support session-id and keep alive for mcp tools

[krishgcek]

I am integrating OpenHands with a backend application that uses the Mcp-Session-Id header to maintain session continuity. The expected behavior is:

A single request initializes and authenticates a backend app object.

Subsequent requests using the same Mcp-Session-Id should reuse the same session instance without needing to reinitialize everything.

This workflow works correctly with GitHub Copilot, where one Mcp-Session-Id results in a persistent server-side session.

However, with OpenHands the session is terminated after each request. Every exchange triggers a new connection lifecycle, as shown in server logs:

INFO: x.x.x.x:50101 - "POST /mcp" 200 OK
INFO: x.x.x.x:50102 - "POST /mcp" 202 Accepted
INFO: x.x.x.x:50103 - "GET /mcp" 200 OK
INFO: x.x.x.x:50104 - "POST /mcp" 200 OK
INFO: x.x.x.x:50105 - "DELETE /mcp" 200 OK

OpenHands appears to disconnect and clean up the session after every interaction, preventing persistent state on the server.

Impact

This makes it difficult for servers to maintain authenticated or stateful objects associated with a user session. For example:

No cached authentication

No per-session application context

Reinitialization overhead on every request

Inconsistent behavior compared to other MCP-compatible tools