Implement SEP-1046: OAuth Client Credentials Flow (Extension)

[felixweinberger]

This is a tracking issue for implementation of SEP-1046.

Summary

This SEP adds the OAuth client credentials flow to the MCP authorization specification as an extension to enable machine-to-machine scenarios where end-users are unavailable for interactive authorization. The Rust SDK needs to implement support for JWT Assertions as defined in RFC 7523 for asymmetric authentication, and optionally client secrets via HTTP Basic authentication for maximum compatibility with existing enterprise systems. As an extension, this feature is opt-in and requires explicit support from both clients and servers through capability advertisement.

Related Issues & PRs

• Implementation PRs: n/a
• Related PRs: n/a
• Related Issues: n/a