actionmcp 0.51.0 → 0.52.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 88b1f1dba04f05f96a9cf1c4ab928412400cb0a796d6635277924e57aa91a3c6
-  data.tar.gz: 163a43c7d4e3e247ba6f1084250e9452e9f36ee0e2ba2ee4a1d6fe67ca95f147
+  metadata.gz: ba6892aa3c28876f79be1ab3b365b2ed70b449e6f55781de9ea565e3f26d4f8e
+  data.tar.gz: ba861b9e0ec4dcdfcf743a70e8fed177a98a169c86c56f9f5d7b50c4bf7bf7b6
 SHA512:
-  metadata.gz: fae52dbb988f73cdcc4fa4678b12d352cdb151f1111c753a1210c37169b0b2d04dc53dbeafc092cd9dea6e6e5e2397672a7a1252982425f726f546427c52c327
-  data.tar.gz: 613a305bd349a425d6f7169566b160eeda391870a20b8f997d01b587e558ef50ca005947a5482d24db5c4846a53e136f00301ad9f648f0b0c5d92c7a58b998f6
+  metadata.gz: de7d1b0f9db37da9cc7be60ec42aac243ffb521cf878ba4c537269c0afeabdf22c5a2431b6eb5a1a00e79d574bdddbd444d63a1230543fb364b31d8d98ef36da
+  data.tar.gz: eafee3ce33017cfde2175f655caf5cc0e292b37a70427d36acf474e21503abea3ea71b124430c69cb8c29168f8993cac385f5f227c05863482a65e9b8f323e6e

data/README.md

@@ -330,6 +330,115 @@ production:
   max_queue: 500      # Maximum number of tasks that can be queued
 ```
 
+## Session Storage
+
+ActionMCP provides a pluggable session storage system that allows you to choose how sessions are persisted based on your environment and requirements.
+
+### Session Store Types
+
+ActionMCP includes three session store implementations:
+
+1. **`:volatile`** - In-memory storage using Concurrent::Hash
+   - Default for development and test environments
+   - Sessions are lost on server restart
+   - Fast and lightweight for local development
+   - No external dependencies
+
+2. **`:active_record`** - Database-backed storage
+   - Default for production environment
+   - Sessions persist across server restarts
+   - Supports session resumability
+   - Requires database migrations
+
+3. **`:test`** - Special store for testing
+   - Tracks notifications and method calls
+   - Provides assertion helpers
+   - Automatically used in test environment when using TestHelper
+
+### Configuration
+
+You can configure the session store type in your Rails configuration:
+
+```ruby
+# config/application.rb or environment files
+Rails.application.configure do
+  config.action_mcp.session_store_type = :active_record  # or :volatile
+end
+```
+
+The defaults are:
+- Production: `:active_record`
+- Development: `:volatile`
+- Test: `:volatile` (or `:test` when using TestHelper)
+
+### Using Different Session Stores
+
+```ruby
+# The session store is automatically selected based on configuration
+# You can access it directly if needed:
+session_store = ActionMCP::Server.session_store
+
+# Create a session
+session = session_store.create_session(session_id, {
+  status: "initialized",
+  protocol_version: "2025-03-26",
+  # ... other session attributes
+})
+
+# Load a session
+session = session_store.load_session(session_id)
+
+# Update a session
+session_store.update_session(session_id, { status: "active" })
+
+# Delete a session
+session_store.delete_session(session_id)
+```
+
+### Session Resumability
+
+With the `:active_record` store, clients can resume sessions after disconnection:
+
+```ruby
+# Client includes session ID in request headers
+# Server automatically resumes the existing session
+headers["Mcp-Session-Id"] = "existing-session-id"
+
+# If the session exists, it will be resumed
+# If not, a new session will be created
+```
+
+### Custom Session Stores
+
+You can create custom session stores by inheriting from `ActionMCP::Server::SessionStore::Base`:
+
+```ruby
+class MyCustomSessionStore < ActionMCP::Server::SessionStore::Base
+  def create_session(session_id, payload = {})
+    # Implementation
+  end
+
+  def load_session(session_id)
+    # Implementation
+  end
+
+  def update_session(session_id, updates)
+    # Implementation
+  end
+
+  def delete_session(session_id)
+    # Implementation
+  end
+
+  def exists?(session_id)
+    # Implementation
+  end
+end
+
+# Register your custom store
+ActionMCP::Server.session_store = MyCustomSessionStore.new
+```
+
 ## Thread Pool Management
 
 ActionMCP uses thread pools to efficiently handle message callbacks. This prevents the system from being overwhelmed by too many threads under high load.
@@ -380,6 +489,89 @@ This will create `config/mcp.yml` with example configurations for all environmen
 
 > **Note:** Authentication and authorization are not included. You are responsible for securing the endpoint.
 
+## Authentication with Gateway
+
+ActionMCP provides a Gateway system similar to ActionCable's Connection for handling authentication. The Gateway allows you to authenticate users and make them available throughout your MCP components.
+
+### Creating an ApplicationGateway
+
+When you run the install generator, it creates an `ApplicationGateway` class:
+
+```ruby
+# app/mcp/application_gateway.rb
+class ApplicationGateway < ActionMCP::Gateway
+  # Specify what attributes identify a connection
+  identified_by :user
+
+  protected
+
+  def authenticate!
+    token = extract_bearer_token
+    raise ActionMCP::UnauthorizedError, "Missing token" unless token
+
+    payload = ActionMCP::JwtDecoder.decode(token)
+    user = resolve_user(payload)
+    
+    raise ActionMCP::UnauthorizedError, "Unauthorized" unless user
+
+    # Return a hash with all identified_by attributes
+    { user: user }
+  end
+
+  private
+
+  def resolve_user(payload)
+    user_id = payload["user_id"] || payload["sub"]
+    User.find_by(id: user_id) if user_id
+  end
+end
+```
+
+### Using Multiple Identifiers
+
+You can identify connections by multiple attributes:
+
+```ruby
+class ApplicationGateway < ActionMCP::Gateway
+  identified_by :user, :organization
+  
+  protected
+  
+  def authenticate!
+    # ... authentication logic ...
+    
+    { 
+      user: user,
+      organization: user.organization
+    }
+  end
+end
+```
+
+### Accessing Current User in Components
+
+Once authenticated, the current user (and other identifiers) are available in your tools, prompts, and resource templates:
+
+```ruby
+class MyTool < ApplicationMCPTool
+  def perform
+    # Access the authenticated user
+    if current_user
+      render text: "Hello, #{current_user.name}!"
+    else
+      render text: "Hi Stranger! It's been a while "
+    end
+  end
+end
+```
+
+### Current Attributes
+
+ActionMCP uses Rails' CurrentAttributes to store the authenticated context. The `ActionMCP::Current` class provides:
+- `ActionMCP::Current.user` - The authenticated user
+- `ActionMCP::Current.gateway` - The gateway instance
+- Any other attributes you define with `identified_by`
+
 ### 1. Create `mcp.ru`
 
 ```ruby

data/app/controllers/action_mcp/application_controller.rb

@@ -158,11 +158,11 @@ module ActionMCP
         response.headers[MCP_SESSION_ID_HEADER] = session.id
       end
 
-      transport_handler = Server::TransportHandler.new(session)
+      # Use return mode for the transport handler when we need to capture responses
+      transport_handler = Server::TransportHandler.new(session, messaging_mode: :return)
       json_rpc_handler = Server::JsonRpcHandler.new(transport_handler)
 
       result = json_rpc_handler.call(jsonrpc_params)
-
       process_handler_results(result, session, session_initially_missing, is_initialize_request)
     rescue ActionController::Live::ClientDisconnected, IOError => e
       Rails.logger.debug "Unified SSE (POST): Client disconnected during response: #{e.message}"
@@ -182,7 +182,7 @@ module ActionMCP
       session_id_from_header = extract_session_id
       return render_bad_request("Mcp-Session-Id header is required for DELETE requests.") unless session_id_from_header
 
-      session = Session.find_by(id: session_id_from_header)
+      session = Server.session_store.load_session(session_id_from_header)
       if session.nil?
         return render_not_found("Session not found.")
       elsif session.status == "closed"
@@ -206,7 +206,7 @@ module ActionMCP
     def find_or_initialize_session
       session_id = extract_session_id
       if session_id
-        session = Session.find_by(id: session_id)
+        session = Server.session_store.load_session(session_id)
         if session
           if ActionMCP.configuration.vibed_ignore_version
             if session.protocol_version != self.class::REQUIRED_PROTOCOL_VERSION
@@ -218,7 +218,7 @@ module ActionMCP
         end
         session
       else
-        Session.new(protocol_version: self.class::REQUIRED_PROTOCOL_VERSION)
+        Server.session_store.create_session(nil, protocol_version: self.class::REQUIRED_PROTOCOL_VERSION)
       end
     end
 
@@ -266,7 +266,13 @@ module ActionMCP
       end
 
       # Convert to hash for rendering
-      payload = result.message_json
+      payload = if result.respond_to?(:to_h)
+                  result.to_h
+      elsif result.respond_to?(:to_json)
+                  JSON.parse(result.to_json)
+      else
+                  result
+      end
 
       # Determine response format
       server_preference = ActionMCP.configuration.post_response_preference

data/lib/action_mcp/client/active_record_session_store.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+module ActionMCP
+  module Client
+    # ActiveRecord-backed session store for production
+    class ActiveRecordSessionStore
+      include SessionStore
+
+      def load_session(session_id)
+        session = ActionMCP::Session.find_by(id: session_id)
+        return nil unless session
+
+        {
+          id: session.id,
+          protocol_version: session.protocol_version,
+          client_info: session.client_info,
+          client_capabilities: session.client_capabilities,
+          server_info: session.server_info,
+          server_capabilities: session.server_capabilities,
+          created_at: session.created_at,
+          updated_at: session.updated_at
+        }
+      end
+
+      def save_session(session_id, session_data)
+        session = ActionMCP::Session.find_or_initialize_by(id: session_id)
+
+        # Only assign attributes that exist in the database
+        attributes = {}
+        attributes[:protocol_version] = session_data[:protocol_version] if session_data.key?(:protocol_version)
+        attributes[:client_info] = session_data[:client_info] if session_data.key?(:client_info)
+        attributes[:client_capabilities] = session_data[:client_capabilities] if session_data.key?(:client_capabilities)
+        attributes[:server_info] = session_data[:server_info] if session_data.key?(:server_info)
+        attributes[:server_capabilities] = session_data[:server_capabilities] if session_data.key?(:server_capabilities)
+
+        # Store any extra data in a jsonb column if available
+        # For now, we'll skip last_event_id and session_data as they don't exist in the DB
+
+        session.assign_attributes(attributes)
+        session.save!
+        session_data
+      end
+
+      def delete_session(session_id)
+        ActionMCP::Session.find_by(id: session_id)&.destroy
+      end
+
+      def session_exists?(session_id)
+        ActionMCP::Session.exists?(id: session_id)
+      end
+
+      def cleanup_expired_sessions(older_than: 24.hours.ago)
+        ActionMCP::Session.where("updated_at < ?", older_than).delete_all
+      end
+    end
+  end
+end

data/lib/action_mcp/client/session_store.rb

@@ -31,109 +31,8 @@ module ActionMCP
 
         session_data.merge!(attributes)
         save_session(session_id, session_data)
-        session_data
-      end
-    end
-
-    # In-memory session store for development/testing
-    class MemorySessionStore
-      include SessionStore
-
-      def initialize
-        @sessions = {}
-        @mutex = Mutex.new
-      end
-
-      def load_session(session_id)
-        @mutex.synchronize { @sessions[session_id] }
-      end
-
-      def save_session(session_id, session_data)
-        @mutex.synchronize { @sessions[session_id] = session_data.dup }
-      end
-
-      def delete_session(session_id)
-        @mutex.synchronize { @sessions.delete(session_id) }
-      end
-
-      def session_exists?(session_id)
-        @mutex.synchronize { @sessions.key?(session_id) }
-      end
-
-      def clear_all
-        @mutex.synchronize { @sessions.clear }
-      end
-
-      def session_count
-        @mutex.synchronize { @sessions.size }
-      end
-    end
-
-    # ActiveRecord-backed session store for production
-    class ActiveRecordSessionStore
-      include SessionStore
-
-      def load_session(session_id)
-        session = ActionMCP::Session.find_by(id: session_id)
-        return nil unless session
-
-        {
-          id: session.id,
-          protocol_version: session.protocol_version,
-          client_info: session.client_info,
-          client_capabilities: session.client_capabilities,
-          server_info: session.server_info,
-          server_capabilities: session.server_capabilities,
-          last_event_id: session.last_event_id,
-          session_data: session.session_data || {},
-          created_at: session.created_at,
-          updated_at: session.updated_at
-        }
-      end
-
-      def save_session(session_id, session_data)
-        session = ActionMCP::Session.find_or_initialize_by(id: session_id)
-
-        session.assign_attributes(
-          protocol_version: session_data[:protocol_version],
-          client_info: session_data[:client_info],
-          client_capabilities: session_data[:client_capabilities],
-          server_info: session_data[:server_info],
-          server_capabilities: session_data[:server_capabilities],
-          last_event_id: session_data[:last_event_id],
-          session_data: session_data[:session_data] || {}
-        )
-
-        session.save!
-        session_data
-      end
-
-      def delete_session(session_id)
-        ActionMCP::Session.find_by(id: session_id)&.destroy
-      end
-
-      def session_exists?(session_id)
-        ActionMCP::Session.exists?(id: session_id)
-      end
-
-      def cleanup_expired_sessions(older_than: 24.hours.ago)
-        ActionMCP::Session.where("updated_at < ?", older_than).delete_all
-      end
-    end
-
-    # Factory for creating session stores
-    class SessionStoreFactory
-      def self.create(type = nil, **options)
-        type ||= Rails.env.production? ? :active_record : :memory
-
-        case type.to_sym
-        when :memory
-          MemorySessionStore.new
-        when :active_record
-          ActiveRecordSessionStore.new
-        else
-          raise ArgumentError, "Unknown session store type: #{type}"
-        end
+        # Return the reloaded session to get the actual saved values
+        load_session(session_id)
       end
     end
   end

data/lib/action_mcp/client/session_store_factory.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module ActionMCP
+  module Client
+    # Factory for creating session stores
+    class SessionStoreFactory
+      def self.create(type = nil, **_options)
+        type ||= default_type
+
+        case type.to_sym
+        when :volatile, :memory
+          VolatileSessionStore.new
+        when :active_record, :persistent
+          ActiveRecordSessionStore.new
+        when :test
+          TestSessionStore.new
+        else
+          raise ArgumentError, "Unknown session store type: #{type}"
+        end
+      end
+
+      def self.default_type
+        # Ensure Rails is defined or provide a fallback if this code can run
+        # outside a Rails environment.
+        # Will refactor this soon
+        if defined?(Rails) && Rails.env.test?
+          :volatile  # Use volatile for tests unless explicitly using :test
+        elsif defined?(Rails) && Rails.env.production?
+          :active_record
+        else
+          :volatile # Default for development or non-Rails environments
+        end
+      end
+    end
+  end
+end

data/lib/action_mcp/client/test_session_store.rb

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+
+module ActionMCP
+  module Client
+    # Test session store that tracks all operations for assertions
+    class TestSessionStore < VolatileSessionStore
+      attr_reader :operations, :saved_sessions, :loaded_sessions,
+                  :deleted_sessions, :updated_sessions
+
+      def initialize
+        super
+        @operations = Concurrent::Array.new
+        @saved_sessions = Concurrent::Array.new
+        @loaded_sessions = Concurrent::Array.new
+        @deleted_sessions = Concurrent::Array.new
+        @updated_sessions = Concurrent::Array.new
+      end
+
+      def load_session(session_id)
+        session = super
+        @operations << { type: :load, session_id: session_id, found: !session.nil? }
+        @loaded_sessions << session_id if session
+        session
+      end
+
+      def save_session(session_id, session_data)
+        super
+        @operations << { type: :save, session_id: session_id, data: session_data }
+        @saved_sessions << session_id
+      end
+
+      def delete_session(session_id)
+        result = super
+        @operations << { type: :delete, session_id: session_id }
+        @deleted_sessions << session_id
+        result
+      end
+
+      def update_session(session_id, attributes)
+        result = super
+        @operations << { type: :update, session_id: session_id, attributes: attributes }
+        @updated_sessions << session_id if result
+        result
+      end
+
+      # Test helper methods
+      def session_saved?(session_id)
+        @saved_sessions.include?(session_id)
+      end
+
+      def session_loaded?(session_id)
+        @loaded_sessions.include?(session_id)
+      end
+
+      def session_deleted?(session_id)
+        @deleted_sessions.include?(session_id)
+      end
+
+      def session_updated?(session_id)
+        @updated_sessions.include?(session_id)
+      end
+
+      def operation_count(type = nil)
+        if type
+          @operations.count { |op| op[:type] == type }
+        else
+          @operations.size
+        end
+      end
+
+      def last_saved_data(session_id)
+        @operations.reverse.find { |op| op[:type] == :save && op[:session_id] == session_id }&.dig(:data)
+      end
+
+      def reset_tracking!
+        @operations.clear
+        @saved_sessions.clear
+        @loaded_sessions.clear
+        @deleted_sessions.clear
+        @updated_sessions.clear
+      end
+    end
+  end
+end

data/lib/action_mcp/client/volatile_session_store.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module ActionMCP
+  module Client
+    # Volatile session store for development (data lost on restart)
+    class VolatileSessionStore
+      include SessionStore
+
+      def initialize
+        @sessions = Concurrent::Hash.new
+      end
+
+      def load_session(session_id)
+        @sessions[session_id]
+      end
+
+      def save_session(session_id, session_data)
+        @sessions[session_id] = session_data.dup
+      end
+
+      def delete_session(session_id)
+        @sessions.delete(session_id)
+      end
+
+      def session_exists?(session_id)
+        @sessions.key?(session_id)
+      end
+
+      def clear_all
+        @sessions.clear
+      end
+
+      def session_count
+        @sessions.size
+      end
+    end
+  end
+end

data/lib/action_mcp/configuration.rb

@@ -1,5 +1,8 @@
 # frozen_string_literal: true
 
+require_relative "gateway"
+require "active_support/core_ext/integer/time"
+
 module ActionMCP
   # Configuration class to hold settings for the ActionMCP server.
   class Configuration
@@ -30,7 +33,12 @@ module ActionMCP
                   :vibed_ignore_version,
                   # --- SSE Resumability Options ---
                   :sse_event_retention_period,
-                  :max_stored_sse_events
+                  :max_stored_sse_events,
+                  # --- Gateway Options ---
+                  :gateway_class,
+                  :current_class,
+                  # --- Session Store Options ---
+                  :session_store_type
 
     def initialize
       @logging_enabled = true
@@ -47,6 +55,13 @@ module ActionMCP
       # Resumability defaults
       @sse_event_retention_period = 15.minutes
       @max_stored_sse_events = 100
+
+      # Gateway - default to ApplicationGateway if it exists, otherwise ActionMCP::Gateway
+      @gateway_class = defined?(::ApplicationGateway) ? ::ApplicationGateway : ActionMCP::Gateway
+      @current_class = nil
+
+      # Session Store
+      @session_store_type = Rails.env.production? ? :active_record : :volatile
     end
 
     def name

data/lib/action_mcp/current.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module ActionMCP
+  class Current < ActiveSupport::CurrentAttributes
+    attribute :user
+    attribute :gateway
+
+    def user=(user)
+      super
+      set_user_time_zone if user.respond_to?(:time_zone)
+    end
+
+    private
+
+    def set_user_time_zone
+      Time.zone = user.time_zone
+    end
+  end
+end

data/lib/action_mcp/current_helpers.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module ActionMCP
+  module CurrentHelpers
+    extend ActiveSupport::Concern
+
+    protected
+
+    # Access the current user from ActionMCP::Current
+    def current_user
+      ActionMCP::Current.user
+    end
+
+    # Access the current gateway from ActionMCP::Current
+    def current_gateway
+      ActionMCP::Current.gateway
+    end
+  end
+end