Fix MCPStreamableHTTPTool auth headers not being passed correctly#146
Merged
Fix MCPStreamableHTTPTool auth headers not being passed correctly#146
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Fixes MCPStreamableHTTPTool authentication headers not being applied by switching from passing headers= directly to providing a preconfigured httpx.AsyncClient with default headers set.
Changes:
- Add
httpxdependency usage in the Agent Framework MCP tool registration service. - Instantiate an
httpx.AsyncClientwith auth/User-Agent headers and pass it toMCPStreamableHTTPTool. - Remove direct
headers=argument usage when constructingMCPStreamableHTTPTool.
...soft_agents_a365/tooling/extensions/agentframework/services/mcp_tool_registration_service.py
Show resolved
Hide resolved
...soft_agents_a365/tooling/extensions/agentframework/services/mcp_tool_registration_service.py
Show resolved
Hide resolved
...soft_agents_a365/tooling/extensions/agentframework/services/mcp_tool_registration_service.py
Outdated
Show resolved
Hide resolved
rahuldevikar761
previously approved these changes
Jan 28, 2026
mrunalhirve128
previously approved these changes
Jan 28, 2026
tmlsousa
previously approved these changes
Jan 28, 2026
Josina20
dismissed stale reviews from rahuldevikar761, mrunalhirve128, and tmlsousa
via
e71b28c
...soft_agents_a365/tooling/extensions/agentframework/services/mcp_tool_registration_service.py
Show resolved
Hide resolved
...soft_agents_a365/tooling/extensions/agentframework/services/mcp_tool_registration_service.py
Show resolved
Hide resolved
...soft_agents_a365/tooling/extensions/agentframework/services/mcp_tool_registration_service.py
Show resolved
Hide resolved
Tests verify that: - Authorization header is set on httpx.AsyncClient - User-Agent header is set on httpx.AsyncClient - MCP_HTTP_CLIENT_TIMEOUT_SECONDS constant (90s) is used - MCPStreamableHTTPTool receives http_client param (not headers) - httpx clients are tracked in _http_clients for cleanup - cleanup() properly closes all httpx clients These tests prevent regression to the bug where passing headers directly to MCPStreamableHTTPTool was silently ignored.
New TestHttpxClientLifecycle class with 4 tests: - test_full_client_lifecycle_single_server: verifies client created by add_tool_servers_to_agent() is properly closed by cleanup() - test_full_client_lifecycle_multiple_servers: verifies all clients are tracked and cleaned up when multiple MCP servers are configured - test_cleanup_idempotent_no_clients: verifies cleanup() is safe when no clients exist - test_cleanup_called_twice_after_creating_clients: verifies calling cleanup() multiple times doesn't cause issues These tests ensure connection/file-descriptor leaks are prevented by verifying the full client lifecycle from creation to cleanup.
httpx is now used directly in mcp_tool_registration_service.py to create AsyncClient instances with pre-configured headers. Without this explicit dependency, consumers could hit ModuleNotFoundError if httpx isn't available through transitive dependencies.
rahuldevikar761
previously approved these changes
Jan 28, 2026
- Remove unused httpx import - Remove unused mock_mcp_tool variable assignments - Sort imports properly - Remove trailing whitespace from blank lines
tests/tooling/extensions/agentframework/services/test_mcp_tool_registration_service.py
Show resolved
Hide resolved
...soft_agents_a365/tooling/extensions/agentframework/services/mcp_tool_registration_service.py
Show resolved
Hide resolved
...soft_agents_a365/tooling/extensions/agentframework/services/mcp_tool_registration_service.py
Show resolved
Hide resolved
tests/tooling/extensions/agentframework/services/test_mcp_tool_registration_service.py
Show resolved
Hide resolved
rahuldevikar761
approved these changes
Jan 28, 2026
mrunalhirve128
approved these changes
Jan 28, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix Description
Title: Fix MCPStreamableHTTPTool auth headers not being passed correctly
Problem:
The MCPStreamableHTTPTool from Agent Framework was being instantiated with a headers parameter directly:
However, the headers parameter on MCPStreamableHTTPTool does not actually pass headers to HTTP requests. This caused MCP tool servers to receive requests without the Authorization header, resulting in 400 Bad Request errors when the agent tried to invoke MCP tools.
Solution:
Use the http_client parameter with a pre-configured httpx.AsyncClient that has headers set:
Additional improvements:
Added MCP_HTTP_CLIENT_TIMEOUT_SECONDS constant (60 seconds) instead of magic number
Added _http_clients list to track created clients
Added cleanup logic in cleanup() method to properly close HTTP clients and prevent resource leaks
Root cause: The MCPStreamableHTTPTool API is misleading - it accepts a headers parameter but doesn't use it for actual requests. The correct pattern is to pass a fully-configured httpx.AsyncClient via the http_client parameter.