Webhooks #777
Webhooks #777
Conversation
| ), | ||
| HTTPStatus.OK, | ||
| ) | ||
| asyncio.create_task( |
There was a problem hiding this comment.
issue: we should start the this task before responding with a 200
There was a problem hiding this comment.
My understanding is that MCP should send a 200 to acknowledge the tool call prior to actually attempting to start the job. The idea is that it acts as an ack of the job and has no bearing whatsoever with the success/failure of the tool call. Ideally this should be a 202 but based on the current spec, 202 is reserved for responses when the input to the server is a response or notification.
Even if the job starts before sending the response, there won't be any functional difference since the task will be carried out asynchronously, right?
| for webhook in webhooks: | ||
| headers = {"Content-Type": CONTENT_TYPE_JSON} | ||
| # Add authorization headers | ||
| if webhook.authentication and webhook.authentication.credentials: |
There was a problem hiding this comment.
question: how much of the auth logic is duplicate from what is there for Streamable HTTP? Can auth stuff be abstracted into a helper layer if it is same?
There was a problem hiding this comment.
Apart from some parts that deal with bearer token, none of the other auth mechanisms are addressed in MCP. The parts that deal with bearer token are also not currently added in a way that makes them reusable for our purpose.
The auth logic here can be abstracted out into helper functions but there may be no reusability for now since it isn't used elsewhere.
| creds_dict = json.loads(webhook.authentication.credentials) | ||
| if "username" in creds_dict and "password" in creds_dict: | ||
| # Create basic auth header from username and password | ||
| import base64 |
There was a problem hiding this comment.
suggestion: generally it is not a good idea to do imports in the runtime code like this as things that would fail at server startup may not fail until a request comes in that hits this path. Better to import this up top directly imo despite the fact that it might lead to more deps. btw is base64 part of the standard python libs?
There was a problem hiding this comment.
It is a python standard library. I will import it at the top.
Motivation and Context
This is draft PR for the changes discussed in specification discussion #523.
How Has This Been Tested?
Tested by setting up a webhook, client and server locally. The webhook received all messages when the server was setup with streamable http. It was tested for both json_response True and False. All units tests succeeded.
Breaking Changes
None
Types of changes
Checklist