From 2a66e6d4d54d7b250050b89f9ee7f9830e865789 Mon Sep 17 00:00:00 2001
From: Li Zongrong <389006500@qq.com>
Date: Tue, 2 Jun 2026 00:02:56 +0200
Subject: [PATCH] =?UTF-8?q?fix:=20add=20invalid=5Ftarget=20to=20Authorizat?=
 =?UTF-8?q?ionErrorCode=20per=20RFC=208707=20=C2=A72?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

RFC 8707 defines invalid_target as the OAuth 2.0 error code for
resource-indicator mismatches. The Python SDK AuthorizationErrorCode
Literal was missing this value, causing pydantic ValidationError.

Closes #2641
---
 src/mcp/server/auth/provider.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/mcp/server/auth/provider.py b/src/mcp/server/auth/provider.py
index 4ce113757..19f6602d6 100644
--- a/src/mcp/server/auth/provider.py
+++ b/src/mcp/server/auth/provider.py
@@ -68,6 +68,7 @@ class RegistrationError(Exception):
     "invalid_scope",
     "server_error",
     "temporarily_unavailable",
+    "invalid_target",  # RFC 8707 §2
 ]