Skip to content

MCP client refactor - storage adapter #652

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 18 commits into
base: main
Choose a base branch
from
Open

MCP client refactor - storage adapter #652

wants to merge 18 commits into from

Conversation

@mattzcarey
Copy link
Contributor

@mattzcarey mattzcarey commented Nov 14, 2025
edited
Loading

part one in a long saga. This moves all the mcp storage control to the client manager with an interface to try and make it less platform specific.

also cleans up the _connectMcpServersInternal and mcp.connect into..

  • mcp.registerServer()
  • mcp.connectToServer()

tested with: https://search-mcp.parallel.ai/mcp on https://workers-ai-playground.mattzcarey.workers.dev/

@changeset-bot
Copy link

changeset-bot bot commented Nov 14, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: fcc2948

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@claude
Copy link

claude bot commented Nov 14, 2025
edited
Loading

Claude Code Review

Issues Found:

  1. Debug console.log left in production code - client-manager.ts:413

    console.log(servers);

    Should be removed or replaced with proper logging.

  2. Type safety issue in ensureJsonSchema checks - index.ts:479, 520

    if (typeof this.mcp.ensureJsonSchema === "function") {
  await this.mcp.ensureJsonSchema();
}

    This typeof check shouldn't be necessary since ensureJsonSchema is always present on MCPClientManager. Remove the conditional or explain why it's needed.

  3. Race condition potential in restoreConnectionsFromStorage - client-manager.ts:149-220
    When checking existing connections, only ready state triggers a skip with warning. But failed state falls through and creates a new connection. This could mask persistent failures - consider logging or handling failed states explicitly.

  4. Missing connection cleanup in registerServer - client-manager.ts:233
    registerServer returns early if connection exists but doesn't verify the connection is in a good state. A stale/failed connection won't be recreated.

  5. Storage adapter null checks are defensive but inconsistent - client-manager.ts:701, 720, 731
    Methods like saveServer, removeServer, listServers check if _storage exists, but storage is required (non-optional) in constructor. These checks suggest uncertainty about the design - either make storage optional everywhere or remove the defensive checks.

Testing:

  • Good test coverage for OAuth flow and callback URL management
  • Missing tests for race conditions during reconnection
  • Missing tests for failed connection state handling in restoreConnectionsFromStorage

Architecture:
The storage adapter abstraction is solid and makes the code more testable. The separation of registerServer/connectToServer is cleaner than the previous monolithic approach.

@pkg-pr-new
Copy link

pkg-pr-new bot commented Nov 14, 2025
edited
Loading

Open in StackBlitz

npm i https://pkg.pr.new/cloudflare/agents@652

commit: fcc2948

threepointone pushed a commit to cloudflare/cloudflare-docs that referenced this pull request Nov 14, 2025
@github-actions
docs: Add MCP storage adapter documentation for PR #652
54eeb1c 
This PR introduces a storage adapter architecture for the MCP client manager,
allowing custom storage backends for MCP server configurations.

Changes:
- Created advanced-client-api.mdx documenting the MCPStorageAdapter interface
- Added security section to oauth-mcp-client.mdx about callback URL clearing
- Updated mcp-client-api.mdx to link to advanced configuration guide

These docs explain the new storage adapter pattern, OAuth security improvements,
and provide examples for implementing custom storage backends.

Related: cloudflare/agents#652
threepointone pushed a commit to cloudflare/cloudflare-docs that referenced this pull request Nov 14, 2025
@github-actions @claude
docs: MCP client storage adapter refactor and security improvements
cf485d0 
Documents the MCP client manager refactoring that introduces a storage
adapter interface and implements automatic OAuth credential cleanup for
enhanced security.

Changes:
- Add new mcp-storage.mdx explaining storage adapter architecture
- Document automatic OAuth credential cleanup after authentication
- Add security notes about replay attack prevention
- Document automatic connection restoration after hibernation
- Update OAuth guide with security information

Related PR: cloudflare/agents#652

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
@threepointone threepointone mentioned this pull request Nov 14, 2025
Open
@threepointone
Copy link
Contributor

threepointone commented Nov 14, 2025

📚 Documentation Sync

I've created a documentation PR to sync these changes to cloudflare-docs:

Docs PR: cloudflare/cloudflare-docs#26535

Documentation Changes

This PR introduces a storage adapter architecture for the MCP client manager. The documentation includes:

  1. New Advanced Configuration Guide (advanced-client-api.mdx)

    • Explains the MCPStorageAdapter interface
    • Provides examples for implementing custom storage backends (KV, R2, external databases)
    • Documents the connection restoration process after hibernation
    • Details performance considerations and caching strategies

  2. OAuth Security Section (updated oauth-mcp-client.mdx)

    • Documents the security improvement where callback URLs are cleared after successful OAuth
    • Explains state parameter validation
    • Notes on secure token storage

  3. API Reference Updates (updated mcp-client-api.mdx)

    • Added link to advanced configuration guide
    • Noted the modular storage adapter architecture

Why These Docs Matter

This refactoring introduces a breaking change in how MCPClientManager is initialized (now requires a storage adapter in options). While the Agent class handles this transparently for most users, advanced users who might want custom storage backends (e.g., storing MCP configs in KV instead of SQL) now have a documented path forward.

The OAuth security improvements are also worth documenting for user awareness.

This is an automated sync from the intelligent documentation workflow.

@threepointone
Copy link
Contributor

threepointone commented Nov 14, 2025

📚 Documentation sync

Documentation has been updated in cloudflare-docs to reflect these changes:

Docs PR: cloudflare/cloudflare-docs#26535

Changes documented

  • New page: mcp-storage.mdx - Explains the storage adapter architecture and security considerations
  • Updated: mcp-client-api.mdx - Added security notes about OAuth credential cleanup
  • Updated: oauth-mcp-client.mdx - Added security information about automatic credential cleanup

The documentation covers:

  • Storage adapter interface for flexible MCP server configuration persistence
  • Automatic OAuth credential cleanup after successful authentication (security improvement)
  • Connection restoration behavior after Agent hibernation

🤖 Auto-generated comment

threepointone pushed a commit to cloudflare/cloudflare-docs that referenced this pull request Nov 14, 2025
@claude
Document MCP storage adapter pattern
4ed06ae 
- Add new storage-adapter.mdx page documenting the MCPStorageAdapter interface
- Update mcp-client-api.mdx to reference storage adapter pattern
- Document breaking change: MCPClientManager now requires storage option
- Include migration guide for direct MCPClientManager usage
- Document security improvements in OAuth credential handling

Related to cloudflare/agents#652
@threepointone
Copy link
Contributor

threepointone commented Nov 14, 2025

Documentation Updated

The documentation for this PR has been updated in cloudflare-docs#26535.

Documentation changes:

  • Added new Storage Adapter page documenting the MCPStorageAdapter interface
  • Updated MCP Client API reference to reference storage adapter pattern
  • Documented breaking change: MCPClientManager now requires storage option
  • Included migration guide for direct MCPClientManager usage
  • Documented security improvements in OAuth credential handling

Please review the documentation PR when you have a chance.

@mattzcarey mattzcarey marked this pull request as draft November 14, 2025 18:48
@threepointone
Copy link
Contributor

threepointone commented Nov 14, 2025

📚 Documentation sync completed

The documentation for this PR has been updated in the cloudflare-docs repository.

Documentation PR: cloudflare/cloudflare-docs#26535

Updated documentation:

Key changes documented:

  • Storage adapter pattern for decoupling MCP connection management from storage
  • Automatic connection restoration after Agent hibernation
  • OAuth security improvements (callback URL clearing to prevent replay attacks)
  • Custom storage backend implementation guide
  • Connection state management and efficient callback routing

The documentation is ready for review alongside this PR.

@mattzcarey mattzcarey marked this pull request as ready for review November 14, 2025 23:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mattzcarey @threepointone