Implement SEP-990: Enterprise Managed Authorization (Extension)

[devcrocod]

This is a tracking issue for implementation of SEP-990.

Summary

This SEP provides an extension to the MCP OAuth profile designed to facilitate secure and interoperable authorization of MCP clients within corporate environments by leveraging existing enterprise identity infrastructure. For end users, this removes the need to manually connect and authorize MCP clients to individual services within the organization. For enterprise administrators, this enables visibility and control over which MCP servers can be used within the organization. This extension augments the existing OAuth profile by providing an alternative when used under an enterprise IdP, allowing MCP clients to opt in to this profile when necessary.

The Kotlin SDK currently does not provide built-in OAuth or authorization functionality. This implementation will require adding support for the Enterprise Managed Authorization extension, including: enterprise IdP integration for OAuth flows, client-side opt-in mechanisms for the enterprise authorization profile, support for enterprise policy controls and visibility requirements, integration with existing enterprise identity infrastructure patterns, and proper handling of the augmented OAuth flow specific to corporate environments. This should be implemented as part of an optional OAuth extension module for the SDK, coordinating with implementations of related OAuth SEPs (SEP-991, SEP-1046, SEP-835) to provide a comprehensive OAuth solution for both standard and enterprise scenarios.