Fix: avoid uncessary retries in OAuth authenticated requests #1206
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Sure, will do this week if I find some time |
felixweinberger
added a commit
that referenced
this pull request
Aug 21, 2025
This test validates the fix for PR #1206 which resolved a critical performance issue where every request was being sent twice due to incorrect indentation of retry logic. The test: - Simulates a successful authenticated request (200 response) - Counts how many times the request is yielded - FAILS with buggy version: 2 yields (double sending) - PASSES with fix: 1 yield (correct behavior) This directly tests the root cause that made OAuth requests 2x slower and ensures this regression cannot occur again.
felixweinberger
force-pushed
the
main
branch
2 times, most recently
from
5cdcb94 to
ec7d9d6
Compare
This test validates the fix for PR modelcontextprotocol#1206 which resolved a critical performance issue where every request was being sent twice due to incorrect indentation of retry logic. The test: - Simulates a successful authenticated request (200 response) - Counts how many times the request is yielded - FAILS with buggy version: 2 yields (double sending) - PASSES with fix: 1 yield (correct behavior) This directly tests the root cause that made OAuth requests 2x slower and ensures this regression cannot occur again.
Add missing type hints to test_auth_flow_no_unnecessary_retry_after_oauth to satisfy pyright type checking requirements.
The retry logic fix in PR-1206 moved the final request yield inside the OAuth flow block, which now correctly retries requests after OAuth completion. However, the existing tests didn't expect this final yield and would exit the generator early, causing a GeneratorExit exception while the async lock was still held. This resulted in RuntimeError: The current task is not holding this lock. Fix by properly closing the generators in both failing tests: - test_oauth_discovery_fallback_conditions - test_auth_flow_with_no_tokens Both tests now send a final success response to properly complete the auth flow generator and prevent the lock release error.
| await auth_flow.asend(final_response) | ||
| except StopAsyncIteration: | ||
| pass # Expected - generator should complete | ||
|
|
There was a problem hiding this comment.
These tests were inadvertently tuned to the buggy behavior where requests were being unconditionally retried after every response. The indentation fix ensures retries only happen after OAuth completion (401 responses), not after successful responses. This exposed that the tests weren't properly closing the auth flow generator after the legitimate OAuth retry, causing lock release errors.
ochafik
approved these changes
Aug 22, 2025
|
This fix also resolves a timeout issue when using stored access tokens in SSE auth flow (happened as soon as I replaced InMemoryTokenStorage with a keychain-based token storage). |
rbehal
pushed a commit
to gumloop/gumloop-mcp
that referenced
this pull request
Sep 25, 2025
* Add regression test for stateless request memory cleanup (modelcontextprotocol#1140) * Implement RFC9728 - Support WWW-Authenticate header by MCP client (modelcontextprotocol#1071) * Add streamable HTTP starlette example to Python SDK docs (modelcontextprotocol#1111) * fix markdown error in README in main (modelcontextprotocol#1147) * README - replace code snippets with examples - add lowlevel to snippets (modelcontextprotocol#1150) * README - replace code snippets with examples - streamable http (modelcontextprotocol#1155) * chore: don't allow users to create issues outside the templates (modelcontextprotocol#1163) * Tests(cli): Add coverage for helper functions (modelcontextprotocol#635) * Docs: Update CallToolResult parsing in README (modelcontextprotocol#812) Co-authored-by: Felix Weinberger <fweinberger@anthropic.com> * docs: add pre-commit install guide on CONTRIBUTING.md (modelcontextprotocol#995) Co-authored-by: Felix Weinberger <fweinberger@anthropic.com> * fix flaky fix-test_streamablehttp_client_resumption test (modelcontextprotocol#1166) * README - replace code snippets with examples -- auth examples (modelcontextprotocol#1164) * Support falling back to OIDC metadata for auth (modelcontextprotocol#1061) * Add CODEOWNERS file for sdk (modelcontextprotocol#1169) * fix flaky test test_88_random_error (modelcontextprotocol#1171) * Make sure `RequestId` is not coerced as `int` (modelcontextprotocol#1178) * Fix: Replace threading.Lock with anyio.Lock for Ray deployment compatibility (modelcontextprotocol#1151) * fix: fix OAuth flow request object handling (modelcontextprotocol#1174) * update codeowners group (modelcontextprotocol#1191) * fix: perform auth server metadata discovery fallbacks on any 4xx (modelcontextprotocol#1193) * server: skip duplicate response on CancelledError (modelcontextprotocol#1153) Co-authored-by: ihrpr <inna@anthropic.com> * Unpack settings in FastMCP (modelcontextprotocol#1198) * chore: Remove unused prompt_manager.py file (modelcontextprotocol#1229) Co-authored-by: Tapan Chugh <tapanc@cs.washington.edu> * Improved supported for ProtectedResourceMetadata (modelcontextprotocol#1235) Co-authored-by: Paul Carleton <paulcarletonjr@gmail.com> * chore: Remove unused variable notification_options (modelcontextprotocol#1238) * Improve README around the Context object (modelcontextprotocol#1203) * fix: allow to pass `list[str]` to `token_endpoint_auth_signing_alg_values_supported` (modelcontextprotocol#1226) * Remove strict validation on `response_modes_supported` member of `OAuthMetadata` (modelcontextprotocol#1243) * Add pyright strict mode on the whole project (modelcontextprotocol#1254) * Consistent casing for default headers Accept and Content-Type (modelcontextprotocol#1263) * Update dependencies and fix type issues (modelcontextprotocol#1268) Co-authored-by: Marcelo Trylesinski <marcelotryle@gmail.com> * fix: prevent async generator cleanup errors in StreamableHTTP transport (modelcontextprotocol#1271) Co-authored-by: David Soria Parra <167242713+dsp-ant@users.noreply.github.com> * chore: uncomment .idea/ in .gitignore (modelcontextprotocol#1287) Co-authored-by: Claude <noreply@anthropic.com> * docs: clarify streamable_http_path configuration when mounting servers (modelcontextprotocol#1172) * feat: Add CORS configuration for browser-based MCP clients (modelcontextprotocol#1059) Co-authored-by: Marcelo Trylesinski <marcelotryle@gmail.com> Co-authored-by: Felix Weinberger <fweinberger@anthropic.com> * Added Audio to FastMCP (modelcontextprotocol#1130) * fix: avoid uncessary retries in OAuth authenticated requests (modelcontextprotocol#1206) Co-authored-by: Felix Weinberger <fweinberger@anthropic.com> * Add PATHEXT to default STDIO env vars in windows (modelcontextprotocol#1256) * fix: error too many values to unpack (expected 2) (modelcontextprotocol#1279) Signed-off-by: San Nguyen <vinhsannguyen91@gmail.com> Co-authored-by: Felix Weinberger <fweinberger@anthropic.com> Co-authored-by: Felix Weinberger <3823880+felixweinberger@users.noreply.github.com> * SDK Parity: Avoid Parsing Server Response for non-JsonRPCMessage Requests (modelcontextprotocol#1290) * types: Setting default value for method: Literal (modelcontextprotocol#1292) * changes structured temperature to not deadly (modelcontextprotocol#1328) * Update simple-resource example to use non-deprecated read_resource return type (modelcontextprotocol#1331) Co-authored-by: Claude <noreply@anthropic.com> * docs: Update README to include link to API docs for modelcontextprotocol#1329 (modelcontextprotocol#1330) * Allow ping requests before initialization (modelcontextprotocol#1312) * Python lint: Ruff rules for pylint and code complexity (modelcontextprotocol#525) * Fix context injection for resources and prompts (modelcontextprotocol#1336) * fix(fastmcp): propagate mimeType in resource template list (modelcontextprotocol#1186) Co-authored-by: Felix Weinberger <3823880+felixweinberger@users.noreply.github.com> * fix: allow elicitations accepted without content (modelcontextprotocol#1285) Co-authored-by: Olivier Schiavo <olivier.schiavo@wengo.com> * Use --frozen in pre-commit config (modelcontextprotocol#1375) * Return HTTP 403 for invalid Origin headers (modelcontextprotocol#1353) * Add test for ProtectedResourceMetadataParsing (modelcontextprotocol#1236) Co-authored-by: Paul Carleton <paulcarletonjr@gmail.com> Co-authored-by: Marcelo Trylesinski <marcelotryle@gmail.com> Co-authored-by: Felix Weinberger <3823880+felixweinberger@users.noreply.github.com> * Fastmcp logging progress example (modelcontextprotocol#1270) Co-authored-by: Felix Weinberger <3823880+felixweinberger@users.noreply.github.com> * feat: add paginated list decorators for prompts, resources, and tools (modelcontextprotocol#1286) Co-authored-by: Claude <noreply@anthropic.com> * Remove "unconditionally" from conditional description (modelcontextprotocol#1289) * Use streamable-http consistently in examples (modelcontextprotocol#1389) * feat: Add SDK support for SEP-1034 default values in elicitation schemas (modelcontextprotocol#1337) Co-authored-by: Tapan Chugh <tapanc@cs.washington.edu> Co-authored-by: Felix Weinberger <3823880+felixweinberger@users.noreply.github.com> * Implementation of SEP 973 - Additional metadata + icons support (modelcontextprotocol#1357) * Merge upstream/main with custom filtering --------- Signed-off-by: San Nguyen <vinhsannguyen91@gmail.com> Co-authored-by: Felix Weinberger <3823880+felixweinberger@users.noreply.github.com> Co-authored-by: yurikunash <143175350+yurikunash@users.noreply.github.com> Co-authored-by: Pamela Fox <pamela.fox@gmail.com> Co-authored-by: Inna Harper <inna.hrpr@gmail.com> Co-authored-by: Marcelo Trylesinski <marcelotryle@gmail.com> Co-authored-by: Ian Davenport <49379192+davenpi@users.noreply.github.com> Co-authored-by: Dagang Wei <functicons@gmail.com> Co-authored-by: Felix Weinberger <fweinberger@anthropic.com> Co-authored-by: Stanley Law <stanleylkal@gmail.com> Co-authored-by: Luca Chang <131398524+LucaButBoring@users.noreply.github.com> Co-authored-by: leweng <leweng@nvidia.com> Co-authored-by: Clare Liguori <liguori@amazon.com> Co-authored-by: lukacf <luka@peltarion.com> Co-authored-by: ihrpr <inna@anthropic.com> Co-authored-by: Tapan Chugh <chugh.tapan@gmail.com> Co-authored-by: Tapan Chugh <tapanc@cs.washington.edu> Co-authored-by: Yann Jouanin <4557670+yannj-fr@users.noreply.github.com> Co-authored-by: Paul Carleton <paulcarletonjr@gmail.com> Co-authored-by: Sreenath Somarajapuram <somarajapuram@gmail.com> Co-authored-by: Omer Korner <omerkorner@gmail.com> Co-authored-by: joesavage-silabs <159480754+joesavage-silabs@users.noreply.github.com> Co-authored-by: Gregory L <gregory.linford@mistral.ai> Co-authored-by: David Soria Parra <167242713+dsp-ant@users.noreply.github.com> Co-authored-by: Moustapha Ebnou <155577789+mous222@users.noreply.github.com> Co-authored-by: Max Isbey <224885523+maxisbey@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Jerome <jerome@anthropic.com> Co-authored-by: xavier <84836280+dragonier23@users.noreply.github.com> Co-authored-by: keurcien <keurcien.luu@gmail.com> Co-authored-by: Tim Esler <tim.esler@gmail.com> Co-authored-by: San Nguyen <22189661+sandangel@users.noreply.github.com> Co-authored-by: Justin Wang <89049861+justin-yi-wang@users.noreply.github.com> Co-authored-by: jess <jessachandler@gmail.com> Co-authored-by: Peter Alexander <pja@anthropic.com> Co-authored-by: Reid Geyer <12072650+reidg44@users.noreply.github.com> Co-authored-by: Eleftheria Stein-Kousathana <eleftheria.kousathana@gmail.com> Co-authored-by: Christian Clauss <cclauss@me.com> Co-authored-by: pchoudhury22 <pchoudhury22@apple.com> Co-authored-by: owengo <owengo@users.noreply.github.com> Co-authored-by: Olivier Schiavo <olivier.schiavo@wengo.com> Co-authored-by: Steve Billings <billings.steve@gmail.com> Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation and Context
Tried to connect an MCP client to Notion's MCP client (more info here: #1204)
How Has This Been Tested?
Using a local script wrapping this code snippet:
Now
list_tools(),list_resources()andcall_tool()run instantly.Breaking Changes
No
Types of changes
Checklist
Additional context