coerce 'expires_in' to be a number

[adam-kuhn]

Microsoft Entra login returns a string for the "expires_in" property. The proposed changes addresses this by coercing the string value to a number.

Motivation and Context

When building an MCP server Entra login the token exchange fails a zod validation because "expires_in" is a string.
An issue was originally created for the inspector as that is where this was first noticed, but after some digging I found the root cause to be in the SDK itself.
Example token response:

{
    "token_type": "Bearer",
    "scope": "email openid profile User.Read",
    "expires_in": "5287",
    "ext_expires_in": "5287",
    "expires_on": "1762781958",
    "not_before": "1762776370",
    "resource": "<resource>",
    "access_token": "<access_token>",
    "refresh_token": "<refresh_token>",
    "id_token": "<id_token>"
}

Original issue:
modelcontextprotocol/inspector#912

How Has This Been Tested?

Add unit tests

Breaking Changes

No

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update

Checklist

• I have read the MCP Documentation
• My code follows the repository's style guidelines
• New and existing tests pass locally
• I have added appropriate error handling
• I have added or updated documentation as needed

[pkg-pr-new]

Open in StackBlitz

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/sdk@1111

commit: cc12fbd

[KKonstantinov]

Thank you for working on this. Have resolved some incoming conflicts from main for you.

cc @pcarleton

[KKonstantinov]

Issue seems documented at: https://feedback.azure.com/d365community/idea/7772fd95-26e6-ec11-a81b-0022484ee92d

https://learn.microsoft.com/en-us/answers/questions/877384/azure-active-directory-b2c-authorization-code-flow#answer-877992

[felixweinberger]

Makes sense, thank you