Lazy Single-Flight OAuth & McpSessionPool: Solving JWT Expiration and Transport Boilers for Python Agents · modelcontextprotocol · Discussion #801 · GitHub
//discussions/show" data-turbo-transient="true" />
Skip to content
Search or jump to...
Search code, repositories, users, issues, pull requests...
-->
Search
Clear
Search syntax tips
Provide feedback
--><br>We read every piece of feedback, and take your input very seriously.
Include my email address so I can be contacted
Cancel
Submit feedback
Saved searches
Use saved searches to filter your results more quickly
-->
Name
Query
To see all available qualifiers, see our documentation.
Cancel
Create saved search
Sign in
//discussions/show;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up
Appearance settings
Resetting focus
You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.
Dismiss alert
{{ message }}
Model Context Protocol
Lazy Single-Flight OAuth & McpSessionPool: Solving JWT Expiration and Transport Boilers for Python Agents
#801
Mawyxx
started this conversation in<br>Show and tell
Lazy Single-Flight OAuth & McpSessionPool: Solving JWT Expiration and Transport Boilers for Python Agents
#801
Mawyxx
Jul 6, 2026<br>·<br>0 comments
Return to top
Discussion options
Uh oh!
There was an error while loading. Please reload this page.
{{title}}
Something went wrong.
Uh oh!
There was an error while loading. Please reload this page.
Quote reply
Mawyxx
Jul 6, 2026
Pre-submission Checklist
This post follows the MCP community guidelines
What would you like to share?
I noticed that many developers building production-grade agents under the MCP ecosystem hit the same infrastructure and runtime friction points regarding OAuth token lifecycles and session management:
Token Expiration Mid-Task: Secure hosts enforce short-lived bearer JWTs (~5-minute TTL). If an LLM agent executes a complex multi-step reasoning chain that exceeds this window, the token expires mid-thought, throwing an unhandled 401 Unauthorized. Handling token validity checks and manual refresh steps inside high-level agent logic causes state desynchronization.
Session Overhead and Network Fragility: Managing remote endpoints often means dealing with a lack of native connection pooling or robust session reuse out of the box. Dropping and rebuilding transport channels to multiple unique host URLs leaks system resources, while sudden network issues cause abrupt agent runtime failures.
To offload this infrastructure boilerplate from high-level application logic, check out lime-agents-sdk .
How it works:
Lazy Single-Flight OAuth Refresh: Tracks token expiration locally via monotonic time comparison with a 30-second skew window. Token resolution is strictly lazy and wrapped in an async _refresh_lock (Single-Flight pattern) — ensuring that concurrent tool calls trigger exactly 1 HTTP request to the /oauth/token endpoint.
On-Demand 401 Recovery: If an upstream MCP server throws an unexpected 401 mid-operation, the SDK intercepts it, forces a proactive token refresh, closes stale transport channels, and performs exactly one clean retry.
McpSessionPool per URL: Caches and pools ClientSession and underlying transport mappings per unique server URL, preventing connection leaks. Concurrent calls to different hosts run smoothly, while calls to the same host are serialized by default.
Isolated Infrastructure Retries: Implements robust exponential backoff with random jitter exclusively for platform infrastructure HTTP endpoints (408/429/5xx on logins, profile, token issuance). Tool calls (call_tool) are never unsafely retried at the transport layer.
Production Quality: Clean public API, fully typed (mypy --strict compliant), zero external dependencies clutter, and 100% line coverage verified in CI.
Note: This SDK is built around the LIME ecosystem protocol layer and requires an Agent Token from the platform to authenticate sessions.
The codebase is completely open-source. Architectural feedback, roasts, or contributions regarding this connection management pattern are highly welcome.
👉 Repository: https://github.com/Mawyxx/lime-agents-sdk
Relevant Links
Repository: https://github.com/Mawyxx/lime-agents-sdk
Lime: https://lime.pics/
Beta<br>Was this translation helpful?<br>Give feedback.
You must be logged in to vote
All reactions
Replies:
0 comments
-->
Sign up for free<br>to join this conversation on GitHub .<br>Already have an account?<br>Sign in to comment
Category
🙌
Show and tell
Labels
None yet
1 participant
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Select a reply
Loading
Uh...