Status: Merged in PR #89 (Resolves #82, #83)
What was delivered:
- ✅ HttpMiddleware trait with lifecycle hooks (on_request, on_response, on_error)
- ✅ HttpMiddlewareChain with priority ordering
- ✅ OAuthClientMiddleware for bearer token injection
- ✅ Case-insensitive HTTP header handling
- ✅ Integration with StreamableHttpTransport
- ✅ 23 comprehensive integration tests
- ✅ Complete documentation (Chapter 10.3, Chapter 11)
Status: Not started - Interim HashMap solution in place
Why needed:
- Current implementation uses
HashMap<String, String>with manual lowercase normalization http::HeaderMapis the proper type for HTTP headers- Better performance and standard compliance
- Enables proper multi-value header support
Work required:
- Replace
HttpRequest::headersandHttpResponse::headerswithhttp::HeaderMap - Update all header methods to use HeaderMap API
- Update tests to use HeaderMap
- Effort: Low (1 day)
- Value: High - Correctness and performance
- Risk: Low - Well-defined change
Recommendation: Do this before Phase 2 for clean foundation
Status: HTTP layer ✅ complete, Builder/Protocol
Clarification: Client::send_request already invokes EnhancedMiddlewareChain for request/response!
What's actually missing:
-
ClientBuilder API (HIGH PRIORITY)
- Add
.with_http_middleware()and.with_protocol_middleware()builder methods - Mirror on
StreamableHttpTransportConfigfor clean HTTP chain passing - Example:
Client::builder().with_http_middleware(chain).with_protocol_middleware(proto_chain).build() - Effort: Low-Medium (2 days)
- Value: High - Much better ergonomics
- Add
-
Protocol middleware for inbound events (MEDIUM PRIORITY)
- Inbound notifications not tied to
send_request - Streamed events (SSE)
- Background protocol flows (progress notifications, subscriptions)
- Effort: Medium (2-3 days)
- Value: Medium - Completeness for server-initiated flows
- Inbound notifications not tied to
-
Unified configuration (LOW PRIORITY)
- Clear separation: HTTP middleware vs Protocol middleware
- Documentation on when to use each layer
- Effort: Low (1 day)
- Value: Medium - Clarity
Recommendation: Start with #1 (ClientBuilder API) for immediate ergonomic wins
Status: Basic implementations exist, production features missing
LoggingMiddleware enhancements:
- Default-on header redaction (CRITICAL)
- Redact
authorization,cookie,set-cookie,x-api-keyby default - Allow per-field overrides
- Prevent accidental PII/secret leaks
- Redact
- Status threshold filtering (only log 4xx/5xx)
- Stdio-safe mode (disable for stdio transports to avoid corrupting framing)
- Body size limits and truncation
- Timing information
- Method exclusion list
- Effort: Medium (3-4 days, start with redaction in week 1)
- Value: High - Production safety
- Risk: High if not done - Secret leaks
RetryMiddleware enhancements with clear boundaries:
- Define retry coordination boundaries (CRITICAL)
- HTTP layer: Connection failures, 5xx errors, timeouts
- Transport layer: SSE reconnection, WebSocket reconnection
- Protocol layer: Request-level retries (non-idempotent awareness)
- No double-retry: Use metadata signals (
oauth.retry_used,http.retry_count)
- Exponential backoff with jitter (avoid thundering herd)
- Idempotency awareness (don't retry mutations without explicit opt-in)
- Per-method retry configuration
- Honor OAuth middleware metadata to prevent infinite loops
- Effort: Medium (3-4 days)
- Value: High - Reliability without double-retry bugs
- Risk: Medium - Coordination complexity
Retry Coordination Metadata Contract:
// OAuth sets when it detects 401:
context.set_metadata("auth_failure", "true");
context.set_metadata("oauth.retry_used", "true"); // After first retry
// HTTP retry sets:
context.set_metadata("http.retry_count", retry_count.to_string());
// Protocol retry checks:
if context.get_metadata("http.retry_count").is_some() { /* skip */ }Recommendation: Start with logging redaction (week 1), then retry boundaries (week 2)
Status: Basic implementations exist, scoping and metrics missing
CircuitBreakerMiddleware enhancements:
- Scoping: Start with server+method (RECOMMENDED)
- Per-server scope (track each upstream separately)
- Per-method scope (track
tools/callvsresources/readseparately) - Layer session scoping later if needed
- Avoid over-granularity initially
- State persistence (file, then Redis)
- Metrics aggregation (integrate with existing MetricsMiddleware)
- Dynamic threshold adjustment (optional, later)
- Effort: Medium-High (4-5 days)
- Value: High - Production resilience
- Approach: Incremental (server scope → method scope → session scope)
RateLimitMiddleware enhancements:
- Scoping strategies (global, per-endpoint, per-session)
- Persistence across restarts
- Distributed coordination (Redis)
- Backpressure signals
- Effort: High (5-6 days)
- Value: High - Multi-tenant safety
Recommendation: Circuit breaker scoping is medium priority, rate limit is lower
Status: Not implemented
Features needed:
- Content-Type gating (CRITICAL)
- Only compress
application/jsonby default - Configurable allowlist
- Skip binary/already-compressed content
- Only compress
- Minimum size threshold (e.g., 1KB)
- Don't compress small payloads (overhead > savings)
- Configurable threshold
- Transport awareness (CRITICAL)
- NEVER compress on stdio (breaks line-delimited JSON framing)
- Only enable for HTTP/WebSocket
- Auto-detect transport type
- Support multiple algorithms (Gzip, Deflate, Brotli, Zstd)
- Compression level configuration
- Automatic decompression (transparent to downstream middleware)
- Compression metrics (bytes saved, ratio, time)
- Effort: Medium-High (4-5 days)
- Value: Medium - Bandwidth savings for large payloads
- Risk: Medium - Stdio corruption if not transport-aware
Recommendation: Medium priority - Useful for edge/mobile deployments, but ensure stdio safety
Status: Not implemented
Prometheus exporter:
- HTTP /metrics endpoint
- Standard metric types (counters, histograms, gauges)
- Request/response metrics
- Transport metrics
- Middleware-specific metrics (circuit breaker, rate limit)
- Effort: Medium (3-4 days)
- Value: High - Observability
OpenTelemetry exporter:
- Distributed tracing integration
- Span creation for requests/middleware
- Request ID propagation from HttpMiddlewareContext and Client RequestId
- Context propagation across boundaries
- OTLP export
- Effort: High (5-6 days)
- Value: High - Distributed systems observability
Recommendation: Prometheus first (week 2-3), OpenTelemetry later (week 4-6)
Status: Not implemented
Features needed:
-
create_middleware!macro- Concise custom middleware creation
- Reduces boilerplate
- Effort: Low (1-2 days)
- Value: Medium - Better DX
-
Pre-configured middleware stacks
- Stdio preset (logging, validation, no compression)
- HTTP preset (auth, logging, retry, compression)
- WebSocket preset (reconnection, heartbeat)
- Effort: Low (1-2 days)
- Value: High - Quick start
-
Comprehensive examples
- Real-world middleware stacks
- Custom middleware patterns
- Testing strategies
- Effort: Low (2-3 days)
- Value: High - Documentation
Recommendation: Medium priority - Improves adoption
Time estimate: 1 week (5 days) Priority: CRITICAL - Do this first
-
HeaderMap Migration (1 day)
- Replace
HashMap<String, String>withhttp::HeaderMap - Update all header methods
- Fix tests
- Value: High - Correctness and performance
- Risk: Low - Well-defined change
- Replace
-
ClientBuilder API (2 days)
- Add
.with_http_middleware()and.with_protocol_middleware() - Mirror on
StreamableHttpTransportConfigfor clean HTTP chain passing - Value: High - Ergonomics
- Risk: Low - Additive change
- Add
-
Middleware Presets (1 day)
- stdio preset (logging, validation, NO compression)
- http preset (OAuth, logging, retry, compression)
- websocket preset (reconnection, heartbeat)
- Value: High - Quick start for users
- Risk: Low - Configuration only
-
Basic Logging Redaction (1 day)
- Default-on redaction for
authorization,cookie,set-cookie,x-api-key - Allow per-field overrides
- Value: CRITICAL - Prevent secret leaks
- Risk: Low - Additive security
- Default-on redaction for
Deliverables: Clean foundation, safe defaults, better UX
Time estimate: 2 weeks Priority: HIGH - Complete the integration story
-
Protocol Middleware for Inbound Events (3 days)
- Wrap notifications and streaming paths
- Add tests for unsolicited events (server-initiated)
- Background protocol flows (progress, subscriptions)
- Value: Medium - Completeness
- Risk: Medium - Need to identify all paths
-
Retry Enhancements with Coordination (4 days)
- Define clear boundaries (HTTP vs Transport vs Protocol)
- Exponential backoff with jitter
- Idempotency awareness (opt-in for mutations)
- Honor OAuth metadata (
oauth.retry_used,http.retry_count) - Value: High - Reliability without double-retry bugs
- Risk: Medium - Coordination complexity
-
Prometheus Exporter (3 days)
- HTTP /metrics endpoint
- Counters/histograms for request/response
- Middleware timings (piggyback on existing MetricsMiddleware)
- Value: High - Observability
- Risk: Low - Standard pattern
Deliverables: Complete middleware coverage, production observability
Time estimate: 3 weeks Priority: MEDIUM - Production-grade features
-
Enhanced Logging (1 week)
- Status threshold filtering (only log 4xx/5xx)
- Stdio-safe mode (detect transport type)
- Body truncation and size limits
- Timing information
- Method exclusion list
- Value: High - Production safety
- Risk: Low - Additive features
-
Circuit Breaker Scoping (1 week)
- Start with server+method scoping
- State persistence (file first, Redis later)
- Metrics aggregation
- Value: High - Resilience
- Risk: Medium - Persistence complexity
-
OpenTelemetry Spans (1 week)
- Span creation with request ID propagation
- Context propagation from HttpMiddlewareContext and Client RequestId
- OTLP export
- Value: High - Distributed tracing
- Risk: Medium - Integration complexity
Deliverables: Production-hardened middleware
Time estimate: 2-3 weeks Priority: LOW - Nice-to-have
-
Compression (1 week)
- Content-Type gating (only
application/json) - Minimum size threshold (e.g., 1KB)
- Transport awareness (NEVER on stdio)
- Automatic decompression
- Value: Medium - Bandwidth savings
- Risk: Medium - Stdio corruption if not careful
- Content-Type gating (only
-
RateLimit Enhancements (1 week)
- Scoping and persistence
- Distributed coordination (Redis)
- Value: Medium - Multi-tenant safety
- Risk: Medium - Distributed state
-
Developer Experience (1 week)
create_middleware!macro- Middleware groups (enable/disable together)
- Value: Medium - Better DX
- Risk: Low - Quality-of-life
Deliverables: Advanced features for edge cases
High Value │ #80 (Builder) │ #87 (Prom) │ #84 (Logging)
│ #88 (Presets) │ #85 (Circuit) │ #84 (Retry)
│ │ │
────────────┼────────────────┼─────────────────┼──────────────
│ #80 (Protocol) │ #85 (RateLimit) │
Medium │ #88 (Macro) │ #86 (Compress) │ #87 (OTel)
Value │ │ │
────────────┼────────────────┼─────────────────┼──────────────
│ │ │
Low Value │ │ │
│ │ │
└────────────────┴─────────────────┴──────────────
Low Effort Medium Effort High Effort
If we want immediate impact with low effort:
-
Middleware presets (Issue #88) - 2 days
- Pre-configured stacks for common use cases
- Immediate value for new users
-
ClientBuilder API (Issue #80) - 3 days
- Much better ergonomics
- Easy migration path
-
Basic header filtering (Issue #84) - 2 days
- Security/privacy win
- Low complexity
Total: 1 week for significant UX improvements
Beyond the current issues, consider:
-
Middleware testing utilities
- Mock middleware for testing
- Assertion helpers
- Test fixtures
-
Middleware composition patterns
- Conditional middleware (apply based on context)
- Middleware groups (enable/disable together)
- Async middleware chains
-
Performance optimizations
- Middleware caching
- Zero-copy middleware
- Parallel middleware execution where safe
-
Additional built-in middleware
- CachingMiddleware (response caching)
- ValidationMiddleware (schema validation)
- TimeoutMiddleware (request timeouts)
- CORSMiddleware (HTTP CORS handling)
Current state:
- HTTP middleware layer is complete and production-ready
- Protocol middleware exists but requires manual invocation
- Built-in middleware (Logging, Retry, Circuit Breaker, RateLimit, Metrics) have basic implementations
- OAuth client middleware is production-ready
Key decisions needed:
- Which phase should we prioritize? (Recommend Phase 2 for adoption)
- Should we implement all of #84/#85 or start with just logging/retry?
- Do we need compression (Issue #86) before observability (Issue #87)?
Dependencies:
- Issue #80 (Protocol auto-invoke) should come before Issue #88 (examples) to show complete patterns
- Issue #87 (metrics exporters) depends on enhanced metrics from #84 and #85
- Issue #86 (compression) is independent and can be done anytime
-
What are the top pain points users are experiencing?
- If it's "hard to set up middleware" → Prioritize #80 + #88
- If it's "logs leak secrets" → Prioritize #84 (logging)
- If it's "no observability" → Prioritize #87 (Prometheus)
-
What deployment scenarios are most common?
- Edge/mobile → Prioritize #86 (compression)
- Multi-tenant SaaS → Prioritize #85 (rate limiting with scoping)
- Enterprise/cloud → Prioritize #87 (observability)
-
What's the timeline for production readiness?
- Need production-ready soon → Prioritize #84 (logging safety) + #87 (Prometheus)
- Can wait for better UX → Prioritize #80 + #88
Recommended starting point: Phase 2 (#80 + #88) for adoption, then reassess based on user feedback.