint=AnyHttpUrl("https://api.example.com/register"),
+        )
         rfc7523_oauth_provider.context.client_metadata = rfc7523_oauth_provider.context.client_info
         rfc7523_oauth_provider.context.protocol_version = "2025-06-18"
         rfc7523_oauth_provider.jwt_parameters = JWTParameters(
@@ -108,6 +114,12 @@ async def test_token_exchange_request_jwt(self, rfc7523_oauth_provider: RFC7523O
             redirect_uris=None,
             scope="read write",
         )
+        rfc7523_oauth_provider.context.oauth_metadata = OAuthMetadata(
+            issuer=AnyHttpUrl("https://api.example.com"),
+            authorization_endpoint=AnyHttpUrl("https://api.example.com/authorize"),
+            token_endpoint=AnyHttpUrl("https://api.example.com/token"),
+            registration_endpoint=AnyHttpUrl("https://api.example.com/register"),
+        )
         rfc7523_oauth_provider.context.client_metadata = rfc7523_oauth_provider.context.client_info
         rfc7523_oauth_provider.context.protocol_version = "2025-06-18"
         rfc7523_oauth_provider.jwt_parameters = JWTParameters(
@@ -141,7 +153,7 @@ async def test_token_exchange_request_jwt(self, rfc7523_oauth_provider: RFC7523O
             assertion,
             key="a-string-secret-at-least-256-bits-long",
             algorithms=["HS256"],
-            audience="https://api.example.com/token",
+            audience="https://api.example.com/",
             subject="1234567890",
             issuer="foo",
             verify=True,
