NewClient with SSEClientTransport fails to report 401

[ccreutzi]

Describe the bug
While the streamable client reports a 401 as “Unauthorized,” it seems the SSE client ignores that part. Instead, I get missing endpoint: first event is "", want "endpoint".

To Reproduce
Connect a client with an &SSEClientTransport{Endpoint:"https://mcp.atlassian.com/v1/sse"}. I see this response message from the server to the first connection:

HTTP/2.0 401 Unauthorized
Content-Length: 79
Atl-Request-Id: df8366af-da18-42c2-a585-9d03898faeb5
Atl-Traceid: df8366afda1842c2a5859d03898faeb5
Cf-Ray: 9ac38f62395b3d6d-LHR
Content-Type: application/json
Date: Thu, 11 Dec 2025 08:19:58 GMT
Ge-Edge-Trusted-Cloudflare-Proxy: bWNwLWNsb3VkZmxhcmUK
Nel: {"failure_fraction": 0.01, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
Report-To: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
Server: AtlassianEdge
Server-Timing: atl-edge;dur=22,atl-edge-internal;dur=5,atl-edge-upstream;dur=18,atl-edge-pop;desc="aws-eu-west-2"
Strict-Transport-Security: max-age=63072000; preload
Vary: Accept-Encoding
Www-Authenticate: Bearer realm="OAuth", error="invalid_token", error_description="Missing or invalid access token"
X-Content-Type-Option

With a StreamableClientTransport, that results in NewClient returning an error stating calling "initialize": sending "initialize": failed to connect: Unauthorized. With the SSEClientTransport, the error has a text of missing endpoint: first event is "", want "endpoint".

Expected behavior
The errors between the different transports should be consistent.

Additional context
Ideally, I would like to see some typed error that contains more information.

In my specific situation, I am not interested in adding OAuth inside the transport layer. For architectural reasons, that has to happen further outside, and the NewClient call instead has to indicate the 401 error to be handled upstream.