fix(vmcp): allow JSON-RPC client responses through authz middleware#5654
Open
syf2211 wants to merge 3 commits into
Open
fix(vmcp): allow JSON-RPC client responses through authz middleware#5654syf2211 wants to merge 3 commits into
syf2211 wants to merge 3 commits into
Conversation
When MCP clients POST replies to server-initiated requests (e.g. ping responses on the streamable HTTP backchannel), the authz middleware rejected them with 400 because the MCP parser only recognized JSON-RPC requests. Parse responses into context with IsRequest=false and bypass authorization so downstream transport handlers can return 202 per spec. Fixes stacklok#5009
syf2211
requested review from
ChrisJBurns,
JAORMX,
amirejaz,
blkt,
jhrozek,
rdimitrov and
tgrunnagle
as code owners
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #5654 +/- ##
==========================================
+ Coverage 70.37% 70.40% +0.02%
==========================================
Files 649 649
Lines 66170 66180 +10
==========================================
+ Hits 46568 46591 +23
+ Misses 16231 16221 -10
+ Partials 3371 3368 -3 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
github-actions
Bot
added
size/XS
github-actions
Bot
added
size/XS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
When MCP clients POST JSON-RPC responses to server-initiated requests on the streamable HTTP backchannel (e.g. replying to server pings), vMCP returned
400 Invalid or malformed MCP requestinstead of202 Accepted. This caused clients like VS Code and Cursor to tear down sessions every ~30s.Motivation
Per the MCP streamable HTTP spec, the server must return 202 Accepted for accepted JSON-RPC responses/notifications. The authz middleware rejected these messages because the MCP parser only recognized JSON-RPC requests, leaving
GetParsedMCPRequest()nil for valid client responses.Fixes #5009
Changes
pkg/mcp/parser.go: parse JSON-RPC responses into context withIsRequest: falsepkg/authz/middleware.go: bypass method authorization for non-request messagespkg/mcp/parser_test.goandpkg/authz/middleware_test.goTests
All targeted tests pass.
Notes
Method == "") if webhook-enabled streamable-http deployments observe ping-reply regressions; left out of this PR to keep the diff focused on the reported 400 path.