Skip to content

refactor(cloudflare): migrate from Durable Objects to stateless MCP handler #584

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dcramer merged 21 commits into from
Oct 27, 2025
Merged

refactor(cloudflare): migrate from Durable Objects to stateless MCP handler #584

dcramer merged 21 commits into from
Oct 27, 2025

Conversation

@dcramer
Copy link
Member

@dcramer dcramer commented Oct 24, 2025

Replace McpAgent-based Durable Object pattern with experimental_createMcpHandler for a simpler, stateless architecture:

  • Use AsyncLocalStorage for per-request constraint scoping instead of DO state
  • Get auth context from getMcpAuthContext() set by OAuth provider
  • Support dynamic context resolution via getContext() callback
  • Remove Durable Object bindings and migrations from wrangler configs
  • Update server.ts to support both static (stdio) and dynamic (HTTP) contexts

This eliminates the complexity of Durable Object lifecycle management while maintaining the same functionality for org/project constraint scoping.

@dcramer
Copy link
Member Author

dcramer commented Oct 24, 2025

havent reviewed/verified yet

cursor[bot]

This comment was marked as outdated.

Sign in to view

@dcramer dcramer force-pushed the new-mcp-handler branch 3 times, most recently from 1baab36 to a7d317f Compare October 24, 2025 23:17
dcramer and others added 4 commits October 27, 2025 11:24
@dcramer @claude
refactor(cloudflare): migrate from Durable Objects to stateless MCP h…
c8ed2b8 
…andler

Replace McpAgent-based Durable Object pattern with experimental_createMcpHandler
for a simpler, stateless architecture:

- Use AsyncLocalStorage for per-request constraint scoping instead of DO state
- Get auth context from getMcpAuthContext() set by OAuth provider
- Support dynamic context resolution via getContext() callback
- Remove Durable Object bindings and migrations from wrangler configs
- Update server.ts to support both static (stdio) and dynamic (HTTP) contexts

This eliminates the complexity of Durable Object lifecycle management while
maintaining the same functionality for org/project constraint scoping.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@dcramer
More attempts
f1279a7
@dcramer
remove sse
375b6b5
@dcramer
cleanup
76f754e
cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

sentry[bot]
sentry bot reviewed Oct 27, 2025
View reviewed changes
packages/mcp-cloudflare/src/server/routes/chat.ts
@@ -353,6 +363,20 @@ Remember: You're a test assistant, not a general-purpose helper. Stay focused on

Copy link

@sentry sentry bot Oct 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Successful chat responses do not close mcpClient, leading to unclosed StreamableHTTPClientTransport connections.
Severity: CRITICAL | Confidence: 1.00

🔍 Detailed Analysis

The mcpClient is not closed on a successful response path because the cleanup code is only present in an outer catch block. When return response; is executed at line 363, the function exits, bypassing the cleanup logic. This leaves StreamableHTTPClientTransport connections open, leading to connection handle and memory leaks over time.

💡 Suggested Fix

Implement a finally block to ensure mcpClient.close() is called after processing, regardless of success or failure, similar to the pattern used in metadata.ts.

🤖 Prompt for AI Agent 
Fix this bug. In packages/mcp-cloudflare/src/server/routes/chat.ts at line 363: The
`mcpClient` is not closed on a successful response path because the cleanup code is only
present in an outer `catch` block. When `return response;` is executed at line 363, the
function exits, bypassing the cleanup logic. This leaves `StreamableHTTPClientTransport`
connections open, leading to connection handle and memory leaks over time.

Did we get this right? 👍 / 👎 to inform future reviews.

packages/mcp-cloudflare/src/server/routes/chat.ts
},
);

mcpClient = await experimental_createMCPClient({
Copy link

@sentry sentry bot Oct 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: During token refresh, the initial mcpClient is replaced without closing, causing a resource leak.
Severity: CRITICAL | Confidence: 1.00

🔍 Detailed Analysis

When an authentication error occurs and a token refresh is attempted, a new mcpClient is created and assigned to the mcpClient variable at line 264. The original mcpClient instance, along with its underlying httpTransport, is not closed before being overwritten, causing its reference to be lost and leading to a resource leak.

💡 Suggested Fix

Ensure the initial mcpClient is closed before reassigning mcpClient to a new instance during the token refresh process.

🤖 Prompt for AI Agent 
Fix this bug. In packages/mcp-cloudflare/src/server/routes/chat.ts at line 264: When an
authentication error occurs and a token refresh is attempted, a new `mcpClient` is
created and assigned to the `mcpClient` variable at line 264. The original `mcpClient`
instance, along with its underlying `httpTransport`, is not closed before being
overwritten, causing its reference to be lost and leading to a resource leak.

Did we get this right? 👍 / 👎 to inform future reviews.

@dcramer
Copy link
Member Author

dcramer commented Oct 27, 2025

Im going to ignore those mcpClient issues for now

@dcramer dcramer merged commit 5a56b19 into main Oct 27, 2025
13 checks passed
@dcramer dcramer deleted the new-mcp-handler branch October 27, 2025 23:35
@betegon betegon mentioned this pull request Nov 12, 2025
Merged
BYK pushed a commit that referenced this pull request Nov 12, 2025
@betegon
Fix(cloudflare): send logs again (#634)
393a4a9 
we upgraded sentry's sdk from `v9` to `v10` on #584 . On `v10`
`enableLogs` is no longer a `_experimental` option (and was removed from
there).

This should bring logs back. 

Tested locally.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sentry sentry[bot] sentry[bot] left review comments

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dcramer