OAuth handler doesn't support redirect URLs with params

[artdent]

Initial Checks

• I confirm that I'm using the latest version of MCP Python SDK
• I confirm that I searched for my issue in https://github.com/modelcontextprotocol/python-sdk/issues before opening this issue

Description

The oauth redirect handler uses the following logic (https://github.com/modelcontextprotocol/python-sdk/blob/main/src/mcp/client/auth/oauth2.py#L356-L357) to attach parameters to the redirect URL supplied by the server:

        authorization_url = f"{auth_endpoint}?{urlencode(auth_params)}"
        await self.context.redirect_handler(authorization_url)

Unfortunately, this breaks if the auth_endpoint supplied by the server already has URL parameters. For example, at https://api.salesforce.com/.well-known/oauth-authorization-server/platform/mcp/v1/sandbox/platform/sobject-all you can see that the salesforce mcp server has an authorization endpoint of https://test.salesforce.com/services/oauth2/authorize?prompt=select_account.

The end result is that the client tries to visit a URL that loooks like https://test.salesforce.com/services/oauth2/authorize?prompt=select_account?response_type=code&..., which is incorrect.

Example Code

Python & MCP Python SDK

python3 3.13.2
mcp 1.27.2