feat: #502 resource templates with basic template matcher

[kpavlov]

Summary

Important

Full support of RFC-6570 is out of scope and can be implemented by users or as an independent feature.
Reasoning: Safe and secure RFC-6570 implementation is a separate problem and should not block the support of basic MCP features.

Adds resource template matching for the MCP server, enabling handlers to be registered against RFC 6570 Level 1 URI templates (e.g. files/{path}, users/{id}/profile) and resolved by specificity when multiple templates match the same URI.

• ResourceTemplateMatcher / ResourceTemplateMatcherFactory — extension point for URI
  template matching; ServerOptions.resourceTemplateMatcherFactory is public so callers can inject a custom implementation.
  • PathSegmentTemplateMatcher — default implementation: splits on /, parses the template once at construction, and scores each match (literal segment = 2 pts, variable capture = 1 pt) so the most-specific template always wins. Enforces safety limits (URI length cap, segment depth cap) and delegates dot-segment normalization to the platform URI parser (JVM: java.net.URI.normalize, JS: URL API, native/WASM: no-op — documented limitation).
  • Specificity selection — handleReadResource uses maxWithOrNull (O(n)) to select the highest-scoring match; ties broken by fewest variable captures, then registration order.
  • fix(core): rethrow CancellationException — Protocol.kt had a catch (cause: Throwable) that silently suppressed coroutine cancellation. The catch block now re-throws CancellationException before the generic handler runs.
  • fix(server): checkNotNull in capability validation — replaces check(x != null) with the idiomatic checkNotNull(x) across all capability guard sites in Server.kt.

Security

PathSegmentTemplateMatcher applies one percent-decode pass via Ktor's decodeURLPart. Decoded variable values are attacker-controlled and documented as such — handlers must validate before using values in file paths, database queries, or downstream URLs. A dedicated security regression test suite (PathSegmentTemplateMatcherSecurityTest) covers double-decode, null bytes, encoded slashes, depth exhaustion, dot-segment traversal, and query/fragment pass-through.

Motivation and Context

Closes #502, #591

How Has This Been Tested?

Conformance test (resources-templates-read #591), unit/integration/security test

Breaking Changes

Any code that called McpException(-32600, "Connection closed") previously received exception.message == "MCP error -32600: Connection closed". After this change it returns "Connection closed". This is a behavioral API break — the Exception.message contract changed without a deprecation path.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update

Checklist

• I have read the MCP Documentation
• My code follows the repository's style guidelines
• New and existing tests pass locally
• I have added appropriate error handling
• I have added or updated documentation as needed

Additional context

#603, #604, #503

[codecov-commenter]

Codecov Report

❌ Patch coverage is 80.86957% with 22 lines in your changes missing coverage. Please review.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
...o/modelcontextprotocol/kotlin/sdk/server/Server.kt	75.92%	2 Missing and 11 partials ⚠️
...otocol/kotlin/sdk/utils/ResourceTemplateMatcher.kt	33.33%	2 Missing and 2 partials ⚠️
...modelcontextprotocol/kotlin/sdk/shared/Protocol.kt	25.00%	0 Missing and 3 partials ⚠️
...elcontextprotocol/kotlin/sdk/types/McpException.kt	50.00%	1 Missing ⚠️
...col/kotlin/sdk/utils/PathSegmentTemplateMatcher.kt	97.56%	0 Missing and 1 partial ⚠️

📢 Thoughts on this report? Let us know!

[e5l]

lgtm, please check comments before merging

[e5l]

lgtm