Add CloneResourceMetadataClonesAllProperties test using public reflection

tests/ModelContextProtocol.AspNetCore.Tests/OAuth/AuthTests.cs

@@ -893,6 +893,101 @@ public async Task ResourceMetadata_DoesNotAddTrailingSlash()
             transport, loggerFactory: LoggerFactory, cancellationToken: TestContext.Current.CancellationToken);
     }
 
+    [Fact]
+    public void CloneResourceMetadataClonesAllProperties()
+    {
+        var propertyNames = typeof(ProtectedResourceMetadata).GetProperties().Select(property => property.Name).ToList();
+
+        // Set metadata properties to non-default values to verify they're copied.
+        var metadata = new ProtectedResourceMetadata
+        {
+            Resource = "https://example.com/resource",
+            AuthorizationServers = ["https://auth1.example.com", "https://auth2.example.com"],
+            BearerMethodsSupported = ["header", "body", "query"],
+            ScopesSupported = ["read", "write", "admin"],
+            JwksUri = "https://example.com/.well-known/jwks.json",
+            ResourceSigningAlgValuesSupported = ["RS256", "ES256"],
+            ResourceName = "Test Resource",
+            ResourceDocumentation = "https://docs.example.com",
+            ResourcePolicyUri = "https://example.com/policy",
+            ResourceTosUri = "https://example.com/terms",
+            TlsClientCertificateBoundAccessTokens = true,
+            AuthorizationDetailsTypesSupported = ["payment_initiation", "account_information"],
+            DpopSigningAlgValuesSupported = ["RS256", "PS256"],
+            DpopBoundAccessTokensRequired = true
+        };
+
+        var clonedMetadata = metadata.Clone();
+
+        // Ensure the cloned metadata is not the same instance
+        Assert.NotSame(metadata, clonedMetadata);
+
+        // Verify Resource property
+        Assert.Equal(metadata.Resource, clonedMetadata.Resource);
+        Assert.True(propertyNames.Remove(nameof(metadata.Resource)));
+
+        // Verify AuthorizationServers list is cloned and contains the same values
+        Assert.NotSame(metadata.AuthorizationServers, clonedMetadata.AuthorizationServers);
+        Assert.Equal(metadata.AuthorizationServers, clonedMetadata.AuthorizationServers);
+        Assert.True(propertyNames.Remove(nameof(metadata.AuthorizationServers)));
+
+        // Verify BearerMethodsSupported list is cloned and contains the same values
+        Assert.NotSame(metadata.BearerMethodsSupported, clonedMetadata.BearerMethodsSupported);
+        Assert.Equal(metadata.BearerMethodsSupported, clonedMetadata.BearerMethodsSupported);
+        Assert.True(propertyNames.Remove(nameof(metadata.BearerMethodsSupported)));
+
+        // Verify ScopesSupported list is cloned and contains the same values
+        Assert.NotSame(metadata.ScopesSupported, clonedMetadata.ScopesSupported);
+        Assert.Equal(metadata.ScopesSupported, clonedMetadata.ScopesSupported);
+        Assert.True(propertyNames.Remove(nameof(metadata.ScopesSupported)));
+
+        // Verify JwksUri property
+        Assert.Equal(metadata.JwksUri, clonedMetadata.JwksUri);
+        Assert.True(propertyNames.Remove(nameof(metadata.JwksUri)));
+
+        // Verify ResourceSigningAlgValuesSupported list is cloned (nullable list)
+        Assert.NotSame(metadata.ResourceSigningAlgValuesSupported, clonedMetadata.ResourceSigningAlgValuesSupported);
+        Assert.Equal(metadata.ResourceSigningAlgValuesSupported, clonedMetadata.ResourceSigningAlgValuesSupported);
+        Assert.True(propertyNames.Remove(nameof(metadata.ResourceSigningAlgValuesSupported)));
+
+        // Verify ResourceName property
+        Assert.Equal(metadata.ResourceName, clonedMetadata.ResourceName);
+        Assert.True(propertyNames.Remove(nameof(metadata.ResourceName)));
+
+        // Verify ResourceDocumentation property
+        Assert.Equal(metadata.ResourceDocumentation, clonedMetadata.ResourceDocumentation);
+        Assert.True(propertyNames.Remove(nameof(metadata.ResourceDocumentation)));
+
+        // Verify ResourcePolicyUri property
+        Assert.Equal(metadata.ResourcePolicyUri, clonedMetadata.ResourcePolicyUri);
+        Assert.True(propertyNames.Remove(nameof(metadata.ResourcePolicyUri)));
+
+        // Verify ResourceTosUri property
+        Assert.Equal(metadata.ResourceTosUri, clonedMetadata.ResourceTosUri);
+        Assert.True(propertyNames.Remove(nameof(metadata.ResourceTosUri)));
+
+        // Verify TlsClientCertificateBoundAccessTokens property
+        Assert.Equal(metadata.TlsClientCertificateBoundAccessTokens, clonedMetadata.TlsClientCertificateBoundAccessTokens);
+        Assert.True(propertyNames.Remove(nameof(metadata.TlsClientCertificateBoundAccessTokens)));
+
+        // Verify AuthorizationDetailsTypesSupported list is cloned (nullable list)
+        Assert.NotSame(metadata.AuthorizationDetailsTypesSupported, clonedMetadata.AuthorizationDetailsTypesSupported);
+        Assert.Equal(metadata.AuthorizationDetailsTypesSupported, clonedMetadata.AuthorizationDetailsTypesSupported);
+        Assert.True(propertyNames.Remove(nameof(metadata.AuthorizationDetailsTypesSupported)));
+
+        // Verify DpopSigningAlgValuesSupported list is cloned (nullable list)
+        Assert.NotSame(metadata.DpopSigningAlgValuesSupported, clonedMetadata.DpopSigningAlgValuesSupported);
+        Assert.Equal(metadata.DpopSigningAlgValuesSupported, clonedMetadata.DpopSigningAlgValuesSupported);
+        Assert.True(propertyNames.Remove(nameof(metadata.DpopSigningAlgValuesSupported)));
+
+        // Verify DpopBoundAccessTokensRequired property
+        Assert.Equal(metadata.DpopBoundAccessTokensRequired, clonedMetadata.DpopBoundAccessTokensRequired);
+        Assert.True(propertyNames.Remove(nameof(metadata.DpopBoundAccessTokensRequired)));
+
+        // Ensure we've checked every property. When new properties get added, we'll have to update this test along with the Clone implementation.
+        Assert.Empty(propertyNames);
+    }
+
     [Fact]
     public async Task ResourceMetadata_PreservesExplicitTrailingSlash()
     {