|
17 | 17 | //! |
18 | 18 | //! # Transport: Streamable HTTP (REST API V1) |
19 | 19 | //! |
20 | | -//! This example uses the MCP 2025-11-25 Streamable HTTP transport via REST API (V1). |
| 20 | +//! This example uses the MCP 2026-07-28 Streamable HTTP transport via REST API (V1). |
21 | 21 | //! REST API supports standard HTTP POST with full request/response control, making it |
22 | 22 | //! compatible with Streamable HTTP. The Lambda adapter converts the API Gateway event |
23 | 23 | //! into a standard `hyper::Request`, which the framework's `StreamableHttpHandler` |
24 | | -//! processes normally. |
| 24 | +//! processes normally. The 2026 core is stateless: there is no `initialize`/ |
| 25 | +//! `notifications/initialized` handshake and no `Mcp-Session-Id` — every request |
| 26 | +//! carries its own `_meta` (protocolVersion, clientInfo, clientCapabilities). |
25 | 27 | //! |
26 | 28 | //! **Note**: HTTP API (V2) authorizer context extraction is fully supported, but |
27 | 29 | //! Streamable HTTP transport requires REST API (V1). |
|
91 | 93 | //! # Usage |
92 | 94 | //! |
93 | 95 | //! ```bash |
94 | | -//! # With valid API key |
| 96 | +//! # With valid API key (2026-07-28 stateless: no session handshake; |
| 97 | +//! # each request carries its own `_meta`) |
95 | 98 | //! curl -X POST http://localhost:9000/lambda-url/middleware-auth-lambda \ |
96 | 99 | //! -H "Content-Type: application/json" \ |
97 | 100 | //! -H "Accept: application/json" \ |
| 101 | +//! -H "MCP-Protocol-Version: 2026-07-28" \ |
98 | 102 | //! -H "X-API-Key: secret-key-123" \ |
99 | | -//! -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-11-25","capabilities":{},"clientInfo":{"name":"test","version":"1.0"}}}' |
| 103 | +//! -d '{"jsonrpc":"2.0","id":1,"method":"server/discover","params":{"_meta":{"io.modelcontextprotocol/protocolVersion":"2026-07-28","io.modelcontextprotocol/clientInfo":{"name":"test","version":"1.0"},"io.modelcontextprotocol/clientCapabilities":{}}}}' |
100 | 104 | //! |
101 | | -//! # Without API key (should fail) |
| 105 | +//! # Without API key (should fail at the auth layer) |
102 | 106 | //! curl -X POST http://localhost:9000/lambda-url/middleware-auth-lambda \ |
103 | 107 | //! -H "Content-Type: application/json" \ |
104 | 108 | //! -H "Accept: application/json" \ |
105 | | -//! -d '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' |
| 109 | +//! -H "MCP-Protocol-Version: 2026-07-28" \ |
| 110 | +//! -d '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{"_meta":{"io.modelcontextprotocol/protocolVersion":"2026-07-28","io.modelcontextprotocol/clientInfo":{"name":"test","version":"1.0"},"io.modelcontextprotocol/clientCapabilities":{}}}}' |
106 | 111 | //! ``` |
107 | 112 |
|
108 | 113 | use async_trait::async_trait; |
@@ -291,7 +296,7 @@ async fn main() -> Result<(), Error> { |
291 | 296 | init_logging(); |
292 | 297 |
|
293 | 298 | info!("🚀 Starting AWS Lambda MCP Server with Authentication Middleware"); |
294 | | - info!("Architecture: MCP 2025-11-25 with middleware auth layer"); |
| 299 | + info!("Architecture: MCP 2026-07-28 (stateless) with middleware auth layer"); |
295 | 300 | info!(" - X-API-Key header validation"); |
296 | 301 | info!(" - Lambda authorizer context extraction"); |
297 | 302 | info!(" - User context injection"); |
|
0 commit comments