proposal: auth package with OAuth types #255
Description
First, let's add an auth package, a peer of mcp. It will hold everything auth-related, to keep it from cluttering mcp.
The two initial types are:
ClientOptions: a struct with values that the client can set on creation. Initial fields:
ClientID,ClientSecret: these can hold the required OAuth fields in case the auth server doesn't support dynamic client registration.RedirectURI: another part of the OAuth flow. I don't see how this could be provided in any other way (and thus perhaps it is not an "option"; but I will research this further).
auth.ClientOptions would be the type of a field in mcp.StreamableClientTransportOptions.
ServerInfo: this is close to what I called AuthInfo in #237. It holds the result of validating the access token, and perhaps the raw token itself if that's of any use to anyone. It will have some fixed fields, but will also need a map[string]any because the token format is open-ended, and even in the common case of JWT, the claims are open-ended.