Describe the bug

Based on the document MCP servers should follow the standard to implement oauth-protected-resource endpoint in order to make client to self discover mcp server.

As model context protocol is a standard way to interact with any client it should follow the protocol strictly. It doesn't require to be specific setup from client when standard is followed. Ref for the flowhttps://modelcontextprotocol.io/specification/2025-06-18/basic/authorization

Affected version

remote mcp server

Steps to reproduce the behavior

1. use mcp client, such as cursor or mcp-remote
2. start oauth flow.

Expected vs actual behavior

Expected:
Client should discover the endpoint and direct user to oauth page from /.well-known/oauth-protected-resource
Actual:
Client can't start oauth flow because /.well-known/oauth-protected-resource endpoint is not implemented but /.well-known/oauth-protected-resource/mcp is implemented.