fix(auth): accept empty optional OAuth client metadata URLs

[mrutunjay-kinagi]

Summary

• normalize empty-string optional URL fields in OAuthClientMetadata to None before URL validation
• keep existing URL validation rules for non-empty values
• add a regression test for empty client_uri/logo_uri/tos_uri/policy_uri/jwks_uri inputs

Why

Fixes validation failures when auth servers emit empty strings for optional client metadata URL fields.

Closes #1665

Validation

• pytest -q tests/client/test_auth.py -k "empty_optional_uris"
• ruff check src/mcp/shared/auth.py tests/client/test_auth.py
• ruff format --check src/mcp/shared/auth.py tests/client/test_auth.py

[mrutunjay-kinagi]

Follow-up pushed in e9a78ec to fix the pre-commit failure by validating the empty-URI fixture via (runtime path) instead of passing empty strings directly to typed constructor params.

[mrutunjay-kinagi]

Follow-up pushed in e9a78ec to fix the pre-commit pyright failure.

Change made:

• Updated the empty-URI regression test to use OAuthClientMetadata.model_validate({...}) so empty strings are exercised through runtime validation without violating static constructor type checks.

[mrutunjay-kinagi]

All checks are now passing on the latest commit (e9a78ec).

Ready for maintainer review when you have bandwidth. Thanks!