HttpSse
Category: Mcp_client
Source: http_sse.dart
Streamable HTTP transport for MCP (2025-03-26 spec).
Single endpoint. Each client→server message is one POST. The server responds with either: • Content-Type: application/json — a single JSON-RPC message • Content-Type: text/event-stream — zero or more JSON-RPC messages in SSE events (data: {...})
Authentication is via Authorization: Bearer <token>. Session state across requests uses the Mcp-Session-Id header (captured from the initialize response, sent back on every subsequent request).
Out of scope for v1: • Standalone GET-SSE channel for server-initiated notifications. For HTTP-bound servers, tools/list_changed lands in B7 alongside the rest of the ACP integration.
Classes
McpHttpTransport
Constructor
McpHttpTransport({
required this.endpoint,
this.bearerToken,
http.Client? httpClient,
})Properties
| Property | Type | Description |
|---|---|---|
endpoint | Uri | |
bearerToken | String? | Optional bearer token. When set, every request carries Authorization: Bearer <token>. |
incoming | Stream<JsonRpcMessage> get | |
incoming | Stream<JsonRpcMessage> get |
Methods
void send(JsonRpcMessage message)
Future<void> close()
McpHttpTransportError
Surfaced via the [JsonRpcTransport.incoming] stream's error channel when the server returns a non-2xx HTTP status. The [McpClient] in turn maps it to an [McpCallFailure] for the agent loop.
On 401 responses the [wwwAuthenticate] header (if any) is captured — the pool consumes it to discover OAuth metadata per RFC 9728.
Constructor
const McpHttpTransportError({
required this.statusCode,
required this.body,
this.wwwAuthenticate,
})Properties
| Property | Type | Description |
|---|---|---|
statusCode | int | |
body | String | |
wwwAuthenticate | String? | Raw WWW-Authenticate header from the response. Populated when the server returns 401. null for other failure statuses. |
Methods
String toString()
Functions
`String? resolveMcpBearerToken(
McpAuthSpec auth, CredentialStore credentials, String serverId, )`
Resolves the bearer token for an MCP server, honouring: • [McpBearerAuth] — literal token from config, falling back to mcp:<server-id>:bearer in the credential store. • [McpOAuthAuth] — current oauth_access field from the credential store (populated by glue mcp auth login <server>). • [McpNoAuth] — null (no Authorization header).
Returns null when no token is available. Callers send no header in that case; the server may 401, which the pool surfaces as McpServerAuthRequiredEvent so the user knows to log in.