Module: MCPClient::HttpTransportBase

Includes:

JsonRpcCommon

Included in:

ServerHTTP::JsonRpcTransport, ServerStreamableHTTP::JsonRpcTransport

Defined in:

lib/mcp_client/http_transport_base.rb

Overview

Base module for HTTP-based JSON-RPC transports Contains common functionality shared between HTTP and Streamable HTTP transports

Instance Method Summary

• #rpc_notify(method, params = {}) ⇒ void

  Send a JSON-RPC notification (no response expected).

• #rpc_request(method, params = {}) ⇒ Object

  Generic JSON-RPC request: send method with params and return result.

• #terminate_session ⇒ Boolean

  Terminate the current session with the server Sends an HTTP DELETE request with the session ID to properly close the session.

• #valid_server_url?(url) ⇒ Boolean

  Validate the server’s base URL for security.

• #valid_session_id?(session_id) ⇒ Boolean

  Validate session ID format for security.

Methods included from JsonRpcCommon

#build_jsonrpc_notification, #build_jsonrpc_request, #ping, #process_jsonrpc_response, #with_retry

Instance Method Details

#rpc_notify(method, params = {}) ⇒ void

This method returns an undefined value.

Send a JSON-RPC notification (no response expected)

Parameters:

• method (String) —

  JSON-RPC method name

• params (Hash) (defaults to: {}) —

  parameters for the notification

# File 'lib/mcp_client/http_transport_base.rb', line 34

def rpc_notify(method, params = {})
  ensure_connected

  notif = build_jsonrpc_notification(method, params)

  begin
    send_http_request(notif)
  rescue MCPClient::Errors::ServerError, MCPClient::Errors::ConnectionError, Faraday::ConnectionFailed => e
    raise MCPClient::Errors::TransportError, "Failed to send notification: #{e.message}"
  end
end

#rpc_request(method, params = {}) ⇒ Object

Generic JSON-RPC request: send method with params and return result

Parameters:

• method (String) —

  JSON-RPC method name

• params (Hash) (defaults to: {}) —

  parameters for the request

Returns:

• (Object) —

  result from JSON-RPC response

Raises:

• (MCPClient::Errors::ConnectionError) —

  if connection is not active

• (MCPClient::Errors::ServerError) —

  if server returns an error

• (MCPClient::Errors::TransportError) —

  if response isn’t valid JSON

• (MCPClient::Errors::ToolCallError) —

  for other errors during request execution

# File 'lib/mcp_client/http_transport_base.rb', line 20

def rpc_request(method, params = {})
  ensure_connected

  with_retry do
    request_id = @mutex.synchronize { @request_id += 1 }
    request = build_jsonrpc_request(method, params, request_id)
    send_jsonrpc_request(request)
  end
end

#terminate_session ⇒ Boolean

Terminate the current session with the server Sends an HTTP DELETE request with the session ID to properly close the session

Returns:

• (Boolean) —

  true if termination was successful

Raises:

• (MCPClient::Errors::ConnectionError) —

  if termination fails

# File 'lib/mcp_client/http_transport_base.rb', line 50

def terminate_session
  return true unless @session_id

  conn = http_connection

  begin
    @logger.debug("Terminating session: #{@session_id}")
    response = conn.delete(@endpoint) do |req|
      # Apply base headers but prioritize session termination headers
      @headers.each { |k, v| req.headers[k] = v }
      req.headers['Mcp-Session-Id'] = @session_id
    end

    if response.success?
      @logger.debug("Session terminated successfully: #{@session_id}")
      @session_id = nil
      true
    else
      @logger.warn("Session termination failed with HTTP #{response.status}")
      @session_id = nil # Clear session ID even on HTTP error
      false
    end
  rescue Faraday::Error => e
    @logger.warn("Session termination request failed: #{e.message}")
    # Clear session ID even if termination request failed
    @session_id = nil
    false
  end
end

#valid_server_url?(url) ⇒ Boolean

Validate the server’s base URL for security

Parameters:

• url (String) —

  the URL to validate

Returns:

• (Boolean) —

  true if URL is considered safe

# File 'lib/mcp_client/http_transport_base.rb', line 95

def valid_server_url?(url)
  return false unless url.is_a?(String)

  uri = URI.parse(url)

  # Only allow HTTP and HTTPS protocols
  return false unless %w[http https].include?(uri.scheme)

  # Must have a host
  return false if uri.host.nil? || uri.host.empty?

  # Don't allow localhost binding to all interfaces in production
  if uri.host == '0.0.0.0'
    @logger.warn('Server URL uses 0.0.0.0 which may be insecure. Consider using 127.0.0.1 for localhost.')
  end

  true
rescue URI::InvalidURIError
  false
end

#valid_session_id?(session_id) ⇒ Boolean

Validate session ID format for security

Parameters:

• session_id (String) —

  the session ID to validate

Returns:

• (Boolean) —

  true if session ID is valid

# File 'lib/mcp_client/http_transport_base.rb', line 83

def valid_session_id?(session_id)
  return false unless session_id.is_a?(String)
  return false if session_id.empty?

  # Session ID should be alphanumeric with optional hyphens and underscores
  # Length should be reasonable (8-128 characters)
  session_id.match?(/\A[a-zA-Z0-9\-_]{8,128}\z/)
end