Support Microsoft Azure as Auth Server

[2underscores]

Adds Azure specific checks and bypasses to allow MCP servers to use Azure AD as their authorization server (AS). Specifically:

• Ignores omission of PKCE support in metadata (Azure does not advertise in metadata but does support)
• Changes resource param to scope param

Issues described in both:

• Workarounds Required to Support Microsoft Azure as Auth Server #862
• Azure OIDC discovery metadata missing code_challenge_methods_supported breaks S256 PKCE validation #832

Motivation and Context

Microsoft Azure is ubiquitous in enterprise auth and will be used by MCP servers. Currently this SDK cannot be used when developing MCP clients in this case, as it does not allow some of Azure's quirks.

If this SDK wants to be broadly adopted in enterprise, it should support Azure.

How Has This Been Tested?

Tested using the MCP inspector using custom fork of MCP Typescript SDK. Tested both a non-Azure remote MCP server (Neon) and custom MCP server with Azure.

Breaking Changes

• None? It does change the SDKs interface slightly in that a case that previously just would error out (MCP with Azure AS) will no longer throw an error and instead be successful. Potentially client logic dependant on the azure failure may no longer fire.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)

Additional context

Code feels a bit ugly, mostly because it's doing something ugly (adding bypasses for large issuers that break spec in some small ways), however happy to refactor however required if it's decided Azure support is worth the concessions to the spec.