Describe the bug

The .well-known/authorization-metadata endpoint defaults to token_endpoint_auth_methods_supported: ["client_secret_post"] and does not include none. As far as I know none is used for public clients like the claude chat to do the dynamic client registration. When connecting Notion to claude chat, you can see bellow how Notion mcp server includes it. My undestanding it's that the client will check this field to know whether it can use the dynamic client registration or not?

Even in the registration handler https://github.com/modelcontextprotocol/typescript-sdk/blob/main/src/server/auth/handlers/register.ts#L83 you can see what we check for none to know whether it's a public client or not

To Reproduce
Steps to reproduce the behavior:

1. See the response of .well-known/authorization-metadata

Expected behavior

Allow

Logs
If applicable, add logs to help explain your problem.

Additional context
Add any other context about the problem here.