Fix: Add Mcp-Session-Id header for HTTP backend initialization#178
Fix: Add Mcp-Session-Id header for HTTP backend initialization#178
Conversation
- HTTP backends now receive Mcp-Session-Id header during initialization
- Use "gateway-init-{serverID}" as session ID for initialization calls
- Add comprehensive tests for HTTP backend session ID handling
- All existing tests continue to pass
Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
- Add comprehensive documentation on session ID handling - Explain initialization and client request flows - Include troubleshooting and debugging tips - Update .gitignore to exclude test configuration files Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
|
@copilot the safeinputs source is availble below. please use it to test your solution https://github.com/githubnext/gh-aw/blob/main/actions/setup/js/safe_inputs_mcp_server.cjs |
…D enforcement
- Create TestSafeinputsHTTPBackend that simulates the exact error scenario
- Mock HTTP server strictly enforces Mcp-Session-Id header requirement
- Verifies gateway sends session ID during initialization
- Test confirms fix resolves "Missing Mcp-Session-Id header" error
- Validates session ID pattern: gateway-init-{serverID}
Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
Created integration test
Test passes ✅ (commit bac00c5) Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
|
@copilot can you fix these linting errors Running [/home/runner/golangci-lint-2.7.2-linux-amd64/golangci-lint run --timeout=5m] in [/home/runner/work/gh-aw-mcpg/gh-aw-mcpg] ...
Error: issues found |
- Replace if-else chain with switch statement on req.Method - Addresses staticcheck linting error QF1003 in unified_http_backend_test.go Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
Fixed staticcheck QF1003 linting error by replacing if-else chain with tagged switch statement on |
Fix MCP Session ID Handling for HTTP Backend Servers ✅
Problem
HTTP backend MCP servers were rejecting requests with error "Missing Mcp-Session-Id header" during initialization, preventing the gateway from starting.
Root Cause
When the gateway initializes and calls
tools/liston HTTP backend servers to discover available tools, it usedcontext.Background()which has no session ID. HTTP backends that require theMcp-Session-Idheader in all requests would fail with a 400 Bad Request error.Solution
registerToolsFromBackendinunified.goto create a context with session ID for HTTP backendsMcp-Session-Idheader when sending HTTP requestsChanges Made
registerToolsFromBackend(unified.go:183)make agent-finished- all checks pass ✓Tests Added
Documentation
docs/HTTP_BACKEND_SESSION_ID.mdwith complete explanation:Verification ✅
Backward Compatibility
This change is fully backward compatible:
Impact
This fix enables the gateway to work with HTTP MCP servers that strictly enforce the
Mcp-Session-Idheader requirement, such as the safeinputs server mentioned in the issue.💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.