Hi team,
While investigating context and state propagation in Agent-to-Agent (A2A) communication, I noticed that RemoteA2AAgent explicitly drops the client call context during execution.
In RemoteA2AAgent.java (inside the runAsyncImpl method), the agent calls a2aClient.sendMessage but hardcodes the ClientCallContext parameter (the 4th argument) to null.
Because this context is never passed down, it breaks downstream implementations that rely on ClientCallContext to establish authenticated connections to remote servers.
Code Reference
The Call Site (RemoteA2AAgent.java)
StreamHandler handler =
new StreamHandler(
emitter.serialize(), invocationContext, requestJson, streaming, name());
ImmutableList<BiConsumer<ClientEvent, AgentCard>> consumers =
ImmutableList.of(handler::handleEvent);
// ISSUE: The 4th parameter (ClientCallContext) is hardcoded to null
a2aClient.sendMessage(
originalMessage,
consumers,
handler::handleError,
null
);
The Impact
Because ClientCallContext is null, downstream A2A clients fail to resolve authentication headers and session states.
For example, methods that extract HTTP headers or resolve credentials via SESSION_ID automatically fail because the state map cannot be accessed:
JSONRPCTransport.class
private Map<String, String> getHttpHeaders(ClientCallContext context) {
return context != null ? context.getHeaders() : null; // Returns null
}InMemoryContextCredentialService.class
@Override
public @Nullable String getCredential(
String securitySchemeName,
@Nullable ClientCallContext clientCallContext) {
// Fails immediately because clientCallContext is null
if (clientCallContext == null
|| !clientCallContext.getState().containsKey(SESSION_ID)) {
return null;
}
// ...
}
Expected Behavior
RemoteA2AAgent should construct or extract a valid ClientCallContext (potentially deriving it from the InvocationContext or associated metadata) and pass it into a2aClient.sendMessage.
This will ensure that:
- Session IDs are propagated correctly.
- Authentication credentials remain available downstream.
- Required HTTP headers are preserved.
- Remote agents receive the full execution context necessary for authenticated communication.
Thank you for looking into this.
Please let me know if you need any further information or a minimal reproducible example.
Hi team,
While investigating context and state propagation in Agent-to-Agent (A2A) communication, I noticed that
RemoteA2AAgentexplicitly drops the client call context during execution.In
RemoteA2AAgent.java(inside therunAsyncImplmethod), the agent callsa2aClient.sendMessagebut hardcodes theClientCallContextparameter (the 4th argument) tonull.Because this context is never passed down, it breaks downstream implementations that rely on
ClientCallContextto establish authenticated connections to remote servers.Code Reference
The Call Site (
RemoteA2AAgent.java)The Impact
Because
ClientCallContextisnull, downstream A2A clients fail to resolve authentication headers and session states.For example, methods that extract HTTP headers or resolve credentials via
SESSION_IDautomatically fail because the state map cannot be accessed:JSONRPCTransport.class
InMemoryContextCredentialService.class
Expected Behavior
RemoteA2AAgentshould construct or extract a validClientCallContext(potentially deriving it from theInvocationContextor associated metadata) and pass it intoa2aClient.sendMessage.This will ensure that:
Thank you for looking into this.
Please let me know if you need any further information or a minimal reproducible example.