@@ -160,7 +160,7 @@ func TestParseCIMDMetadata_OK(t *testing.T) {
160160 "client_name": "Claude",
161161 "client_uri": "https://claude.ai",
162162 "redirect_uris": ["https://claude.ai/api/mcp/auth_callback"],
163- "grant_types": ["authorization_code","refresh_token"],
163+ "grant_types": ["authorization_code","refresh_token","urn:ietf:params:oauth:grant-type:jwt-bearer" ],
164164 "response_types": ["code"],
165165 "token_endpoint_auth_method": "none"
166166 }` )
@@ -183,7 +183,10 @@ func TestParseCIMDMetadata_Reject(t *testing.T) {
183183 "empty_redirect_uris" : `{"client_id":"` + u + `","client_name":"X","redirect_uris":[],"token_endpoint_auth_method":"none"}` ,
184184 "duplicate_redirect_uris" : `{"client_id":"` + u + `","client_name":"X","redirect_uris":["https://x/cb","https://x/cb"],"token_endpoint_auth_method":"none"}` ,
185185 "http_redirect_uri" : `{"client_id":"` + u + `","client_name":"X","redirect_uris":["http://x/cb"],"token_endpoint_auth_method":"none"}` ,
186- "unsupported_grant" : `{"client_id":"` + u + `","client_name":"X","redirect_uris":["https://x/cb"],"token_endpoint_auth_method":"none","grant_types":["password"]}` ,
186+ // Unknown grant_types are now TOLERATED (claude.ai publishes jwt-bearer);
187+ // this case still rejects, but because authorization_code is absent — not
188+ // because "password" itself is unsupported. See parseCIMDMetadata.
189+ "grant_types_without_authcode" : `{"client_id":"` + u + `","client_name":"X","redirect_uris":["https://x/cb"],"token_endpoint_auth_method":"none","grant_types":["password"]}` ,
187190 "unsupported_response" : `{"client_id":"` + u + `","client_name":"X","redirect_uris":["https://x/cb"],"token_endpoint_auth_method":"none","response_types":["token"]}` ,
188191 "empty_name" : `{"client_id":"` + u + `","client_name":"","redirect_uris":["https://x/cb"],"token_endpoint_auth_method":"none"}` ,
189192 "oversize_name" : `{"client_id":"` + u + `","client_name":"` + strings .Repeat ("a" , cimdMaxClientNameLength + 1 ) + `","redirect_uris":["https://x/cb"],"token_endpoint_auth_method":"none"}` ,
0 commit comments