cernont/pyrofetes-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(planning): grille hebdomadaire complète avec API et filtres

Browse Source 
- Connexion API via proxy Angular (résolution CORS, base path /api)
- Import CSS ng-zorro global pour les modales et composants
- Filtres Camion/Show câblés sur l'affichage de la grille
- Camions affichés via TrucksService (linkés au show du même créneau)
- Panneau de détails : spectacles + camions du jour sélectionné
- Modale de création de spectacle stylisée avec fond et centrage
- Positionnement précis des events à la minute dans leur créneau
- Auto-scroll vers l'heure courante au chargement
- Ligne "maintenant" sur la colonne du jour actuel
- Régénération des services OpenAPI (nouveaux noms de types)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
timothe
2026-05-27 20:36:03 +02:00
parent 150b97cd2e
commit 654b297e2e
3131 changed files with 149304 additions and 104334 deletions
Download Patch File Download Diff File Expand all files Collapse all files
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/clients.d.ts
Generated Vendored
+2 -2
View File
@@ -1,4 +1,4 @@
import { OAuthClientInformationFull } from '../../shared/auth.js';
import { OAuthClientInformationFull } from "../../shared/auth.js";
/**
* Stores information about registered OAuth clients for this server.
*/
@@ -14,6 +14,6 @@ export interface OAuthRegisteredClientsStore {
*
* If unimplemented, dynamic client registration is unsupported.
*/
registerClient?(client: Omit<OAuthClientInformationFull, 'client_id' | 'client_id_issued_at'>): OAuthClientInformationFull | Promise<OAuthClientInformationFull>;
registerClient?(client: Omit<OAuthClientInformationFull, "client_id" | "client_id_issued_at">): OAuthClientInformationFull | Promise<OAuthClientInformationFull>;
}
//# sourceMappingURL=clients.d.ts.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/clients.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"clients.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/clients.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,0BAA0B,EAAE,MAAM,sBAAsB,CAAC;AAElE;;GAEG;AACH,MAAM,WAAW,2BAA2B;IACxC;;OAEG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,0BAA0B,GAAG,SAAS,GAAG,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC,CAAC;IAEtH;;;;;;OAMG;IACH,cAAc,CAAC,CACX,MAAM,EAAE,IAAI,CAAC,0BAA0B,EAAE,WAAW,GAAG,qBAAqB,CAAC,GAC9E,0BAA0B,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;CACvE"}
{"version":3,"file":"clients.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/clients.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,0BAA0B,EAAE,MAAM,sBAAsB,CAAC;AAElE;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C;;OAEG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,0BAA0B,GAAG,SAAS,GAAG,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC,CAAC;IAEtH;;;;;;OAMG;IACH,cAAc,CAAC,CAAC,MAAM,EAAE,IAAI,CAAC,0BAA0B,EAAE,WAAW,GAAG,qBAAqB,CAAC,GAAG,0BAA0B,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;CAClK"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/errors.d.ts
Generated Vendored
+1 -8
View File
@@ -1,4 +1,4 @@
import { OAuthErrorResponse } from '../../shared/auth.js';
import { OAuthErrorResponse } from "../../shared/auth.js";
/**
* Base class for all OAuth errors
*/
@@ -124,13 +124,6 @@ export declare class InvalidClientMetadataError extends OAuthError {
export declare class InsufficientScopeError extends OAuthError {
static errorCode: string;
}
/**
* Invalid target error - The requested resource is invalid, missing, unknown, or malformed.
* (Custom error for resource indicators - RFC 8707)
*/
export declare class InvalidTargetError extends OAuthError {
static errorCode: string;
}
/**
* A utility class for defining one-off error codes
*/
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/errors.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAE1D;;GAEG;AACH,qBAAa,UAAW,SAAQ,KAAK;aAKb,QAAQ,CAAC,EAAE,MAAM;IAJrC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC;gBAGrB,OAAO,EAAE,MAAM,EACC,QAAQ,CAAC,EAAE,MAAM,YAAA;IAMrC;;OAEG;IACH,gBAAgB,IAAI,kBAAkB;IAatC,IAAI,SAAS,IAAI,MAAM,CAEtB;CACJ;AAED;;;;GAIG;AACH,qBAAa,mBAAoB,SAAQ,UAAU;IAC/C,MAAM,CAAC,SAAS,SAAqB;CACxC;AAED;;;GAGG;AACH,qBAAa,kBAAmB,SAAQ,UAAU;IAC9C,MAAM,CAAC,SAAS,SAAoB;CACvC;AAED;;;;GAIG;AACH,qBAAa,iBAAkB,SAAQ,UAAU;IAC7C,MAAM,CAAC,SAAS,SAAmB;CACtC;AAED;;;GAGG;AACH,qBAAa,uBAAwB,SAAQ,UAAU;IACnD,MAAM,CAAC,SAAS,SAAyB;CAC5C;AAED;;;GAGG;AACH,qBAAa,yBAA0B,SAAQ,UAAU;IACrD,MAAM,CAAC,SAAS,SAA4B;CAC/C;AAED;;;GAGG;AACH,qBAAa,iBAAkB,SAAQ,UAAU;IAC7C,MAAM,CAAC,SAAS,SAAmB;CACtC;AAED;;GAEG;AACH,qBAAa,iBAAkB,SAAQ,UAAU;IAC7C,MAAM,CAAC,SAAS,SAAmB;CACtC;AAED;;;GAGG;AACH,qBAAa,WAAY,SAAQ,UAAU;IACvC,MAAM,CAAC,SAAS,SAAkB;CACrC;AAED;;;GAGG;AACH,qBAAa,2BAA4B,SAAQ,UAAU;IACvD,MAAM,CAAC,SAAS,SAA6B;CAChD;AAED;;;GAGG;AACH,qBAAa,4BAA6B,SAAQ,UAAU;IACxD,MAAM,CAAC,SAAS,SAA+B;CAClD;AAED;;;GAGG;AACH,qBAAa,yBAA0B,SAAQ,UAAU;IACrD,MAAM,CAAC,SAAS,SAA4B;CAC/C;AAED;;;GAGG;AACH,qBAAa,iBAAkB,SAAQ,UAAU;IAC7C,MAAM,CAAC,SAAS,SAAmB;CACtC;AAED;;;GAGG;AACH,qBAAa,qBAAsB,SAAQ,UAAU;IACjD,MAAM,CAAC,SAAS,SAAwB;CAC3C;AAED;;;GAGG;AACH,qBAAa,oBAAqB,SAAQ,UAAU;IAChD,MAAM,CAAC,SAAS,SAAuB;CAC1C;AAED;;;GAGG;AACH,qBAAa,0BAA2B,SAAQ,UAAU;IACtD,MAAM,CAAC,SAAS,SAA6B;CAChD;AAED;;GAEG;AACH,qBAAa,sBAAuB,SAAQ,UAAU;IAClD,MAAM,CAAC,SAAS,SAAwB;CAC3C;AAED;;;GAGG;AACH,qBAAa,kBAAmB,SAAQ,UAAU;IAC9C,MAAM,CAAC,SAAS,SAAoB;CACvC;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,UAAU;IAExC,OAAO,CAAC,QAAQ,CAAC,eAAe;gBAAf,eAAe,EAAE,MAAM,EACxC,OAAO,EAAE,MAAM,EACf,QAAQ,CAAC,EAAE,MAAM;IAKrB,IAAI,SAAS,IAAI,MAAM,CAEtB;CACJ;AAED;;GAEG;AACH,eAAO,MAAM,YAAY;;CAkBf,CAAC"}
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAE1D;;GAEG;AACH,qBAAa,UAAW,SAAQ,KAAK;aAKjB,QAAQ,CAAC,EAAE,MAAM;IAJnC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC;gBAGvB,OAAO,EAAE,MAAM,EACC,QAAQ,CAAC,EAAE,MAAM,YAAA;IAMnC;;OAEG;IACH,gBAAgB,IAAI,kBAAkB;IAatC,IAAI,SAAS,IAAI,MAAM,CAEtB;CACF;AAED;;;;GAIG;AACH,qBAAa,mBAAoB,SAAQ,UAAU;IACjD,MAAM,CAAC,SAAS,SAAqB;CACtC;AAED;;;GAGG;AACH,qBAAa,kBAAmB,SAAQ,UAAU;IAChD,MAAM,CAAC,SAAS,SAAoB;CACrC;AAED;;;;GAIG;AACH,qBAAa,iBAAkB,SAAQ,UAAU;IAC/C,MAAM,CAAC,SAAS,SAAmB;CACpC;AAED;;;GAGG;AACH,qBAAa,uBAAwB,SAAQ,UAAU;IACrD,MAAM,CAAC,SAAS,SAAyB;CAC1C;AAED;;;GAGG;AACH,qBAAa,yBAA0B,SAAQ,UAAU;IACvD,MAAM,CAAC,SAAS,SAA4B;CAC7C;AAED;;;GAGG;AACH,qBAAa,iBAAkB,SAAQ,UAAU;IAC/C,MAAM,CAAC,SAAS,SAAmB;CACpC;AAED;;GAEG;AACH,qBAAa,iBAAkB,SAAQ,UAAU;IAC/C,MAAM,CAAC,SAAS,SAAmB;CACpC;AAED;;;GAGG;AACH,qBAAa,WAAY,SAAQ,UAAU;IACzC,MAAM,CAAC,SAAS,SAAkB;CACnC;AAED;;;GAGG;AACH,qBAAa,2BAA4B,SAAQ,UAAU;IACzD,MAAM,CAAC,SAAS,SAA6B;CAC9C;AAED;;;GAGG;AACH,qBAAa,4BAA6B,SAAQ,UAAU;IAC1D,MAAM,CAAC,SAAS,SAA+B;CAChD;AAED;;;GAGG;AACH,qBAAa,yBAA0B,SAAQ,UAAU;IACvD,MAAM,CAAC,SAAS,SAA4B;CAC7C;AAED;;;GAGG;AACH,qBAAa,iBAAkB,SAAQ,UAAU;IAC/C,MAAM,CAAC,SAAS,SAAmB;CACpC;AAED;;;GAGG;AACH,qBAAa,qBAAsB,SAAQ,UAAU;IACnD,MAAM,CAAC,SAAS,SAAwB;CACzC;AAED;;;GAGG;AACH,qBAAa,oBAAqB,SAAQ,UAAU;IAClD,MAAM,CAAC,SAAS,SAAuB;CACxC;AAED;;;GAGG;AACH,qBAAa,0BAA2B,SAAQ,UAAU;IACxD,MAAM,CAAC,SAAS,SAA6B;CAC9C;AAED;;GAEG;AACH,qBAAa,sBAAuB,SAAQ,UAAU;IACpD,MAAM,CAAC,SAAS,SAAwB;CACzC;AAED;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,UAAU;IAClC,OAAO,CAAC,QAAQ,CAAC,eAAe;gBAAf,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM;IAIxF,IAAI,SAAS,IAAI,MAAM,CAEtB;CACF;AAED;;GAEG;AACH,eAAO,MAAM,YAAY;;CAiBf,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/errors.js
Generated Vendored
+16 -24
View File
@@ -31,14 +31,14 @@ export class OAuthError extends Error {
*/
export class InvalidRequestError extends OAuthError {
}
InvalidRequestError.errorCode = 'invalid_request';
InvalidRequestError.errorCode = "invalid_request";
/**
* Invalid client error - Client authentication failed (e.g., unknown client, no client
* authentication included, or unsupported authentication method).
*/
export class InvalidClientError extends OAuthError {
}
InvalidClientError.errorCode = 'invalid_client';
InvalidClientError.errorCode = "invalid_client";
/**
* Invalid grant error - The provided authorization grant or refresh token is
* invalid, expired, revoked, does not match the redirection URI used in the
@@ -46,103 +46,96 @@ InvalidClientError.errorCode = 'invalid_client';
*/
export class InvalidGrantError extends OAuthError {
}
InvalidGrantError.errorCode = 'invalid_grant';
InvalidGrantError.errorCode = "invalid_grant";
/**
* Unauthorized client error - The authenticated client is not authorized to use
* this authorization grant type.
*/
export class UnauthorizedClientError extends OAuthError {
}
UnauthorizedClientError.errorCode = 'unauthorized_client';
UnauthorizedClientError.errorCode = "unauthorized_client";
/**
* Unsupported grant type error - The authorization grant type is not supported
* by the authorization server.
*/
export class UnsupportedGrantTypeError extends OAuthError {
}
UnsupportedGrantTypeError.errorCode = 'unsupported_grant_type';
UnsupportedGrantTypeError.errorCode = "unsupported_grant_type";
/**
* Invalid scope error - The requested scope is invalid, unknown, malformed, or
* exceeds the scope granted by the resource owner.
*/
export class InvalidScopeError extends OAuthError {
}
InvalidScopeError.errorCode = 'invalid_scope';
InvalidScopeError.errorCode = "invalid_scope";
/**
* Access denied error - The resource owner or authorization server denied the request.
*/
export class AccessDeniedError extends OAuthError {
}
AccessDeniedError.errorCode = 'access_denied';
AccessDeniedError.errorCode = "access_denied";
/**
* Server error - The authorization server encountered an unexpected condition
* that prevented it from fulfilling the request.
*/
export class ServerError extends OAuthError {
}
ServerError.errorCode = 'server_error';
ServerError.errorCode = "server_error";
/**
* Temporarily unavailable error - The authorization server is currently unable to
* handle the request due to a temporary overloading or maintenance of the server.
*/
export class TemporarilyUnavailableError extends OAuthError {
}
TemporarilyUnavailableError.errorCode = 'temporarily_unavailable';
TemporarilyUnavailableError.errorCode = "temporarily_unavailable";
/**
* Unsupported response type error - The authorization server does not support
* obtaining an authorization code using this method.
*/
export class UnsupportedResponseTypeError extends OAuthError {
}
UnsupportedResponseTypeError.errorCode = 'unsupported_response_type';
UnsupportedResponseTypeError.errorCode = "unsupported_response_type";
/**
* Unsupported token type error - The authorization server does not support
* the requested token type.
*/
export class UnsupportedTokenTypeError extends OAuthError {
}
UnsupportedTokenTypeError.errorCode = 'unsupported_token_type';
UnsupportedTokenTypeError.errorCode = "unsupported_token_type";
/**
* Invalid token error - The access token provided is expired, revoked, malformed,
* or invalid for other reasons.
*/
export class InvalidTokenError extends OAuthError {
}
InvalidTokenError.errorCode = 'invalid_token';
InvalidTokenError.errorCode = "invalid_token";
/**
* Method not allowed error - The HTTP method used is not allowed for this endpoint.
* (Custom, non-standard error)
*/
export class MethodNotAllowedError extends OAuthError {
}
MethodNotAllowedError.errorCode = 'method_not_allowed';
MethodNotAllowedError.errorCode = "method_not_allowed";
/**
* Too many requests error - Rate limit exceeded.
* (Custom, non-standard error based on RFC 6585)
*/
export class TooManyRequestsError extends OAuthError {
}
TooManyRequestsError.errorCode = 'too_many_requests';
TooManyRequestsError.errorCode = "too_many_requests";
/**
* Invalid client metadata error - The client metadata is invalid.
* (Custom error for dynamic client registration - RFC 7591)
*/
export class InvalidClientMetadataError extends OAuthError {
}
InvalidClientMetadataError.errorCode = 'invalid_client_metadata';
InvalidClientMetadataError.errorCode = "invalid_client_metadata";
/**
* Insufficient scope error - The request requires higher privileges than provided by the access token.
*/
export class InsufficientScopeError extends OAuthError {
}
InsufficientScopeError.errorCode = 'insufficient_scope';
/**
* Invalid target error - The requested resource is invalid, missing, unknown, or malformed.
* (Custom error for resource indicators - RFC 8707)
*/
export class InvalidTargetError extends OAuthError {
}
InvalidTargetError.errorCode = 'invalid_target';
InsufficientScopeError.errorCode = "insufficient_scope";
/**
* A utility class for defining one-off error codes
*/
@@ -175,6 +168,5 @@ export const OAUTH_ERRORS = {
[TooManyRequestsError.errorCode]: TooManyRequestsError,
[InvalidClientMetadataError.errorCode]: InvalidClientMetadataError,
[InsufficientScopeError.errorCode]: InsufficientScopeError,
[InvalidTargetError.errorCode]: InvalidTargetError
};
//# sourceMappingURL=errors.js.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/errors.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../../src/server/auth/errors.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,KAAK;IAGjC,YACI,OAAe,EACC,QAAiB;QAEjC,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,aAAQ,GAAR,QAAQ,CAAS;QAGjC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,gBAAgB;QACZ,MAAM,QAAQ,GAAuB;YACjC,KAAK,EAAE,IAAI,CAAC,SAAS;YACrB,iBAAiB,EAAE,IAAI,CAAC,OAAO;SAClC,CAAC;QAEF,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAChB,QAAQ,CAAC,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC;QACvC,CAAC;QAED,OAAO,QAAQ,CAAC;IACpB,CAAC;IAED,IAAI,SAAS;QACT,OAAQ,IAAI,CAAC,WAAiC,CAAC,SAAS,CAAC;IAC7D,CAAC;CACJ;AAED;;;;GAIG;AACH,MAAM,OAAO,mBAAoB,SAAQ,UAAU;;AACxC,6BAAS,GAAG,iBAAiB,CAAC;AAGzC;;;GAGG;AACH,MAAM,OAAO,kBAAmB,SAAQ,UAAU;;AACvC,4BAAS,GAAG,gBAAgB,CAAC;AAGxC;;;;GAIG;AACH,MAAM,OAAO,iBAAkB,SAAQ,UAAU;;AACtC,2BAAS,GAAG,eAAe,CAAC;AAGvC;;;GAGG;AACH,MAAM,OAAO,uBAAwB,SAAQ,UAAU;;AAC5C,iCAAS,GAAG,qBAAqB,CAAC;AAG7C;;;GAGG;AACH,MAAM,OAAO,yBAA0B,SAAQ,UAAU;;AAC9C,mCAAS,GAAG,wBAAwB,CAAC;AAGhD;;;GAGG;AACH,MAAM,OAAO,iBAAkB,SAAQ,UAAU;;AACtC,2BAAS,GAAG,eAAe,CAAC;AAGvC;;GAEG;AACH,MAAM,OAAO,iBAAkB,SAAQ,UAAU;;AACtC,2BAAS,GAAG,eAAe,CAAC;AAGvC;;;GAGG;AACH,MAAM,OAAO,WAAY,SAAQ,UAAU;;AAChC,qBAAS,GAAG,cAAc,CAAC;AAGtC;;;GAGG;AACH,MAAM,OAAO,2BAA4B,SAAQ,UAAU;;AAChD,qCAAS,GAAG,yBAAyB,CAAC;AAGjD;;;GAGG;AACH,MAAM,OAAO,4BAA6B,SAAQ,UAAU;;AACjD,sCAAS,GAAG,2BAA2B,CAAC;AAGnD;;;GAGG;AACH,MAAM,OAAO,yBAA0B,SAAQ,UAAU;;AAC9C,mCAAS,GAAG,wBAAwB,CAAC;AAGhD;;;GAGG;AACH,MAAM,OAAO,iBAAkB,SAAQ,UAAU;;AACtC,2BAAS,GAAG,eAAe,CAAC;AAGvC;;;GAGG;AACH,MAAM,OAAO,qBAAsB,SAAQ,UAAU;;AAC1C,+BAAS,GAAG,oBAAoB,CAAC;AAG5C;;;GAGG;AACH,MAAM,OAAO,oBAAqB,SAAQ,UAAU;;AACzC,8BAAS,GAAG,mBAAmB,CAAC;AAG3C;;;GAGG;AACH,MAAM,OAAO,0BAA2B,SAAQ,UAAU;;AAC/C,oCAAS,GAAG,yBAAyB,CAAC;AAGjD;;GAEG;AACH,MAAM,OAAO,sBAAuB,SAAQ,UAAU;;AAC3C,gCAAS,GAAG,oBAAoB,CAAC;AAG5C;;;GAGG;AACH,MAAM,OAAO,kBAAmB,SAAQ,UAAU;;AACvC,4BAAS,GAAG,gBAAgB,CAAC;AAGxC;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,UAAU;IAC5C,YACqB,eAAuB,EACxC,OAAe,EACf,QAAiB;QAEjB,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAJR,oBAAe,GAAf,eAAe,CAAQ;IAK5C,CAAC;IAED,IAAI,SAAS;QACT,OAAO,IAAI,CAAC,eAAe,CAAC;IAChC,CAAC;CACJ;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IACxB,CAAC,mBAAmB,CAAC,SAAS,CAAC,EAAE,mBAAmB;IACpD,CAAC,kBAAkB,CAAC,SAAS,CAAC,EAAE,kBAAkB;IAClD,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,iBAAiB;IAChD,CAAC,uBAAuB,CAAC,SAAS,CAAC,EAAE,uBAAuB;IAC5D,CAAC,yBAAyB,CAAC,SAAS,CAAC,EAAE,yBAAyB;IAChE,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,iBAAiB;IAChD,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,iBAAiB;IAChD,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,WAAW;IACpC,CAAC,2BAA2B,CAAC,SAAS,CAAC,EAAE,2BAA2B;IACpE,CAAC,4BAA4B,CAAC,SAAS,CAAC,EAAE,4BAA4B;IACtE,CAAC,yBAAyB,CAAC,SAAS,CAAC,EAAE,yBAAyB;IAChE,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,iBAAiB;IAChD,CAAC,qBAAqB,CAAC,SAAS,CAAC,EAAE,qBAAqB;IACxD,CAAC,oBAAoB,CAAC,SAAS,CAAC,EAAE,oBAAoB;IACtD,CAAC,0BAA0B,CAAC,SAAS,CAAC,EAAE,0BAA0B;IAClE,CAAC,sBAAsB,CAAC,SAAS,CAAC,EAAE,sBAAsB;IAC1D,CAAC,kBAAkB,CAAC,SAAS,CAAC,EAAE,kBAAkB;CAC5C,CAAC"}
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../../src/server/auth/errors.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,KAAK;IAGnC,YACE,OAAe,EACC,QAAiB;QAEjC,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,aAAQ,GAAR,QAAQ,CAAS;QAGjC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,gBAAgB;QACd,MAAM,QAAQ,GAAuB;YACnC,KAAK,EAAE,IAAI,CAAC,SAAS;YACrB,iBAAiB,EAAE,IAAI,CAAC,OAAO;SAChC,CAAC;QAEF,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,QAAQ,CAAC,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC;QACrC,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAI,SAAS;QACX,OAAQ,IAAI,CAAC,WAAiC,CAAC,SAAS,CAAA;IAC1D,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,OAAO,mBAAoB,SAAQ,UAAU;;AAC1C,6BAAS,GAAG,iBAAiB,CAAC;AAGvC;;;GAGG;AACH,MAAM,OAAO,kBAAmB,SAAQ,UAAU;;AACzC,4BAAS,GAAG,gBAAgB,CAAC;AAGtC;;;;GAIG;AACH,MAAM,OAAO,iBAAkB,SAAQ,UAAU;;AACxC,2BAAS,GAAG,eAAe,CAAC;AAGrC;;;GAGG;AACH,MAAM,OAAO,uBAAwB,SAAQ,UAAU;;AAC9C,iCAAS,GAAG,qBAAqB,CAAC;AAG3C;;;GAGG;AACH,MAAM,OAAO,yBAA0B,SAAQ,UAAU;;AAChD,mCAAS,GAAG,wBAAwB,CAAC;AAG9C;;;GAGG;AACH,MAAM,OAAO,iBAAkB,SAAQ,UAAU;;AACxC,2BAAS,GAAG,eAAe,CAAC;AAGrC;;GAEG;AACH,MAAM,OAAO,iBAAkB,SAAQ,UAAU;;AACxC,2BAAS,GAAG,eAAe,CAAC;AAGrC;;;GAGG;AACH,MAAM,OAAO,WAAY,SAAQ,UAAU;;AAClC,qBAAS,GAAG,cAAc,CAAC;AAGpC;;;GAGG;AACH,MAAM,OAAO,2BAA4B,SAAQ,UAAU;;AAClD,qCAAS,GAAG,yBAAyB,CAAC;AAG/C;;;GAGG;AACH,MAAM,OAAO,4BAA6B,SAAQ,UAAU;;AACnD,sCAAS,GAAG,2BAA2B,CAAC;AAGjD;;;GAGG;AACH,MAAM,OAAO,yBAA0B,SAAQ,UAAU;;AAChD,mCAAS,GAAG,wBAAwB,CAAC;AAG9C;;;GAGG;AACH,MAAM,OAAO,iBAAkB,SAAQ,UAAU;;AACxC,2BAAS,GAAG,eAAe,CAAC;AAGrC;;;GAGG;AACH,MAAM,OAAO,qBAAsB,SAAQ,UAAU;;AAC5C,+BAAS,GAAG,oBAAoB,CAAC;AAG1C;;;GAGG;AACH,MAAM,OAAO,oBAAqB,SAAQ,UAAU;;AAC3C,8BAAS,GAAG,mBAAmB,CAAC;AAGzC;;;GAGG;AACH,MAAM,OAAO,0BAA2B,SAAQ,UAAU;;AACjD,oCAAS,GAAG,yBAAyB,CAAC;AAG/C;;GAEG;AACH,MAAM,OAAO,sBAAuB,SAAQ,UAAU;;AAC7C,gCAAS,GAAG,oBAAoB,CAAC;AAG1C;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,UAAU;IAC9C,YAA6B,eAAuB,EAAE,OAAe,EAAE,QAAiB;QACtF,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QADE,oBAAe,GAAf,eAAe,CAAQ;IAEpD,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,CAAC,mBAAmB,CAAC,SAAS,CAAC,EAAE,mBAAmB;IACpD,CAAC,kBAAkB,CAAC,SAAS,CAAC,EAAE,kBAAkB;IAClD,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,iBAAiB;IAChD,CAAC,uBAAuB,CAAC,SAAS,CAAC,EAAE,uBAAuB;IAC5D,CAAC,yBAAyB,CAAC,SAAS,CAAC,EAAE,yBAAyB;IAChE,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,iBAAiB;IAChD,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,iBAAiB;IAChD,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,WAAW;IACpC,CAAC,2BAA2B,CAAC,SAAS,CAAC,EAAE,2BAA2B;IACpE,CAAC,4BAA4B,CAAC,SAAS,CAAC,EAAE,4BAA4B;IACtE,CAAC,yBAAyB,CAAC,SAAS,CAAC,EAAE,yBAAyB;IAChE,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,iBAAiB;IAChD,CAAC,qBAAqB,CAAC,SAAS,CAAC,EAAE,qBAAqB;IACxD,CAAC,oBAAoB,CAAC,SAAS,CAAC,EAAE,oBAAoB;IACtD,CAAC,0BAA0B,CAAC,SAAS,CAAC,EAAE,0BAA0B;IAClE,CAAC,sBAAsB,CAAC,SAAS,CAAC,EAAE,sBAAsB;CAClD,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/authorize.d.ts
Generated Vendored
+3 -3
View File
@@ -1,6 +1,6 @@
import { RequestHandler } from 'express';
import { OAuthServerProvider } from '../provider.js';
import { Options as RateLimitOptions } from 'express-rate-limit';
import { RequestHandler } from "express";
import { OAuthServerProvider } from "../provider.js";
import { Options as RateLimitOptions } from "express-rate-limit";
export type AuthorizationHandlerOptions = {
provider: OAuthServerProvider;
/**
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/authorize.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"authorize.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/authorize.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAGzC,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAO,EAAa,OAAO,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAI5E,MAAM,MAAM,2BAA2B,GAAG;IACtC,QAAQ,EAAE,mBAAmB,CAAC;IAC9B;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC;CACjD,CAAC;AAqBF,wBAAgB,oBAAoB,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,2BAA2B,GAAG,cAAc,CAgH1H"}
{"version":3,"file":"authorize.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/authorize.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAGzC,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAO,EAAa,OAAO,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAW5E,MAAM,MAAM,2BAA2B,GAAG;IACxC,QAAQ,EAAE,mBAAmB,CAAC;IAC9B;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC;CAC/C,CAAC;AAkBF,wBAAgB,oBAAoB,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,2BAA2B,GAAG,cAAc,CAkH1H"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/authorize.js
Generated Vendored
+30 -25
View File
@@ -1,29 +1,26 @@
import * as z from 'zod/v4';
import express from 'express';
import { rateLimit } from 'express-rate-limit';
import { allowedMethods } from '../middleware/allowedMethods.js';
import { InvalidRequestError, InvalidClientError, ServerError, TooManyRequestsError, OAuthError } from '../errors.js';
import { z } from "zod";
import express from "express";
import { rateLimit } from "express-rate-limit";
import { allowedMethods } from "../middleware/allowedMethods.js";
import { InvalidRequestError, InvalidClientError, InvalidScopeError, ServerError, TooManyRequestsError, OAuthError } from "../errors.js";
// Parameters that must be validated in order to issue redirects.
const ClientAuthorizationParamsSchema = z.object({
client_id: z.string(),
redirect_uri: z
.string()
.optional()
.refine(value => value === undefined || URL.canParse(value), { message: 'redirect_uri must be a valid URL' })
redirect_uri: z.string().optional().refine((value) => value === undefined || URL.canParse(value), { message: "redirect_uri must be a valid URL" }),
});
// Parameters that must be validated for a successful authorization request. Failure can be reported to the redirect URI.
const RequestAuthorizationParamsSchema = z.object({
response_type: z.literal('code'),
response_type: z.literal("code"),
code_challenge: z.string(),
code_challenge_method: z.literal('S256'),
code_challenge_method: z.literal("S256"),
scope: z.string().optional(),
state: z.string().optional(),
resource: z.string().url().optional()
resource: z.string().url().optional(),
});
export function authorizationHandler({ provider, rateLimit: rateLimitConfig }) {
// Create a router to apply middleware
const router = express.Router();
router.use(allowedMethods(['GET', 'POST']));
router.use(allowedMethods(["GET", "POST"]));
router.use(express.urlencoded({ extended: false }));
// Apply rate limiting unless explicitly disabled
if (rateLimitConfig !== false) {
@@ -36,7 +33,8 @@ export function authorizationHandler({ provider, rateLimit: rateLimitConfig }) {
...rateLimitConfig
}));
}
router.all('/', async (req, res) => {
router.all("/", async (req, res) => {
var _a;
res.setHeader('Cache-Control', 'no-store');
// In the authorization flow, errors are split into two categories:
// 1. Pre-redirect errors (direct response with 400)
@@ -52,18 +50,18 @@ export function authorizationHandler({ provider, rateLimit: rateLimitConfig }) {
redirect_uri = result.data.redirect_uri;
client = await provider.clientsStore.getClient(client_id);
if (!client) {
throw new InvalidClientError('Invalid client_id');
throw new InvalidClientError("Invalid client_id");
}
if (redirect_uri !== undefined) {
if (!client.redirect_uris.includes(redirect_uri)) {
throw new InvalidRequestError('Unregistered redirect_uri');
throw new InvalidRequestError("Unregistered redirect_uri");
}
}
else if (client.redirect_uris.length === 1) {
redirect_uri = client.redirect_uris[0];
}
else {
throw new InvalidRequestError('redirect_uri must be specified when client has multiple registered URIs');
throw new InvalidRequestError("redirect_uri must be specified when client has multiple registered URIs");
}
}
catch (error) {
@@ -78,7 +76,7 @@ export function authorizationHandler({ provider, rateLimit: rateLimitConfig }) {
res.status(status).json(error.toResponseObject());
}
else {
const serverError = new ServerError('Internal Server Error');
const serverError = new ServerError("Internal Server Error");
res.status(500).json(serverError.toResponseObject());
}
return;
@@ -96,7 +94,14 @@ export function authorizationHandler({ provider, rateLimit: rateLimitConfig }) {
// Validate scopes
let requestedScopes = [];
if (scope !== undefined) {
requestedScopes = scope.split(' ');
requestedScopes = scope.split(" ");
const allowedScopes = new Set((_a = client.scope) === null || _a === void 0 ? void 0 : _a.split(" "));
// Check each requested scope against allowed scopes
for (const scope of requestedScopes) {
if (!allowedScopes.has(scope)) {
throw new InvalidScopeError(`Client was not registered with scope ${scope}`);
}
}
}
// All validation passed, proceed with authorization
await provider.authorize(client, {
@@ -104,7 +109,7 @@ export function authorizationHandler({ provider, rateLimit: rateLimitConfig }) {
scopes: requestedScopes,
redirectUri: redirect_uri,
codeChallenge: code_challenge,
resource: resource ? new URL(resource) : undefined
resource: resource ? new URL(resource) : undefined,
}, res);
}
catch (error) {
@@ -113,7 +118,7 @@ export function authorizationHandler({ provider, rateLimit: rateLimitConfig }) {
res.redirect(302, createErrorRedirect(redirect_uri, error, state));
}
else {
const serverError = new ServerError('Internal Server Error');
const serverError = new ServerError("Internal Server Error");
res.redirect(302, createErrorRedirect(redirect_uri, serverError, state));
}
}
@@ -125,13 +130,13 @@ export function authorizationHandler({ provider, rateLimit: rateLimitConfig }) {
*/
function createErrorRedirect(redirectUri, error, state) {
const errorUrl = new URL(redirectUri);
errorUrl.searchParams.set('error', error.errorCode);
errorUrl.searchParams.set('error_description', error.message);
errorUrl.searchParams.set("error", error.errorCode);
errorUrl.searchParams.set("error_description", error.message);
if (error.errorUri) {
errorUrl.searchParams.set('error_uri', error.errorUri);
errorUrl.searchParams.set("error_uri", error.errorUri);
}
if (state) {
errorUrl.searchParams.set('state', state);
errorUrl.searchParams.set("state", state);
}
return errorUrl.href;
}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/authorize.js.map
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/metadata.d.ts
Generated Vendored
+2 -2
View File
@@ -1,4 +1,4 @@
import { RequestHandler } from 'express';
import { OAuthMetadata, OAuthProtectedResourceMetadata } from '../../../shared/auth.js';
import { RequestHandler } from "express";
import { OAuthMetadata, OAuthProtectedResourceMetadata } from "../../../shared/auth.js";
export declare function metadataHandler(metadata: OAuthMetadata | OAuthProtectedResourceMetadata): RequestHandler;
//# sourceMappingURL=metadata.d.ts.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/metadata.js
Generated Vendored
+4 -4
View File
@@ -1,13 +1,13 @@
import express from 'express';
import express from "express";
import cors from 'cors';
import { allowedMethods } from '../middleware/allowedMethods.js';
import { allowedMethods } from "../middleware/allowedMethods.js";
export function metadataHandler(metadata) {
// Nested router so we can configure middleware and restrict HTTP method
const router = express.Router();
// Configure CORS to allow any origin, to make accessible to web-based MCP clients
router.use(cors());
router.use(allowedMethods(['GET', 'OPTIONS']));
router.get('/', (req, res) => {
router.use(allowedMethods(['GET']));
router.get("/", (req, res) => {
res.status(200).json(metadata);
});
return router;
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/metadata.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/metadata.ts"],"names":[],"mappings":"AAAA,OAAO,OAA2B,MAAM,SAAS,CAAC;AAElD,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AAEjE,MAAM,UAAU,eAAe,CAAC,QAAwD;IACpF,wEAAwE;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAEnB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC;IAC/C,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACzB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAClB,CAAC"}
{"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/metadata.ts"],"names":[],"mappings":"AAAA,OAAO,OAA2B,MAAM,SAAS,CAAC;AAElD,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AAEjE,MAAM,UAAU,eAAe,CAAC,QAAwD;IACtF,wEAAwE;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAEnB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACpC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QAC3B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/register.d.ts
Generated Vendored
+4 -4
View File
@@ -1,6 +1,6 @@
import { RequestHandler } from 'express';
import { OAuthRegisteredClientsStore } from '../clients.js';
import { Options as RateLimitOptions } from 'express-rate-limit';
import { RequestHandler } from "express";
import { OAuthRegisteredClientsStore } from "../clients.js";
import { Options as RateLimitOptions } from "express-rate-limit";
export type ClientRegistrationHandlerOptions = {
/**
* A store used to save information about dynamically registered OAuth clients.
@@ -25,5 +25,5 @@ export type ClientRegistrationHandlerOptions = {
*/
clientIdGeneration?: boolean;
};
export declare function clientRegistrationHandler({ clientsStore, clientSecretExpirySeconds, rateLimit: rateLimitConfig, clientIdGeneration }: ClientRegistrationHandlerOptions): RequestHandler;
export declare function clientRegistrationHandler({ clientsStore, clientSecretExpirySeconds, rateLimit: rateLimitConfig, clientIdGeneration, }: ClientRegistrationHandlerOptions): RequestHandler;
//# sourceMappingURL=register.d.ts.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/register.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"register.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/register.ts"],"names":[],"mappings":"AAAA,OAAgB,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAIlD,OAAO,EAAE,2BAA2B,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EAAa,OAAO,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAI5E,MAAM,MAAM,gCAAgC,GAAG;IAC3C;;OAEG;IACH,YAAY,EAAE,2BAA2B,CAAC;IAE1C;;;;OAIG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAC;IAEnC;;;;OAIG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC;IAE9C;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAChC,CAAC;AAIF,wBAAgB,yBAAyB,CAAC,EACtC,YAAY,EACZ,yBAAgE,EAChE,SAAS,EAAE,eAAe,EAC1B,kBAAyB,EAC5B,EAAE,gCAAgC,GAAG,cAAc,CA0EnD"}
{"version":3,"file":"register.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/register.ts"],"names":[],"mappings":"AAAA,OAAgB,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAIlD,OAAO,EAAE,2BAA2B,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EAAa,OAAO,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAS5E,MAAM,MAAM,gCAAgC,GAAG;IAC7C;;OAEG;IACH,YAAY,EAAE,2BAA2B,CAAC;IAE1C;;;;OAIG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAC;IAEnC;;;;OAIG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC;IAE9C;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B,CAAC;AAIF,wBAAgB,yBAAyB,CAAC,EACxC,YAAY,EACZ,yBAAgE,EAChE,SAAS,EAAE,eAAe,EAC1B,kBAAyB,GAC1B,EAAE,gCAAgC,GAAG,cAAc,CA0EnD"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/register.js
Generated Vendored
+14 -12
View File
@@ -1,20 +1,20 @@
import express from 'express';
import { OAuthClientMetadataSchema } from '../../../shared/auth.js';
import express from "express";
import { OAuthClientMetadataSchema } from "../../../shared/auth.js";
import crypto from 'node:crypto';
import cors from 'cors';
import { rateLimit } from 'express-rate-limit';
import { allowedMethods } from '../middleware/allowedMethods.js';
import { InvalidClientMetadataError, ServerError, TooManyRequestsError, OAuthError } from '../errors.js';
import { rateLimit } from "express-rate-limit";
import { allowedMethods } from "../middleware/allowedMethods.js";
import { InvalidClientMetadataError, ServerError, TooManyRequestsError, OAuthError } from "../errors.js";
const DEFAULT_CLIENT_SECRET_EXPIRY_SECONDS = 30 * 24 * 60 * 60; // 30 days
export function clientRegistrationHandler({ clientsStore, clientSecretExpirySeconds = DEFAULT_CLIENT_SECRET_EXPIRY_SECONDS, rateLimit: rateLimitConfig, clientIdGeneration = true }) {
export function clientRegistrationHandler({ clientsStore, clientSecretExpirySeconds = DEFAULT_CLIENT_SECRET_EXPIRY_SECONDS, rateLimit: rateLimitConfig, clientIdGeneration = true, }) {
if (!clientsStore.registerClient) {
throw new Error('Client registration store does not support registering clients');
throw new Error("Client registration store does not support registering clients");
}
// Nested router so we can configure middleware and restrict HTTP method
const router = express.Router();
// Configure CORS to allow any origin, to make accessible to web-based MCP clients
router.use(cors());
router.use(allowedMethods(['POST']));
router.use(allowedMethods(["POST"]));
router.use(express.json());
// Apply rate limiting unless explicitly disabled - stricter limits for registration
if (rateLimitConfig !== false) {
@@ -27,7 +27,7 @@ export function clientRegistrationHandler({ clientsStore, clientSecretExpirySeco
...rateLimitConfig
}));
}
router.post('/', async (req, res) => {
router.post("/", async (req, res) => {
res.setHeader('Cache-Control', 'no-store');
try {
const parseResult = OAuthClientMetadataSchema.safeParse(req.body);
@@ -37,7 +37,9 @@ export function clientRegistrationHandler({ clientsStore, clientSecretExpirySeco
const clientMetadata = parseResult.data;
const isPublicClient = clientMetadata.token_endpoint_auth_method === 'none';
// Generate client credentials
const clientSecret = isPublicClient ? undefined : crypto.randomBytes(32).toString('hex');
const clientSecret = isPublicClient
? undefined
: crypto.randomBytes(32).toString('hex');
const clientIdIssuedAt = Math.floor(Date.now() / 1000);
// Calculate client secret expiry time
const clientsDoExpire = clientSecretExpirySeconds > 0;
@@ -46,7 +48,7 @@ export function clientRegistrationHandler({ clientsStore, clientSecretExpirySeco
let clientInfo = {
...clientMetadata,
client_secret: clientSecret,
client_secret_expires_at: clientSecretExpiresAt
client_secret_expires_at: clientSecretExpiresAt,
};
if (clientIdGeneration) {
clientInfo.client_id = crypto.randomUUID();
@@ -61,7 +63,7 @@ export function clientRegistrationHandler({ clientsStore, clientSecretExpirySeco
res.status(status).json(error.toResponseObject());
}
else {
const serverError = new ServerError('Internal Server Error');
const serverError = new ServerError("Internal Server Error");
res.status(500).json(serverError.toResponseObject());
}
}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/register.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"register.js","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/register.ts"],"names":[],"mappings":"AAAA,OAAO,OAA2B,MAAM,SAAS,CAAC;AAClD,OAAO,EAA8B,yBAAyB,EAAE,MAAM,yBAAyB,CAAC;AAChG,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EAAE,SAAS,EAA+B,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,0BAA0B,EAAE,WAAW,EAAE,oBAAoB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AA8BzG,MAAM,oCAAoC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,UAAU;AAE1E,MAAM,UAAU,yBAAyB,CAAC,EACtC,YAAY,EACZ,yBAAyB,GAAG,oCAAoC,EAChE,SAAS,EAAE,eAAe,EAC1B,kBAAkB,GAAG,IAAI,EACM;IAC/B,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;IACtF,CAAC;IAED,wEAAwE;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAEnB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAE3B,oFAAoF;IACpF,IAAI,eAAe,KAAK,KAAK,EAAE,CAAC;QAC5B,MAAM,CAAC,GAAG,CACN,SAAS,CAAC;YACN,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,SAAS;YACnC,GAAG,EAAE,EAAE,EAAE,+DAA+D;YACxE,eAAe,EAAE,IAAI;YACrB,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,IAAI,oBAAoB,CAAC,mEAAmE,CAAC,CAAC,gBAAgB,EAAE;YACzH,GAAG,eAAe;SACrB,CAAC,CACL,CAAC;IACN,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QAChC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAE3C,IAAI,CAAC;YACD,MAAM,WAAW,GAAG,yBAAyB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAClE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBACvB,MAAM,IAAI,0BAA0B,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACpE,CAAC;YAED,MAAM,cAAc,GAAG,WAAW,CAAC,IAAI,CAAC;YACxC,MAAM,cAAc,GAAG,cAAc,CAAC,0BAA0B,KAAK,MAAM,CAAC;YAE5E,8BAA8B;YAC9B,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACzF,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAEvD,sCAAsC;YACtC,MAAM,eAAe,GAAG,yBAAyB,GAAG,CAAC,CAAC;YACtD,MAAM,gBAAgB,GAAG,eAAe,CAAC,CAAC,CAAC,gBAAgB,GAAG,yBAAyB,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5F,MAAM,qBAAqB,GAAG,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,gBAAgB,CAAC;YAE5E,IAAI,UAAU,GAA2E;gBACrF,GAAG,cAAc;gBACjB,aAAa,EAAE,YAAY;gBAC3B,wBAAwB,EAAE,qBAAqB;aAClD,CAAC;YAEF,IAAI,kBAAkB,EAAE,CAAC;gBACrB,UAAU,CAAC,SAAS,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;gBAC3C,UAAU,CAAC,mBAAmB,GAAG,gBAAgB,CAAC;YACtD,CAAC;YAED,UAAU,GAAG,MAAM,YAAY,CAAC,cAAe,CAAC,UAAU,CAAC,CAAC;YAC5D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAC9B,MAAM,MAAM,GAAG,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACxD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACtD,CAAC;iBAAM,CAAC;gBACJ,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACzD,CAAC;QACL,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAClB,CAAC"}
{"version":3,"file":"register.js","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/register.ts"],"names":[],"mappings":"AAAA,OAAO,OAA2B,MAAM,SAAS,CAAC;AAClD,OAAO,EAA8B,yBAAyB,EAAE,MAAM,yBAAyB,CAAC;AAChG,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EAAE,SAAS,EAA+B,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EACL,0BAA0B,EAC1B,WAAW,EACX,oBAAoB,EACpB,UAAU,EACX,MAAM,cAAc,CAAC;AA8BtB,MAAM,oCAAoC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,UAAU;AAE1E,MAAM,UAAU,yBAAyB,CAAC,EACxC,YAAY,EACZ,yBAAyB,GAAG,oCAAoC,EAChE,SAAS,EAAE,eAAe,EAC1B,kBAAkB,GAAG,IAAI,GACQ;IACjC,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;IACpF,CAAC;IAED,wEAAwE;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAEnB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAE3B,oFAAoF;IACpF,IAAI,eAAe,KAAK,KAAK,EAAE,CAAC;QAC9B,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;YACnB,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,SAAS;YACnC,GAAG,EAAE,EAAE,EAAE,+DAA+D;YACxE,eAAe,EAAE,IAAI;YACrB,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,IAAI,oBAAoB,CAAC,mEAAmE,CAAC,CAAC,gBAAgB,EAAE;YACzH,GAAG,eAAe;SACnB,CAAC,CAAC,CAAC;IACN,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QAClC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAE3C,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,yBAAyB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAClE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBACzB,MAAM,IAAI,0BAA0B,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAClE,CAAC;YAED,MAAM,cAAc,GAAG,WAAW,CAAC,IAAI,CAAC;YACxC,MAAM,cAAc,GAAG,cAAc,CAAC,0BAA0B,KAAK,MAAM,CAAA;YAE3E,8BAA8B;YAC9B,MAAM,YAAY,GAAG,cAAc;gBACjC,CAAC,CAAC,SAAS;gBACX,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAEvD,sCAAsC;YACtC,MAAM,eAAe,GAAG,yBAAyB,GAAG,CAAC,CAAA;YACrD,MAAM,gBAAgB,GAAG,eAAe,CAAC,CAAC,CAAC,gBAAgB,GAAG,yBAAyB,CAAC,CAAC,CAAC,CAAC,CAAA;YAC3F,MAAM,qBAAqB,GAAG,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,gBAAgB,CAAA;YAE3E,IAAI,UAAU,GAA2E;gBACvF,GAAG,cAAc;gBACjB,aAAa,EAAE,YAAY;gBAC3B,wBAAwB,EAAE,qBAAqB;aAChD,CAAC;YAEF,IAAI,kBAAkB,EAAE,CAAC;gBACvB,UAAU,CAAC,SAAS,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;gBAC3C,UAAU,CAAC,mBAAmB,GAAG,gBAAgB,CAAC;YACpD,CAAC;YAED,UAAU,GAAG,MAAM,YAAY,CAAC,cAAe,CAAC,UAAU,CAAC,CAAC;YAC5D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACnC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,MAAM,MAAM,GAAG,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACxD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/revoke.d.ts
Generated Vendored
+4 -4
View File
@@ -1,6 +1,6 @@
import { OAuthServerProvider } from '../provider.js';
import { RequestHandler } from 'express';
import { Options as RateLimitOptions } from 'express-rate-limit';
import { OAuthServerProvider } from "../provider.js";
import { RequestHandler } from "express";
import { Options as RateLimitOptions } from "express-rate-limit";
export type RevocationHandlerOptions = {
provider: OAuthServerProvider;
/**
@@ -9,5 +9,5 @@ export type RevocationHandlerOptions = {
*/
rateLimit?: Partial<RateLimitOptions> | false;
};
export declare function revocationHandler({ provider, rateLimit: rateLimitConfig }: RevocationHandlerOptions): RequestHandler;
export declare function revocationHandler({ provider, rateLimit: rateLimitConfig, }: RevocationHandlerOptions): RequestHandler;
//# sourceMappingURL=revoke.d.ts.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/revoke.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"revoke.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/revoke.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAgB,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAIlD,OAAO,EAAa,OAAO,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAI5E,MAAM,MAAM,wBAAwB,GAAG;IACnC,QAAQ,EAAE,mBAAmB,CAAC;IAC9B;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC;CACjD,CAAC;AAEF,wBAAgB,iBAAiB,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,wBAAwB,GAAG,cAAc,CA4DpH"}
{"version":3,"file":"revoke.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/revoke.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAgB,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAIlD,OAAO,EAAa,OAAO,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAS5E,MAAM,MAAM,wBAAwB,GAAG;IACrC,QAAQ,EAAE,mBAAmB,CAAC;IAC9B;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC;CAC/C,CAAC;AAEF,wBAAgB,iBAAiB,CAAC,EAChC,QAAQ,EACR,SAAS,EAAE,eAAe,GAC3B,EAAE,wBAAwB,GAAG,cAAc,CA8D3C"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/revoke.js
Generated Vendored
+16 -16
View File
@@ -1,19 +1,19 @@
import express from 'express';
import cors from 'cors';
import { authenticateClient } from '../middleware/clientAuth.js';
import { OAuthTokenRevocationRequestSchema } from '../../../shared/auth.js';
import { rateLimit } from 'express-rate-limit';
import { allowedMethods } from '../middleware/allowedMethods.js';
import { InvalidRequestError, ServerError, TooManyRequestsError, OAuthError } from '../errors.js';
export function revocationHandler({ provider, rateLimit: rateLimitConfig }) {
import express from "express";
import cors from "cors";
import { authenticateClient } from "../middleware/clientAuth.js";
import { OAuthTokenRevocationRequestSchema } from "../../../shared/auth.js";
import { rateLimit } from "express-rate-limit";
import { allowedMethods } from "../middleware/allowedMethods.js";
import { InvalidRequestError, ServerError, TooManyRequestsError, OAuthError, } from "../errors.js";
export function revocationHandler({ provider, rateLimit: rateLimitConfig, }) {
if (!provider.revokeToken) {
throw new Error('Auth provider does not support revoking tokens');
throw new Error("Auth provider does not support revoking tokens");
}
// Nested router so we can configure middleware and restrict HTTP method
const router = express.Router();
// Configure CORS to allow any origin, to make accessible to web-based MCP clients
router.use(cors());
router.use(allowedMethods(['POST']));
router.use(allowedMethods(["POST"]));
router.use(express.urlencoded({ extended: false }));
// Apply rate limiting unless explicitly disabled
if (rateLimitConfig !== false) {
@@ -22,14 +22,14 @@ export function revocationHandler({ provider, rateLimit: rateLimitConfig }) {
max: 50, // 50 requests per windowMs
standardHeaders: true,
legacyHeaders: false,
message: new TooManyRequestsError('You have exceeded the rate limit for token revocation requests').toResponseObject(),
...rateLimitConfig
message: new TooManyRequestsError("You have exceeded the rate limit for token revocation requests").toResponseObject(),
...rateLimitConfig,
}));
}
// Authenticate and extract client details
router.use(authenticateClient({ clientsStore: provider.clientsStore }));
router.post('/', async (req, res) => {
res.setHeader('Cache-Control', 'no-store');
router.post("/", async (req, res) => {
res.setHeader("Cache-Control", "no-store");
try {
const parseResult = OAuthTokenRevocationRequestSchema.safeParse(req.body);
if (!parseResult.success) {
@@ -38,7 +38,7 @@ export function revocationHandler({ provider, rateLimit: rateLimitConfig }) {
const client = req.client;
if (!client) {
// This should never happen
throw new ServerError('Internal Server Error');
throw new ServerError("Internal Server Error");
}
await provider.revokeToken(client, parseResult.data);
res.status(200).json({});
@@ -49,7 +49,7 @@ export function revocationHandler({ provider, rateLimit: rateLimitConfig }) {
res.status(status).json(error.toResponseObject());
}
else {
const serverError = new ServerError('Internal Server Error');
const serverError = new ServerError("Internal Server Error");
res.status(500).json(serverError.toResponseObject());
}
}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/revoke.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"revoke.js","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/revoke.ts"],"names":[],"mappings":"AACA,OAAO,OAA2B,MAAM,SAAS,CAAC;AAClD,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,iCAAiC,EAAE,MAAM,yBAAyB,CAAC;AAC5E,OAAO,EAAE,SAAS,EAA+B,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,oBAAoB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAWlG,MAAM,UAAU,iBAAiB,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAA4B;IAChG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACtE,CAAC;IAED,wEAAwE;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAEnB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAEpD,iDAAiD;IACjD,IAAI,eAAe,KAAK,KAAK,EAAE,CAAC;QAC5B,MAAM,CAAC,GAAG,CACN,SAAS,CAAC;YACN,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;YACvC,GAAG,EAAE,EAAE,EAAE,2BAA2B;YACpC,eAAe,EAAE,IAAI;YACrB,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,IAAI,oBAAoB,CAAC,gEAAgE,CAAC,CAAC,gBAAgB,EAAE;YACtH,GAAG,eAAe;SACrB,CAAC,CACL,CAAC;IACN,CAAC;IAED,0CAA0C;IAC1C,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC;IAExE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QAChC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAE3C,IAAI,CAAC;YACD,MAAM,WAAW,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBACvB,MAAM,IAAI,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC7D,CAAC;YAED,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;YAC1B,IAAI,CAAC,MAAM,EAAE,CAAC;gBACV,2BAA2B;gBAC3B,MAAM,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;YACnD,CAAC;YAED,MAAM,QAAQ,CAAC,WAAY,CAAC,MAAM,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC;YACtD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAC9B,MAAM,MAAM,GAAG,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACxD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACtD,CAAC;iBAAM,CAAC;gBACJ,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACzD,CAAC;QACL,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAClB,CAAC"}
{"version":3,"file":"revoke.js","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/revoke.ts"],"names":[],"mappings":"AACA,OAAO,OAA2B,MAAM,SAAS,CAAC;AAClD,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,iCAAiC,EAAE,MAAM,yBAAyB,CAAC;AAC5E,OAAO,EAAE,SAAS,EAA+B,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EACL,mBAAmB,EACnB,WAAW,EACX,oBAAoB,EACpB,UAAU,GACX,MAAM,cAAc,CAAC;AAWtB,MAAM,UAAU,iBAAiB,CAAC,EAChC,QAAQ,EACR,SAAS,EAAE,eAAe,GACD;IACzB,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IAED,wEAAwE;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAEnB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAEpD,iDAAiD;IACjD,IAAI,eAAe,KAAK,KAAK,EAAE,CAAC;QAC9B,MAAM,CAAC,GAAG,CACR,SAAS,CAAC;YACR,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;YACvC,GAAG,EAAE,EAAE,EAAE,2BAA2B;YACpC,eAAe,EAAE,IAAI;YACrB,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,IAAI,oBAAoB,CAC/B,gEAAgE,CACjE,CAAC,gBAAgB,EAAE;YACpB,GAAG,eAAe;SACnB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,0CAA0C;IAC1C,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC;IAExE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QAClC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAE3C,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,iCAAiC,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBACzB,MAAM,IAAI,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC3D,CAAC;YAED,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;YAC1B,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,2BAA2B;gBAC3B,MAAM,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;YACjD,CAAC;YAED,MAAM,QAAQ,CAAC,WAAY,CAAC,MAAM,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC;YACtD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,MAAM,MAAM,GAAG,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACxD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/token.d.ts
Generated Vendored
+3 -3
View File
@@ -1,6 +1,6 @@
import { RequestHandler } from 'express';
import { OAuthServerProvider } from '../provider.js';
import { Options as RateLimitOptions } from 'express-rate-limit';
import { RequestHandler } from "express";
import { OAuthServerProvider } from "../provider.js";
import { Options as RateLimitOptions } from "express-rate-limit";
export type TokenHandlerOptions = {
provider: OAuthServerProvider;
/**
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/token.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/token.ts"],"names":[],"mappings":"AACA,OAAgB,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAIrD,OAAO,EAAa,OAAO,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAW5E,MAAM,MAAM,mBAAmB,GAAG;IAC9B,QAAQ,EAAE,mBAAmB,CAAC;IAC9B;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC;CACjD,CAAC;AAmBF,wBAAgB,YAAY,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,mBAAmB,GAAG,cAAc,CA+G1G"}
{"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/token.ts"],"names":[],"mappings":"AACA,OAAgB,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAIrD,OAAO,EAAa,OAAO,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAW5E,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,mBAAmB,CAAC;IAC9B;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC;CAC/C,CAAC;AAmBF,wBAAgB,YAAY,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE,mBAAmB,GAAG,cAAc,CA4G1G"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/token.js
Generated Vendored
+24 -24
View File
@@ -1,37 +1,37 @@
import * as z from 'zod/v4';
import express from 'express';
import cors from 'cors';
import { verifyChallenge } from 'pkce-challenge';
import { authenticateClient } from '../middleware/clientAuth.js';
import { rateLimit } from 'express-rate-limit';
import { allowedMethods } from '../middleware/allowedMethods.js';
import { InvalidRequestError, InvalidGrantError, UnsupportedGrantTypeError, ServerError, TooManyRequestsError, OAuthError } from '../errors.js';
import { z } from "zod";
import express from "express";
import cors from "cors";
import { verifyChallenge } from "pkce-challenge";
import { authenticateClient } from "../middleware/clientAuth.js";
import { rateLimit } from "express-rate-limit";
import { allowedMethods } from "../middleware/allowedMethods.js";
import { InvalidRequestError, InvalidGrantError, UnsupportedGrantTypeError, ServerError, TooManyRequestsError, OAuthError } from "../errors.js";
const TokenRequestSchema = z.object({
grant_type: z.string()
grant_type: z.string(),
});
const AuthorizationCodeGrantSchema = z.object({
code: z.string(),
code_verifier: z.string(),
redirect_uri: z.string().optional(),
resource: z.string().url().optional()
resource: z.string().url().optional(),
});
const RefreshTokenGrantSchema = z.object({
refresh_token: z.string(),
scope: z.string().optional(),
resource: z.string().url().optional()
resource: z.string().url().optional(),
});
export function tokenHandler({ provider, rateLimit: rateLimitConfig }) {
// Nested router so we can configure middleware and restrict HTTP method
const router = express.Router();
// Configure CORS to allow any origin, to make accessible to web-based MCP clients
router.use(cors());
router.use(allowedMethods(['POST']));
router.use(allowedMethods(["POST"]));
router.use(express.urlencoded({ extended: false }));
// Apply rate limiting unless explicitly disabled
if (rateLimitConfig !== false) {
router.use(rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 50, // 50 requests per windowMs
max: 50, // 50 requests per windowMs
standardHeaders: true,
legacyHeaders: false,
message: new TooManyRequestsError('You have exceeded the rate limit for token requests').toResponseObject(),
@@ -40,7 +40,7 @@ export function tokenHandler({ provider, rateLimit: rateLimitConfig }) {
}
// Authenticate and extract client details
router.use(authenticateClient({ clientsStore: provider.clientsStore }));
router.post('/', async (req, res) => {
router.post("/", async (req, res) => {
res.setHeader('Cache-Control', 'no-store');
try {
const parseResult = TokenRequestSchema.safeParse(req.body);
@@ -51,22 +51,22 @@ export function tokenHandler({ provider, rateLimit: rateLimitConfig }) {
const client = req.client;
if (!client) {
// This should never happen
throw new ServerError('Internal Server Error');
throw new ServerError("Internal Server Error");
}
switch (grant_type) {
case 'authorization_code': {
case "authorization_code": {
const parseResult = AuthorizationCodeGrantSchema.safeParse(req.body);
if (!parseResult.success) {
throw new InvalidRequestError(parseResult.error.message);
}
const { code, code_verifier, redirect_uri, resource } = parseResult.data;
const skipLocalPkceValidation = provider.skipLocalPkceValidation;
// Perform local PKCE validation unless explicitly skipped
// Perform local PKCE validation unless explicitly skipped
// (e.g. to validate code_verifier in upstream server)
if (!skipLocalPkceValidation) {
const codeChallenge = await provider.challengeForAuthorizationCode(client, code);
if (!(await verifyChallenge(code_verifier, codeChallenge))) {
throw new InvalidGrantError('code_verifier does not match the challenge');
throw new InvalidGrantError("code_verifier does not match the challenge");
}
}
// Passes the code_verifier to the provider if PKCE validation didn't occur locally
@@ -74,21 +74,21 @@ export function tokenHandler({ provider, rateLimit: rateLimitConfig }) {
res.status(200).json(tokens);
break;
}
case 'refresh_token': {
case "refresh_token": {
const parseResult = RefreshTokenGrantSchema.safeParse(req.body);
if (!parseResult.success) {
throw new InvalidRequestError(parseResult.error.message);
}
const { refresh_token, scope, resource } = parseResult.data;
const scopes = scope?.split(' ');
const scopes = scope === null || scope === void 0 ? void 0 : scope.split(" ");
const tokens = await provider.exchangeRefreshToken(client, refresh_token, scopes, resource ? new URL(resource) : undefined);
res.status(200).json(tokens);
break;
}
// Additional auth methods will not be added on the server side of the SDK.
case 'client_credentials':
// Not supported right now
//case "client_credentials":
default:
throw new UnsupportedGrantTypeError('The grant type is not supported by this authorization server.');
throw new UnsupportedGrantTypeError("The grant type is not supported by this authorization server.");
}
}
catch (error) {
@@ -97,7 +97,7 @@ export function tokenHandler({ provider, rateLimit: rateLimitConfig }) {
res.status(status).json(error.toResponseObject());
}
else {
const serverError = new ServerError('Internal Server Error');
const serverError = new ServerError("Internal Server Error");
res.status(500).json(serverError.toResponseObject());
}
}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/handlers/token.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"token.js","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/token.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAC5B,OAAO,OAA2B,MAAM,SAAS,CAAC;AAElD,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,SAAS,EAA+B,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EACH,mBAAmB,EACnB,iBAAiB,EACjB,yBAAyB,EACzB,WAAW,EACX,oBAAoB,EACpB,UAAU,EACb,MAAM,cAAc,CAAC;AAWtB,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;CACzB,CAAC,CAAC;AAEH,MAAM,4BAA4B,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;IACzB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;CACxC,CAAC,CAAC;AAEH,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;IACzB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;CACxC,CAAC,CAAC;AAEH,MAAM,UAAU,YAAY,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAuB;IACtF,wEAAwE;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAEnB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAEpD,iDAAiD;IACjD,IAAI,eAAe,KAAK,KAAK,EAAE,CAAC;QAC5B,MAAM,CAAC,GAAG,CACN,SAAS,CAAC;YACN,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;YACvC,GAAG,EAAE,EAAE,EAAE,2BAA2B;YACpC,eAAe,EAAE,IAAI;YACrB,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,IAAI,oBAAoB,CAAC,qDAAqD,CAAC,CAAC,gBAAgB,EAAE;YAC3G,GAAG,eAAe;SACrB,CAAC,CACL,CAAC;IACN,CAAC;IAED,0CAA0C;IAC1C,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC;IAExE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QAChC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAE3C,IAAI,CAAC;YACD,MAAM,WAAW,GAAG,kBAAkB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC3D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBACvB,MAAM,IAAI,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC7D,CAAC;YAED,MAAM,EAAE,UAAU,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC;YAExC,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;YAC1B,IAAI,CAAC,MAAM,EAAE,CAAC;gBACV,2BAA2B;gBAC3B,MAAM,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;YACnD,CAAC;YAED,QAAQ,UAAU,EAAE,CAAC;gBACjB,KAAK,oBAAoB,CAAC,CAAC,CAAC;oBACxB,MAAM,WAAW,GAAG,4BAA4B,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBACrE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;wBACvB,MAAM,IAAI,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;oBAC7D,CAAC;oBAED,MAAM,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC;oBAEzE,MAAM,uBAAuB,GAAG,QAAQ,CAAC,uBAAuB,CAAC;oBAEjE,0DAA0D;oBAC1D,sDAAsD;oBACtD,IAAI,CAAC,uBAAuB,EAAE,CAAC;wBAC3B,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,6BAA6B,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;wBACjF,IAAI,CAAC,CAAC,MAAM,eAAe,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC,EAAE,CAAC;4BACzD,MAAM,IAAI,iBAAiB,CAAC,4CAA4C,CAAC,CAAC;wBAC9E,CAAC;oBACL,CAAC;oBAED,mFAAmF;oBACnF,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,yBAAyB,CACnD,MAAM,EACN,IAAI,EACJ,uBAAuB,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,EACnD,YAAY,EACZ,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAC3C,CAAC;oBACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBAC7B,MAAM;gBACV,CAAC;gBAED,KAAK,eAAe,CAAC,CAAC,CAAC;oBACnB,MAAM,WAAW,GAAG,uBAAuB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBAChE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;wBACvB,MAAM,IAAI,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;oBAC7D,CAAC;oBAED,MAAM,EAAE,aAAa,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC;oBAE5D,MAAM,MAAM,GAAG,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;oBACjC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,oBAAoB,CAC9C,MAAM,EACN,aAAa,EACb,MAAM,EACN,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAC3C,CAAC;oBACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBAC7B,MAAM;gBACV,CAAC;gBACD,2EAA2E;gBAC3E,KAAK,oBAAoB,CAAC;gBAC1B;oBACI,MAAM,IAAI,yBAAyB,CAAC,+DAA+D,CAAC,CAAC;YAC7G,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAC9B,MAAM,MAAM,GAAG,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACxD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACtD,CAAC;iBAAM,CAAC;gBACJ,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACzD,CAAC;QACL,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAClB,CAAC"}
{"version":3,"file":"token.js","sourceRoot":"","sources":["../../../../../src/server/auth/handlers/token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,OAA2B,MAAM,SAAS,CAAC;AAElD,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,SAAS,EAA+B,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,yBAAyB,EACzB,WAAW,EACX,oBAAoB,EACpB,UAAU,EACX,MAAM,cAAc,CAAC;AAWtB,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;CACvB,CAAC,CAAC;AAEH,MAAM,4BAA4B,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;IACzB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;CACtC,CAAC,CAAC;AAEH,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE;IACzB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;CACtC,CAAC,CAAC;AAEH,MAAM,UAAU,YAAY,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAuB;IACxF,wEAAwE;IACxE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAEnB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAEpD,iDAAiD;IACjD,IAAI,eAAe,KAAK,KAAK,EAAE,CAAC;QAC9B,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;YACnB,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;YACvC,GAAG,EAAE,EAAE,EAAE,4BAA4B;YACrC,eAAe,EAAE,IAAI;YACrB,aAAa,EAAE,KAAK;YACpB,OAAO,EAAE,IAAI,oBAAoB,CAAC,qDAAqD,CAAC,CAAC,gBAAgB,EAAE;YAC3G,GAAG,eAAe;SACnB,CAAC,CAAC,CAAC;IACN,CAAC;IAED,0CAA0C;IAC1C,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC;IAExE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QAClC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAE3C,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,kBAAkB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC3D,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBACzB,MAAM,IAAI,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC3D,CAAC;YAED,MAAM,EAAE,UAAU,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC;YAExC,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;YAC1B,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,2BAA2B;gBAC3B,MAAM,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;YACjD,CAAC;YAED,QAAQ,UAAU,EAAE,CAAC;gBACnB,KAAK,oBAAoB,CAAC,CAAC,CAAC;oBAC1B,MAAM,WAAW,GAAG,4BAA4B,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBACrE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;wBACzB,MAAM,IAAI,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;oBAC3D,CAAC;oBAED,MAAM,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC;oBAEzE,MAAM,uBAAuB,GAAG,QAAQ,CAAC,uBAAuB,CAAC;oBAEjE,2DAA2D;oBAC3D,sDAAsD;oBACtD,IAAI,CAAC,uBAAuB,EAAE,CAAC;wBAC7B,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,6BAA6B,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;wBACjF,IAAI,CAAC,CAAC,MAAM,eAAe,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC,EAAE,CAAC;4BAC3D,MAAM,IAAI,iBAAiB,CAAC,4CAA4C,CAAC,CAAC;wBAC5E,CAAC;oBACH,CAAC;oBAED,mFAAmF;oBACnF,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,yBAAyB,CACrD,MAAM,EACN,IAAI,EACJ,uBAAuB,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,EACnD,YAAY,EACZ,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CACzC,CAAC;oBACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBAC7B,MAAM;gBACR,CAAC;gBAED,KAAK,eAAe,CAAC,CAAC,CAAC;oBACrB,MAAM,WAAW,GAAG,uBAAuB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBAChE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;wBACzB,MAAM,IAAI,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;oBAC3D,CAAC;oBAED,MAAM,EAAE,aAAa,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC;oBAE5D,MAAM,MAAM,GAAG,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,KAAK,CAAC,GAAG,CAAC,CAAC;oBACjC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,oBAAoB,CAAC,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;oBAC5H,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBAC7B,MAAM;gBACR,CAAC;gBAED,0BAA0B;gBAC1B,4BAA4B;gBAE5B;oBACE,MAAM,IAAI,yBAAyB,CACjC,+DAA+D,CAChE,CAAC;YACN,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,MAAM,MAAM,GAAG,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACxD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/allowedMethods.d.ts
Generated Vendored
+1 -1
View File
@@ -1,4 +1,4 @@
import { RequestHandler } from 'express';
import { RequestHandler } from "express";
/**
* Middleware to handle unsupported HTTP methods with a 405 Method Not Allowed response.
*
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/allowedMethods.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"allowedMethods.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/allowedMethods.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAGzC;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,cAAc,EAAE,MAAM,EAAE,GAAG,cAAc,CAUvE"}
{"version":3,"file":"allowedMethods.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/allowedMethods.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAGzC;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,cAAc,EAAE,MAAM,EAAE,GAAG,cAAc,CAYvE"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/allowedMethods.js
Generated Vendored
+4 -2
View File
@@ -1,4 +1,4 @@
import { MethodNotAllowedError } from '../errors.js';
import { MethodNotAllowedError } from "../errors.js";
/**
* Middleware to handle unsupported HTTP methods with a 405 Method Not Allowed response.
*
@@ -12,7 +12,9 @@ export function allowedMethods(allowedMethods) {
return;
}
const error = new MethodNotAllowedError(`The method ${req.method} is not allowed for this endpoint`);
res.status(405).set('Allow', allowedMethods.join(', ')).json(error.toResponseObject());
res.status(405)
.set('Allow', allowedMethods.join(', '))
.json(error.toResponseObject());
};
}
//# sourceMappingURL=allowedMethods.js.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/allowedMethods.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"allowedMethods.js","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/allowedMethods.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAErD;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,cAAwB;IACnD,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACtB,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACtC,IAAI,EAAE,CAAC;YACP,OAAO;QACX,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,qBAAqB,CAAC,cAAc,GAAG,CAAC,MAAM,mCAAmC,CAAC,CAAC;QACrG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;IAC3F,CAAC,CAAC;AACN,CAAC"}
{"version":3,"file":"allowedMethods.js","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/allowedMethods.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAErD;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,cAAwB;IACrD,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACxB,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACxC,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,qBAAqB,CAAC,cAAc,GAAG,CAAC,MAAM,mCAAmC,CAAC,CAAC;QACrG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC;aACZ,GAAG,CAAC,OAAO,EAAE,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;aACvC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;IACpC,CAAC,CAAC;AACJ,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/bearerAuth.d.ts
Generated Vendored
+4 -4
View File
@@ -1,6 +1,6 @@
import { RequestHandler } from 'express';
import { OAuthTokenVerifier } from '../provider.js';
import { AuthInfo } from '../types.js';
import { RequestHandler } from "express";
import { OAuthTokenVerifier } from "../provider.js";
import { AuthInfo } from "../types.js";
export type BearerAuthMiddlewareOptions = {
/**
* A provider used to verify tokens.
@@ -15,7 +15,7 @@ export type BearerAuthMiddlewareOptions = {
*/
resourceMetadataUrl?: string;
};
declare module 'express-serve-static-core' {
declare module "express-serve-static-core" {
interface Request {
/**
* Information about the validated access token, if the `requireBearerAuth` middleware was used.
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/bearerAuth.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"bearerAuth.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/bearerAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAEzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,MAAM,MAAM,2BAA2B,GAAG;IACtC;;OAEG;IACH,QAAQ,EAAE,kBAAkB,CAAC;IAE7B;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1B;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,OAAO,QAAQ,2BAA2B,CAAC;IACvC,UAAU,OAAO;QACb;;WAEG;QACH,IAAI,CAAC,EAAE,QAAQ,CAAC;KACnB;CACJ;AAED;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,EAAE,QAAQ,EAAE,cAAmB,EAAE,mBAAmB,EAAE,EAAE,2BAA2B,GAAG,cAAc,CA8DrI"}
{"version":3,"file":"bearerAuth.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/bearerAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAEzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,MAAM,MAAM,2BAA2B,GAAG;IACxC;;OAEG;IACH,QAAQ,EAAE,kBAAkB,CAAC;IAE7B;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1B;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B,CAAC;AAEF,OAAO,QAAQ,2BAA2B,CAAC;IACzC,UAAU,OAAO;QACf;;WAEG;QACH,IAAI,CAAC,EAAE,QAAQ,CAAC;KACjB;CACF;AAED;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,EAAE,QAAQ,EAAE,cAAmB,EAAE,mBAAmB,EAAE,EAAE,2BAA2B,GAAG,cAAc,CA0DrI"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/bearerAuth.js
Generated Vendored
+14 -19
View File
@@ -1,4 +1,4 @@
import { InsufficientScopeError, InvalidTokenError, OAuthError, ServerError } from '../errors.js';
import { InsufficientScopeError, InvalidTokenError, OAuthError, ServerError } from "../errors.js";
/**
* Middleware that requires a valid Bearer token in the Authorization header.
*
@@ -12,7 +12,7 @@ export function requireBearerAuth({ verifier, requiredScopes = [], resourceMetad
try {
const authHeader = req.headers.authorization;
if (!authHeader) {
throw new InvalidTokenError('Missing Authorization header');
throw new InvalidTokenError("Missing Authorization header");
}
const [type, token] = authHeader.split(' ');
if (type.toLowerCase() !== 'bearer' || !token) {
@@ -23,37 +23,32 @@ export function requireBearerAuth({ verifier, requiredScopes = [], resourceMetad
if (requiredScopes.length > 0) {
const hasAllScopes = requiredScopes.every(scope => authInfo.scopes.includes(scope));
if (!hasAllScopes) {
throw new InsufficientScopeError('Insufficient scope');
throw new InsufficientScopeError("Insufficient scope");
}
}
// Check if the token is set to expire or if it is expired
if (typeof authInfo.expiresAt !== 'number' || isNaN(authInfo.expiresAt)) {
throw new InvalidTokenError('Token has no expiration time');
throw new InvalidTokenError("Token has no expiration time");
}
else if (authInfo.expiresAt < Date.now() / 1000) {
throw new InvalidTokenError('Token has expired');
throw new InvalidTokenError("Token has expired");
}
req.auth = authInfo;
next();
}
catch (error) {
// Build WWW-Authenticate header parts
const buildWwwAuthHeader = (errorCode, message) => {
let header = `Bearer error="${errorCode}", error_description="${message}"`;
if (requiredScopes.length > 0) {
header += `, scope="${requiredScopes.join(' ')}"`;
}
if (resourceMetadataUrl) {
header += `, resource_metadata="${resourceMetadataUrl}"`;
}
return header;
};
if (error instanceof InvalidTokenError) {
res.set('WWW-Authenticate', buildWwwAuthHeader(error.errorCode, error.message));
const wwwAuthValue = resourceMetadataUrl
? `Bearer error="${error.errorCode}", error_description="${error.message}", resource_metadata="${resourceMetadataUrl}"`
: `Bearer error="${error.errorCode}", error_description="${error.message}"`;
res.set("WWW-Authenticate", wwwAuthValue);
res.status(401).json(error.toResponseObject());
}
else if (error instanceof InsufficientScopeError) {
res.set('WWW-Authenticate', buildWwwAuthHeader(error.errorCode, error.message));
const wwwAuthValue = resourceMetadataUrl
? `Bearer error="${error.errorCode}", error_description="${error.message}", resource_metadata="${resourceMetadataUrl}"`
: `Bearer error="${error.errorCode}", error_description="${error.message}"`;
res.set("WWW-Authenticate", wwwAuthValue);
res.status(403).json(error.toResponseObject());
}
else if (error instanceof ServerError) {
@@ -63,7 +58,7 @@ export function requireBearerAuth({ verifier, requiredScopes = [], resourceMetad
res.status(400).json(error.toResponseObject());
}
else {
const serverError = new ServerError('Internal Server Error');
const serverError = new ServerError("Internal Server Error");
res.status(500).json(serverError.toResponseObject());
}
}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/bearerAuth.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"bearerAuth.js","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/bearerAuth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AA8BlG;;;;;;;GAOG;AACH,MAAM,UAAU,iBAAiB,CAAC,EAAE,QAAQ,EAAE,cAAc,GAAG,EAAE,EAAE,mBAAmB,EAA+B;IACjH,OAAO,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC5B,IAAI,CAAC;YACD,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;YAC7C,IAAI,CAAC,UAAU,EAAE,CAAC;gBACd,MAAM,IAAI,iBAAiB,CAAC,8BAA8B,CAAC,CAAC;YAChE,CAAC;YAED,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,IAAI,CAAC,WAAW,EAAE,KAAK,QAAQ,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC5C,MAAM,IAAI,iBAAiB,CAAC,8DAA8D,CAAC,CAAC;YAChG,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAEzD,kDAAkD;YAClD,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC5B,MAAM,YAAY,GAAG,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;gBAEpF,IAAI,CAAC,YAAY,EAAE,CAAC;oBAChB,MAAM,IAAI,sBAAsB,CAAC,oBAAoB,CAAC,CAAC;gBAC3D,CAAC;YACL,CAAC;YAED,0DAA0D;YAC1D,IAAI,OAAO,QAAQ,CAAC,SAAS,KAAK,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACtE,MAAM,IAAI,iBAAiB,CAAC,8BAA8B,CAAC,CAAC;YAChE,CAAC;iBAAM,IAAI,QAAQ,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;gBAChD,MAAM,IAAI,iBAAiB,CAAC,mBAAmB,CAAC,CAAC;YACrD,CAAC;YAED,GAAG,CAAC,IAAI,GAAG,QAAQ,CAAC;YACpB,IAAI,EAAE,CAAC;QACX,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,sCAAsC;YACtC,MAAM,kBAAkB,GAAG,CAAC,SAAiB,EAAE,OAAe,EAAU,EAAE;gBACtE,IAAI,MAAM,GAAG,iBAAiB,SAAS,yBAAyB,OAAO,GAAG,CAAC;gBAC3E,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC5B,MAAM,IAAI,YAAY,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;gBACtD,CAAC;gBACD,IAAI,mBAAmB,EAAE,CAAC;oBACtB,MAAM,IAAI,wBAAwB,mBAAmB,GAAG,CAAC;gBAC7D,CAAC;gBACD,OAAO,MAAM,CAAC;YAClB,CAAC,CAAC;YAEF,IAAI,KAAK,YAAY,iBAAiB,EAAE,CAAC;gBACrC,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,kBAAkB,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;gBAChF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACnD,CAAC;iBAAM,IAAI,KAAK,YAAY,sBAAsB,EAAE,CAAC;gBACjD,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,kBAAkB,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;gBAChF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACnD,CAAC;iBAAM,IAAI,KAAK,YAAY,WAAW,EAAE,CAAC;gBACtC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACnD,CAAC;iBAAM,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBACrC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACnD,CAAC;iBAAM,CAAC;gBACJ,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACzD,CAAC;QACL,CAAC;IACL,CAAC,CAAC;AACN,CAAC"}
{"version":3,"file":"bearerAuth.js","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/bearerAuth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AA8BlG;;;;;;;GAOG;AACH,MAAM,UAAU,iBAAiB,CAAC,EAAE,QAAQ,EAAE,cAAc,GAAG,EAAE,EAAE,mBAAmB,EAA+B;IACnH,OAAO,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC9B,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;YAC7C,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,MAAM,IAAI,iBAAiB,CAAC,8BAA8B,CAAC,CAAC;YAC9D,CAAC;YAED,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,IAAI,CAAC,WAAW,EAAE,KAAK,QAAQ,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC9C,MAAM,IAAI,iBAAiB,CAAC,8DAA8D,CAAC,CAAC;YAC9F,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAEzD,kDAAkD;YAClD,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9B,MAAM,YAAY,GAAG,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAChD,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAChC,CAAC;gBAEF,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,MAAM,IAAI,sBAAsB,CAAC,oBAAoB,CAAC,CAAC;gBACzD,CAAC;YACH,CAAC;YAED,0DAA0D;YAC1D,IAAI,OAAO,QAAQ,CAAC,SAAS,KAAK,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACxE,MAAM,IAAI,iBAAiB,CAAC,8BAA8B,CAAC,CAAC;YAC9D,CAAC;iBAAM,IAAI,QAAQ,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;gBAClD,MAAM,IAAI,iBAAiB,CAAC,mBAAmB,CAAC,CAAC;YACnD,CAAC;YAED,GAAG,CAAC,IAAI,GAAG,QAAQ,CAAC;YACpB,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,iBAAiB,EAAE,CAAC;gBACvC,MAAM,YAAY,GAAG,mBAAmB;oBACtC,CAAC,CAAC,iBAAiB,KAAK,CAAC,SAAS,yBAAyB,KAAK,CAAC,OAAO,yBAAyB,mBAAmB,GAAG;oBACvH,CAAC,CAAC,iBAAiB,KAAK,CAAC,SAAS,yBAAyB,KAAK,CAAC,OAAO,GAAG,CAAC;gBAC9E,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,YAAY,CAAC,CAAC;gBAC1C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACjD,CAAC;iBAAM,IAAI,KAAK,YAAY,sBAAsB,EAAE,CAAC;gBACnD,MAAM,YAAY,GAAG,mBAAmB;oBACtC,CAAC,CAAC,iBAAiB,KAAK,CAAC,SAAS,yBAAyB,KAAK,CAAC,OAAO,yBAAyB,mBAAmB,GAAG;oBACvH,CAAC,CAAC,iBAAiB,KAAK,CAAC,SAAS,yBAAyB,KAAK,CAAC,OAAO,GAAG,CAAC;gBAC9E,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,YAAY,CAAC,CAAC;gBAC1C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACjD,CAAC;iBAAM,IAAI,KAAK,YAAY,WAAW,EAAE,CAAC;gBACxC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACjD,CAAC;iBAAM,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBACvC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACjD,CAAC;iBAAM,CAAC;gBACN,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/clientAuth.d.ts
Generated Vendored
+4 -4
View File
@@ -1,13 +1,13 @@
import { RequestHandler } from 'express';
import { OAuthRegisteredClientsStore } from '../clients.js';
import { OAuthClientInformationFull } from '../../../shared/auth.js';
import { RequestHandler } from "express";
import { OAuthRegisteredClientsStore } from "../clients.js";
import { OAuthClientInformationFull } from "../../../shared/auth.js";
export type ClientAuthenticationMiddlewareOptions = {
/**
* A store used to read information about registered OAuth clients.
*/
clientsStore: OAuthRegisteredClientsStore;
};
declare module 'express-serve-static-core' {
declare module "express-serve-static-core" {
interface Request {
/**
* The authenticated client for this request, if the `authenticateClient` middleware was used.
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/clientAuth.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"clientAuth.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/clientAuth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,EAAE,2BAA2B,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EAAE,0BAA0B,EAAE,MAAM,yBAAyB,CAAC;AAGrE,MAAM,MAAM,qCAAqC,GAAG;IAChD;;OAEG;IACH,YAAY,EAAE,2BAA2B,CAAC;CAC7C,CAAC;AAOF,OAAO,QAAQ,2BAA2B,CAAC;IACvC,UAAU,OAAO;QACb;;WAEG;QACH,MAAM,CAAC,EAAE,0BAA0B,CAAC;KACvC;CACJ;AAED,wBAAgB,kBAAkB,CAAC,EAAE,YAAY,EAAE,EAAE,qCAAqC,GAAG,cAAc,CAoC1G"}
{"version":3,"file":"clientAuth.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/clientAuth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,EAAE,2BAA2B,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EAAE,0BAA0B,EAAE,MAAM,yBAAyB,CAAC;AAGrE,MAAM,MAAM,qCAAqC,GAAG;IAClD;;OAEG;IACH,YAAY,EAAE,2BAA2B,CAAC;CAC3C,CAAA;AAOD,OAAO,QAAQ,2BAA2B,CAAC;IACzC,UAAU,OAAO;QACf;;WAEG;QACH,MAAM,CAAC,EAAE,0BAA0B,CAAC;KACrC;CACF;AAED,wBAAgB,kBAAkB,CAAC,EAAE,YAAY,EAAE,EAAE,qCAAqC,GAAG,cAAc,CA4C1G"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/clientAuth.js
Generated Vendored
+12 -8
View File
@@ -1,8 +1,8 @@
import * as z from 'zod/v4';
import { InvalidRequestError, InvalidClientError, ServerError, OAuthError } from '../errors.js';
import { z } from "zod";
import { InvalidRequestError, InvalidClientError, ServerError, OAuthError } from "../errors.js";
const ClientAuthenticatedRequestSchema = z.object({
client_id: z.string(),
client_secret: z.string().optional()
client_secret: z.string().optional(),
});
export function authenticateClient({ clientsStore }) {
return async (req, res, next) => {
@@ -14,17 +14,21 @@ export function authenticateClient({ clientsStore }) {
const { client_id, client_secret } = result.data;
const client = await clientsStore.getClient(client_id);
if (!client) {
throw new InvalidClientError('Invalid client_id');
throw new InvalidClientError("Invalid client_id");
}
// If client has a secret, validate it
if (client.client_secret) {
// Check if client_secret is required but not provided
if (!client_secret) {
throw new InvalidClientError('Client secret is required');
throw new InvalidClientError("Client secret is required");
}
// Check if client_secret matches
if (client.client_secret !== client_secret) {
throw new InvalidClientError('Invalid client_secret');
throw new InvalidClientError("Invalid client_secret");
}
// Check if client_secret has expired
if (client.client_secret_expires_at && client.client_secret_expires_at < Math.floor(Date.now() / 1000)) {
throw new InvalidClientError('Client secret has expired');
throw new InvalidClientError("Client secret has expired");
}
}
req.client = client;
@@ -36,7 +40,7 @@ export function authenticateClient({ clientsStore }) {
res.status(status).json(error.toResponseObject());
}
else {
const serverError = new ServerError('Internal Server Error');
const serverError = new ServerError("Internal Server Error");
res.status(500).json(serverError.toResponseObject());
}
}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/middleware/clientAuth.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"clientAuth.js","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/clientAuth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,QAAQ,CAAC;AAI5B,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAShG,MAAM,gCAAgC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9C,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACvC,CAAC,CAAC;AAWH,MAAM,UAAU,kBAAkB,CAAC,EAAE,YAAY,EAAyC;IACtF,OAAO,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC5B,IAAI,CAAC;YACD,MAAM,MAAM,GAAG,gCAAgC,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YACpE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBAClB,MAAM,IAAI,mBAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YACxD,CAAC;YACD,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC;YACjD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YACvD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACV,MAAM,IAAI,kBAAkB,CAAC,mBAAmB,CAAC,CAAC;YACtD,CAAC;YACD,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;gBACvB,IAAI,CAAC,aAAa,EAAE,CAAC;oBACjB,MAAM,IAAI,kBAAkB,CAAC,2BAA2B,CAAC,CAAC;gBAC9D,CAAC;gBACD,IAAI,MAAM,CAAC,aAAa,KAAK,aAAa,EAAE,CAAC;oBACzC,MAAM,IAAI,kBAAkB,CAAC,uBAAuB,CAAC,CAAC;gBAC1D,CAAC;gBACD,IAAI,MAAM,CAAC,wBAAwB,IAAI,MAAM,CAAC,wBAAwB,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;oBACrG,MAAM,IAAI,kBAAkB,CAAC,2BAA2B,CAAC,CAAC;gBAC9D,CAAC;YACL,CAAC;YAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YACpB,IAAI,EAAE,CAAC;QACX,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAC9B,MAAM,MAAM,GAAG,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACxD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACtD,CAAC;iBAAM,CAAC;gBACJ,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACzD,CAAC;QACL,CAAC;IACL,CAAC,CAAC;AACN,CAAC"}
{"version":3,"file":"clientAuth.js","sourceRoot":"","sources":["../../../../../src/server/auth/middleware/clientAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAShG,MAAM,gCAAgC,GAAG,CAAC,CAAC,MAAM,CAAC;IAChD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACrC,CAAC,CAAC;AAWH,MAAM,UAAU,kBAAkB,CAAC,EAAE,YAAY,EAAyC;IACxF,OAAO,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC9B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,gCAAgC,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YACpE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,mBAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YACtD,CAAC;YAED,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC;YACjD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YACvD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,kBAAkB,CAAC,mBAAmB,CAAC,CAAC;YACpD,CAAC;YAED,sCAAsC;YACtC,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;gBACzB,sDAAsD;gBACtD,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,MAAM,IAAI,kBAAkB,CAAC,2BAA2B,CAAC,CAAC;gBAC5D,CAAC;gBAED,iCAAiC;gBACjC,IAAI,MAAM,CAAC,aAAa,KAAK,aAAa,EAAE,CAAC;oBAC3C,MAAM,IAAI,kBAAkB,CAAC,uBAAuB,CAAC,CAAC;gBACxD,CAAC;gBAED,qCAAqC;gBACrC,IAAI,MAAM,CAAC,wBAAwB,IAAI,MAAM,CAAC,wBAAwB,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;oBACvG,MAAM,IAAI,kBAAkB,CAAC,2BAA2B,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC;YAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YACpB,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,MAAM,MAAM,GAAG,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACxD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBAC7D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC,CAAA;AACH,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/provider.d.ts
Generated Vendored
+4 -4
View File
@@ -1,7 +1,7 @@
import { Response } from 'express';
import { OAuthRegisteredClientsStore } from './clients.js';
import { OAuthClientInformationFull, OAuthTokenRevocationRequest, OAuthTokens } from '../../shared/auth.js';
import { AuthInfo } from './types.js';
import { Response } from "express";
import { OAuthRegisteredClientsStore } from "./clients.js";
import { OAuthClientInformationFull, OAuthTokenRevocationRequest, OAuthTokens } from "../../shared/auth.js";
import { AuthInfo } from "./types.js";
export type AuthorizationParams = {
state?: string;
scopes?: string[];
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/provider.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAC3D,OAAO,EAAE,0BAA0B,EAAE,2BAA2B,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAC5G,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAEtC,MAAM,MAAM,mBAAmB,GAAG;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,GAAG,CAAC;CAClB,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC;;OAEG;IACH,IAAI,YAAY,IAAI,2BAA2B,CAAC;IAEhD;;;;;;OAMG;IACH,SAAS,CAAC,MAAM,EAAE,0BAA0B,EAAE,MAAM,EAAE,mBAAmB,EAAE,GAAG,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzG;;OAEG;IACH,6BAA6B,CAAC,MAAM,EAAE,0BAA0B,EAAE,iBAAiB,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAE9G;;OAEG;IACH,yBAAyB,CACrB,MAAM,EAAE,0BAA0B,EAClC,iBAAiB,EAAE,MAAM,EACzB,YAAY,CAAC,EAAE,MAAM,EACrB,WAAW,CAAC,EAAE,MAAM,EACpB,QAAQ,CAAC,EAAE,GAAG,GACf,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;OAEG;IACH,oBAAoB,CAAC,MAAM,EAAE,0BAA0B,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,EAAE,QAAQ,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAExI;;OAEG;IACH,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEpD;;;;OAIG;IACH,WAAW,CAAC,CAAC,MAAM,EAAE,0BAA0B,EAAE,OAAO,EAAE,2BAA2B,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtG;;;;;;OAMG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B;;OAEG;IACH,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACvD"}
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAC3D,OAAO,EAAE,0BAA0B,EAAE,2BAA2B,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAC5G,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAEtC,MAAM,MAAM,mBAAmB,GAAG;IAChC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,GAAG,CAAC;CAChB,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC;;OAEG;IACH,IAAI,YAAY,IAAI,2BAA2B,CAAC;IAEhD;;;;;;OAMG;IACH,SAAS,CAAC,MAAM,EAAE,0BAA0B,EAAE,MAAM,EAAE,mBAAmB,EAAE,GAAG,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzG;;OAEG;IACH,6BAA6B,CAAC,MAAM,EAAE,0BAA0B,EAAE,iBAAiB,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAE9G;;OAEG;IACH,yBAAyB,CACvB,MAAM,EAAE,0BAA0B,EAClC,iBAAiB,EAAE,MAAM,EACzB,YAAY,CAAC,EAAE,MAAM,EACrB,WAAW,CAAC,EAAE,MAAM,EACpB,QAAQ,CAAC,EAAE,GAAG,GACb,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;OAEG;IACH,oBAAoB,CAAC,MAAM,EAAE,0BAA0B,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,EAAE,QAAQ,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAExI;;OAEG;IACH,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEpD;;;;OAIG;IACH,WAAW,CAAC,CAAC,MAAM,EAAE,0BAA0B,EAAE,OAAO,EAAE,2BAA2B,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtG;;;;;;OAMG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACnC;AAGD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACrD"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/providers/proxyProvider.d.ts
Generated Vendored
+10 -10
View File
@@ -1,9 +1,9 @@
import { Response } from 'express';
import { OAuthRegisteredClientsStore } from '../clients.js';
import { OAuthClientInformationFull, OAuthTokenRevocationRequest, OAuthTokens } from '../../../shared/auth.js';
import { AuthInfo } from '../types.js';
import { AuthorizationParams, OAuthServerProvider } from '../provider.js';
import { FetchLike } from '../../../shared/transport.js';
import { Response } from "express";
import { OAuthRegisteredClientsStore } from "../clients.js";
import { OAuthClientInformationFull, OAuthTokenRevocationRequest, OAuthTokens } from "../../../shared/auth.js";
import { AuthInfo } from "../types.js";
import { AuthorizationParams, OAuthServerProvider } from "../provider.js";
import { FetchLike } from "../../../shared/transport.js";
export type ProxyEndpoints = {
authorizationUrl: string;
tokenUrl: string;
@@ -16,12 +16,12 @@ export type ProxyOptions = {
*/
endpoints: ProxyEndpoints;
/**
* Function to verify access tokens and return auth info
*/
* Function to verify access tokens and return auth info
*/
verifyAccessToken: (token: string) => Promise<AuthInfo>;
/**
* Function to fetch client information from the upstream server
*/
* Function to fetch client information from the upstream server
*/
getClient: (clientId: string) => Promise<OAuthClientInformationFull | undefined>;
/**
* Custom fetch implementation used for all network requests.
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/providers/proxyProvider.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"proxyProvider.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/providers/proxyProvider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,2BAA2B,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EACH,0BAA0B,EAE1B,2BAA2B,EAC3B,WAAW,EAEd,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAE1E,OAAO,EAAE,SAAS,EAAE,MAAM,8BAA8B,CAAC;AAEzD,MAAM,MAAM,cAAc,GAAG;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACvB;;OAEG;IACH,SAAS,EAAE,cAAc,CAAC;IAE1B;;OAEG;IACH,iBAAiB,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IAExD;;OAEG;IACH,SAAS,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC,CAAC;IAEjF;;OAEG;IACH,KAAK,CAAC,EAAE,SAAS,CAAC;CACrB,CAAC;AAEF;;GAEG;AACH,qBAAa,wBAAyB,YAAW,mBAAmB;IAChE,SAAS,CAAC,QAAQ,CAAC,UAAU,EAAE,cAAc,CAAC;IAC9C,SAAS,CAAC,QAAQ,CAAC,kBAAkB,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC5E,SAAS,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC,CAAC;IACrG,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,CAAC;IAEtC,uBAAuB,UAAQ;IAE/B,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,0BAA0B,EAAE,OAAO,EAAE,2BAA2B,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;gBAE9F,OAAO,EAAE,YAAY;IAuCjC,IAAI,YAAY,IAAI,2BAA2B,CAwB9C;IAEK,SAAS,CAAC,MAAM,EAAE,0BAA0B,EAAE,MAAM,EAAE,mBAAmB,EAAE,GAAG,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBxG,6BAA6B,CAAC,OAAO,EAAE,0BAA0B,EAAE,kBAAkB,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAM/G,yBAAyB,CAC3B,MAAM,EAAE,0BAA0B,EAClC,iBAAiB,EAAE,MAAM,EACzB,YAAY,CAAC,EAAE,MAAM,EACrB,WAAW,CAAC,EAAE,MAAM,EACpB,QAAQ,CAAC,EAAE,GAAG,GACf,OAAO,CAAC,WAAW,CAAC;IAwCjB,oBAAoB,CACtB,MAAM,EAAE,0BAA0B,EAClC,YAAY,EAAE,MAAM,EACpB,MAAM,CAAC,EAAE,MAAM,EAAE,EACjB,QAAQ,CAAC,EAAE,GAAG,GACf,OAAO,CAAC,WAAW,CAAC;IAoCjB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;CAG5D"}
{"version":3,"file":"proxyProvider.d.ts","sourceRoot":"","sources":["../../../../../src/server/auth/providers/proxyProvider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,2BAA2B,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EACL,0BAA0B,EAE1B,2BAA2B,EAC3B,WAAW,EAEZ,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAE1E,OAAO,EAAE,SAAS,EAAE,MAAM,8BAA8B,CAAC;AAEzD,MAAM,MAAM,cAAc,GAAG;IAC3B,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB;;OAEG;IACH,SAAS,EAAE,cAAc,CAAC;IAE1B;;MAEE;IACF,iBAAiB,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IAExD;;MAEE;IACF,SAAS,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC,CAAC;IAEjF;;OAEG;IACH,KAAK,CAAC,EAAE,SAAS,CAAC;CACnB,CAAC;AAEF;;GAEG;AACH,qBAAa,wBAAyB,YAAW,mBAAmB;IAClE,SAAS,CAAC,QAAQ,CAAC,UAAU,EAAE,cAAc,CAAC;IAC9C,SAAS,CAAC,QAAQ,CAAC,kBAAkB,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC5E,SAAS,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC,CAAC;IACrG,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,CAAC;IAEtC,uBAAuB,UAAQ;IAE/B,WAAW,CAAC,EAAE,CACZ,MAAM,EAAE,0BAA0B,EAClC,OAAO,EAAE,2BAA2B,KACjC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAEP,OAAO,EAAE,YAAY;IAyCjC,IAAI,YAAY,IAAI,2BAA2B,CAuB9C;IAEK,SAAS,CACb,MAAM,EAAE,0BAA0B,EAClC,MAAM,EAAE,mBAAmB,EAC3B,GAAG,EAAE,QAAQ,GACZ,OAAO,CAAC,IAAI,CAAC;IAoBV,6BAA6B,CACjC,OAAO,EAAE,0BAA0B,EACnC,kBAAkB,EAAE,MAAM,GACzB,OAAO,CAAC,MAAM,CAAC;IAMZ,yBAAyB,CAC7B,MAAM,EAAE,0BAA0B,EAClC,iBAAiB,EAAE,MAAM,EACzB,YAAY,CAAC,EAAE,MAAM,EACrB,WAAW,CAAC,EAAE,MAAM,EACpB,QAAQ,CAAC,EAAE,GAAG,GACb,OAAO,CAAC,WAAW,CAAC;IAwCjB,oBAAoB,CACxB,MAAM,EAAE,0BAA0B,EAClC,YAAY,EAAE,MAAM,EACpB,MAAM,CAAC,EAAE,MAAM,EAAE,EACjB,QAAQ,CAAC,EAAE,GAAG,GACb,OAAO,CAAC,WAAW,CAAC;IAoCjB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;CAG1D"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/providers/proxyProvider.js
Generated Vendored
+49 -47
View File
@@ -1,38 +1,39 @@
import { OAuthClientInformationFullSchema, OAuthTokensSchema } from '../../../shared/auth.js';
import { ServerError } from '../errors.js';
import { OAuthClientInformationFullSchema, OAuthTokensSchema, } from "../../../shared/auth.js";
import { ServerError } from "../errors.js";
/**
* Implements an OAuth server that proxies requests to another OAuth server.
*/
export class ProxyOAuthServerProvider {
constructor(options) {
var _a;
this.skipLocalPkceValidation = true;
this._endpoints = options.endpoints;
this._verifyAccessToken = options.verifyAccessToken;
this._getClient = options.getClient;
this._fetch = options.fetch;
if (options.endpoints?.revocationUrl) {
if ((_a = options.endpoints) === null || _a === void 0 ? void 0 : _a.revocationUrl) {
this.revokeToken = async (client, request) => {
var _a;
const revocationUrl = this._endpoints.revocationUrl;
if (!revocationUrl) {
throw new Error('No revocation endpoint configured');
throw new Error("No revocation endpoint configured");
}
const params = new URLSearchParams();
params.set('token', request.token);
params.set('client_id', client.client_id);
params.set("token", request.token);
params.set("client_id", client.client_id);
if (client.client_secret) {
params.set('client_secret', client.client_secret);
params.set("client_secret", client.client_secret);
}
if (request.token_type_hint) {
params.set('token_type_hint', request.token_type_hint);
params.set("token_type_hint", request.token_type_hint);
}
const response = await (this._fetch ?? fetch)(revocationUrl, {
method: 'POST',
const response = await ((_a = this._fetch) !== null && _a !== void 0 ? _a : fetch)(revocationUrl, {
method: "POST",
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
"Content-Type": "application/x-www-form-urlencoded",
},
body: params.toString()
body: params.toString(),
});
await response.body?.cancel();
if (!response.ok) {
throw new ServerError(`Token revocation failed: ${response.status}`);
}
@@ -45,15 +46,15 @@ export class ProxyOAuthServerProvider {
getClient: this._getClient,
...(registrationUrl && {
registerClient: async (client) => {
const response = await (this._fetch ?? fetch)(registrationUrl, {
method: 'POST',
var _a;
const response = await ((_a = this._fetch) !== null && _a !== void 0 ? _a : fetch)(registrationUrl, {
method: "POST",
headers: {
'Content-Type': 'application/json'
"Content-Type": "application/json",
},
body: JSON.stringify(client)
body: JSON.stringify(client),
});
if (!response.ok) {
await response.body?.cancel();
throw new ServerError(`Client registration failed: ${response.status}`);
}
const data = await response.json();
@@ -63,86 +64,87 @@ export class ProxyOAuthServerProvider {
};
}
async authorize(client, params, res) {
var _a;
// Start with required OAuth parameters
const targetUrl = new URL(this._endpoints.authorizationUrl);
const searchParams = new URLSearchParams({
client_id: client.client_id,
response_type: 'code',
response_type: "code",
redirect_uri: params.redirectUri,
code_challenge: params.codeChallenge,
code_challenge_method: 'S256'
code_challenge_method: "S256"
});
// Add optional standard OAuth parameters
if (params.state)
searchParams.set('state', params.state);
if (params.scopes?.length)
searchParams.set('scope', params.scopes.join(' '));
searchParams.set("state", params.state);
if ((_a = params.scopes) === null || _a === void 0 ? void 0 : _a.length)
searchParams.set("scope", params.scopes.join(" "));
if (params.resource)
searchParams.set('resource', params.resource.href);
searchParams.set("resource", params.resource.href);
targetUrl.search = searchParams.toString();
res.redirect(targetUrl.toString());
}
async challengeForAuthorizationCode(_client, _authorizationCode) {
// In a proxy setup, we don't store the code challenge ourselves
// Instead, we proxy the token request and let the upstream server validate it
return '';
return "";
}
async exchangeAuthorizationCode(client, authorizationCode, codeVerifier, redirectUri, resource) {
var _a;
const params = new URLSearchParams({
grant_type: 'authorization_code',
grant_type: "authorization_code",
client_id: client.client_id,
code: authorizationCode
code: authorizationCode,
});
if (client.client_secret) {
params.append('client_secret', client.client_secret);
params.append("client_secret", client.client_secret);
}
if (codeVerifier) {
params.append('code_verifier', codeVerifier);
params.append("code_verifier", codeVerifier);
}
if (redirectUri) {
params.append('redirect_uri', redirectUri);
params.append("redirect_uri", redirectUri);
}
if (resource) {
params.append('resource', resource.href);
params.append("resource", resource.href);
}
const response = await (this._fetch ?? fetch)(this._endpoints.tokenUrl, {
method: 'POST',
const response = await ((_a = this._fetch) !== null && _a !== void 0 ? _a : fetch)(this._endpoints.tokenUrl, {
method: "POST",
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
"Content-Type": "application/x-www-form-urlencoded",
},
body: params.toString()
body: params.toString(),
});
if (!response.ok) {
await response.body?.cancel();
throw new ServerError(`Token exchange failed: ${response.status}`);
}
const data = await response.json();
return OAuthTokensSchema.parse(data);
}
async exchangeRefreshToken(client, refreshToken, scopes, resource) {
var _a;
const params = new URLSearchParams({
grant_type: 'refresh_token',
grant_type: "refresh_token",
client_id: client.client_id,
refresh_token: refreshToken
refresh_token: refreshToken,
});
if (client.client_secret) {
params.set('client_secret', client.client_secret);
params.set("client_secret", client.client_secret);
}
if (scopes?.length) {
params.set('scope', scopes.join(' '));
if (scopes === null || scopes === void 0 ? void 0 : scopes.length) {
params.set("scope", scopes.join(" "));
}
if (resource) {
params.set('resource', resource.href);
params.set("resource", resource.href);
}
const response = await (this._fetch ?? fetch)(this._endpoints.tokenUrl, {
method: 'POST',
const response = await ((_a = this._fetch) !== null && _a !== void 0 ? _a : fetch)(this._endpoints.tokenUrl, {
method: "POST",
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
"Content-Type": "application/x-www-form-urlencoded",
},
body: params.toString()
body: params.toString(),
});
if (!response.ok) {
await response.body?.cancel();
throw new ServerError(`Token refresh failed: ${response.status}`);
}
const data = await response.json();
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/providers/proxyProvider.js.map
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/router.d.ts
Generated Vendored
+13 -18
View File
@@ -1,10 +1,10 @@
import express, { RequestHandler } from 'express';
import { ClientRegistrationHandlerOptions } from './handlers/register.js';
import { TokenHandlerOptions } from './handlers/token.js';
import { AuthorizationHandlerOptions } from './handlers/authorize.js';
import { RevocationHandlerOptions } from './handlers/revoke.js';
import { OAuthServerProvider } from './provider.js';
import { OAuthMetadata } from '../../shared/auth.js';
import { RequestHandler } from "express";
import { ClientRegistrationHandlerOptions } from "./handlers/register.js";
import { TokenHandlerOptions } from "./handlers/token.js";
import { AuthorizationHandlerOptions } from "./handlers/authorize.js";
import { RevocationHandlerOptions } from "./handlers/revoke.js";
import { OAuthServerProvider } from "./provider.js";
import { OAuthMetadata } from "../../shared/auth.js";
export type AuthRouterOptions = {
/**
* A provider implementing the actual authorization logic for this router.
@@ -32,15 +32,10 @@ export type AuthRouterOptions = {
* The resource name to be displayed in protected resource metadata
*/
resourceName?: string;
/**
* The URL of the protected resource (RS) whose metadata we advertise.
* If not provided, falls back to `baseUrl` and then to `issuerUrl` (AS=RS).
*/
resourceServerUrl?: URL;
authorizationOptions?: Omit<AuthorizationHandlerOptions, 'provider'>;
clientRegistrationOptions?: Omit<ClientRegistrationHandlerOptions, 'clientsStore'>;
revocationOptions?: Omit<RevocationHandlerOptions, 'provider'>;
tokenOptions?: Omit<TokenHandlerOptions, 'provider'>;
authorizationOptions?: Omit<AuthorizationHandlerOptions, "provider">;
clientRegistrationOptions?: Omit<ClientRegistrationHandlerOptions, "clientsStore">;
revocationOptions?: Omit<RevocationHandlerOptions, "provider">;
tokenOptions?: Omit<TokenHandlerOptions, "provider">;
};
export declare const createOAuthMetadata: (options: {
provider: OAuthServerProvider;
@@ -85,7 +80,7 @@ export type AuthMetadataOptions = {
*/
resourceName?: string;
};
export declare function mcpAuthMetadataRouter(options: AuthMetadataOptions): express.Router;
export declare function mcpAuthMetadataRouter(options: AuthMetadataOptions): import("express-serve-static-core").Router;
/**
* Helper function to construct the OAuth 2.0 Protected Resource Metadata URL
* from a given server URL. This replaces the path with the standard metadata endpoint.
@@ -95,7 +90,7 @@ export declare function mcpAuthMetadataRouter(options: AuthMetadataOptions): exp
*
* @example
* getOAuthProtectedResourceMetadataUrl(new URL('https://api.example.com/mcp'))
* // Returns: 'https://api.example.com/.well-known/oauth-protected-resource/mcp'
* // Returns: 'https://api.example.com/.well-known/oauth-protected-resource'
*/
export declare function getOAuthProtectedResourceMetadataUrl(serverUrl: URL): string;
//# sourceMappingURL=router.d.ts.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/router.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"router.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/router.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,EAAE,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAClD,OAAO,EAA6B,gCAAgC,EAAE,MAAM,wBAAwB,CAAC;AACrG,OAAO,EAAgB,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AACxE,OAAO,EAAwB,2BAA2B,EAAE,MAAM,yBAAyB,CAAC;AAC5F,OAAO,EAAqB,wBAAwB,EAAE,MAAM,sBAAsB,CAAC;AAEnF,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,aAAa,EAAkC,MAAM,sBAAsB,CAAC;AAUrF,MAAM,MAAM,iBAAiB,GAAG;IAC5B;;OAEG;IACH,QAAQ,EAAE,mBAAmB,CAAC;IAE9B;;OAEG;IACH,SAAS,EAAE,GAAG,CAAC;IAEf;;;;OAIG;IACH,OAAO,CAAC,EAAE,GAAG,CAAC;IAEd;;OAEG;IACH,uBAAuB,CAAC,EAAE,GAAG,CAAC;IAE9B;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,GAAG,CAAC;IAGxB,oBAAoB,CAAC,EAAE,IAAI,CAAC,2BAA2B,EAAE,UAAU,CAAC,CAAC;IACrE,yBAAyB,CAAC,EAAE,IAAI,CAAC,gCAAgC,EAAE,cAAc,CAAC,CAAC;IACnF,iBAAiB,CAAC,EAAE,IAAI,CAAC,wBAAwB,EAAE,UAAU,CAAC,CAAC;IAC/D,YAAY,CAAC,EAAE,IAAI,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAC;CACxD,CAAC;AAeF,eAAO,MAAM,mBAAmB,YAAa;IACzC,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,SAAS,EAAE,GAAG,CAAC;IACf,OAAO,CAAC,EAAE,GAAG,CAAC;IACd,uBAAuB,CAAC,EAAE,GAAG,CAAC;IAC9B,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;CAC9B,KAAG,aAgCH,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,iBAAiB,GAAG,cAAc,CAyCxE;AAED,MAAM,MAAM,mBAAmB,GAAG;IAC9B;;;OAGG;IACH,aAAa,EAAE,aAAa,CAAC;IAE7B;;OAEG;IACH,iBAAiB,EAAE,GAAG,CAAC;IAEvB;;OAEG;IACH,uBAAuB,CAAC,EAAE,GAAG,CAAC;IAE9B;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAuBlF;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,oCAAoC,CAAC,SAAS,EAAE,GAAG,GAAG,MAAM,CAI3E"}
{"version":3,"file":"router.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/router.ts"],"names":[],"mappings":"AAAA,OAAgB,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAClD,OAAO,EAA6B,gCAAgC,EAAE,MAAM,wBAAwB,CAAC;AACrG,OAAO,EAAgB,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AACxE,OAAO,EAAwB,2BAA2B,EAAE,MAAM,yBAAyB,CAAC;AAC5F,OAAO,EAAqB,wBAAwB,EAAE,MAAM,sBAAsB,CAAC;AAEnF,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,aAAa,EAAkC,MAAM,sBAAsB,CAAC;AAErF,MAAM,MAAM,iBAAiB,GAAG;IAC9B;;OAEG;IACH,QAAQ,EAAE,mBAAmB,CAAC;IAE9B;;OAEG;IACH,SAAS,EAAE,GAAG,CAAC;IAEf;;;;OAIG;IACH,OAAO,CAAC,EAAE,GAAG,CAAC;IAEd;;OAEG;IACH,uBAAuB,CAAC,EAAE,GAAG,CAAC;IAE9B;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAG3B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAGtB,oBAAoB,CAAC,EAAE,IAAI,CAAC,2BAA2B,EAAE,UAAU,CAAC,CAAC;IACrE,yBAAyB,CAAC,EAAE,IAAI,CAAC,gCAAgC,EAAE,cAAc,CAAC,CAAC;IACnF,iBAAiB,CAAC,EAAE,IAAI,CAAC,wBAAwB,EAAE,UAAU,CAAC,CAAC;IAC/D,YAAY,CAAC,EAAE,IAAI,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAC;CACtD,CAAC;AAeF,eAAO,MAAM,mBAAmB,YAAa;IAC3C,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,SAAS,EAAE,GAAG,CAAC;IACf,OAAO,CAAC,EAAE,GAAG,CAAA;IACb,uBAAuB,CAAC,EAAE,GAAG,CAAC;IAC9B,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;CAC5B,KAAG,aAgCH,CAAA;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,iBAAiB,GAAG,cAAc,CA0CxE;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC;;;OAGG;IACH,aAAa,EAAE,aAAa,CAAC;IAE7B;;OAEG;IACH,iBAAiB,EAAE,GAAG,CAAC;IAEvB;;OAEG;IACH,uBAAuB,CAAC,EAAE,GAAG,CAAC;IAE9B;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAA;AAED,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,mBAAmB,8CAuBjE;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,oCAAoC,CAAC,SAAS,EAAE,GAAG,GAAG,MAAM,CAE3E"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/router.js
Generated Vendored
+33 -39
View File
@@ -1,19 +1,13 @@
import express from 'express';
import { clientRegistrationHandler } from './handlers/register.js';
import { tokenHandler } from './handlers/token.js';
import { authorizationHandler } from './handlers/authorize.js';
import { revocationHandler } from './handlers/revoke.js';
import { metadataHandler } from './handlers/metadata.js';
// Check for dev mode flag that allows HTTP issuer URLs (for development/testing only)
const allowInsecureIssuerUrl = process.env.MCP_DANGEROUSLY_ALLOW_INSECURE_ISSUER_URL === 'true' || process.env.MCP_DANGEROUSLY_ALLOW_INSECURE_ISSUER_URL === '1';
if (allowInsecureIssuerUrl) {
// eslint-disable-next-line no-console
console.warn('MCP_DANGEROUSLY_ALLOW_INSECURE_ISSUER_URL is enabled - HTTP issuer URLs are allowed. Do not use in production.');
}
import express from "express";
import { clientRegistrationHandler } from "./handlers/register.js";
import { tokenHandler } from "./handlers/token.js";
import { authorizationHandler } from "./handlers/authorize.js";
import { revocationHandler } from "./handlers/revoke.js";
import { metadataHandler } from "./handlers/metadata.js";
const checkIssuerUrl = (issuer) => {
// Technically RFC 8414 does not permit a localhost HTTPS exemption, but this will be necessary for ease of testing
if (issuer.protocol !== 'https:' && issuer.hostname !== 'localhost' && issuer.hostname !== '127.0.0.1' && !allowInsecureIssuerUrl) {
throw new Error('Issuer URL must be HTTPS');
if (issuer.protocol !== "https:" && issuer.hostname !== "localhost" && issuer.hostname !== "127.0.0.1") {
throw new Error("Issuer URL must be HTTPS");
}
if (issuer.hash) {
throw new Error(`Issuer URL must not have a fragment: ${issuer}`);
@@ -23,26 +17,27 @@ const checkIssuerUrl = (issuer) => {
}
};
export const createOAuthMetadata = (options) => {
var _a;
const issuer = options.issuerUrl;
const baseUrl = options.baseUrl;
checkIssuerUrl(issuer);
const authorization_endpoint = '/authorize';
const token_endpoint = '/token';
const registration_endpoint = options.provider.clientsStore.registerClient ? '/register' : undefined;
const revocation_endpoint = options.provider.revokeToken ? '/revoke' : undefined;
const authorization_endpoint = "/authorize";
const token_endpoint = "/token";
const registration_endpoint = options.provider.clientsStore.registerClient ? "/register" : undefined;
const revocation_endpoint = options.provider.revokeToken ? "/revoke" : undefined;
const metadata = {
issuer: issuer.href,
service_documentation: options.serviceDocumentationUrl?.href,
service_documentation: (_a = options.serviceDocumentationUrl) === null || _a === void 0 ? void 0 : _a.href,
authorization_endpoint: new URL(authorization_endpoint, baseUrl || issuer).href,
response_types_supported: ['code'],
code_challenge_methods_supported: ['S256'],
response_types_supported: ["code"],
code_challenge_methods_supported: ["S256"],
token_endpoint: new URL(token_endpoint, baseUrl || issuer).href,
token_endpoint_auth_methods_supported: ['client_secret_post', 'none'],
grant_types_supported: ['authorization_code', 'refresh_token'],
token_endpoint_auth_methods_supported: ["client_secret_post"],
grant_types_supported: ["authorization_code", "refresh_token"],
scopes_supported: options.scopesSupported,
revocation_endpoint: revocation_endpoint ? new URL(revocation_endpoint, baseUrl || issuer).href : undefined,
revocation_endpoint_auth_methods_supported: revocation_endpoint ? ['client_secret_post'] : undefined,
registration_endpoint: registration_endpoint ? new URL(registration_endpoint, baseUrl || issuer).href : undefined
revocation_endpoint_auth_methods_supported: revocation_endpoint ? ["client_secret_post"] : undefined,
registration_endpoint: registration_endpoint ? new URL(registration_endpoint, baseUrl || issuer).href : undefined,
};
return metadata;
};
@@ -65,8 +60,8 @@ export function mcpAuthRouter(options) {
router.use(new URL(oauthMetadata.token_endpoint).pathname, tokenHandler({ provider: options.provider, ...options.tokenOptions }));
router.use(mcpAuthMetadataRouter({
oauthMetadata,
// Prefer explicit RS; otherwise fall back to AS baseUrl, then to issuer (back-compat)
resourceServerUrl: options.resourceServerUrl ?? options.baseUrl ?? new URL(oauthMetadata.issuer),
// This router is used for AS+RS combo's, so the issuer is also the resource server
resourceServerUrl: new URL(oauthMetadata.issuer),
serviceDocumentationUrl: options.serviceDocumentationUrl,
scopesSupported: options.scopesSupported,
resourceName: options.resourceName
@@ -74,7 +69,7 @@ export function mcpAuthRouter(options) {
if (oauthMetadata.registration_endpoint) {
router.use(new URL(oauthMetadata.registration_endpoint).pathname, clientRegistrationHandler({
clientsStore: options.provider.clientsStore,
...options.clientRegistrationOptions
...options.clientRegistrationOptions,
}));
}
if (oauthMetadata.revocation_endpoint) {
@@ -83,20 +78,21 @@ export function mcpAuthRouter(options) {
return router;
}
export function mcpAuthMetadataRouter(options) {
var _a;
checkIssuerUrl(new URL(options.oauthMetadata.issuer));
const router = express.Router();
const protectedResourceMetadata = {
resource: options.resourceServerUrl.href,
authorization_servers: [options.oauthMetadata.issuer],
authorization_servers: [
options.oauthMetadata.issuer
],
scopes_supported: options.scopesSupported,
resource_name: options.resourceName,
resource_documentation: options.serviceDocumentationUrl?.href
resource_documentation: (_a = options.serviceDocumentationUrl) === null || _a === void 0 ? void 0 : _a.href,
};
// Serve PRM at the path-specific URL per RFC 9728
const rsPath = new URL(options.resourceServerUrl.href).pathname;
router.use(`/.well-known/oauth-protected-resource${rsPath === '/' ? '' : rsPath}`, metadataHandler(protectedResourceMetadata));
// Always add this for OAuth Authorization Server metadata per RFC 8414
router.use('/.well-known/oauth-authorization-server', metadataHandler(options.oauthMetadata));
router.use("/.well-known/oauth-protected-resource", metadataHandler(protectedResourceMetadata));
// Always add this for backwards compatibility
router.use("/.well-known/oauth-authorization-server", metadataHandler(options.oauthMetadata));
return router;
}
/**
@@ -108,11 +104,9 @@ export function mcpAuthMetadataRouter(options) {
*
* @example
* getOAuthProtectedResourceMetadataUrl(new URL('https://api.example.com/mcp'))
* // Returns: 'https://api.example.com/.well-known/oauth-protected-resource/mcp'
* // Returns: 'https://api.example.com/.well-known/oauth-protected-resource'
*/
export function getOAuthProtectedResourceMetadataUrl(serverUrl) {
const u = new URL(serverUrl.href);
const rsPath = u.pathname && u.pathname !== '/' ? u.pathname : '';
return new URL(`/.well-known/oauth-protected-resource${rsPath}`, u).href;
return new URL('/.well-known/oauth-protected-resource', serverUrl).href;
}
//# sourceMappingURL=router.js.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/router.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"router.js","sourceRoot":"","sources":["../../../../src/server/auth/router.ts"],"names":[],"mappings":"AAAA,OAAO,OAA2B,MAAM,SAAS,CAAC;AAClD,OAAO,EAAE,yBAAyB,EAAoC,MAAM,wBAAwB,CAAC;AACrG,OAAO,EAAE,YAAY,EAAuB,MAAM,qBAAqB,CAAC;AACxE,OAAO,EAAE,oBAAoB,EAA+B,MAAM,yBAAyB,CAAC;AAC5F,OAAO,EAAE,iBAAiB,EAA4B,MAAM,sBAAsB,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAIzD,sFAAsF;AACtF,MAAM,sBAAsB,GACxB,OAAO,CAAC,GAAG,CAAC,yCAAyC,KAAK,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,yCAAyC,KAAK,GAAG,CAAC;AACtI,IAAI,sBAAsB,EAAE,CAAC;IACzB,sCAAsC;IACtC,OAAO,CAAC,IAAI,CAAC,gHAAgH,CAAC,CAAC;AACnI,CAAC;AAgDD,MAAM,cAAc,GAAG,CAAC,MAAW,EAAQ,EAAE;IACzC,mHAAmH;IACnH,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,KAAK,WAAW,IAAI,MAAM,CAAC,QAAQ,KAAK,WAAW,IAAI,CAAC,sBAAsB,EAAE,CAAC;QAChI,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAChD,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,wCAAwC,MAAM,EAAE,CAAC,CAAC;IACtE,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,4CAA4C,MAAM,EAAE,CAAC,CAAC;IAC1E,CAAC;AACL,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,OAMnC,EAAiB,EAAE;IAChB,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IACjC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IAEhC,cAAc,CAAC,MAAM,CAAC,CAAC;IAEvB,MAAM,sBAAsB,GAAG,YAAY,CAAC;IAC5C,MAAM,cAAc,GAAG,QAAQ,CAAC;IAChC,MAAM,qBAAqB,GAAG,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;IACrG,MAAM,mBAAmB,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;IAEjF,MAAM,QAAQ,GAAkB;QAC5B,MAAM,EAAE,MAAM,CAAC,IAAI;QACnB,qBAAqB,EAAE,OAAO,CAAC,uBAAuB,EAAE,IAAI;QAE5D,sBAAsB,EAAE,IAAI,GAAG,CAAC,sBAAsB,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,IAAI;QAC/E,wBAAwB,EAAE,CAAC,MAAM,CAAC;QAClC,gCAAgC,EAAE,CAAC,MAAM,CAAC;QAE1C,cAAc,EAAE,IAAI,GAAG,CAAC,cAAc,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,IAAI;QAC/D,qCAAqC,EAAE,CAAC,oBAAoB,EAAE,MAAM,CAAC;QACrE,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAE9D,gBAAgB,EAAE,OAAO,CAAC,eAAe;QAEzC,mBAAmB,EAAE,mBAAmB,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,mBAAmB,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QAC3G,0CAA0C,EAAE,mBAAmB,CAAC,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,SAAS;QAEpG,qBAAqB,EAAE,qBAAqB,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,qBAAqB,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;KACpH,CAAC;IAEF,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,aAAa,CAAC,OAA0B;IACpD,MAAM,aAAa,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAEnD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,MAAM,CAAC,GAAG,CACN,IAAI,GAAG,CAAC,aAAa,CAAC,sBAAsB,CAAC,CAAC,QAAQ,EACtD,oBAAoB,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,GAAG,OAAO,CAAC,oBAAoB,EAAE,CAAC,CACxF,CAAC;IAEF,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC;IAElI,MAAM,CAAC,GAAG,CACN,qBAAqB,CAAC;QAClB,aAAa;QACb,sFAAsF;QACtF,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,OAAO,CAAC,OAAO,IAAI,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC;QAChG,uBAAuB,EAAE,OAAO,CAAC,uBAAuB;QACxD,eAAe,EAAE,OAAO,CAAC,eAAe;QACxC,YAAY,EAAE,OAAO,CAAC,YAAY;KACrC,CAAC,CACL,CAAC;IAEF,IAAI,aAAa,CAAC,qBAAqB,EAAE,CAAC;QACtC,MAAM,CAAC,GAAG,CACN,IAAI,GAAG,CAAC,aAAa,CAAC,qBAAqB,CAAC,CAAC,QAAQ,EACrD,yBAAyB,CAAC;YACtB,YAAY,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY;YAC3C,GAAG,OAAO,CAAC,yBAAyB;SACvC,CAAC,CACL,CAAC;IACN,CAAC;IAED,IAAI,aAAa,CAAC,mBAAmB,EAAE,CAAC;QACpC,MAAM,CAAC,GAAG,CACN,IAAI,GAAG,CAAC,aAAa,CAAC,mBAAmB,CAAC,CAAC,QAAQ,EACnD,iBAAiB,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,GAAG,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAClF,CAAC;IACN,CAAC;IAED,OAAO,MAAM,CAAC;AAClB,CAAC;AA8BD,MAAM,UAAU,qBAAqB,CAAC,OAA4B;IAC9D,cAAc,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;IAEtD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,MAAM,yBAAyB,GAAmC;QAC9D,QAAQ,EAAE,OAAO,CAAC,iBAAiB,CAAC,IAAI;QAExC,qBAAqB,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC;QAErD,gBAAgB,EAAE,OAAO,CAAC,eAAe;QACzC,aAAa,EAAE,OAAO,CAAC,YAAY;QACnC,sBAAsB,EAAE,OAAO,CAAC,uBAAuB,EAAE,IAAI;KAChE,CAAC;IAEF,kDAAkD;IAClD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC;IAChE,MAAM,CAAC,GAAG,CAAC,wCAAwC,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,eAAe,CAAC,yBAAyB,CAAC,CAAC,CAAC;IAE/H,uEAAuE;IACvE,MAAM,CAAC,GAAG,CAAC,yCAAyC,EAAE,eAAe,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;IAE9F,OAAO,MAAM,CAAC;AAClB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,oCAAoC,CAAC,SAAc;IAC/D,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;IAClE,OAAO,IAAI,GAAG,CAAC,wCAAwC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;AAC7E,CAAC"}
{"version":3,"file":"router.js","sourceRoot":"","sources":["../../../../src/server/auth/router.ts"],"names":[],"mappings":"AAAA,OAAO,OAA2B,MAAM,SAAS,CAAC;AAClD,OAAO,EAAE,yBAAyB,EAAoC,MAAM,wBAAwB,CAAC;AACrG,OAAO,EAAE,YAAY,EAAuB,MAAM,qBAAqB,CAAC;AACxE,OAAO,EAAE,oBAAoB,EAA+B,MAAM,yBAAyB,CAAC;AAC5F,OAAO,EAAE,iBAAiB,EAA4B,MAAM,sBAAsB,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AA6CzD,MAAM,cAAc,GAAG,CAAC,MAAW,EAAQ,EAAE;IAC3C,mHAAmH;IACnH,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,KAAK,WAAW,IAAI,MAAM,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;QACvG,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC9C,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,wCAAwC,MAAM,EAAE,CAAC,CAAC;IACpE,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,4CAA4C,MAAM,EAAE,CAAC,CAAC;IACxE,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,OAMnC,EAAiB,EAAE;;IAClB,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IACjC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IAEhC,cAAc,CAAC,MAAM,CAAC,CAAC;IAEvB,MAAM,sBAAsB,GAAG,YAAY,CAAC;IAC5C,MAAM,cAAc,GAAG,QAAQ,CAAC;IAChC,MAAM,qBAAqB,GAAG,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;IACrG,MAAM,mBAAmB,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;IAEjF,MAAM,QAAQ,GAAkB;QAC9B,MAAM,EAAE,MAAM,CAAC,IAAI;QACnB,qBAAqB,EAAE,MAAA,OAAO,CAAC,uBAAuB,0CAAE,IAAI;QAE5D,sBAAsB,EAAE,IAAI,GAAG,CAAC,sBAAsB,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,IAAI;QAC/E,wBAAwB,EAAE,CAAC,MAAM,CAAC;QAClC,gCAAgC,EAAE,CAAC,MAAM,CAAC;QAE1C,cAAc,EAAE,IAAI,GAAG,CAAC,cAAc,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,IAAI;QAC/D,qCAAqC,EAAE,CAAC,oBAAoB,CAAC;QAC7D,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAE9D,gBAAgB,EAAE,OAAO,CAAC,eAAe;QAEzC,mBAAmB,EAAE,mBAAmB,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,mBAAmB,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QAC3G,0CAA0C,EAAE,mBAAmB,CAAC,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,SAAS;QAEpG,qBAAqB,EAAE,qBAAqB,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,qBAAqB,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;KAClH,CAAC;IAEF,OAAO,QAAQ,CAAA;AACjB,CAAC,CAAA;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,aAAa,CAAC,OAA0B;IACtD,MAAM,aAAa,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAEnD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,MAAM,CAAC,GAAG,CACR,IAAI,GAAG,CAAC,aAAa,CAAC,sBAAsB,CAAC,CAAC,QAAQ,EACtD,oBAAoB,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,GAAG,OAAO,CAAC,oBAAoB,EAAE,CAAC,CACtF,CAAC;IAEF,MAAM,CAAC,GAAG,CACR,IAAI,GAAG,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC,QAAQ,EAC9C,YAAY,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,CACtE,CAAC;IAEF,MAAM,CAAC,GAAG,CAAC,qBAAqB,CAAC;QAC/B,aAAa;QACb,mFAAmF;QACnF,iBAAiB,EAAE,IAAI,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC;QAChD,uBAAuB,EAAE,OAAO,CAAC,uBAAuB;QACxD,eAAe,EAAE,OAAO,CAAC,eAAe;QACxC,YAAY,EAAE,OAAO,CAAC,YAAY;KACnC,CAAC,CAAC,CAAC;IAEJ,IAAI,aAAa,CAAC,qBAAqB,EAAE,CAAC;QACxC,MAAM,CAAC,GAAG,CACR,IAAI,GAAG,CAAC,aAAa,CAAC,qBAAqB,CAAC,CAAC,QAAQ,EACrD,yBAAyB,CAAC;YACxB,YAAY,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY;YAC3C,GAAG,OAAO,CAAC,yBAAyB;SACrC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,IAAI,aAAa,CAAC,mBAAmB,EAAE,CAAC;QACtC,MAAM,CAAC,GAAG,CACR,IAAI,GAAG,CAAC,aAAa,CAAC,mBAAmB,CAAC,CAAC,QAAQ,EACnD,iBAAiB,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,GAAG,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAChF,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AA8BD,MAAM,UAAU,qBAAqB,CAAC,OAA4B;;IAChE,cAAc,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;IAEtD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,MAAM,yBAAyB,GAAmC;QAChE,QAAQ,EAAE,OAAO,CAAC,iBAAiB,CAAC,IAAI;QAExC,qBAAqB,EAAE;YACrB,OAAO,CAAC,aAAa,CAAC,MAAM;SAC7B;QAED,gBAAgB,EAAE,OAAO,CAAC,eAAe;QACzC,aAAa,EAAE,OAAO,CAAC,YAAY;QACnC,sBAAsB,EAAE,MAAA,OAAO,CAAC,uBAAuB,0CAAE,IAAI;KAC9D,CAAC;IAEF,MAAM,CAAC,GAAG,CAAC,uCAAuC,EAAE,eAAe,CAAC,yBAAyB,CAAC,CAAC,CAAC;IAEhG,8CAA8C;IAC9C,MAAM,CAAC,GAAG,CAAC,yCAAyC,EAAE,eAAe,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;IAE9F,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,oCAAoC,CAAC,SAAc;IACjE,OAAO,IAAI,GAAG,CAAC,uCAAuC,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC;AAC1E,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/types.d.ts
Generated Vendored
+1 -1
View File
@@ -26,7 +26,7 @@ export interface AuthInfo {
/**
* Additional data associated with the token.
* This field should be used for any additional data that needs to be attached to the auth info.
*/
*/
extra?: Record<string, unknown>;
}
//# sourceMappingURL=types.d.ts.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/types.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,WAAW,QAAQ;IACrB;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;IAEd;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,MAAM,EAAE,MAAM,EAAE,CAAC;IAEjB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,QAAQ,CAAC,EAAE,GAAG,CAAC;IAEf;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC"}
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/server/auth/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;IAEd;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,MAAM,EAAE,MAAM,EAAE,CAAC;IAEjB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,QAAQ,CAAC,EAAE,GAAG,CAAC;IAEf;;;MAGE;IACF,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/completable.d.ts
Generated Vendored
+16 -30
View File
@@ -1,38 +1,24 @@
import { AnySchema, SchemaInput } from './zod-compat.js';
export declare const COMPLETABLE_SYMBOL: unique symbol;
export type CompleteCallback<T extends AnySchema = AnySchema> = (value: SchemaInput<T>, context?: {
arguments?: Record<string, string>;
}) => SchemaInput<T>[] | Promise<SchemaInput<T>[]>;
export type CompletableMeta<T extends AnySchema = AnySchema> = {
complete: CompleteCallback<T>;
};
export type CompletableSchema<T extends AnySchema> = T & {
[COMPLETABLE_SYMBOL]: CompletableMeta<T>;
};
/**
* Wraps a Zod type to provide autocompletion capabilities. Useful for, e.g., prompt arguments in MCP.
* Works with both Zod v3 and v4 schemas.
*/
export declare function completable<T extends AnySchema>(schema: T, complete: CompleteCallback<T>): CompletableSchema<T>;
/**
* Checks if a schema is completable (has completion metadata).
*/
export declare function isCompletable(schema: unknown): schema is CompletableSchema<AnySchema>;
/**
* Gets the completer callback from a completable schema, if it exists.
*/
export declare function getCompleter<T extends AnySchema>(schema: T): CompleteCallback<T> | undefined;
/**
* Unwraps a completable schema to get the underlying schema.
* For backward compatibility with code that called `.unwrap()`.
*/
export declare function unwrapCompletable<T extends AnySchema>(schema: CompletableSchema<T>): T;
import { ZodTypeAny, ZodTypeDef, ZodType, ParseInput, ParseReturnType, RawCreateParams } from "zod";
export declare enum McpZodTypeKind {
Completable = "McpCompletable"
}
export interface CompletableDef<T extends AnySchema = AnySchema> {
export type CompleteCallback<T extends ZodTypeAny = ZodTypeAny> = (value: T["_input"], context?: {
arguments?: Record<string, string>;
}) => T["_input"][] | Promise<T["_input"][]>;
export interface CompletableDef<T extends ZodTypeAny = ZodTypeAny> extends ZodTypeDef {
type: T;
complete: CompleteCallback<T>;
typeName: McpZodTypeKind.Completable;
}
export declare class Completable<T extends ZodTypeAny> extends ZodType<T["_output"], CompletableDef<T>, T["_input"]> {
_parse(input: ParseInput): ParseReturnType<this["_output"]>;
unwrap(): T;
static create: <T_1 extends ZodTypeAny>(type: T_1, params: RawCreateParams & {
complete: CompleteCallback<T_1>;
}) => Completable<T_1>;
}
/**
* Wraps a Zod type to provide autocompletion capabilities. Useful for, e.g., prompt arguments in MCP.
*/
export declare function completable<T extends ZodTypeAny>(schema: T, complete: CompleteCallback<T>): Completable<T>;
//# sourceMappingURL=completable.d.ts.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/completable.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"completable.d.ts","sourceRoot":"","sources":["../../../src/server/completable.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAEzD,eAAO,MAAM,kBAAkB,EAAE,OAAO,MAAsC,CAAC;AAE/E,MAAM,MAAM,gBAAgB,CAAC,CAAC,SAAS,SAAS,GAAG,SAAS,IAAI,CAC5D,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,EACrB,OAAO,CAAC,EAAE;IACN,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACtC,KACA,WAAW,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;AAElD,MAAM,MAAM,eAAe,CAAC,CAAC,SAAS,SAAS,GAAG,SAAS,IAAI;IAC3D,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC;CACjC,CAAC;AAEF,MAAM,MAAM,iBAAiB,CAAC,CAAC,SAAS,SAAS,IAAI,CAAC,GAAG;IACrD,CAAC,kBAAkB,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;CAC5C,CAAC;AAEF;;;GAGG;AACH,wBAAgB,WAAW,CAAC,CAAC,SAAS,SAAS,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAQ/G;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,IAAI,iBAAiB,CAAC,SAAS,CAAC,CAErF;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,CAAC,SAAS,SAAS,EAAE,MAAM,EAAE,CAAC,GAAG,gBAAgB,CAAC,CAAC,CAAC,GAAG,SAAS,CAG5F;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,CAAC,SAAS,SAAS,EAAE,MAAM,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAAG,CAAC,CAEtF;AAID,oBAAY,cAAc;IACtB,WAAW,mBAAmB;CACjC;AAED,MAAM,WAAW,cAAc,CAAC,CAAC,SAAS,SAAS,GAAG,SAAS;IAC3D,IAAI,EAAE,CAAC,CAAC;IACR,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC;IAC9B,QAAQ,EAAE,cAAc,CAAC,WAAW,CAAC;CACxC"}
{"version":3,"file":"completable.d.ts","sourceRoot":"","sources":["../../../src/server/completable.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,UAAU,EACV,UAAU,EACV,OAAO,EACP,UAAU,EACV,eAAe,EACf,eAAe,EAGhB,MAAM,KAAK,CAAC;AAEb,oBAAY,cAAc;IACxB,WAAW,mBAAmB;CAC/B;AAED,MAAM,MAAM,gBAAgB,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,IAAI,CAChE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,EAClB,OAAO,CAAC,EAAE;IACR,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACpC,KACE,CAAC,CAAC,QAAQ,CAAC,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;AAE5C,MAAM,WAAW,cAAc,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,CAC/D,SAAQ,UAAU;IAClB,IAAI,EAAE,CAAC,CAAC;IACR,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC;IAC9B,QAAQ,EAAE,cAAc,CAAC,WAAW,CAAC;CACtC;AAED,qBAAa,WAAW,CAAC,CAAC,SAAS,UAAU,CAAE,SAAQ,OAAO,CAC5D,CAAC,CAAC,SAAS,CAAC,EACZ,cAAc,CAAC,CAAC,CAAC,EACjB,CAAC,CAAC,QAAQ,CAAC,CACZ;IACC,MAAM,CAAC,KAAK,EAAE,UAAU,GAAG,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAU3D,MAAM;IAIN,MAAM,CAAC,MAAM,eAAc,UAAU,QAC7B,GAAC,UACC,eAAe,GAAG;QACxB,QAAQ,EAAE,gBAAgB,CAAC,GAAC,CAAC,CAAC;KAC/B,KACA,WAAW,CAAC,GAAC,CAAC,CAOf;CACH;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,CAAC,SAAS,UAAU,EAC9C,MAAM,EAAE,CAAC,EACT,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,GAC5B,WAAW,CAAC,CAAC,CAAC,CAEhB"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/completable.js
Generated Vendored
+55 -36
View File
@@ -1,41 +1,60 @@
export const COMPLETABLE_SYMBOL = Symbol.for('mcp.completable');
/**
* Wraps a Zod type to provide autocompletion capabilities. Useful for, e.g., prompt arguments in MCP.
* Works with both Zod v3 and v4 schemas.
*/
export function completable(schema, complete) {
Object.defineProperty(schema, COMPLETABLE_SYMBOL, {
value: { complete },
enumerable: false,
writable: false,
configurable: false
});
return schema;
}
/**
* Checks if a schema is completable (has completion metadata).
*/
export function isCompletable(schema) {
return !!schema && typeof schema === 'object' && COMPLETABLE_SYMBOL in schema;
}
/**
* Gets the completer callback from a completable schema, if it exists.
*/
export function getCompleter(schema) {
const meta = schema[COMPLETABLE_SYMBOL];
return meta?.complete;
}
/**
* Unwraps a completable schema to get the underlying schema.
* For backward compatibility with code that called `.unwrap()`.
*/
export function unwrapCompletable(schema) {
return schema;
}
// Legacy exports for backward compatibility
// These types are deprecated but kept for existing code
import { ZodType, } from "zod";
export var McpZodTypeKind;
(function (McpZodTypeKind) {
McpZodTypeKind["Completable"] = "McpCompletable";
})(McpZodTypeKind || (McpZodTypeKind = {}));
export class Completable extends ZodType {
_parse(input) {
const { ctx } = this._processInputParams(input);
const data = ctx.data;
return this._def.type._parse({
data,
path: ctx.path,
parent: ctx,
});
}
unwrap() {
return this._def.type;
}
}
Completable.create = (type, params) => {
return new Completable({
type,
typeName: McpZodTypeKind.Completable,
complete: params.complete,
...processCreateParams(params),
});
};
/**
* Wraps a Zod type to provide autocompletion capabilities. Useful for, e.g., prompt arguments in MCP.
*/
export function completable(schema, complete) {
return Completable.create(schema, { ...schema._def, complete });
}
// Not sure why this isn't exported from Zod:
// https://github.com/colinhacks/zod/blob/f7ad26147ba291cb3fb257545972a8e00e767470/src/types.ts#L130
function processCreateParams(params) {
if (!params)
return {};
const { errorMap, invalid_type_error, required_error, description } = params;
if (errorMap && (invalid_type_error || required_error)) {
throw new Error(`Can't use "invalid_type_error" or "required_error" in conjunction with custom error map.`);
}
if (errorMap)
return { errorMap: errorMap, description };
const customMap = (iss, ctx) => {
var _a, _b;
const { message } = params;
if (iss.code === "invalid_enum_value") {
return { message: message !== null && message !== void 0 ? message : ctx.defaultError };
}
if (typeof ctx.data === "undefined") {
return { message: (_a = message !== null && message !== void 0 ? message : required_error) !== null && _a !== void 0 ? _a : ctx.defaultError };
}
if (iss.code !== "invalid_type")
return { message: ctx.defaultError };
return { message: (_b = message !== null && message !== void 0 ? message : invalid_type_error) !== null && _b !== void 0 ? _b : ctx.defaultError };
};
return { errorMap: customMap, description };
}
//# sourceMappingURL=completable.js.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/completable.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"completable.js","sourceRoot":"","sources":["../../../src/server/completable.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,kBAAkB,GAAkB,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;AAiB/E;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAsB,MAAS,EAAE,QAA6B;IACrF,MAAM,CAAC,cAAc,CAAC,MAAgB,EAAE,kBAAkB,EAAE;QACxD,KAAK,EAAE,EAAE,QAAQ,EAAwB;QACzC,UAAU,EAAE,KAAK;QACjB,QAAQ,EAAE,KAAK;QACf,YAAY,EAAE,KAAK;KACtB,CAAC,CAAC;IACH,OAAO,MAA8B,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,MAAe;IACzC,OAAO,CAAC,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,kBAAkB,IAAK,MAAiB,CAAC;AAC9F,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAsB,MAAS;IACvD,MAAM,IAAI,GAAI,MAAmE,CAAC,kBAAkB,CAAC,CAAC;IACtG,OAAO,IAAI,EAAE,QAA2C,CAAC;AAC7D,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAsB,MAA4B;IAC/E,OAAO,MAAM,CAAC;AAClB,CAAC;AAED,4CAA4C;AAC5C,wDAAwD;AACxD,MAAM,CAAN,IAAY,cAEX;AAFD,WAAY,cAAc;IACtB,gDAA8B,CAAA;AAClC,CAAC,EAFW,cAAc,KAAd,cAAc,QAEzB"}
{"version":3,"file":"completable.js","sourceRoot":"","sources":["../../../src/server/completable.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,OAAO,GAMR,MAAM,KAAK,CAAC;AAEb,MAAM,CAAN,IAAY,cAEX;AAFD,WAAY,cAAc;IACxB,gDAA8B,CAAA;AAChC,CAAC,EAFW,cAAc,KAAd,cAAc,QAEzB;AAgBD,MAAM,OAAO,WAAkC,SAAQ,OAItD;IACC,MAAM,CAAC,KAAiB;QACtB,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;QAChD,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;QACtB,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;YAC3B,IAAI;YACJ,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,MAAM,EAAE,GAAG;SACZ,CAAC,CAAC;IACL,CAAC;IAED,MAAM;QACJ,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;IACxB,CAAC;;AAEM,kBAAM,GAAG,CACd,IAAO,EACP,MAEC,EACe,EAAE;IAClB,OAAO,IAAI,WAAW,CAAC;QACrB,IAAI;QACJ,QAAQ,EAAE,cAAc,CAAC,WAAW;QACpC,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,GAAG,mBAAmB,CAAC,MAAM,CAAC;KAC/B,CAAC,CAAC;AACL,CAAC,CAAC;AAGJ;;GAEG;AACH,MAAM,UAAU,WAAW,CACzB,MAAS,EACT,QAA6B;IAE7B,OAAO,WAAW,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;AAClE,CAAC;AAED,6CAA6C;AAC7C,oGAAoG;AACpG,SAAS,mBAAmB,CAAC,MAAuB;IAClD,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,CAAC;IACvB,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,cAAc,EAAE,WAAW,EAAE,GAAG,MAAM,CAAC;IAC7E,IAAI,QAAQ,IAAI,CAAC,kBAAkB,IAAI,cAAc,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CACb,0FAA0F,CAC3F,CAAC;IACJ,CAAC;IACD,IAAI,QAAQ;QAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;IACzD,MAAM,SAAS,GAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;;QAC1C,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;QAE3B,IAAI,GAAG,CAAC,IAAI,KAAK,oBAAoB,EAAE,CAAC;YACtC,OAAO,EAAE,OAAO,EAAE,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,GAAG,CAAC,YAAY,EAAE,CAAC;QAClD,CAAC;QACD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YACpC,OAAO,EAAE,OAAO,EAAE,MAAA,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,cAAc,mCAAI,GAAG,CAAC,YAAY,EAAE,CAAC;QACpE,CAAC;QACD,IAAI,GAAG,CAAC,IAAI,KAAK,cAAc;YAAE,OAAO,EAAE,OAAO,EAAE,GAAG,CAAC,YAAY,EAAE,CAAC;QACtE,OAAO,EAAE,OAAO,EAAE,MAAA,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,kBAAkB,mCAAI,GAAG,CAAC,YAAY,EAAE,CAAC;IACxE,CAAC,CAAC;IACF,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC;AAC9C,CAAC"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/index.d.ts
Generated Vendored
+75 -123
View File
@@ -1,9 +1,5 @@
import { Protocol, type NotificationOptions, type ProtocolOptions, type RequestOptions } from '../shared/protocol.js';
import { type ClientCapabilities, type CreateMessageRequest, type CreateMessageResult, type CreateMessageResultWithTools, type CreateMessageRequestParamsBase, type CreateMessageRequestParamsWithTools, type ElicitRequestFormParams, type ElicitRequestURLParams, type ElicitResult, type Implementation, type ListRootsRequest, type LoggingMessageNotification, type ResourceUpdatedNotification, type ServerCapabilities, type ServerNotification, type ServerRequest, type ServerResult, type Request, type Notification, type Result } from '../types.js';
import type { jsonSchemaValidator } from '../validation/types.js';
import { AnyObjectSchema, SchemaOutput } from './zod-compat.js';
import { RequestHandlerExtra } from '../shared/protocol.js';
import { ExperimentalServerTasks } from '../experimental/tasks/server.js';
import { Protocol, ProtocolOptions, RequestOptions } from "../shared/protocol.js";
import { ClientCapabilities, CreateMessageRequest, ElicitRequest, ElicitResult, Implementation, ListRootsRequest, LoggingMessageNotification, Notification, Request, ResourceUpdatedNotification, Result, ServerCapabilities, ServerNotification, ServerRequest, ServerResult } from "../types.js";
export type ServerOptions = ProtocolOptions & {
/**
* Capabilities to advertise as being supported by this server.
@@ -13,36 +9,6 @@ export type ServerOptions = ProtocolOptions & {
* Optional instructions describing how to use the server and its features.
*/
instructions?: string;
/**
* JSON Schema validator for elicitation response validation.
*
* The validator is used to validate user input returned from elicitation
* requests against the requested schema.
*
* @default AjvJsonSchemaValidator
*
* @example
* ```typescript
* // ajv (default)
* const server = new Server(
* { name: 'my-server', version: '1.0.0' },
* {
* capabilities: {}
* jsonSchemaValidator: new AjvJsonSchemaValidator()
* }
* );
*
* // @cfworker/json-schema
* const server = new Server(
* { name: 'my-server', version: '1.0.0' },
* {
* capabilities: {},
* jsonSchemaValidator: new CfWorkerJsonSchemaValidator()
* }
* );
* ```
*/
jsonSchemaValidator?: jsonSchemaValidator;
};
/**
* An MCP server on top of a pluggable transport.
@@ -68,7 +34,6 @@ export type ServerOptions = ProtocolOptions & {
* version: "1.0.0"
* })
* ```
* @deprecated Use `McpServer` instead for the high-level API. Only use `Server` for advanced use cases.
*/
export declare class Server<RequestT extends Request = Request, NotificationT extends Notification = Notification, ResultT extends Result = Result> extends Protocol<ServerRequest | RequestT, ServerNotification | NotificationT, ServerResult | ResultT> {
private _serverInfo;
@@ -76,8 +41,6 @@ export declare class Server<RequestT extends Request = Request, NotificationT ex
private _clientVersion?;
private _capabilities;
private _instructions?;
private _jsonSchemaValidator;
private _experimental?;
/**
* Callback for when initialization has fully completed (i.e., the client has sent an `initialized` notification).
*/
@@ -86,34 +49,15 @@ export declare class Server<RequestT extends Request = Request, NotificationT ex
* Initializes this server with the given name and version information.
*/
constructor(_serverInfo: Implementation, options?: ServerOptions);
/**
* Access experimental features.
*
* WARNING: These APIs are experimental and may change without notice.
*
* @experimental
*/
get experimental(): {
tasks: ExperimentalServerTasks<RequestT, NotificationT, ResultT>;
};
private _loggingLevels;
private readonly LOG_LEVEL_SEVERITY;
private isMessageIgnored;
/**
* Registers new capabilities. This can only be called before connecting to a transport.
*
* The new capabilities will be merged with any existing capabilities previously given (e.g., at initialization).
*/
registerCapabilities(capabilities: ServerCapabilities): void;
/**
* Override request handler registration to enforce server-side validation for tools/call.
*/
setRequestHandler<T extends AnyObjectSchema>(requestSchema: T, handler: (request: SchemaOutput<T>, extra: RequestHandlerExtra<ServerRequest | RequestT, ServerNotification | NotificationT>) => ServerResult | ResultT | Promise<ServerResult | ResultT>): void;
protected assertCapabilityForMethod(method: RequestT['method']): void;
protected assertNotificationCapability(method: (ServerNotification | NotificationT)['method']): void;
protected assertCapabilityForMethod(method: RequestT["method"]): void;
protected assertNotificationCapability(method: (ServerNotification | NotificationT)["method"]): void;
protected assertRequestHandlerCapability(method: string): void;
protected assertTaskCapability(method: string): void;
protected assertTaskHandlerCapability(method: string): void;
private _oninitialize;
/**
* After initialization has completed, this will be populated with the client's reported capabilities.
@@ -125,70 +69,78 @@ export declare class Server<RequestT extends Request = Request, NotificationT ex
getClientVersion(): Implementation | undefined;
private getCapabilities;
ping(): Promise<{
_meta?: {
[x: string]: unknown;
progressToken?: string | number | undefined;
"io.modelcontextprotocol/related-task"?: {
taskId: string;
} | undefined;
} | undefined;
_meta?: import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough"> | undefined;
}>;
/**
* Request LLM sampling from the client (without tools).
* Returns single content block for backwards compatibility.
*/
createMessage(params: CreateMessageRequestParamsBase, options?: RequestOptions): Promise<CreateMessageResult>;
/**
* Request LLM sampling from the client with tool support.
* Returns content that may be a single block or array (for parallel tool calls).
*/
createMessage(params: CreateMessageRequestParamsWithTools, options?: RequestOptions): Promise<CreateMessageResultWithTools>;
/**
* Request LLM sampling from the client.
* When tools may or may not be present, returns the union type.
*/
createMessage(params: CreateMessageRequest['params'], options?: RequestOptions): Promise<CreateMessageResult | CreateMessageResultWithTools>;
/**
* Creates an elicitation request for the given parameters.
* For backwards compatibility, `mode` may be omitted for form requests and will default to `'form'`.
* @param params The parameters for the elicitation request.
* @param options Optional request options.
* @returns The result of the elicitation request.
*/
elicitInput(params: ElicitRequestFormParams | ElicitRequestURLParams, options?: RequestOptions): Promise<ElicitResult>;
/**
* Creates a reusable callback that, when invoked, will send a `notifications/elicitation/complete`
* notification for the specified elicitation ID.
*
* @param elicitationId The ID of the elicitation to mark as complete.
* @param options Optional notification options. Useful when the completion notification should be related to a prior request.
* @returns A function that emits the completion notification when awaited.
*/
createElicitationCompletionNotifier(elicitationId: string, options?: NotificationOptions): () => Promise<void>;
listRoots(params?: ListRootsRequest['params'], options?: RequestOptions): Promise<{
[x: string]: unknown;
roots: {
uri: string;
name?: string | undefined;
_meta?: Record<string, unknown> | undefined;
}[];
_meta?: {
[x: string]: unknown;
progressToken?: string | number | undefined;
"io.modelcontextprotocol/related-task"?: {
taskId: string;
} | undefined;
} | undefined;
}>;
/**
* Sends a logging message to the client, if connected.
* Note: You only need to send the parameters object, not the entire JSON RPC message
* @see LoggingMessageNotification
* @param params
* @param sessionId optional for stateless and backward compatibility
*/
sendLoggingMessage(params: LoggingMessageNotification['params'], sessionId?: string): Promise<void>;
sendResourceUpdated(params: ResourceUpdatedNotification['params']): Promise<void>;
createMessage(params: CreateMessageRequest["params"], options?: RequestOptions): Promise<import("zod").objectOutputType<import("zod").objectUtil.extendShape<{
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, {
model: import("zod").ZodString;
stopReason: import("zod").ZodOptional<import("zod").ZodUnion<[import("zod").ZodEnum<["endTurn", "stopSequence", "maxTokens"]>, import("zod").ZodString]>>;
role: import("zod").ZodEnum<["user", "assistant"]>;
content: import("zod").ZodDiscriminatedUnion<"type", [import("zod").ZodObject<{
type: import("zod").ZodLiteral<"text">;
text: import("zod").ZodString;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{
type: import("zod").ZodLiteral<"text">;
text: import("zod").ZodString;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{
type: import("zod").ZodLiteral<"text">;
text: import("zod").ZodString;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, import("zod").ZodTypeAny, "passthrough">>, import("zod").ZodObject<{
type: import("zod").ZodLiteral<"image">;
data: import("zod").ZodEffects<import("zod").ZodString, string, string>;
mimeType: import("zod").ZodString;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{
type: import("zod").ZodLiteral<"image">;
data: import("zod").ZodEffects<import("zod").ZodString, string, string>;
mimeType: import("zod").ZodString;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{
type: import("zod").ZodLiteral<"image">;
data: import("zod").ZodEffects<import("zod").ZodString, string, string>;
mimeType: import("zod").ZodString;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, import("zod").ZodTypeAny, "passthrough">>, import("zod").ZodObject<{
type: import("zod").ZodLiteral<"audio">;
data: import("zod").ZodEffects<import("zod").ZodString, string, string>;
mimeType: import("zod").ZodString;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{
type: import("zod").ZodLiteral<"audio">;
data: import("zod").ZodEffects<import("zod").ZodString, string, string>;
mimeType: import("zod").ZodString;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{
type: import("zod").ZodLiteral<"audio">;
data: import("zod").ZodEffects<import("zod").ZodString, string, string>;
mimeType: import("zod").ZodString;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, import("zod").ZodTypeAny, "passthrough">>]>;
}>, import("zod").ZodTypeAny, "passthrough">>;
elicitInput(params: ElicitRequest["params"], options?: RequestOptions): Promise<ElicitResult>;
listRoots(params?: ListRootsRequest["params"], options?: RequestOptions): Promise<import("zod").objectOutputType<import("zod").objectUtil.extendShape<{
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, {
roots: import("zod").ZodArray<import("zod").ZodObject<{
uri: import("zod").ZodString;
name: import("zod").ZodOptional<import("zod").ZodString>;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{
uri: import("zod").ZodString;
name: import("zod").ZodOptional<import("zod").ZodString>;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{
uri: import("zod").ZodString;
name: import("zod").ZodOptional<import("zod").ZodString>;
_meta: import("zod").ZodOptional<import("zod").ZodObject<{}, "passthrough", import("zod").ZodTypeAny, import("zod").objectOutputType<{}, import("zod").ZodTypeAny, "passthrough">, import("zod").objectInputType<{}, import("zod").ZodTypeAny, "passthrough">>>;
}, import("zod").ZodTypeAny, "passthrough">>, "many">;
}>, import("zod").ZodTypeAny, "passthrough">>;
sendLoggingMessage(params: LoggingMessageNotification["params"]): Promise<void>;
sendResourceUpdated(params: ResourceUpdatedNotification["params"]): Promise<void>;
sendResourceListChanged(): Promise<void>;
sendToolListChanged(): Promise<void>;
sendPromptListChanged(): Promise<void>;
node_modules/@modelcontextprotocol/sdk/dist/esm/server/index.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,KAAK,mBAAmB,EAAE,KAAK,eAAe,EAAE,KAAK,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACzI,OAAO,EACH,KAAK,kBAAkB,EACvB,KAAK,oBAAoB,EACzB,KAAK,mBAAmB,EAExB,KAAK,4BAA4B,EAEjC,KAAK,8BAA8B,EACnC,KAAK,mCAAmC,EACxC,KAAK,uBAAuB,EAC5B,KAAK,sBAAsB,EAC3B,KAAK,YAAY,EAIjB,KAAK,cAAc,EAMnB,KAAK,gBAAgB,EAIrB,KAAK,0BAA0B,EAE/B,KAAK,2BAA2B,EAChC,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,aAAa,EAClB,KAAK,YAAY,EAQjB,KAAK,OAAO,EACZ,KAAK,YAAY,EACjB,KAAK,MAAM,EACd,MAAM,aAAa,CAAC;AAErB,OAAO,KAAK,EAAkB,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EACH,eAAe,EAIf,YAAY,EAGf,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAG1E,MAAM,MAAM,aAAa,GAAG,eAAe,GAAG;IAC1C;;OAEG;IACH,YAAY,CAAC,EAAE,kBAAkB,CAAC;IAElC;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,mBAAmB,CAAC,EAAE,mBAAmB,CAAC;CAC7C,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,MAAM,CACf,QAAQ,SAAS,OAAO,GAAG,OAAO,EAClC,aAAa,SAAS,YAAY,GAAG,YAAY,EACjD,OAAO,SAAS,MAAM,GAAG,MAAM,CACjC,SAAQ,QAAQ,CAAC,aAAa,GAAG,QAAQ,EAAE,kBAAkB,GAAG,aAAa,EAAE,YAAY,GAAG,OAAO,CAAC;IAiBhG,OAAO,CAAC,WAAW;IAhBvB,OAAO,CAAC,mBAAmB,CAAC,CAAqB;IACjD,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,aAAa,CAAqB;IAC1C,OAAO,CAAC,aAAa,CAAC,CAAS;IAC/B,OAAO,CAAC,oBAAoB,CAAsB;IAClD,OAAO,CAAC,aAAa,CAAC,CAAuE;IAE7F;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,IAAI,CAAC;IAE3B;;OAEG;gBAES,WAAW,EAAE,cAAc,EACnC,OAAO,CAAC,EAAE,aAAa;IAwB3B;;;;;;OAMG;IACH,IAAI,YAAY,IAAI;QAAE,KAAK,EAAE,uBAAuB,CAAC,QAAQ,EAAE,aAAa,EAAE,OAAO,CAAC,CAAA;KAAE,CAOvF;IAGD,OAAO,CAAC,cAAc,CAA+C;IAGrE,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAA6E;IAGhH,OAAO,CAAC,gBAAgB,CAGtB;IAEF;;;;OAIG;IACI,oBAAoB,CAAC,YAAY,EAAE,kBAAkB,GAAG,IAAI;IAOnE;;OAEG;IACa,iBAAiB,CAAC,CAAC,SAAS,eAAe,EACvD,aAAa,EAAE,CAAC,EAChB,OAAO,EAAE,CACL,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,EACxB,KAAK,EAAE,mBAAmB,CAAC,aAAa,GAAG,QAAQ,EAAE,kBAAkB,GAAG,aAAa,CAAC,KACvF,YAAY,GAAG,OAAO,GAAG,OAAO,CAAC,YAAY,GAAG,OAAO,CAAC,GAC9D,IAAI;IAwEP,SAAS,CAAC,yBAAyB,CAAC,MAAM,EAAE,QAAQ,CAAC,QAAQ,CAAC,GAAG,IAAI;IA0BrE,SAAS,CAAC,4BAA4B,CAAC,MAAM,EAAE,CAAC,kBAAkB,GAAG,aAAa,CAAC,CAAC,QAAQ,CAAC,GAAG,IAAI;IA2CpG,SAAS,CAAC,8BAA8B,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IA0D9D,SAAS,CAAC,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAIpD,SAAS,CAAC,2BAA2B,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;YAU7C,aAAa;IAgB3B;;OAEG;IACH,qBAAqB,IAAI,kBAAkB,GAAG,SAAS;IAIvD;;OAEG;IACH,gBAAgB,IAAI,cAAc,GAAG,SAAS;IAI9C,OAAO,CAAC,eAAe;IAIjB,IAAI;;;;;;;;;IAIV;;;OAGG;IACG,aAAa,CAAC,MAAM,EAAE,8BAA8B,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAEnH;;;OAGG;IACG,aAAa,CAAC,MAAM,EAAE,mCAAmC,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,4BAA4B,CAAC;IAEjI;;;OAGG;IACG,aAAa,CACf,MAAM,EAAE,oBAAoB,CAAC,QAAQ,CAAC,EACtC,OAAO,CAAC,EAAE,cAAc,GACzB,OAAO,CAAC,mBAAmB,GAAG,4BAA4B,CAAC;IAwD9D;;;;;;OAMG;IACG,WAAW,CAAC,MAAM,EAAE,uBAAuB,GAAG,sBAAsB,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,YAAY,CAAC;IAgD5H;;;;;;;OAOG;IACH,mCAAmC,CAAC,aAAa,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,mBAAmB,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;IAiBxG,SAAS,CAAC,MAAM,CAAC,EAAE,gBAAgB,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,EAAE,cAAc;;;;;;;;;;;;;;;IAI7E;;;;;;OAMG;IACG,kBAAkB,CAAC,MAAM,EAAE,0BAA0B,CAAC,QAAQ,CAAC,EAAE,SAAS,CAAC,EAAE,MAAM;IAQnF,mBAAmB,CAAC,MAAM,EAAE,2BAA2B,CAAC,QAAQ,CAAC;IAOjE,uBAAuB;IAMvB,mBAAmB;IAInB,qBAAqB;CAG9B"}
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,QAAQ,EACR,eAAe,EACf,cAAc,EACf,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EAEpB,aAAa,EACb,YAAY,EAGZ,cAAc,EAMd,gBAAgB,EAEhB,0BAA0B,EAG1B,YAAY,EACZ,OAAO,EACP,2BAA2B,EAC3B,MAAM,EACN,kBAAkB,EAClB,kBAAkB,EAClB,aAAa,EACb,YAAY,EAEb,MAAM,aAAa,CAAC;AAGrB,MAAM,MAAM,aAAa,GAAG,eAAe,GAAG;IAC5C;;OAEG;IACH,YAAY,CAAC,EAAE,kBAAkB,CAAC;IAElC;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,qBAAa,MAAM,CACjB,QAAQ,SAAS,OAAO,GAAG,OAAO,EAClC,aAAa,SAAS,YAAY,GAAG,YAAY,EACjD,OAAO,SAAS,MAAM,GAAG,MAAM,CAC/B,SAAQ,QAAQ,CAChB,aAAa,GAAG,QAAQ,EACxB,kBAAkB,GAAG,aAAa,EAClC,YAAY,GAAG,OAAO,CACvB;IAeG,OAAO,CAAC,WAAW;IAdrB,OAAO,CAAC,mBAAmB,CAAC,CAAqB;IACjD,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,aAAa,CAAqB;IAC1C,OAAO,CAAC,aAAa,CAAC,CAAS;IAE/B;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,IAAI,CAAC;IAE3B;;OAEG;gBAEO,WAAW,EAAE,cAAc,EACnC,OAAO,CAAC,EAAE,aAAa;IAczB;;;;OAIG;IACI,oBAAoB,CAAC,YAAY,EAAE,kBAAkB,GAAG,IAAI;IAUnE,SAAS,CAAC,yBAAyB,CAAC,MAAM,EAAE,QAAQ,CAAC,QAAQ,CAAC,GAAG,IAAI;IAgCrE,SAAS,CAAC,4BAA4B,CACpC,MAAM,EAAE,CAAC,kBAAkB,GAAG,aAAa,CAAC,CAAC,QAAQ,CAAC,GACrD,IAAI;IA6CP,SAAS,CAAC,8BAA8B,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;YAqDhD,aAAa;IAoB3B;;OAEG;IACH,qBAAqB,IAAI,kBAAkB,GAAG,SAAS;IAIvD;;OAEG;IACH,gBAAgB,IAAI,cAAc,GAAG,SAAS;IAI9C,OAAO,CAAC,eAAe;IAIjB,IAAI;;;IAIJ,aAAa,CACjB,MAAM,EAAE,oBAAoB,CAAC,QAAQ,CAAC,EACtC,OAAO,CAAC,EAAE,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IASpB,WAAW,CACf,MAAM,EAAE,aAAa,CAAC,QAAQ,CAAC,EAC/B,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,YAAY,CAAC;IAmClB,SAAS,CACb,MAAM,CAAC,EAAE,gBAAgB,CAAC,QAAQ,CAAC,EACnC,OAAO,CAAC,EAAE,cAAc;;;;;;;;;;;;;;;;;IASpB,kBAAkB,CAAC,MAAM,EAAE,0BAA0B,CAAC,QAAQ,CAAC;IAI/D,mBAAmB,CAAC,MAAM,EAAE,2BAA2B,CAAC,QAAQ,CAAC;IAOjE,uBAAuB;IAMvB,mBAAmB;IAInB,qBAAqB;CAG5B"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/index.js
Generated Vendored
+65 -281
View File
@@ -1,9 +1,6 @@
import { mergeCapabilities, Protocol } from '../shared/protocol.js';
import { CreateMessageResultSchema, CreateMessageResultWithToolsSchema, ElicitResultSchema, EmptyResultSchema, ErrorCode, InitializedNotificationSchema, InitializeRequestSchema, LATEST_PROTOCOL_VERSION, ListRootsResultSchema, LoggingLevelSchema, McpError, SetLevelRequestSchema, SUPPORTED_PROTOCOL_VERSIONS, CallToolRequestSchema, CallToolResultSchema, CreateTaskResultSchema } from '../types.js';
import { AjvJsonSchemaValidator } from '../validation/ajv-provider.js';
import { getObjectShape, isZ4Schema, safeParse } from './zod-compat.js';
import { ExperimentalServerTasks } from '../experimental/tasks/server.js';
import { assertToolsCallTaskCapability, assertClientRequestTaskCapability } from '../experimental/tasks/helpers.js';
import { mergeCapabilities, Protocol, } from "../shared/protocol.js";
import { CreateMessageResultSchema, ElicitResultSchema, EmptyResultSchema, InitializedNotificationSchema, InitializeRequestSchema, LATEST_PROTOCOL_VERSION, ListRootsResultSchema, McpError, ErrorCode, SUPPORTED_PROTOCOL_VERSIONS, } from "../types.js";
import Ajv from "ajv";
/**
* An MCP server on top of a pluggable transport.
*
@@ -28,55 +25,19 @@ import { assertToolsCallTaskCapability, assertClientRequestTaskCapability } from
* version: "1.0.0"
* })
* ```
* @deprecated Use `McpServer` instead for the high-level API. Only use `Server` for advanced use cases.
*/
export class Server extends Protocol {
/**
* Initializes this server with the given name and version information.
*/
constructor(_serverInfo, options) {
var _a;
super(options);
this._serverInfo = _serverInfo;
// Map log levels by session id
this._loggingLevels = new Map();
// Map LogLevelSchema to severity index
this.LOG_LEVEL_SEVERITY = new Map(LoggingLevelSchema.options.map((level, index) => [level, index]));
// Is a message with the given level ignored in the log level set for the given session id?
this.isMessageIgnored = (level, sessionId) => {
const currentLevel = this._loggingLevels.get(sessionId);
return currentLevel ? this.LOG_LEVEL_SEVERITY.get(level) < this.LOG_LEVEL_SEVERITY.get(currentLevel) : false;
};
this._capabilities = options?.capabilities ?? {};
this._instructions = options?.instructions;
this._jsonSchemaValidator = options?.jsonSchemaValidator ?? new AjvJsonSchemaValidator();
this.setRequestHandler(InitializeRequestSchema, request => this._oninitialize(request));
this.setNotificationHandler(InitializedNotificationSchema, () => this.oninitialized?.());
if (this._capabilities.logging) {
this.setRequestHandler(SetLevelRequestSchema, async (request, extra) => {
const transportSessionId = extra.sessionId || extra.requestInfo?.headers['mcp-session-id'] || undefined;
const { level } = request.params;
const parseResult = LoggingLevelSchema.safeParse(level);
if (parseResult.success) {
this._loggingLevels.set(transportSessionId, parseResult.data);
}
return {};
});
}
}
/**
* Access experimental features.
*
* WARNING: These APIs are experimental and may change without notice.
*
* @experimental
*/
get experimental() {
if (!this._experimental) {
this._experimental = {
tasks: new ExperimentalServerTasks(this)
};
}
return this._experimental;
this._capabilities = (_a = options === null || options === void 0 ? void 0 : options.capabilities) !== null && _a !== void 0 ? _a : {};
this._instructions = options === null || options === void 0 ? void 0 : options.instructions;
this.setRequestHandler(InitializeRequestSchema, (request) => this._oninitialize(request));
this.setNotificationHandler(InitializedNotificationSchema, () => { var _a; return (_a = this.oninitialized) === null || _a === void 0 ? void 0 : _a.call(this); });
}
/**
* Registers new capabilities. This can only be called before connecting to a transport.
@@ -85,198 +46,113 @@ export class Server extends Protocol {
*/
registerCapabilities(capabilities) {
if (this.transport) {
throw new Error('Cannot register capabilities after connecting to transport');
throw new Error("Cannot register capabilities after connecting to transport");
}
this._capabilities = mergeCapabilities(this._capabilities, capabilities);
}
/**
* Override request handler registration to enforce server-side validation for tools/call.
*/
setRequestHandler(requestSchema, handler) {
const shape = getObjectShape(requestSchema);
const methodSchema = shape?.method;
if (!methodSchema) {
throw new Error('Schema is missing a method literal');
}
// Extract literal value using type-safe property access
let methodValue;
if (isZ4Schema(methodSchema)) {
const v4Schema = methodSchema;
const v4Def = v4Schema._zod?.def;
methodValue = v4Def?.value ?? v4Schema.value;
}
else {
const v3Schema = methodSchema;
const legacyDef = v3Schema._def;
methodValue = legacyDef?.value ?? v3Schema.value;
}
if (typeof methodValue !== 'string') {
throw new Error('Schema method literal must be a string');
}
const method = methodValue;
if (method === 'tools/call') {
const wrappedHandler = async (request, extra) => {
const validatedRequest = safeParse(CallToolRequestSchema, request);
if (!validatedRequest.success) {
const errorMessage = validatedRequest.error instanceof Error ? validatedRequest.error.message : String(validatedRequest.error);
throw new McpError(ErrorCode.InvalidParams, `Invalid tools/call request: ${errorMessage}`);
}
const { params } = validatedRequest.data;
const result = await Promise.resolve(handler(request, extra));
// When task creation is requested, validate and return CreateTaskResult
if (params.task) {
const taskValidationResult = safeParse(CreateTaskResultSchema, result);
if (!taskValidationResult.success) {
const errorMessage = taskValidationResult.error instanceof Error
? taskValidationResult.error.message
: String(taskValidationResult.error);
throw new McpError(ErrorCode.InvalidParams, `Invalid task creation result: ${errorMessage}`);
}
return taskValidationResult.data;
}
// For non-task requests, validate against CallToolResultSchema
const validationResult = safeParse(CallToolResultSchema, result);
if (!validationResult.success) {
const errorMessage = validationResult.error instanceof Error ? validationResult.error.message : String(validationResult.error);
throw new McpError(ErrorCode.InvalidParams, `Invalid tools/call result: ${errorMessage}`);
}
return validationResult.data;
};
// Install the wrapped handler
return super.setRequestHandler(requestSchema, wrappedHandler);
}
// Other handlers use default behavior
return super.setRequestHandler(requestSchema, handler);
}
assertCapabilityForMethod(method) {
var _a, _b, _c;
switch (method) {
case 'sampling/createMessage':
if (!this._clientCapabilities?.sampling) {
case "sampling/createMessage":
if (!((_a = this._clientCapabilities) === null || _a === void 0 ? void 0 : _a.sampling)) {
throw new Error(`Client does not support sampling (required for ${method})`);
}
break;
case 'elicitation/create':
if (!this._clientCapabilities?.elicitation) {
case "elicitation/create":
if (!((_b = this._clientCapabilities) === null || _b === void 0 ? void 0 : _b.elicitation)) {
throw new Error(`Client does not support elicitation (required for ${method})`);
}
break;
case 'roots/list':
if (!this._clientCapabilities?.roots) {
case "roots/list":
if (!((_c = this._clientCapabilities) === null || _c === void 0 ? void 0 : _c.roots)) {
throw new Error(`Client does not support listing roots (required for ${method})`);
}
break;
case 'ping':
case "ping":
// No specific capability required for ping
break;
}
}
assertNotificationCapability(method) {
switch (method) {
case 'notifications/message':
case "notifications/message":
if (!this._capabilities.logging) {
throw new Error(`Server does not support logging (required for ${method})`);
}
break;
case 'notifications/resources/updated':
case 'notifications/resources/list_changed':
case "notifications/resources/updated":
case "notifications/resources/list_changed":
if (!this._capabilities.resources) {
throw new Error(`Server does not support notifying about resources (required for ${method})`);
}
break;
case 'notifications/tools/list_changed':
case "notifications/tools/list_changed":
if (!this._capabilities.tools) {
throw new Error(`Server does not support notifying of tool list changes (required for ${method})`);
}
break;
case 'notifications/prompts/list_changed':
case "notifications/prompts/list_changed":
if (!this._capabilities.prompts) {
throw new Error(`Server does not support notifying of prompt list changes (required for ${method})`);
}
break;
case 'notifications/elicitation/complete':
if (!this._clientCapabilities?.elicitation?.url) {
throw new Error(`Client does not support URL elicitation (required for ${method})`);
}
break;
case 'notifications/cancelled':
case "notifications/cancelled":
// Cancellation notifications are always allowed
break;
case 'notifications/progress':
case "notifications/progress":
// Progress notifications are always allowed
break;
}
}
assertRequestHandlerCapability(method) {
// Task handlers are registered in Protocol constructor before _capabilities is initialized
// Skip capability check for task methods during initialization
if (!this._capabilities) {
return;
}
switch (method) {
case 'completion/complete':
if (!this._capabilities.completions) {
throw new Error(`Server does not support completions (required for ${method})`);
case "sampling/createMessage":
if (!this._capabilities.sampling) {
throw new Error(`Server does not support sampling (required for ${method})`);
}
break;
case 'logging/setLevel':
case "logging/setLevel":
if (!this._capabilities.logging) {
throw new Error(`Server does not support logging (required for ${method})`);
}
break;
case 'prompts/get':
case 'prompts/list':
case "prompts/get":
case "prompts/list":
if (!this._capabilities.prompts) {
throw new Error(`Server does not support prompts (required for ${method})`);
}
break;
case 'resources/list':
case 'resources/templates/list':
case 'resources/read':
case "resources/list":
case "resources/templates/list":
case "resources/read":
if (!this._capabilities.resources) {
throw new Error(`Server does not support resources (required for ${method})`);
}
break;
case 'tools/call':
case 'tools/list':
case "tools/call":
case "tools/list":
if (!this._capabilities.tools) {
throw new Error(`Server does not support tools (required for ${method})`);
}
break;
case 'tasks/get':
case 'tasks/list':
case 'tasks/result':
case 'tasks/cancel':
if (!this._capabilities.tasks) {
throw new Error(`Server does not support tasks capability (required for ${method})`);
}
break;
case 'ping':
case 'initialize':
case "ping":
case "initialize":
// No specific capability required for these methods
break;
}
}
assertTaskCapability(method) {
assertClientRequestTaskCapability(this._clientCapabilities?.tasks?.requests, method, 'Client');
}
assertTaskHandlerCapability(method) {
// Task handlers are registered in Protocol constructor before _capabilities is initialized
// Skip capability check for task methods during initialization
if (!this._capabilities) {
return;
}
assertToolsCallTaskCapability(this._capabilities.tasks?.requests, method, 'Server');
}
async _oninitialize(request) {
const requestedVersion = request.params.protocolVersion;
this._clientCapabilities = request.params.capabilities;
this._clientVersion = request.params.clientInfo;
const protocolVersion = SUPPORTED_PROTOCOL_VERSIONS.includes(requestedVersion) ? requestedVersion : LATEST_PROTOCOL_VERSION;
const protocolVersion = SUPPORTED_PROTOCOL_VERSIONS.includes(requestedVersion)
? requestedVersion
: LATEST_PROTOCOL_VERSION;
return {
protocolVersion,
capabilities: this.getCapabilities(),
serverInfo: this._serverInfo,
...(this._instructions && { instructions: this._instructions })
...(this._instructions && { instructions: this._instructions }),
};
}
/**
@@ -295,146 +171,54 @@ export class Server extends Protocol {
return this._capabilities;
}
async ping() {
return this.request({ method: 'ping' }, EmptyResultSchema);
return this.request({ method: "ping" }, EmptyResultSchema);
}
// Implementation
async createMessage(params, options) {
// Capability check - only required when tools/toolChoice are provided
if (params.tools || params.toolChoice) {
if (!this._clientCapabilities?.sampling?.tools) {
throw new Error('Client does not support sampling tools capability.');
}
}
// Message structure validation - always validate tool_use/tool_result pairs.
// These may appear even without tools/toolChoice in the current request when
// a previous sampling request returned tool_use and this is a follow-up with results.
if (params.messages.length > 0) {
const lastMessage = params.messages[params.messages.length - 1];
const lastContent = Array.isArray(lastMessage.content) ? lastMessage.content : [lastMessage.content];
const hasToolResults = lastContent.some(c => c.type === 'tool_result');
const previousMessage = params.messages.length > 1 ? params.messages[params.messages.length - 2] : undefined;
const previousContent = previousMessage
? Array.isArray(previousMessage.content)
? previousMessage.content
: [previousMessage.content]
: [];
const hasPreviousToolUse = previousContent.some(c => c.type === 'tool_use');
if (hasToolResults) {
if (lastContent.some(c => c.type !== 'tool_result')) {
throw new Error('The last message must contain only tool_result content if any is present');
}
if (!hasPreviousToolUse) {
throw new Error('tool_result blocks are not matching any tool_use from the previous message');
}
}
if (hasPreviousToolUse) {
const toolUseIds = new Set(previousContent.filter(c => c.type === 'tool_use').map(c => c.id));
const toolResultIds = new Set(lastContent.filter(c => c.type === 'tool_result').map(c => c.toolUseId));
if (toolUseIds.size !== toolResultIds.size || ![...toolUseIds].every(id => toolResultIds.has(id))) {
throw new Error('ids of tool_result blocks and tool_use blocks from previous message do not match');
}
}
}
// Use different schemas based on whether tools are provided
if (params.tools) {
return this.request({ method: 'sampling/createMessage', params }, CreateMessageResultWithToolsSchema, options);
}
return this.request({ method: 'sampling/createMessage', params }, CreateMessageResultSchema, options);
return this.request({ method: "sampling/createMessage", params }, CreateMessageResultSchema, options);
}
/**
* Creates an elicitation request for the given parameters.
* For backwards compatibility, `mode` may be omitted for form requests and will default to `'form'`.
* @param params The parameters for the elicitation request.
* @param options Optional request options.
* @returns The result of the elicitation request.
*/
async elicitInput(params, options) {
const mode = (params.mode ?? 'form');
switch (mode) {
case 'url': {
if (!this._clientCapabilities?.elicitation?.url) {
throw new Error('Client does not support url elicitation.');
const result = await this.request({ method: "elicitation/create", params }, ElicitResultSchema, options);
// Validate the response content against the requested schema if action is "accept"
if (result.action === "accept" && result.content) {
try {
const ajv = new Ajv();
const validate = ajv.compile(params.requestedSchema);
const isValid = validate(result.content);
if (!isValid) {
throw new McpError(ErrorCode.InvalidParams, `Elicitation response content does not match requested schema: ${ajv.errorsText(validate.errors)}`);
}
const urlParams = params;
return this.request({ method: 'elicitation/create', params: urlParams }, ElicitResultSchema, options);
}
case 'form': {
if (!this._clientCapabilities?.elicitation?.form) {
throw new Error('Client does not support form elicitation.');
catch (error) {
if (error instanceof McpError) {
throw error;
}
const formParams = params.mode === 'form' ? params : { ...params, mode: 'form' };
const result = await this.request({ method: 'elicitation/create', params: formParams }, ElicitResultSchema, options);
if (result.action === 'accept' && result.content && formParams.requestedSchema) {
try {
const validator = this._jsonSchemaValidator.getValidator(formParams.requestedSchema);
const validationResult = validator(result.content);
if (!validationResult.valid) {
throw new McpError(ErrorCode.InvalidParams, `Elicitation response content does not match requested schema: ${validationResult.errorMessage}`);
}
}
catch (error) {
if (error instanceof McpError) {
throw error;
}
throw new McpError(ErrorCode.InternalError, `Error validating elicitation response: ${error instanceof Error ? error.message : String(error)}`);
}
}
return result;
throw new McpError(ErrorCode.InternalError, `Error validating elicitation response: ${error}`);
}
}
}
/**
* Creates a reusable callback that, when invoked, will send a `notifications/elicitation/complete`
* notification for the specified elicitation ID.
*
* @param elicitationId The ID of the elicitation to mark as complete.
* @param options Optional notification options. Useful when the completion notification should be related to a prior request.
* @returns A function that emits the completion notification when awaited.
*/
createElicitationCompletionNotifier(elicitationId, options) {
if (!this._clientCapabilities?.elicitation?.url) {
throw new Error('Client does not support URL elicitation (required for notifications/elicitation/complete)');
}
return () => this.notification({
method: 'notifications/elicitation/complete',
params: {
elicitationId
}
}, options);
return result;
}
async listRoots(params, options) {
return this.request({ method: 'roots/list', params }, ListRootsResultSchema, options);
return this.request({ method: "roots/list", params }, ListRootsResultSchema, options);
}
/**
* Sends a logging message to the client, if connected.
* Note: You only need to send the parameters object, not the entire JSON RPC message
* @see LoggingMessageNotification
* @param params
* @param sessionId optional for stateless and backward compatibility
*/
async sendLoggingMessage(params, sessionId) {
if (this._capabilities.logging) {
if (!this.isMessageIgnored(params.level, sessionId)) {
return this.notification({ method: 'notifications/message', params });
}
}
async sendLoggingMessage(params) {
return this.notification({ method: "notifications/message", params });
}
async sendResourceUpdated(params) {
return this.notification({
method: 'notifications/resources/updated',
params
method: "notifications/resources/updated",
params,
});
}
async sendResourceListChanged() {
return this.notification({
method: 'notifications/resources/list_changed'
method: "notifications/resources/list_changed",
});
}
async sendToolListChanged() {
return this.notification({ method: 'notifications/tools/list_changed' });
return this.notification({ method: "notifications/tools/list_changed" });
}
async sendPromptListChanged() {
return this.notification({ method: 'notifications/prompts/list_changed' });
return this.notification({ method: "notifications/prompts/list_changed" });
}
}
//# sourceMappingURL=index.js.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/index.js.map
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
node_modules/@modelcontextprotocol/sdk/dist/esm/server/mcp.d.ts
Generated Vendored
+24 -89
View File
@@ -1,11 +1,9 @@
import { Server, ServerOptions } from './index.js';
import { AnySchema, AnyObjectSchema, ZodRawShapeCompat, SchemaOutput, ShapeOutput } from './zod-compat.js';
import { Implementation, CallToolResult, Resource, ListResourcesResult, GetPromptResult, ReadResourceResult, ServerRequest, ServerNotification, ToolAnnotations, LoggingMessageNotification, Result, ToolExecution } from '../types.js';
import { UriTemplate, Variables } from '../shared/uriTemplate.js';
import { RequestHandlerExtra } from '../shared/protocol.js';
import { Transport } from '../shared/transport.js';
import { ExperimentalMcpServerTasks } from '../experimental/tasks/mcp-server.js';
import type { ToolTaskHandler } from '../experimental/tasks/interfaces.js';
import { Server, ServerOptions } from "./index.js";
import { z, ZodRawShape, ZodObject, AnyZodObject, ZodTypeAny, ZodType, ZodTypeDef, ZodOptional } from "zod";
import { Implementation, CallToolResult, Resource, ListResourcesResult, GetPromptResult, ReadResourceResult, ServerRequest, ServerNotification, ToolAnnotations } from "../types.js";
import { UriTemplate, Variables } from "../shared/uriTemplate.js";
import { RequestHandlerExtra } from "../shared/protocol.js";
import { Transport } from "../shared/transport.js";
/**
* High-level MCP server that provides a simpler API for working with resources, tools, and prompts.
* For advanced usage (like sending notifications or setting custom request handlers), use the underlying
@@ -20,18 +18,7 @@ export declare class McpServer {
private _registeredResourceTemplates;
private _registeredTools;
private _registeredPrompts;
private _experimental?;
constructor(serverInfo: Implementation, options?: ServerOptions);
/**
* Access experimental features.
*
* WARNING: These APIs are experimental and may change without notice.
*
* @experimental
*/
get experimental(): {
tasks: ExperimentalMcpServerTasks;
};
/**
* Attaches to the given transport, starts it, and starts listening for messages.
*
@@ -44,29 +31,6 @@ export declare class McpServer {
close(): Promise<void>;
private _toolHandlersInitialized;
private setToolRequestHandlers;
/**
* Creates a tool error result.
*
* @param errorMessage - The error message.
* @returns The tool error result.
*/
private createToolError;
/**
* Validates tool input arguments against the tool's input schema.
*/
private validateToolInput;
/**
* Validates tool output against the tool's output schema.
*/
private validateToolOutput;
/**
* Executes a tool handler (either regular or task-based).
*/
private executeToolHandler;
/**
* Handles automatic task polling for tools with taskSupport 'optional'.
*/
private handleAutomaticTaskPolling;
private _completionHandlerInitialized;
private setCompletionRequestHandler;
private handlePromptCompletion;
@@ -77,22 +41,18 @@ export declare class McpServer {
private setPromptRequestHandlers;
/**
* Registers a resource `name` at a fixed URI, which will use the given callback to respond to read requests.
* @deprecated Use `registerResource` instead.
*/
resource(name: string, uri: string, readCallback: ReadResourceCallback): RegisteredResource;
/**
* Registers a resource `name` at a fixed URI with metadata, which will use the given callback to respond to read requests.
* @deprecated Use `registerResource` instead.
*/
resource(name: string, uri: string, metadata: ResourceMetadata, readCallback: ReadResourceCallback): RegisteredResource;
/**
* Registers a resource `name` with a template pattern, which will use the given callback to respond to read requests.
* @deprecated Use `registerResource` instead.
*/
resource(name: string, template: ResourceTemplate, readCallback: ReadResourceTemplateCallback): RegisteredResourceTemplate;
/**
* Registers a resource `name` with a template pattern and metadata, which will use the given callback to respond to read requests.
* @deprecated Use `registerResource` instead.
*/
resource(name: string, template: ResourceTemplate, metadata: ResourceMetadata, readCallback: ReadResourceTemplateCallback): RegisteredResourceTemplate;
/**
@@ -107,12 +67,10 @@ export declare class McpServer {
private _createRegisteredTool;
/**
* Registers a zero-argument tool `name`, which will run the given function when the client calls it.
* @deprecated Use `registerTool` instead.
*/
tool(name: string, cb: ToolCallback): RegisteredTool;
/**
* Registers a zero-argument tool `name` (with a description) which will run the given function when the client calls it.
* @deprecated Use `registerTool` instead.
*/
tool(name: string, description: string, cb: ToolCallback): RegisteredTool;
/**
@@ -120,59 +78,50 @@ export declare class McpServer {
* This unified overload handles both `tool(name, paramsSchema, cb)` and `tool(name, annotations, cb)` cases.
*
* Note: We use a union type for the second parameter because TypeScript cannot reliably disambiguate
* between ToolAnnotations and ZodRawShapeCompat during overload resolution, as both are plain object types.
* @deprecated Use `registerTool` instead.
* between ToolAnnotations and ZodRawShape during overload resolution, as both are plain object types.
*/
tool<Args extends ZodRawShapeCompat>(name: string, paramsSchemaOrAnnotations: Args | ToolAnnotations, cb: ToolCallback<Args>): RegisteredTool;
tool<Args extends ZodRawShape>(name: string, paramsSchemaOrAnnotations: Args | ToolAnnotations, cb: ToolCallback<Args>): RegisteredTool;
/**
* Registers a tool `name` (with a description) taking either parameter schema or annotations.
* This unified overload handles both `tool(name, description, paramsSchema, cb)` and
* `tool(name, description, annotations, cb)` cases.
*
* Note: We use a union type for the third parameter because TypeScript cannot reliably disambiguate
* between ToolAnnotations and ZodRawShapeCompat during overload resolution, as both are plain object types.
* @deprecated Use `registerTool` instead.
* between ToolAnnotations and ZodRawShape during overload resolution, as both are plain object types.
*/
tool<Args extends ZodRawShapeCompat>(name: string, description: string, paramsSchemaOrAnnotations: Args | ToolAnnotations, cb: ToolCallback<Args>): RegisteredTool;
tool<Args extends ZodRawShape>(name: string, description: string, paramsSchemaOrAnnotations: Args | ToolAnnotations, cb: ToolCallback<Args>): RegisteredTool;
/**
* Registers a tool with both parameter schema and annotations.
* @deprecated Use `registerTool` instead.
*/
tool<Args extends ZodRawShapeCompat>(name: string, paramsSchema: Args, annotations: ToolAnnotations, cb: ToolCallback<Args>): RegisteredTool;
tool<Args extends ZodRawShape>(name: string, paramsSchema: Args, annotations: ToolAnnotations, cb: ToolCallback<Args>): RegisteredTool;
/**
* Registers a tool with description, parameter schema, and annotations.
* @deprecated Use `registerTool` instead.
*/
tool<Args extends ZodRawShapeCompat>(name: string, description: string, paramsSchema: Args, annotations: ToolAnnotations, cb: ToolCallback<Args>): RegisteredTool;
tool<Args extends ZodRawShape>(name: string, description: string, paramsSchema: Args, annotations: ToolAnnotations, cb: ToolCallback<Args>): RegisteredTool;
/**
* Registers a tool with a config object and callback.
*/
registerTool<OutputArgs extends ZodRawShapeCompat | AnySchema, InputArgs extends undefined | ZodRawShapeCompat | AnySchema = undefined>(name: string, config: {
registerTool<InputArgs extends ZodRawShape, OutputArgs extends ZodRawShape>(name: string, config: {
title?: string;
description?: string;
inputSchema?: InputArgs;
outputSchema?: OutputArgs;
annotations?: ToolAnnotations;
_meta?: Record<string, unknown>;
}, cb: ToolCallback<InputArgs>): RegisteredTool;
/**
* Registers a zero-argument prompt `name`, which will run the given function when the client calls it.
* @deprecated Use `registerPrompt` instead.
*/
prompt(name: string, cb: PromptCallback): RegisteredPrompt;
/**
* Registers a zero-argument prompt `name` (with a description) which will run the given function when the client calls it.
* @deprecated Use `registerPrompt` instead.
*/
prompt(name: string, description: string, cb: PromptCallback): RegisteredPrompt;
/**
* Registers a prompt `name` accepting the given arguments, which must be an object containing named properties associated with Zod schemas. When the client calls it, the function will be run with the parsed and validated arguments.
* @deprecated Use `registerPrompt` instead.
*/
prompt<Args extends PromptArgsRawShape>(name: string, argsSchema: Args, cb: PromptCallback<Args>): RegisteredPrompt;
/**
* Registers a prompt `name` (with a description) accepting the given arguments, which must be an object containing named properties associated with Zod schemas. When the client calls it, the function will be run with the parsed and validated arguments.
* @deprecated Use `registerPrompt` instead.
*/
prompt<Args extends PromptArgsRawShape>(name: string, description: string, argsSchema: Args, cb: PromptCallback<Args>): RegisteredPrompt;
/**
@@ -188,14 +137,6 @@ export declare class McpServer {
* @returns True if the server is connected
*/
isConnected(): boolean;
/**
* Sends a logging message to the client, if connected.
* Note: You only need to send the parameters object, not the entire JSON RPC message
* @see LoggingMessageNotification
* @param params
* @param sessionId optional for stateless and backward compatibility
*/
sendLoggingMessage(params: LoggingMessageNotification['params'], sessionId?: string): Promise<void>;
/**
* Sends a resource list changed event to the client, if connected.
*/
@@ -247,7 +188,6 @@ export declare class ResourceTemplate {
*/
completeCallback(variable: string): CompleteResourceTemplateCallback | undefined;
}
export type BaseToolCallback<SendResultT extends Result, Extra extends RequestHandlerExtra<ServerRequest, ServerNotification>, Args extends undefined | ZodRawShapeCompat | AnySchema> = Args extends ZodRawShapeCompat ? (args: ShapeOutput<Args>, extra: Extra) => SendResultT | Promise<SendResultT> : Args extends AnySchema ? (args: SchemaOutput<Args>, extra: Extra) => SendResultT | Promise<SendResultT> : (extra: Extra) => SendResultT | Promise<SendResultT>;
/**
* Callback for a tool handler registered with Server.tool().
*
@@ -258,31 +198,24 @@ export type BaseToolCallback<SendResultT extends Result, Extra extends RequestHa
* - `content` if the tool does not have an outputSchema
* - Both fields are optional but typically one should be provided
*/
export type ToolCallback<Args extends undefined | ZodRawShapeCompat | AnySchema = undefined> = BaseToolCallback<CallToolResult, RequestHandlerExtra<ServerRequest, ServerNotification>, Args>;
/**
* Supertype that can handle both regular tools (simple callback) and task-based tools (task handler object).
*/
export type AnyToolHandler<Args extends undefined | ZodRawShapeCompat | AnySchema = undefined> = ToolCallback<Args> | ToolTaskHandler<Args>;
export type ToolCallback<Args extends undefined | ZodRawShape = undefined> = Args extends ZodRawShape ? (args: z.objectOutputType<Args, ZodTypeAny>, extra: RequestHandlerExtra<ServerRequest, ServerNotification>) => CallToolResult | Promise<CallToolResult> : (extra: RequestHandlerExtra<ServerRequest, ServerNotification>) => CallToolResult | Promise<CallToolResult>;
export type RegisteredTool = {
title?: string;
description?: string;
inputSchema?: AnySchema;
outputSchema?: AnySchema;
inputSchema?: AnyZodObject;
outputSchema?: AnyZodObject;
annotations?: ToolAnnotations;
execution?: ToolExecution;
_meta?: Record<string, unknown>;
handler: AnyToolHandler<undefined | ZodRawShapeCompat>;
callback: ToolCallback<undefined | ZodRawShape>;
enabled: boolean;
enable(): void;
disable(): void;
update<InputArgs extends ZodRawShapeCompat, OutputArgs extends ZodRawShapeCompat>(updates: {
update<InputArgs extends ZodRawShape, OutputArgs extends ZodRawShape>(updates: {
name?: string | null;
title?: string;
description?: string;
paramsSchema?: InputArgs;
outputSchema?: OutputArgs;
annotations?: ToolAnnotations;
_meta?: Record<string, unknown>;
callback?: ToolCallback<InputArgs>;
enabled?: boolean;
}): void;
@@ -291,7 +224,7 @@ export type RegisteredTool = {
/**
* Additional, optional information for annotating a resource.
*/
export type ResourceMetadata = Omit<Resource, 'uri' | 'name'>;
export type ResourceMetadata = Omit<Resource, "uri" | "name">;
/**
* Callback to list all resources matching a given template.
*/
@@ -340,12 +273,14 @@ export type RegisteredResourceTemplate = {
}): void;
remove(): void;
};
type PromptArgsRawShape = ZodRawShapeCompat;
export type PromptCallback<Args extends undefined | PromptArgsRawShape = undefined> = Args extends PromptArgsRawShape ? (args: ShapeOutput<Args>, extra: RequestHandlerExtra<ServerRequest, ServerNotification>) => GetPromptResult | Promise<GetPromptResult> : (extra: RequestHandlerExtra<ServerRequest, ServerNotification>) => GetPromptResult | Promise<GetPromptResult>;
type PromptArgsRawShape = {
[k: string]: ZodType<string, ZodTypeDef, string> | ZodOptional<ZodType<string, ZodTypeDef, string>>;
};
export type PromptCallback<Args extends undefined | PromptArgsRawShape = undefined> = Args extends PromptArgsRawShape ? (args: z.objectOutputType<Args, ZodTypeAny>, extra: RequestHandlerExtra<ServerRequest, ServerNotification>) => GetPromptResult | Promise<GetPromptResult> : (extra: RequestHandlerExtra<ServerRequest, ServerNotification>) => GetPromptResult | Promise<GetPromptResult>;
export type RegisteredPrompt = {
title?: string;
description?: string;
argsSchema?: AnyObjectSchema;
argsSchema?: ZodObject<PromptArgsRawShape>;
callback: PromptCallback<undefined | PromptArgsRawShape>;
enabled: boolean;
enable(): void;
node_modules/@modelcontextprotocol/sdk/dist/esm/server/mcp.d.ts.map
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
node_modules/@modelcontextprotocol/sdk/dist/esm/server/mcp.js
Generated Vendored
+178 -428
View File
@@ -1,12 +1,9 @@
import { Server } from './index.js';
import { normalizeObjectSchema, safeParseAsync, getObjectShape, objectFromShape, getParseErrorMessage, getSchemaDescription, isSchemaOptional, getLiteralValue } from './zod-compat.js';
import { toJsonSchemaCompat } from './zod-json-schema-compat.js';
import { McpError, ErrorCode, ListResourceTemplatesRequestSchema, ReadResourceRequestSchema, ListToolsRequestSchema, CallToolRequestSchema, ListResourcesRequestSchema, ListPromptsRequestSchema, GetPromptRequestSchema, CompleteRequestSchema, assertCompleteRequestPrompt, assertCompleteRequestResourceTemplate } from '../types.js';
import { isCompletable, getCompleter } from './completable.js';
import { UriTemplate } from '../shared/uriTemplate.js';
import { validateAndWarnToolName } from '../shared/toolNameValidation.js';
import { ExperimentalMcpServerTasks } from '../experimental/tasks/mcp-server.js';
import { ZodOptional } from 'zod';
import { Server } from "./index.js";
import { zodToJsonSchema } from "zod-to-json-schema";
import { z, } from "zod";
import { McpError, ErrorCode, ListResourceTemplatesRequestSchema, ReadResourceRequestSchema, ListToolsRequestSchema, CallToolRequestSchema, ListResourcesRequestSchema, ListPromptsRequestSchema, GetPromptRequestSchema, CompleteRequestSchema, } from "../types.js";
import { Completable } from "./completable.js";
import { UriTemplate } from "../shared/uriTemplate.js";
/**
* High-level MCP server that provides a simpler API for working with resources, tools, and prompts.
* For advanced usage (like sending notifications or setting custom request handlers), use the underlying
@@ -24,21 +21,6 @@ export class McpServer {
this._promptHandlersInitialized = false;
this.server = new Server(serverInfo, options);
}
/**
* Access experimental features.
*
* WARNING: These APIs are experimental and may change without notice.
*
* @experimental
*/
get experimental() {
if (!this._experimental) {
this._experimental = {
tasks: new ExperimentalMcpServerTasks(this)
};
}
return this._experimental;
}
/**
* Attaches to the given transport, starts it, and starts listening for messages.
*
@@ -57,232 +39,107 @@ export class McpServer {
if (this._toolHandlersInitialized) {
return;
}
this.server.assertCanSetRequestHandler(getMethodValue(ListToolsRequestSchema));
this.server.assertCanSetRequestHandler(getMethodValue(CallToolRequestSchema));
this.server.assertCanSetRequestHandler(ListToolsRequestSchema.shape.method.value);
this.server.assertCanSetRequestHandler(CallToolRequestSchema.shape.method.value);
this.server.registerCapabilities({
tools: {
listChanged: true
}
});
this.server.setRequestHandler(ListToolsRequestSchema, () => ({
tools: Object.entries(this._registeredTools)
.filter(([, tool]) => tool.enabled)
.map(([name, tool]) => {
tools: Object.entries(this._registeredTools).filter(([, tool]) => tool.enabled).map(([name, tool]) => {
const toolDefinition = {
name,
title: tool.title,
description: tool.description,
inputSchema: (() => {
const obj = normalizeObjectSchema(tool.inputSchema);
return obj
? toJsonSchemaCompat(obj, {
strictUnions: true,
pipeStrategy: 'input'
})
: EMPTY_OBJECT_JSON_SCHEMA;
})(),
inputSchema: tool.inputSchema
? zodToJsonSchema(tool.inputSchema, {
strictUnions: true,
})
: EMPTY_OBJECT_JSON_SCHEMA,
annotations: tool.annotations,
execution: tool.execution,
_meta: tool._meta
};
if (tool.outputSchema) {
const obj = normalizeObjectSchema(tool.outputSchema);
if (obj) {
toolDefinition.outputSchema = toJsonSchemaCompat(obj, {
strictUnions: true,
pipeStrategy: 'output'
});
}
toolDefinition.outputSchema = zodToJsonSchema(tool.outputSchema, { strictUnions: true });
}
return toolDefinition;
})
}),
}));
this.server.setRequestHandler(CallToolRequestSchema, async (request, extra) => {
try {
const tool = this._registeredTools[request.params.name];
if (!tool) {
throw new McpError(ErrorCode.InvalidParams, `Tool ${request.params.name} not found`);
}
if (!tool.enabled) {
throw new McpError(ErrorCode.InvalidParams, `Tool ${request.params.name} disabled`);
}
const isTaskRequest = !!request.params.task;
const taskSupport = tool.execution?.taskSupport;
const isTaskHandler = 'createTask' in tool.handler;
// Validate task hint configuration
if ((taskSupport === 'required' || taskSupport === 'optional') && !isTaskHandler) {
throw new McpError(ErrorCode.InternalError, `Tool ${request.params.name} has taskSupport '${taskSupport}' but was not registered with registerToolTask`);
}
// Handle taskSupport 'required' without task augmentation
if (taskSupport === 'required' && !isTaskRequest) {
throw new McpError(ErrorCode.MethodNotFound, `Tool ${request.params.name} requires task augmentation (taskSupport: 'required')`);
}
// Handle taskSupport 'optional' without task augmentation - automatic polling
if (taskSupport === 'optional' && !isTaskRequest && isTaskHandler) {
return await this.handleAutomaticTaskPolling(tool, request, extra);
}
// Normal execution path
const args = await this.validateToolInput(tool, request.params.arguments, request.params.name);
const result = await this.executeToolHandler(tool, args, extra);
// Return CreateTaskResult immediately for task requests
if (isTaskRequest) {
return result;
}
// Validate output schema for non-task requests
await this.validateToolOutput(tool, result, request.params.name);
return result;
const tool = this._registeredTools[request.params.name];
if (!tool) {
throw new McpError(ErrorCode.InvalidParams, `Tool ${request.params.name} not found`);
}
catch (error) {
if (error instanceof McpError) {
if (error.code === ErrorCode.UrlElicitationRequired) {
throw error; // Return the error to the caller without wrapping in CallToolResult
}
}
return this.createToolError(error instanceof Error ? error.message : String(error));
if (!tool.enabled) {
throw new McpError(ErrorCode.InvalidParams, `Tool ${request.params.name} disabled`);
}
});
this._toolHandlersInitialized = true;
}
/**
* Creates a tool error result.
*
* @param errorMessage - The error message.
* @returns The tool error result.
*/
createToolError(errorMessage) {
return {
content: [
{
type: 'text',
text: errorMessage
}
],
isError: true
};
}
/**
* Validates tool input arguments against the tool's input schema.
*/
async validateToolInput(tool, args, toolName) {
if (!tool.inputSchema) {
return undefined;
}
// Try to normalize to object schema first (for raw shapes and object schemas)
// If that fails, use the schema directly (for union/intersection/etc)
const inputObj = normalizeObjectSchema(tool.inputSchema);
const schemaToParse = inputObj ?? tool.inputSchema;
const parseResult = await safeParseAsync(schemaToParse, args);
if (!parseResult.success) {
const error = 'error' in parseResult ? parseResult.error : 'Unknown error';
const errorMessage = getParseErrorMessage(error);
throw new McpError(ErrorCode.InvalidParams, `Input validation error: Invalid arguments for tool ${toolName}: ${errorMessage}`);
}
return parseResult.data;
}
/**
* Validates tool output against the tool's output schema.
*/
async validateToolOutput(tool, result, toolName) {
if (!tool.outputSchema) {
return;
}
// Only validate CallToolResult, not CreateTaskResult
if (!('content' in result)) {
return;
}
if (result.isError) {
return;
}
if (!result.structuredContent) {
throw new McpError(ErrorCode.InvalidParams, `Output validation error: Tool ${toolName} has an output schema but no structured content was provided`);
}
// if the tool has an output schema, validate structured content
const outputObj = normalizeObjectSchema(tool.outputSchema);
const parseResult = await safeParseAsync(outputObj, result.structuredContent);
if (!parseResult.success) {
const error = 'error' in parseResult ? parseResult.error : 'Unknown error';
const errorMessage = getParseErrorMessage(error);
throw new McpError(ErrorCode.InvalidParams, `Output validation error: Invalid structured content for tool ${toolName}: ${errorMessage}`);
}
}
/**
* Executes a tool handler (either regular or task-based).
*/
async executeToolHandler(tool, args, extra) {
const handler = tool.handler;
const isTaskHandler = 'createTask' in handler;
if (isTaskHandler) {
if (!extra.taskStore) {
throw new Error('No task store provided.');
}
const taskExtra = { ...extra, taskStore: extra.taskStore };
let result;
if (tool.inputSchema) {
const typedHandler = handler;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
return await Promise.resolve(typedHandler.createTask(args, taskExtra));
const parseResult = await tool.inputSchema.safeParseAsync(request.params.arguments);
if (!parseResult.success) {
throw new McpError(ErrorCode.InvalidParams, `Invalid arguments for tool ${request.params.name}: ${parseResult.error.message}`);
}
const args = parseResult.data;
const cb = tool.callback;
try {
result = await Promise.resolve(cb(args, extra));
}
catch (error) {
result = {
content: [
{
type: "text",
text: error instanceof Error ? error.message : String(error),
},
],
isError: true,
};
}
}
else {
const typedHandler = handler;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
return await Promise.resolve(typedHandler.createTask(taskExtra));
const cb = tool.callback;
try {
result = await Promise.resolve(cb(extra));
}
catch (error) {
result = {
content: [
{
type: "text",
text: error instanceof Error ? error.message : String(error),
},
],
isError: true,
};
}
}
}
if (tool.inputSchema) {
const typedHandler = handler;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
return await Promise.resolve(typedHandler(args, extra));
}
else {
const typedHandler = handler;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
return await Promise.resolve(typedHandler(extra));
}
}
/**
* Handles automatic task polling for tools with taskSupport 'optional'.
*/
async handleAutomaticTaskPolling(tool, request, extra) {
if (!extra.taskStore) {
throw new Error('No task store provided for task-capable tool.');
}
// Validate input and create task
const args = await this.validateToolInput(tool, request.params.arguments, request.params.name);
const handler = tool.handler;
const taskExtra = { ...extra, taskStore: extra.taskStore };
const createTaskResult = args // undefined only if tool.inputSchema is undefined
? await Promise.resolve(handler.createTask(args, taskExtra))
: // eslint-disable-next-line @typescript-eslint/no-explicit-any
await Promise.resolve(handler.createTask(taskExtra));
// Poll until completion
const taskId = createTaskResult.task.taskId;
let task = createTaskResult.task;
const pollInterval = task.pollInterval ?? 5000;
while (task.status !== 'completed' && task.status !== 'failed' && task.status !== 'cancelled') {
await new Promise(resolve => setTimeout(resolve, pollInterval));
const updatedTask = await extra.taskStore.getTask(taskId);
if (!updatedTask) {
throw new McpError(ErrorCode.InternalError, `Task ${taskId} not found during polling`);
if (tool.outputSchema && !result.isError) {
if (!result.structuredContent) {
throw new McpError(ErrorCode.InvalidParams, `Tool ${request.params.name} has an output schema but no structured content was provided`);
}
// if the tool has an output schema, validate structured content
const parseResult = await tool.outputSchema.safeParseAsync(result.structuredContent);
if (!parseResult.success) {
throw new McpError(ErrorCode.InvalidParams, `Invalid structured content for tool ${request.params.name}: ${parseResult.error.message}`);
}
}
task = updatedTask;
}
// Return the final result
return (await extra.taskStore.getTaskResult(taskId));
return result;
});
this._toolHandlersInitialized = true;
}
setCompletionRequestHandler() {
if (this._completionHandlerInitialized) {
return;
}
this.server.assertCanSetRequestHandler(getMethodValue(CompleteRequestSchema));
this.server.assertCanSetRequestHandler(CompleteRequestSchema.shape.method.value);
this.server.registerCapabilities({
completions: {}
completions: {},
});
this.server.setRequestHandler(CompleteRequestSchema, async (request) => {
switch (request.params.ref.type) {
case 'ref/prompt':
assertCompleteRequestPrompt(request);
case "ref/prompt":
return this.handlePromptCompletion(request, request.params.ref);
case 'ref/resource':
assertCompleteRequestResourceTemplate(request);
case "ref/resource":
return this.handleResourceCompletion(request, request.params.ref);
default:
throw new McpError(ErrorCode.InvalidParams, `Invalid completion reference: ${request.params.ref}`);
@@ -301,20 +158,16 @@ export class McpServer {
if (!prompt.argsSchema) {
return EMPTY_COMPLETION_RESULT;
}
const promptShape = getObjectShape(prompt.argsSchema);
const field = promptShape?.[request.params.argument.name];
if (!isCompletable(field)) {
const field = prompt.argsSchema.shape[request.params.argument.name];
if (!(field instanceof Completable)) {
return EMPTY_COMPLETION_RESULT;
}
const completer = getCompleter(field);
if (!completer) {
return EMPTY_COMPLETION_RESULT;
}
const suggestions = await completer(request.params.argument.value, request.params.context);
const def = field._def;
const suggestions = await def.complete(request.params.argument.value, request.params.context);
return createCompletionResult(suggestions);
}
async handleResourceCompletion(request, ref) {
const template = Object.values(this._registeredResourceTemplates).find(t => t.resourceTemplate.uriTemplate.toString() === ref.uri);
const template = Object.values(this._registeredResourceTemplates).find((t) => t.resourceTemplate.uriTemplate.toString() === ref.uri);
if (!template) {
if (this._registeredResources[ref.uri]) {
// Attempting to autocomplete a fixed resource URI is not an error in the spec (but probably should be).
@@ -333,21 +186,19 @@ export class McpServer {
if (this._resourceHandlersInitialized) {
return;
}
this.server.assertCanSetRequestHandler(getMethodValue(ListResourcesRequestSchema));
this.server.assertCanSetRequestHandler(getMethodValue(ListResourceTemplatesRequestSchema));
this.server.assertCanSetRequestHandler(getMethodValue(ReadResourceRequestSchema));
this.server.assertCanSetRequestHandler(ListResourcesRequestSchema.shape.method.value);
this.server.assertCanSetRequestHandler(ListResourceTemplatesRequestSchema.shape.method.value);
this.server.assertCanSetRequestHandler(ReadResourceRequestSchema.shape.method.value);
this.server.registerCapabilities({
resources: {
listChanged: true
}
});
this.server.setRequestHandler(ListResourcesRequestSchema, async (request, extra) => {
const resources = Object.entries(this._registeredResources)
.filter(([_, resource]) => resource.enabled)
.map(([uri, resource]) => ({
const resources = Object.entries(this._registeredResources).filter(([_, resource]) => resource.enabled).map(([uri, resource]) => ({
uri,
name: resource.name,
...resource.metadata
...resource.metadata,
}));
const templateResources = [];
for (const template of Object.values(this._registeredResourceTemplates)) {
@@ -359,7 +210,7 @@ export class McpServer {
templateResources.push({
...template.metadata,
// the defined resource metadata should override the template metadata if present
...resource
...resource,
});
}
}
@@ -369,7 +220,7 @@ export class McpServer {
const resourceTemplates = Object.entries(this._registeredResourceTemplates).map(([name, template]) => ({
name,
uriTemplate: template.resourceTemplate.uriTemplate.toString(),
...template.metadata
...template.metadata,
}));
return { resourceTemplates };
});
@@ -392,30 +243,31 @@ export class McpServer {
}
throw new McpError(ErrorCode.InvalidParams, `Resource ${uri} not found`);
});
this.setCompletionRequestHandler();
this._resourceHandlersInitialized = true;
}
setPromptRequestHandlers() {
if (this._promptHandlersInitialized) {
return;
}
this.server.assertCanSetRequestHandler(getMethodValue(ListPromptsRequestSchema));
this.server.assertCanSetRequestHandler(getMethodValue(GetPromptRequestSchema));
this.server.assertCanSetRequestHandler(ListPromptsRequestSchema.shape.method.value);
this.server.assertCanSetRequestHandler(GetPromptRequestSchema.shape.method.value);
this.server.registerCapabilities({
prompts: {
listChanged: true
}
});
this.server.setRequestHandler(ListPromptsRequestSchema, () => ({
prompts: Object.entries(this._registeredPrompts)
.filter(([, prompt]) => prompt.enabled)
.map(([name, prompt]) => {
prompts: Object.entries(this._registeredPrompts).filter(([, prompt]) => prompt.enabled).map(([name, prompt]) => {
return {
name,
title: prompt.title,
description: prompt.description,
arguments: prompt.argsSchema ? promptArgumentsFromSchema(prompt.argsSchema) : undefined
arguments: prompt.argsSchema
? promptArgumentsFromSchema(prompt.argsSchema)
: undefined,
};
})
}),
}));
this.server.setRequestHandler(GetPromptRequestSchema, async (request, extra) => {
const prompt = this._registeredPrompts[request.params.name];
@@ -426,12 +278,9 @@ export class McpServer {
throw new McpError(ErrorCode.InvalidParams, `Prompt ${request.params.name} disabled`);
}
if (prompt.argsSchema) {
const argsObj = normalizeObjectSchema(prompt.argsSchema);
const parseResult = await safeParseAsync(argsObj, request.params.arguments);
const parseResult = await prompt.argsSchema.safeParseAsync(request.params.arguments);
if (!parseResult.success) {
const error = 'error' in parseResult ? parseResult.error : 'Unknown error';
const errorMessage = getParseErrorMessage(error);
throw new McpError(ErrorCode.InvalidParams, `Invalid arguments for prompt ${request.params.name}: ${errorMessage}`);
throw new McpError(ErrorCode.InvalidParams, `Invalid arguments for prompt ${request.params.name}: ${parseResult.error.message}`);
}
const args = parseResult.data;
const cb = prompt.callback;
@@ -439,19 +288,19 @@ export class McpServer {
}
else {
const cb = prompt.callback;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
return await Promise.resolve(cb(extra));
}
});
this.setCompletionRequestHandler();
this._promptHandlersInitialized = true;
}
resource(name, uriOrTemplate, ...rest) {
let metadata;
if (typeof rest[0] === 'object') {
if (typeof rest[0] === "object") {
metadata = rest.shift();
}
const readCallback = rest[0];
if (typeof uriOrTemplate === 'string') {
if (typeof uriOrTemplate === "string") {
if (this._registeredResources[uriOrTemplate]) {
throw new Error(`Resource ${uriOrTemplate} is already registered`);
}
@@ -471,7 +320,7 @@ export class McpServer {
}
}
registerResource(name, uriOrTemplate, config, readCallback) {
if (typeof uriOrTemplate === 'string') {
if (typeof uriOrTemplate === "string") {
if (this._registeredResources[uriOrTemplate]) {
throw new Error(`Resource ${uriOrTemplate} is already registered`);
}
@@ -500,24 +349,24 @@ export class McpServer {
disable: () => registeredResource.update({ enabled: false }),
enable: () => registeredResource.update({ enabled: true }),
remove: () => registeredResource.update({ uri: null }),
update: updates => {
if (typeof updates.uri !== 'undefined' && updates.uri !== uri) {
update: (updates) => {
if (typeof updates.uri !== "undefined" && updates.uri !== uri) {
delete this._registeredResources[uri];
if (updates.uri)
this._registeredResources[updates.uri] = registeredResource;
}
if (typeof updates.name !== 'undefined')
if (typeof updates.name !== "undefined")
registeredResource.name = updates.name;
if (typeof updates.title !== 'undefined')
if (typeof updates.title !== "undefined")
registeredResource.title = updates.title;
if (typeof updates.metadata !== 'undefined')
if (typeof updates.metadata !== "undefined")
registeredResource.metadata = updates.metadata;
if (typeof updates.callback !== 'undefined')
if (typeof updates.callback !== "undefined")
registeredResource.readCallback = updates.callback;
if (typeof updates.enabled !== 'undefined')
if (typeof updates.enabled !== "undefined")
registeredResource.enabled = updates.enabled;
this.sendResourceListChanged();
}
},
};
this._registeredResources[uri] = registeredResource;
return registeredResource;
@@ -532,119 +381,92 @@ export class McpServer {
disable: () => registeredResourceTemplate.update({ enabled: false }),
enable: () => registeredResourceTemplate.update({ enabled: true }),
remove: () => registeredResourceTemplate.update({ name: null }),
update: updates => {
if (typeof updates.name !== 'undefined' && updates.name !== name) {
update: (updates) => {
if (typeof updates.name !== "undefined" && updates.name !== name) {
delete this._registeredResourceTemplates[name];
if (updates.name)
this._registeredResourceTemplates[updates.name] = registeredResourceTemplate;
}
if (typeof updates.title !== 'undefined')
if (typeof updates.title !== "undefined")
registeredResourceTemplate.title = updates.title;
if (typeof updates.template !== 'undefined')
if (typeof updates.template !== "undefined")
registeredResourceTemplate.resourceTemplate = updates.template;
if (typeof updates.metadata !== 'undefined')
if (typeof updates.metadata !== "undefined")
registeredResourceTemplate.metadata = updates.metadata;
if (typeof updates.callback !== 'undefined')
if (typeof updates.callback !== "undefined")
registeredResourceTemplate.readCallback = updates.callback;
if (typeof updates.enabled !== 'undefined')
if (typeof updates.enabled !== "undefined")
registeredResourceTemplate.enabled = updates.enabled;
this.sendResourceListChanged();
}
},
};
this._registeredResourceTemplates[name] = registeredResourceTemplate;
// If the resource template has any completion callbacks, enable completions capability
const variableNames = template.uriTemplate.variableNames;
const hasCompleter = Array.isArray(variableNames) && variableNames.some(v => !!template.completeCallback(v));
if (hasCompleter) {
this.setCompletionRequestHandler();
}
return registeredResourceTemplate;
}
_createRegisteredPrompt(name, title, description, argsSchema, callback) {
const registeredPrompt = {
title,
description,
argsSchema: argsSchema === undefined ? undefined : objectFromShape(argsSchema),
argsSchema: argsSchema === undefined ? undefined : z.object(argsSchema),
callback,
enabled: true,
disable: () => registeredPrompt.update({ enabled: false }),
enable: () => registeredPrompt.update({ enabled: true }),
remove: () => registeredPrompt.update({ name: null }),
update: updates => {
if (typeof updates.name !== 'undefined' && updates.name !== name) {
update: (updates) => {
if (typeof updates.name !== "undefined" && updates.name !== name) {
delete this._registeredPrompts[name];
if (updates.name)
this._registeredPrompts[updates.name] = registeredPrompt;
}
if (typeof updates.title !== 'undefined')
if (typeof updates.title !== "undefined")
registeredPrompt.title = updates.title;
if (typeof updates.description !== 'undefined')
if (typeof updates.description !== "undefined")
registeredPrompt.description = updates.description;
if (typeof updates.argsSchema !== 'undefined')
registeredPrompt.argsSchema = objectFromShape(updates.argsSchema);
if (typeof updates.callback !== 'undefined')
if (typeof updates.argsSchema !== "undefined")
registeredPrompt.argsSchema = z.object(updates.argsSchema);
if (typeof updates.callback !== "undefined")
registeredPrompt.callback = updates.callback;
if (typeof updates.enabled !== 'undefined')
if (typeof updates.enabled !== "undefined")
registeredPrompt.enabled = updates.enabled;
this.sendPromptListChanged();
}
},
};
this._registeredPrompts[name] = registeredPrompt;
// If any argument uses a Completable schema, enable completions capability
if (argsSchema) {
const hasCompletable = Object.values(argsSchema).some(field => {
const inner = field instanceof ZodOptional ? field._def?.innerType : field;
return isCompletable(inner);
});
if (hasCompletable) {
this.setCompletionRequestHandler();
}
}
return registeredPrompt;
}
_createRegisteredTool(name, title, description, inputSchema, outputSchema, annotations, execution, _meta, handler) {
// Validate tool name according to SEP specification
validateAndWarnToolName(name);
_createRegisteredTool(name, title, description, inputSchema, outputSchema, annotations, callback) {
const registeredTool = {
title,
description,
inputSchema: getZodSchemaObject(inputSchema),
outputSchema: getZodSchemaObject(outputSchema),
inputSchema: inputSchema === undefined ? undefined : z.object(inputSchema),
outputSchema: outputSchema === undefined ? undefined : z.object(outputSchema),
annotations,
execution,
_meta,
handler: handler,
callback,
enabled: true,
disable: () => registeredTool.update({ enabled: false }),
enable: () => registeredTool.update({ enabled: true }),
remove: () => registeredTool.update({ name: null }),
update: updates => {
if (typeof updates.name !== 'undefined' && updates.name !== name) {
if (typeof updates.name === 'string') {
validateAndWarnToolName(updates.name);
}
update: (updates) => {
if (typeof updates.name !== "undefined" && updates.name !== name) {
delete this._registeredTools[name];
if (updates.name)
this._registeredTools[updates.name] = registeredTool;
}
if (typeof updates.title !== 'undefined')
if (typeof updates.title !== "undefined")
registeredTool.title = updates.title;
if (typeof updates.description !== 'undefined')
if (typeof updates.description !== "undefined")
registeredTool.description = updates.description;
if (typeof updates.paramsSchema !== 'undefined')
registeredTool.inputSchema = objectFromShape(updates.paramsSchema);
if (typeof updates.outputSchema !== 'undefined')
registeredTool.outputSchema = objectFromShape(updates.outputSchema);
if (typeof updates.callback !== 'undefined')
registeredTool.handler = updates.callback;
if (typeof updates.annotations !== 'undefined')
if (typeof updates.paramsSchema !== "undefined")
registeredTool.inputSchema = z.object(updates.paramsSchema);
if (typeof updates.callback !== "undefined")
registeredTool.callback = updates.callback;
if (typeof updates.annotations !== "undefined")
registeredTool.annotations = updates.annotations;
if (typeof updates._meta !== 'undefined')
registeredTool._meta = updates._meta;
if (typeof updates.enabled !== 'undefined')
if (typeof updates.enabled !== "undefined")
registeredTool.enabled = updates.enabled;
this.sendToolListChanged();
}
},
};
this._registeredTools[name] = registeredTool;
this.setToolRequestHandlers();
@@ -665,32 +487,32 @@ export class McpServer {
// Tool properties are passed as separate arguments, with omissions allowed.
// Support for this style is frozen as of protocol version 2025-03-26. Future additions
// to tool definition should *NOT* be added.
if (typeof rest[0] === 'string') {
if (typeof rest[0] === "string") {
description = rest.shift();
}
// Handle the different overload combinations
if (rest.length > 1) {
// We have at least one more arg before the callback
const firstArg = rest[0];
if (isZodRawShapeCompat(firstArg)) {
if (isZodRawShape(firstArg)) {
// We have a params schema as the first arg
inputSchema = rest.shift();
// Check if the next arg is potentially annotations
if (rest.length > 1 && typeof rest[0] === 'object' && rest[0] !== null && !isZodRawShapeCompat(rest[0])) {
if (rest.length > 1 && typeof rest[0] === "object" && rest[0] !== null && !(isZodRawShape(rest[0]))) {
// Case: tool(name, paramsSchema, annotations, cb)
// Or: tool(name, description, paramsSchema, annotations, cb)
annotations = rest.shift();
}
}
else if (typeof firstArg === 'object' && firstArg !== null) {
// Not a ZodRawShapeCompat, so must be annotations in this position
else if (typeof firstArg === "object" && firstArg !== null) {
// Not a ZodRawShape, so must be annotations in this position
// Case: tool(name, annotations, cb)
// Or: tool(name, description, annotations, cb)
annotations = rest.shift();
}
}
const callback = rest[0];
return this._createRegisteredTool(name, undefined, description, inputSchema, outputSchema, annotations, { taskSupport: 'forbidden' }, undefined, callback);
return this._createRegisteredTool(name, undefined, description, inputSchema, outputSchema, annotations, callback);
}
/**
* Registers a tool with a config object and callback.
@@ -699,15 +521,15 @@ export class McpServer {
if (this._registeredTools[name]) {
throw new Error(`Tool ${name} is already registered`);
}
const { title, description, inputSchema, outputSchema, annotations, _meta } = config;
return this._createRegisteredTool(name, title, description, inputSchema, outputSchema, annotations, { taskSupport: 'forbidden' }, _meta, cb);
const { title, description, inputSchema, outputSchema, annotations } = config;
return this._createRegisteredTool(name, title, description, inputSchema, outputSchema, annotations, cb);
}
prompt(name, ...rest) {
if (this._registeredPrompts[name]) {
throw new Error(`Prompt ${name} is already registered`);
}
let description;
if (typeof rest[0] === 'string') {
if (typeof rest[0] === "string") {
description = rest.shift();
}
let argsSchema;
@@ -740,16 +562,6 @@ export class McpServer {
isConnected() {
return this.server.transport !== undefined;
}
/**
* Sends a logging message to the client, if connected.
* Note: You only need to send the parameters object, not the entire JSON RPC message
* @see LoggingMessageNotification
* @param params
* @param sessionId optional for stateless and backward compatibility
*/
async sendLoggingMessage(params, sessionId) {
return this.server.sendLoggingMessage(params, sessionId);
}
/**
* Sends a resource list changed event to the client, if connected.
*/
@@ -782,7 +594,10 @@ export class McpServer {
export class ResourceTemplate {
constructor(uriTemplate, _callbacks) {
this._callbacks = _callbacks;
this._uriTemplate = typeof uriTemplate === 'string' ? new UriTemplate(uriTemplate) : uriTemplate;
this._uriTemplate =
typeof uriTemplate === "string"
? new UriTemplate(uriTemplate)
: uriTemplate;
}
/**
* Gets the URI template pattern.
@@ -800,114 +615,49 @@ export class ResourceTemplate {
* Gets the callback for completing a specific URI template variable, if one was provided.
*/
completeCallback(variable) {
return this._callbacks.complete?.[variable];
var _a;
return (_a = this._callbacks.complete) === null || _a === void 0 ? void 0 : _a[variable];
}
}
const EMPTY_OBJECT_JSON_SCHEMA = {
type: 'object',
properties: {}
type: "object",
properties: {},
};
/**
* Checks if a value looks like a Zod schema by checking for parse/safeParse methods.
*/
// Helper to check if an object is a Zod schema (ZodRawShape)
function isZodRawShape(obj) {
if (typeof obj !== "object" || obj === null)
return false;
const isEmptyObject = Object.keys(obj).length === 0;
// Check if object is empty or at least one property is a ZodType instance
// Note: use heuristic check to avoid instanceof failure across different Zod versions
return isEmptyObject || Object.values(obj).some(isZodTypeLike);
}
function isZodTypeLike(value) {
return (value !== null &&
return value !== null &&
typeof value === 'object' &&
'parse' in value &&
typeof value.parse === 'function' &&
'safeParse' in value &&
typeof value.safeParse === 'function');
}
/**
* Checks if an object is a Zod schema instance (v3 or v4).
*
* Zod schemas have internal markers:
* - v3: `_def` property
* - v4: `_zod` property
*
* This includes transformed schemas like z.preprocess(), z.transform(), z.pipe().
*/
function isZodSchemaInstance(obj) {
return '_def' in obj || '_zod' in obj || isZodTypeLike(obj);
}
/**
* Checks if an object is a "raw shape" - a plain object where values are Zod schemas.
*
* Raw shapes are used as shorthand: `{ name: z.string() }` instead of `z.object({ name: z.string() })`.
*
* IMPORTANT: This must NOT match actual Zod schema instances (like z.preprocess, z.pipe),
* which have internal properties that could be mistaken for schema values.
*/
function isZodRawShapeCompat(obj) {
if (typeof obj !== 'object' || obj === null) {
return false;
}
// If it's already a Zod schema instance, it's NOT a raw shape
if (isZodSchemaInstance(obj)) {
return false;
}
// Empty objects are valid raw shapes (tools with no parameters)
if (Object.keys(obj).length === 0) {
return true;
}
// A raw shape has at least one property that is a Zod schema
return Object.values(obj).some(isZodTypeLike);
}
/**
* Converts a provided Zod schema to a Zod object if it is a ZodRawShapeCompat,
* otherwise returns the schema as is.
*/
function getZodSchemaObject(schema) {
if (!schema) {
return undefined;
}
if (isZodRawShapeCompat(schema)) {
return objectFromShape(schema);
}
return schema;
'parse' in value && typeof value.parse === 'function' &&
'safeParse' in value && typeof value.safeParse === 'function';
}
function promptArgumentsFromSchema(schema) {
const shape = getObjectShape(schema);
if (!shape)
return [];
return Object.entries(shape).map(([name, field]) => {
// Get description - works for both v3 and v4
const description = getSchemaDescription(field);
// Check if optional - works for both v3 and v4
const isOptional = isSchemaOptional(field);
return {
name,
description,
required: !isOptional
};
});
}
function getMethodValue(schema) {
const shape = getObjectShape(schema);
const methodSchema = shape?.method;
if (!methodSchema) {
throw new Error('Schema is missing a method literal');
}
// Extract literal value - works for both v3 and v4
const value = getLiteralValue(methodSchema);
if (typeof value === 'string') {
return value;
}
throw new Error('Schema method literal must be a string');
return Object.entries(schema.shape).map(([name, field]) => ({
name,
description: field.description,
required: !field.isOptional(),
}));
}
function createCompletionResult(suggestions) {
return {
completion: {
values: suggestions.slice(0, 100),
total: suggestions.length,
hasMore: suggestions.length > 100
}
hasMore: suggestions.length > 100,
},
};
}
const EMPTY_COMPLETION_RESULT = {
completion: {
values: [],
hasMore: false
}
hasMore: false,
},
};
//# sourceMappingURL=mcp.js.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/mcp.js.map
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
node_modules/@modelcontextprotocol/sdk/dist/esm/server/sse.d.ts
Generated Vendored
+4 -11
View File
@@ -1,7 +1,7 @@
import { IncomingMessage, ServerResponse } from 'node:http';
import { Transport } from '../shared/transport.js';
import { JSONRPCMessage, MessageExtraInfo } from '../types.js';
import { AuthInfo } from './auth/types.js';
import { IncomingMessage, ServerResponse } from "node:http";
import { Transport } from "../shared/transport.js";
import { JSONRPCMessage, MessageExtraInfo } from "../types.js";
import { AuthInfo } from "./auth/types.js";
/**
* Configuration options for SSEServerTransport.
*/
@@ -9,22 +9,16 @@ export interface SSEServerTransportOptions {
/**
* List of allowed host header values for DNS rebinding protection.
* If not specified, host validation is disabled.
* @deprecated Use the `hostHeaderValidation` middleware from `@modelcontextprotocol/sdk/server/middleware/hostHeaderValidation.js` instead,
* or use `createMcpExpressApp` from `@modelcontextprotocol/sdk/server/express.js` which includes localhost protection by default.
*/
allowedHosts?: string[];
/**
* List of allowed origin header values for DNS rebinding protection.
* If not specified, origin validation is disabled.
* @deprecated Use the `hostHeaderValidation` middleware from `@modelcontextprotocol/sdk/server/middleware/hostHeaderValidation.js` instead,
* or use `createMcpExpressApp` from `@modelcontextprotocol/sdk/server/express.js` which includes localhost protection by default.
*/
allowedOrigins?: string[];
/**
* Enable DNS rebinding protection (requires allowedHosts and/or allowedOrigins to be configured).
* Default is false for backwards compatibility.
* @deprecated Use the `hostHeaderValidation` middleware from `@modelcontextprotocol/sdk/server/middleware/hostHeaderValidation.js` instead,
* or use `createMcpExpressApp` from `@modelcontextprotocol/sdk/server/express.js` which includes localhost protection by default.
*/
enableDnsRebindingProtection?: boolean;
}
@@ -32,7 +26,6 @@ export interface SSEServerTransportOptions {
* Server transport for SSE: this will send messages over an SSE connection and receive messages from HTTP POST requests.
*
* This transport is only available in Node.js environments.
* @deprecated SSEServerTransport is deprecated. Use StreamableHTTPServerTransport instead.
*/
export declare class SSEServerTransport implements Transport {
private _endpoint;
node_modules/@modelcontextprotocol/sdk/dist/esm/server/sse.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"sse.d.ts","sourceRoot":"","sources":["../../../src/server/sse.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAwB,gBAAgB,EAAe,MAAM,aAAa,CAAC;AAGlG,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAK3C;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACtC;;;;;OAKG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB;;;;;OAKG;IACH,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1B;;;;;OAKG;IACH,4BAA4B,CAAC,EAAE,OAAO,CAAC;CAC1C;AAED;;;;;GAKG;AACH,qBAAa,kBAAmB,YAAW,SAAS;IAY5C,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,GAAG;IAZf,OAAO,CAAC,YAAY,CAAC,CAAiB;IACtC,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,QAAQ,CAA4B;IAC5C,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACjC,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,gBAAgB,KAAK,IAAI,CAAC;IAExE;;OAEG;gBAES,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,cAAc,EAC3B,OAAO,CAAC,EAAE,yBAAyB;IAMvC;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAyB9B;;;;OAIG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA8B5B;;;;OAIG;IACG,iBAAiB,CAAC,GAAG,EAAE,eAAe,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAAE,GAAG,EAAE,cAAc,EAAE,UAAU,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IA+C7H;;OAEG;IACG,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAYxE,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAMtB,IAAI,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAQlD;;;;OAIG;IACH,IAAI,SAAS,IAAI,MAAM,CAEtB;CACJ"}
{"version":3,"file":"sse.d.ts","sourceRoot":"","sources":["../../../src/server/sse.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAwB,gBAAgB,EAAe,MAAM,aAAa,CAAC;AAGlG,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAK3C;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB;;;OAGG;IACH,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1B;;;OAGG;IACH,4BAA4B,CAAC,EAAE,OAAO,CAAC;CACxC;AAED;;;;GAIG;AACH,qBAAa,kBAAmB,YAAW,SAAS;IAYhD,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,GAAG;IAZb,OAAO,CAAC,YAAY,CAAC,CAAiB;IACtC,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,QAAQ,CAA4B;IAC5C,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACjC,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,gBAAgB,KAAK,IAAI,CAAC;IAExE;;OAEG;gBAEO,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,cAAc,EAC3B,OAAO,CAAC,EAAE,yBAAyB;IAMrC;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAyB9B;;;;OAIG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAkC5B;;;;OAIG;IACG,iBAAiB,CACrB,GAAG,EAAE,eAAe,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAC1C,GAAG,EAAE,cAAc,EACnB,UAAU,CAAC,EAAE,OAAO,GACnB,OAAO,CAAC,IAAI,CAAC;IA6ChB;;OAEG;IACG,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAYxE,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAMtB,IAAI,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAUlD;;;;OAIG;IACH,IAAI,SAAS,IAAI,MAAM,CAEtB;CACF"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/sse.js
Generated Vendored
+33 -32
View File
@@ -1,14 +1,13 @@
import { randomUUID } from 'node:crypto';
import { JSONRPCMessageSchema } from '../types.js';
import getRawBody from 'raw-body';
import contentType from 'content-type';
import { URL } from 'node:url';
const MAXIMUM_MESSAGE_SIZE = '4mb';
import { randomUUID } from "node:crypto";
import { JSONRPCMessageSchema } from "../types.js";
import getRawBody from "raw-body";
import contentType from "content-type";
import { URL } from 'url';
const MAXIMUM_MESSAGE_SIZE = "4mb";
/**
* Server transport for SSE: this will send messages over an SSE connection and receive messages from HTTP POST requests.
*
* This transport is only available in Node.js environments.
* @deprecated SSEServerTransport is deprecated. Use StreamableHTTPServerTransport instead.
*/
export class SSEServerTransport {
/**
@@ -39,7 +38,7 @@ export class SSEServerTransport {
// Validate Origin header if allowedOrigins is configured
if (this._options.allowedOrigins && this._options.allowedOrigins.length > 0) {
const originHeader = req.headers.origin;
if (originHeader && !this._options.allowedOrigins.includes(originHeader)) {
if (!originHeader || !this._options.allowedOrigins.includes(originHeader)) {
return `Invalid Origin header: ${originHeader}`;
}
}
@@ -52,12 +51,12 @@ export class SSEServerTransport {
*/
async start() {
if (this._sseResponse) {
throw new Error('SSEServerTransport already started! If using Server class, note that connect() calls start() automatically.');
throw new Error("SSEServerTransport already started! If using Server class, note that connect() calls start() automatically.");
}
this.res.writeHead(200, {
'Content-Type': 'text/event-stream',
'Cache-Control': 'no-cache, no-transform',
Connection: 'keep-alive'
"Content-Type": "text/event-stream",
"Cache-Control": "no-cache, no-transform",
Connection: "keep-alive",
});
// Send the endpoint event
// Use a dummy base URL because this._endpoint is relative.
@@ -69,9 +68,10 @@ export class SSEServerTransport {
const relativeUrlWithSession = endpointUrl.pathname + endpointUrl.search + endpointUrl.hash;
this.res.write(`event: endpoint\ndata: ${relativeUrlWithSession}\n\n`);
this._sseResponse = this.res;
this.res.on('close', () => {
this.res.on("close", () => {
var _a;
this._sseResponse = undefined;
this.onclose?.();
(_a = this.onclose) === null || _a === void 0 ? void 0 : _a.call(this);
});
}
/**
@@ -80,8 +80,9 @@ export class SSEServerTransport {
* This should be called when a POST request is made to send a message to the server.
*/
async handlePostMessage(req, res, parsedBody) {
var _a, _b, _c, _d;
if (!this._sseResponse) {
const message = 'SSE connection not established';
const message = "SSE connection not established";
res.writeHead(500).end(message);
throw new Error(message);
}
@@ -89,60 +90,60 @@ export class SSEServerTransport {
const validationError = this.validateRequestHeaders(req);
if (validationError) {
res.writeHead(403).end(validationError);
this.onerror?.(new Error(validationError));
(_a = this.onerror) === null || _a === void 0 ? void 0 : _a.call(this, new Error(validationError));
return;
}
const authInfo = req.auth;
const requestInfo = { headers: req.headers };
let body;
try {
const ct = contentType.parse(req.headers['content-type'] ?? '');
if (ct.type !== 'application/json') {
const ct = contentType.parse((_b = req.headers["content-type"]) !== null && _b !== void 0 ? _b : "");
if (ct.type !== "application/json") {
throw new Error(`Unsupported content-type: ${ct.type}`);
}
body =
parsedBody ??
(await getRawBody(req, {
limit: MAXIMUM_MESSAGE_SIZE,
encoding: ct.parameters.charset ?? 'utf-8'
}));
body = parsedBody !== null && parsedBody !== void 0 ? parsedBody : await getRawBody(req, {
limit: MAXIMUM_MESSAGE_SIZE,
encoding: (_c = ct.parameters.charset) !== null && _c !== void 0 ? _c : "utf-8",
});
}
catch (error) {
res.writeHead(400).end(String(error));
this.onerror?.(error);
(_d = this.onerror) === null || _d === void 0 ? void 0 : _d.call(this, error);
return;
}
try {
await this.handleMessage(typeof body === 'string' ? JSON.parse(body) : body, { requestInfo, authInfo });
}
catch {
catch (_e) {
res.writeHead(400).end(`Invalid message: ${body}`);
return;
}
res.writeHead(202).end('Accepted');
res.writeHead(202).end("Accepted");
}
/**
* Handle a client message, regardless of how it arrived. This can be used to inform the server of messages that arrive via a means different than HTTP POST.
*/
async handleMessage(message, extra) {
var _a, _b;
let parsedMessage;
try {
parsedMessage = JSONRPCMessageSchema.parse(message);
}
catch (error) {
this.onerror?.(error);
(_a = this.onerror) === null || _a === void 0 ? void 0 : _a.call(this, error);
throw error;
}
this.onmessage?.(parsedMessage, extra);
(_b = this.onmessage) === null || _b === void 0 ? void 0 : _b.call(this, parsedMessage, extra);
}
async close() {
this._sseResponse?.end();
var _a, _b;
(_a = this._sseResponse) === null || _a === void 0 ? void 0 : _a.end();
this._sseResponse = undefined;
this.onclose?.();
(_b = this.onclose) === null || _b === void 0 ? void 0 : _b.call(this);
}
async send(message) {
if (!this._sseResponse) {
throw new Error('Not connected');
throw new Error("Not connected");
}
this._sseResponse.write(`event: message\ndata: ${JSON.stringify(message)}\n\n`);
}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/sse.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"sse.js","sourceRoot":"","sources":["../../../src/server/sse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGzC,OAAO,EAAkB,oBAAoB,EAAiC,MAAM,aAAa,CAAC;AAClG,OAAO,UAAU,MAAM,UAAU,CAAC;AAClC,OAAO,WAAW,MAAM,cAAc,CAAC;AAEvC,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAE/B,MAAM,oBAAoB,GAAG,KAAK,CAAC;AA+BnC;;;;;GAKG;AACH,MAAM,OAAO,kBAAkB;IAQ3B;;OAEG;IACH,YACY,SAAiB,EACjB,GAAmB,EAC3B,OAAmC;QAF3B,cAAS,GAAT,SAAS,CAAQ;QACjB,QAAG,GAAH,GAAG,CAAgB;QAG3B,IAAI,CAAC,UAAU,GAAG,UAAU,EAAE,CAAC;QAC/B,IAAI,CAAC,QAAQ,GAAG,OAAO,IAAI,EAAE,4BAA4B,EAAE,KAAK,EAAE,CAAC;IACvE,CAAC;IAED;;;OAGG;IACK,sBAAsB,CAAC,GAAoB;QAC/C,+CAA+C;QAC/C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,4BAA4B,EAAE,CAAC;YAC9C,OAAO,SAAS,CAAC;QACrB,CAAC;QAED,qDAAqD;QACrD,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtE,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC;YACpC,IAAI,CAAC,UAAU,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAClE,OAAO,wBAAwB,UAAU,EAAE,CAAC;YAChD,CAAC;QACL,CAAC;QAED,yDAAyD;QACzD,IAAI,IAAI,CAAC,QAAQ,CAAC,cAAc,IAAI,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1E,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;YACxC,IAAI,YAAY,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBACvE,OAAO,0BAA0B,YAAY,EAAE,CAAC;YACpD,CAAC;QACL,CAAC;QAED,OAAO,SAAS,CAAC;IACrB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,KAAK;QACP,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,6GAA6G,CAAC,CAAC;QACnI,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;YACpB,cAAc,EAAE,mBAAmB;YACnC,eAAe,EAAE,wBAAwB;YACzC,UAAU,EAAE,YAAY;SAC3B,CAAC,CAAC;QAEH,0BAA0B;QAC1B,2DAA2D;QAC3D,uEAAuE;QACvE,MAAM,SAAS,GAAG,kBAAkB,CAAC,CAAC,uBAAuB;QAC7D,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACvD,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAE3D,iEAAiE;QACjE,MAAM,sBAAsB,GAAG,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC;QAE5F,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,0BAA0B,sBAAsB,MAAM,CAAC,CAAC;QAEvE,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC;QAC7B,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YACtB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;YAC9B,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;QACrB,CAAC,CAAC,CAAC;IACP,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,GAA0C,EAAE,GAAmB,EAAE,UAAoB;QACzG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACrB,MAAM,OAAO,GAAG,gCAAgC,CAAC;YACjD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;QAC7B,CAAC;QAED,wDAAwD;QACxD,MAAM,eAAe,GAAG,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC;QACzD,IAAI,eAAe,EAAE,CAAC;YAClB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YACxC,IAAI,CAAC,OAAO,EAAE,CAAC,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;YAC3C,OAAO;QACX,CAAC;QAED,MAAM,QAAQ,GAAyB,GAAG,CAAC,IAAI,CAAC;QAChD,MAAM,WAAW,GAAgB,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC;QAE1D,IAAI,IAAsB,CAAC;QAC3B,IAAI,CAAC;YACD,MAAM,EAAE,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC;YAChE,IAAI,EAAE,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;gBACjC,MAAM,IAAI,KAAK,CAAC,6BAA6B,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;YAC5D,CAAC;YAED,IAAI;gBACA,UAAU;oBACV,CAAC,MAAM,UAAU,CAAC,GAAG,EAAE;wBACnB,KAAK,EAAE,oBAAoB;wBAC3B,QAAQ,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,IAAI,OAAO;qBAC7C,CAAC,CAAC,CAAC;QACZ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YACtC,IAAI,CAAC,OAAO,EAAE,CAAC,KAAc,CAAC,CAAC;YAC/B,OAAO;QACX,CAAC;QAED,IAAI,CAAC;YACD,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC5G,CAAC;QAAC,MAAM,CAAC;YACL,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC;YACnD,OAAO;QACX,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,OAAgB,EAAE,KAAwB;QAC1D,IAAI,aAA6B,CAAC;QAClC,IAAI,CAAC;YACD,aAAa,GAAG,oBAAoB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACxD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,CAAC,OAAO,EAAE,CAAC,KAAc,CAAC,CAAC;YAC/B,MAAM,KAAK,CAAC;QAChB,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,KAAK;QACP,IAAI,CAAC,YAAY,EAAE,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,OAAuB;QAC9B,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACrC,CAAC;QAED,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,yBAAyB,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACpF,CAAC;IAED;;;;OAIG;IACH,IAAI,SAAS;QACT,OAAO,IAAI,CAAC,UAAU,CAAC;IAC3B,CAAC;CACJ"}
{"version":3,"file":"sse.js","sourceRoot":"","sources":["../../../src/server/sse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGzC,OAAO,EAAkB,oBAAoB,EAAiC,MAAM,aAAa,CAAC;AAClG,OAAO,UAAU,MAAM,UAAU,CAAC;AAClC,OAAO,WAAW,MAAM,cAAc,CAAC;AAEvC,OAAO,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC;AAE1B,MAAM,oBAAoB,GAAG,KAAK,CAAC;AAyBnC;;;;GAIG;AACH,MAAM,OAAO,kBAAkB;IAQ7B;;OAEG;IACH,YACU,SAAiB,EACjB,GAAmB,EAC3B,OAAmC;QAF3B,cAAS,GAAT,SAAS,CAAQ;QACjB,QAAG,GAAH,GAAG,CAAgB;QAG3B,IAAI,CAAC,UAAU,GAAG,UAAU,EAAE,CAAC;QAC/B,IAAI,CAAC,QAAQ,GAAG,OAAO,IAAI,EAAC,4BAA4B,EAAE,KAAK,EAAC,CAAC;IACnE,CAAC;IAED;;;OAGG;IACK,sBAAsB,CAAC,GAAoB;QACjD,+CAA+C;QAC/C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,4BAA4B,EAAE,CAAC;YAChD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,qDAAqD;QACrD,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxE,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC;YACpC,IAAI,CAAC,UAAU,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACpE,OAAO,wBAAwB,UAAU,EAAE,CAAC;YAC9C,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,IAAI,IAAI,CAAC,QAAQ,CAAC,cAAc,IAAI,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5E,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;YACxC,IAAI,CAAC,YAAY,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC1E,OAAO,0BAA0B,YAAY,EAAE,CAAC;YAClD,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,KAAK;QACT,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CACb,6GAA6G,CAC9G,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;YACtB,cAAc,EAAE,mBAAmB;YACnC,eAAe,EAAE,wBAAwB;YACzC,UAAU,EAAE,YAAY;SACzB,CAAC,CAAC;QAEH,0BAA0B;QAC1B,2DAA2D;QAC3D,uEAAuE;QACvE,MAAM,SAAS,GAAG,kBAAkB,CAAC,CAAC,uBAAuB;QAC7D,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACvD,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAE3D,iEAAiE;QACjE,MAAM,sBAAsB,GAAG,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC;QAE5F,IAAI,CAAC,GAAG,CAAC,KAAK,CACZ,0BAA0B,sBAAsB,MAAM,CACvD,CAAC;QAEF,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC;QAC7B,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;;YACxB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;YAC9B,MAAA,IAAI,CAAC,OAAO,oDAAI,CAAC;QACnB,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CACrB,GAA0C,EAC1C,GAAmB,EACnB,UAAoB;;QAEpB,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,OAAO,GAAG,gCAAgC,CAAC;YACjD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;QAC3B,CAAC;QAED,wDAAwD;QACxD,MAAM,eAAe,GAAG,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC;QACzD,IAAI,eAAe,EAAE,CAAC;YACpB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YACxC,MAAA,IAAI,CAAC,OAAO,qDAAG,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;YAC3C,OAAO;QACT,CAAC;QAED,MAAM,QAAQ,GAAyB,GAAG,CAAC,IAAI,CAAC;QAChD,MAAM,WAAW,GAAgB,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC;QAE1D,IAAI,IAAsB,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,WAAW,CAAC,KAAK,CAAC,MAAA,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,mCAAI,EAAE,CAAC,CAAC;YAChE,IAAI,EAAE,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,6BAA6B,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;YAC1D,CAAC;YAED,IAAI,GAAG,UAAU,aAAV,UAAU,cAAV,UAAU,GAAI,MAAM,UAAU,CAAC,GAAG,EAAE;gBACzC,KAAK,EAAE,oBAAoB;gBAC3B,QAAQ,EAAE,MAAA,EAAE,CAAC,UAAU,CAAC,OAAO,mCAAI,OAAO;aAC3C,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YACtC,MAAA,IAAI,CAAC,OAAO,qDAAG,KAAc,CAAC,CAAC;YAC/B,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC1G,CAAC;QAAC,WAAM,CAAC;YACP,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC;YACnD,OAAO;QACT,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,OAAgB,EAAE,KAAwB;;QAC5D,IAAI,aAA6B,CAAC;QAClC,IAAI,CAAC;YACH,aAAa,GAAG,oBAAoB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAA,IAAI,CAAC,OAAO,qDAAG,KAAc,CAAC,CAAC;YAC/B,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAA,IAAI,CAAC,SAAS,qDAAG,aAAa,EAAE,KAAK,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,KAAK;;QACT,MAAA,IAAI,CAAC,YAAY,0CAAE,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,MAAA,IAAI,CAAC,OAAO,oDAAI,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,OAAuB;QAChC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACnC,CAAC;QAED,IAAI,CAAC,YAAY,CAAC,KAAK,CACrB,yBAAyB,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CACvD,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;CACF"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/stdio.d.ts
Generated Vendored
+4 -4
View File
@@ -1,8 +1,8 @@
import { Readable, Writable } from 'node:stream';
import { JSONRPCMessage } from '../types.js';
import { Transport } from '../shared/transport.js';
import { Readable, Writable } from "node:stream";
import { JSONRPCMessage } from "../types.js";
import { Transport } from "../shared/transport.js";
/**
* Server transport for stdio: this communicates with an MCP client by reading from the current process' stdin and writing to stdout.
* Server transport for stdio: this communicates with a MCP client by reading from the current process' stdin and writing to stdout.
*
* This transport is only available in Node.js environments.
*/
node_modules/@modelcontextprotocol/sdk/dist/esm/server/stdio.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"stdio.d.ts","sourceRoot":"","sources":["../../../src/server/stdio.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEjD,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAEnD;;;;GAIG;AACH,qBAAa,oBAAqB,YAAW,SAAS;IAK9C,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,OAAO;IALnB,OAAO,CAAC,WAAW,CAAgC;IACnD,OAAO,CAAC,QAAQ,CAAS;gBAGb,MAAM,GAAE,QAAwB,EAChC,OAAO,GAAE,QAAyB;IAG9C,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACjC,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,cAAc,KAAK,IAAI,CAAC;IAG9C,OAAO,UAAW,MAAM,UAGtB;IACF,QAAQ,UAAW,KAAK,UAEtB;IAEF;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAY5B,OAAO,CAAC,iBAAiB;IAenB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAkB5B,IAAI,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;CAU/C"}
{"version":3,"file":"stdio.d.ts","sourceRoot":"","sources":["../../../src/server/stdio.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEjD,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAEnD;;;;GAIG;AACH,qBAAa,oBAAqB,YAAW,SAAS;IAKlD,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,OAAO;IALjB,OAAO,CAAC,WAAW,CAAgC;IACnD,OAAO,CAAC,QAAQ,CAAS;gBAGf,MAAM,GAAE,QAAwB,EAChC,OAAO,GAAE,QAAyB;IAG5C,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACjC,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,cAAc,KAAK,IAAI,CAAC;IAG9C,OAAO,UAAW,MAAM,UAGtB;IACF,QAAQ,UAAW,KAAK,UAEtB;IAEF;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAY5B,OAAO,CAAC,iBAAiB;IAenB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAkB5B,IAAI,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;CAU7C"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/stdio.js
Generated Vendored
+17 -14
View File
@@ -1,7 +1,7 @@
import process from 'node:process';
import { ReadBuffer, serializeMessage } from '../shared/stdio.js';
import process from "node:process";
import { ReadBuffer, serializeMessage } from "../shared/stdio.js";
/**
* Server transport for stdio: this communicates with an MCP client by reading from the current process' stdin and writing to stdout.
* Server transport for stdio: this communicates with a MCP client by reading from the current process' stdin and writing to stdout.
*
* This transport is only available in Node.js environments.
*/
@@ -17,7 +17,8 @@ export class StdioServerTransport {
this.processReadBuffer();
};
this._onerror = (error) => {
this.onerror?.(error);
var _a;
(_a = this.onerror) === null || _a === void 0 ? void 0 : _a.call(this, error);
};
}
/**
@@ -25,30 +26,32 @@ export class StdioServerTransport {
*/
async start() {
if (this._started) {
throw new Error('StdioServerTransport already started! If using Server class, note that connect() calls start() automatically.');
throw new Error("StdioServerTransport already started! If using Server class, note that connect() calls start() automatically.");
}
this._started = true;
this._stdin.on('data', this._ondata);
this._stdin.on('error', this._onerror);
this._stdin.on("data", this._ondata);
this._stdin.on("error", this._onerror);
}
processReadBuffer() {
var _a, _b;
while (true) {
try {
const message = this._readBuffer.readMessage();
if (message === null) {
break;
}
this.onmessage?.(message);
(_a = this.onmessage) === null || _a === void 0 ? void 0 : _a.call(this, message);
}
catch (error) {
this.onerror?.(error);
(_b = this.onerror) === null || _b === void 0 ? void 0 : _b.call(this, error);
}
}
}
async close() {
var _a;
// Remove our event listeners first
this._stdin.off('data', this._ondata);
this._stdin.off('error', this._onerror);
this._stdin.off("data", this._ondata);
this._stdin.off("error", this._onerror);
// Check if we were the only data listener
const remainingDataListeners = this._stdin.listenerCount('data');
if (remainingDataListeners === 0) {
@@ -58,16 +61,16 @@ export class StdioServerTransport {
}
// Clear the buffer and notify closure
this._readBuffer.clear();
this.onclose?.();
(_a = this.onclose) === null || _a === void 0 ? void 0 : _a.call(this);
}
send(message) {
return new Promise(resolve => {
return new Promise((resolve) => {
const json = serializeMessage(message);
if (this._stdout.write(json)) {
resolve();
}
else {
this._stdout.once('drain', resolve);
this._stdout.once("drain", resolve);
}
});
}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/stdio.js.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"stdio.js","sourceRoot":"","sources":["../../../src/server/stdio.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,MAAM,cAAc,CAAC;AAEnC,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAIlE;;;;GAIG;AACH,MAAM,OAAO,oBAAoB;IAI7B,YACY,SAAmB,OAAO,CAAC,KAAK,EAChC,UAAoB,OAAO,CAAC,MAAM;QADlC,WAAM,GAAN,MAAM,CAA0B;QAChC,YAAO,GAAP,OAAO,CAA2B;QALtC,gBAAW,GAAe,IAAI,UAAU,EAAE,CAAC;QAC3C,aAAQ,GAAG,KAAK,CAAC;QAWzB,gFAAgF;QAChF,YAAO,GAAG,CAAC,KAAa,EAAE,EAAE;YACxB,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC7B,CAAC,CAAC;QACF,aAAQ,GAAG,CAAC,KAAY,EAAE,EAAE;YACxB,IAAI,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC;QAC1B,CAAC,CAAC;IAbC,CAAC;IAeJ;;OAEG;IACH,KAAK,CAAC,KAAK;QACP,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CACX,+GAA+G,CAClH,CAAC;QACN,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IAEO,iBAAiB;QACrB,OAAO,IAAI,EAAE,CAAC;YACV,IAAI,CAAC;gBACD,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;gBAC/C,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;oBACnB,MAAM;gBACV,CAAC;gBAED,IAAI,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC;YAC9B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACb,IAAI,CAAC,OAAO,EAAE,CAAC,KAAc,CAAC,CAAC;YACnC,CAAC;QACL,CAAC;IACL,CAAC;IAED,KAAK,CAAC,KAAK;QACP,mCAAmC;QACnC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QAExC,0CAA0C;QAC1C,MAAM,sBAAsB,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACjE,IAAI,sBAAsB,KAAK,CAAC,EAAE,CAAC;YAC/B,gDAAgD;YAChD,0FAA0F;YAC1F,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QACxB,CAAC;QAED,sCAAsC;QACtC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;IACrB,CAAC;IAED,IAAI,CAAC,OAAuB;QACxB,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;YACzB,MAAM,IAAI,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;YACvC,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3B,OAAO,EAAE,CAAC;YACd,CAAC;iBAAM,CAAC;gBACJ,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACxC,CAAC;QACL,CAAC,CAAC,CAAC;IACP,CAAC;CACJ"}
{"version":3,"file":"stdio.js","sourceRoot":"","sources":["../../../src/server/stdio.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,MAAM,cAAc,CAAC;AAEnC,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAIlE;;;;GAIG;AACH,MAAM,OAAO,oBAAoB;IAI/B,YACU,SAAmB,OAAO,CAAC,KAAK,EAChC,UAAoB,OAAO,CAAC,MAAM;QADlC,WAAM,GAAN,MAAM,CAA0B;QAChC,YAAO,GAAP,OAAO,CAA2B;QALpC,gBAAW,GAAe,IAAI,UAAU,EAAE,CAAC;QAC3C,aAAQ,GAAG,KAAK,CAAC;QAWzB,gFAAgF;QAChF,YAAO,GAAG,CAAC,KAAa,EAAE,EAAE;YAC1B,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC3B,CAAC,CAAC;QACF,aAAQ,GAAG,CAAC,KAAY,EAAE,EAAE;;YAC1B,MAAA,IAAI,CAAC,OAAO,qDAAG,KAAK,CAAC,CAAC;QACxB,CAAC,CAAC;IAbC,CAAC;IAeJ;;OAEG;IACH,KAAK,CAAC,KAAK;QACT,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CACb,+GAA+G,CAChH,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC;IAEO,iBAAiB;;QACvB,OAAO,IAAI,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;gBAC/C,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;oBACrB,MAAM;gBACR,CAAC;gBAED,MAAA,IAAI,CAAC,SAAS,qDAAG,OAAO,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAA,IAAI,CAAC,OAAO,qDAAG,KAAc,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK;;QACT,mCAAmC;QACnC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QAExC,0CAA0C;QAC1C,MAAM,sBAAsB,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACjE,IAAI,sBAAsB,KAAK,CAAC,EAAE,CAAC;YACjC,gDAAgD;YAChD,0FAA0F;YAC1F,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QACtB,CAAC;QAED,sCAAsC;QACtC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QACzB,MAAA,IAAI,CAAC,OAAO,oDAAI,CAAC;IACnB,CAAC;IAED,IAAI,CAAC,OAAuB;QAC1B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,MAAM,IAAI,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;YACvC,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,OAAO,EAAE,CAAC;YACZ,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACtC,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/streamableHttp.d.ts
Generated Vendored
+127 -64
View File
@@ -1,30 +1,85 @@
import { IncomingMessage, ServerResponse } from "node:http";
import { Transport } from "../shared/transport.js";
import { MessageExtraInfo, JSONRPCMessage, RequestId } from "../types.js";
import { AuthInfo } from "./auth/types.js";
export type StreamId = string;
export type EventId = string;
/**
* Node.js HTTP Streamable HTTP Server Transport
*
* This is a thin wrapper around `WebStandardStreamableHTTPServerTransport` that provides
* compatibility with Node.js HTTP server (IncomingMessage/ServerResponse).
*
* For web-standard environments (Cloudflare Workers, Deno, Bun), use `WebStandardStreamableHTTPServerTransport` directly.
* Interface for resumability support via event storage
*/
import { IncomingMessage, ServerResponse } from 'node:http';
import { Transport } from '../shared/transport.js';
import { AuthInfo } from './auth/types.js';
import { MessageExtraInfo, JSONRPCMessage, RequestId } from '../types.js';
import { WebStandardStreamableHTTPServerTransportOptions, EventStore, StreamId, EventId } from './webStandardStreamableHttp.js';
export type { EventStore, StreamId, EventId };
export interface EventStore {
/**
* Stores an event for later retrieval
* @param streamId ID of the stream the event belongs to
* @param message The JSON-RPC message to store
* @returns The generated event ID for the stored event
*/
storeEvent(streamId: StreamId, message: JSONRPCMessage): Promise<EventId>;
replayEventsAfter(lastEventId: EventId, { send }: {
send: (eventId: EventId, message: JSONRPCMessage) => Promise<void>;
}): Promise<StreamId>;
}
/**
* Configuration options for StreamableHTTPServerTransport
*
* This is an alias for WebStandardStreamableHTTPServerTransportOptions for backward compatibility.
*/
export type StreamableHTTPServerTransportOptions = WebStandardStreamableHTTPServerTransportOptions;
export interface StreamableHTTPServerTransportOptions {
/**
* Function that generates a session ID for the transport.
* The session ID SHOULD be globally unique and cryptographically secure (e.g., a securely generated UUID, a JWT, or a cryptographic hash)
*
* Return undefined to disable session management.
*/
sessionIdGenerator: (() => string) | undefined;
/**
* A callback for session initialization events
* This is called when the server initializes a new session.
* Useful in cases when you need to register multiple mcp sessions
* and need to keep track of them.
* @param sessionId The generated session ID
*/
onsessioninitialized?: (sessionId: string) => void | Promise<void>;
/**
* A callback for session close events
* This is called when the server closes a session due to a DELETE request.
* Useful in cases when you need to clean up resources associated with the session.
* Note that this is different from the transport closing, if you are handling
* HTTP requests from multiple nodes you might want to close each
* StreamableHTTPServerTransport after a request is completed while still keeping the
* session open/running.
* @param sessionId The session ID that was closed
*/
onsessionclosed?: (sessionId: string) => void | Promise<void>;
/**
* If true, the server will return JSON responses instead of starting an SSE stream.
* This can be useful for simple request/response scenarios without streaming.
* Default is false (SSE streams are preferred).
*/
enableJsonResponse?: boolean;
/**
* Event store for resumability support
* If provided, resumability will be enabled, allowing clients to reconnect and resume messages
*/
eventStore?: EventStore;
/**
* List of allowed host header values for DNS rebinding protection.
* If not specified, host validation is disabled.
*/
allowedHosts?: string[];
/**
* List of allowed origin header values for DNS rebinding protection.
* If not specified, origin validation is disabled.
*/
allowedOrigins?: string[];
/**
* Enable DNS rebinding protection (requires allowedHosts and/or allowedOrigins to be configured).
* Default is false for backwards compatibility.
*/
enableDnsRebindingProtection?: boolean;
}
/**
* Server transport for Streamable HTTP: this implements the MCP Streamable HTTP transport specification.
* It supports both SSE streaming and direct HTTP responses.
*
* This is a wrapper around `WebStandardStreamableHTTPServerTransport` that provides Node.js HTTP compatibility.
* It uses the `@hono/node-server` library to convert between Node.js HTTP and Web Standard APIs.
*
* Usage example:
*
* ```typescript
@@ -56,67 +111,75 @@ export type StreamableHTTPServerTransportOptions = WebStandardStreamableHTTPServ
* - No session validation is performed
*/
export declare class StreamableHTTPServerTransport implements Transport {
private _webStandardTransport;
private _requestListener;
private _requestContext;
constructor(options?: StreamableHTTPServerTransportOptions);
/**
* Gets the session ID for this transport instance.
*/
get sessionId(): string | undefined;
/**
* Sets callback for when the transport is closed.
*/
set onclose(handler: (() => void) | undefined);
get onclose(): (() => void) | undefined;
/**
* Sets callback for transport errors.
*/
set onerror(handler: ((error: Error) => void) | undefined);
get onerror(): ((error: Error) => void) | undefined;
/**
* Sets callback for incoming messages.
*/
set onmessage(handler: ((message: JSONRPCMessage, extra?: MessageExtraInfo) => void) | undefined);
get onmessage(): ((message: JSONRPCMessage, extra?: MessageExtraInfo) => void) | undefined;
private sessionIdGenerator;
private _started;
private _streamMapping;
private _requestToStreamMapping;
private _requestResponseMap;
private _initialized;
private _enableJsonResponse;
private _standaloneSseStreamId;
private _eventStore?;
private _onsessioninitialized?;
private _onsessionclosed?;
private _allowedHosts?;
private _allowedOrigins?;
private _enableDnsRebindingProtection;
sessionId?: string;
onclose?: () => void;
onerror?: (error: Error) => void;
onmessage?: (message: JSONRPCMessage, extra?: MessageExtraInfo) => void;
constructor(options: StreamableHTTPServerTransportOptions);
/**
* Starts the transport. This is required by the Transport interface but is a no-op
* for the Streamable HTTP transport as connections are managed per-request.
*/
start(): Promise<void>;
/**
* Closes the transport and all active connections.
* Validates request headers for DNS rebinding protection.
* @returns Error message if validation fails, undefined if validation passes.
*/
close(): Promise<void>;
private validateRequestHeaders;
/**
* Sends a JSON-RPC message through the transport.
*/
send(message: JSONRPCMessage, options?: {
relatedRequestId?: RequestId;
}): Promise<void>;
/**
* Handles an incoming HTTP request, whether GET or POST.
*
* This method converts Node.js HTTP objects to Web Standard Request/Response
* and delegates to the underlying WebStandardStreamableHTTPServerTransport.
*
* @param req - Node.js IncomingMessage, optionally with auth property from middleware
* @param res - Node.js ServerResponse
* @param parsedBody - Optional pre-parsed body from body-parser middleware
* Handles an incoming HTTP request, whether GET or POST
*/
handleRequest(req: IncomingMessage & {
auth?: AuthInfo;
}, res: ServerResponse, parsedBody?: unknown): Promise<void>;
/**
* Close an SSE stream for a specific request, triggering client reconnection.
* Use this to implement polling behavior during long-running operations -
* client will reconnect after the retry interval specified in the priming event.
* Handles GET requests for SSE stream
*/
closeSSEStream(requestId: RequestId): void;
private handleGetRequest;
/**
* Close the standalone GET SSE stream, triggering client reconnection.
* Use this to implement polling behavior for server-initiated notifications.
* Replays events that would have been sent after the specified event ID
* Only used when resumability is enabled
*/
closeStandaloneSSEStream(): void;
private replayEvents;
/**
* Writes an event to the SSE stream with proper formatting
*/
private writeSSEEvent;
/**
* Handles unsupported requests (PUT, PATCH, etc.)
*/
private handleUnsupportedRequest;
/**
* Handles POST requests containing JSON-RPC messages
*/
private handlePostRequest;
/**
* Handles DELETE requests to terminate sessions
*/
private handleDeleteRequest;
/**
* Validates session ID for non-initialization requests
* Returns true if the session is valid, false otherwise
*/
private validateSession;
private validateProtocolVersion;
close(): Promise<void>;
send(message: JSONRPCMessage, options?: {
relatedRequestId?: RequestId;
}): Promise<void>;
}
//# sourceMappingURL=streamableHttp.d.ts.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/streamableHttp.d.ts.map
Generated Vendored
+1 -1
View File
@@ -1 +1 @@
{"version":3,"file":"streamableHttp.d.ts","sourceRoot":"","sources":["../../../src/server/streamableHttp.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAE5D,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAC1E,OAAO,EAEH,+CAA+C,EAC/C,UAAU,EACV,QAAQ,EACR,OAAO,EACV,MAAM,gCAAgC,CAAC;AAGxC,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;AAE9C;;;;GAIG;AACH,MAAM,MAAM,oCAAoC,GAAG,+CAA+C,CAAC;AAEnG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,qBAAa,6BAA8B,YAAW,SAAS;IAC3D,OAAO,CAAC,qBAAqB,CAA2C;IACxE,OAAO,CAAC,gBAAgB,CAAwC;IAEhE,OAAO,CAAC,eAAe,CAAkF;gBAE7F,OAAO,GAAE,oCAAyC;IAoB9D;;OAEG;IACH,IAAI,SAAS,IAAI,MAAM,GAAG,SAAS,CAElC;IAED;;OAEG;IACH,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC,MAAM,IAAI,CAAC,GAAG,SAAS,EAE5C;IAED,IAAI,OAAO,IAAI,CAAC,MAAM,IAAI,CAAC,GAAG,SAAS,CAEtC;IAED;;OAEG;IACH,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC,GAAG,SAAS,EAExD;IAED,IAAI,OAAO,IAAI,CAAC,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC,GAAG,SAAS,CAElD;IAED;;OAEG;IACH,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,gBAAgB,KAAK,IAAI,CAAC,GAAG,SAAS,EAE/F;IAED,IAAI,SAAS,IAAI,CAAC,CAAC,OAAO,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,gBAAgB,KAAK,IAAI,CAAC,GAAG,SAAS,CAEzF;IAED;;;OAGG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAI5B;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAI5B;;OAEG;IACG,IAAI,CAAC,OAAO,EAAE,cAAc,EAAE,OAAO,CAAC,EAAE;QAAE,gBAAgB,CAAC,EAAE,SAAS,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9F;;;;;;;;;OASG;IACG,aAAa,CAAC,GAAG,EAAE,eAAe,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAAE,GAAG,EAAE,cAAc,EAAE,UAAU,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAuBzH;;;;OAIG;IACH,cAAc,CAAC,SAAS,EAAE,SAAS,GAAG,IAAI;IAI1C;;;OAGG;IACH,wBAAwB,IAAI,IAAI;CAGnC"}
{"version":3,"file":"streamableHttp.d.ts","sourceRoot":"","sources":["../../../src/server/streamableHttp.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAyF,cAAc,EAAwB,SAAS,EAAoE,MAAM,aAAa,CAAC;AAIzP,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAI3C,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAC;AAC9B,MAAM,MAAM,OAAO,GAAG,MAAM,CAAC;AAE7B;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;;;;OAKG;IACH,UAAU,CAAC,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAE1E,iBAAiB,CAAC,WAAW,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,EAAE;QAChD,IAAI,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,cAAc,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;KACnE,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,oCAAoC;IACnD;;;;;OAKG;IACH,kBAAkB,EAAE,CAAC,MAAM,MAAM,CAAC,GAAG,SAAS,CAAC;IAE/C;;;;;;OAMG;IACH,oBAAoB,CAAC,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEnE;;;;;;;;;MASE;IACF,eAAe,CAAC,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9D;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAE7B;;;OAGG;IACH,UAAU,CAAC,EAAE,UAAU,CAAC;IAExB;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB;;;OAGG;IACH,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1B;;;OAGG;IACH,4BAA4B,CAAC,EAAE,OAAO,CAAC;CACxC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,qBAAa,6BAA8B,YAAW,SAAS;IAE7D,OAAO,CAAC,kBAAkB,CAA6B;IACvD,OAAO,CAAC,QAAQ,CAAkB;IAClC,OAAO,CAAC,cAAc,CAA0C;IAChE,OAAO,CAAC,uBAAuB,CAAqC;IACpE,OAAO,CAAC,mBAAmB,CAA6C;IACxE,OAAO,CAAC,YAAY,CAAkB;IACtC,OAAO,CAAC,mBAAmB,CAAkB;IAC7C,OAAO,CAAC,sBAAsB,CAAyB;IACvD,OAAO,CAAC,WAAW,CAAC,CAAa;IACjC,OAAO,CAAC,qBAAqB,CAAC,CAA8C;IAC5E,OAAO,CAAC,gBAAgB,CAAC,CAA8C;IACvE,OAAO,CAAC,aAAa,CAAC,CAAW;IACjC,OAAO,CAAC,eAAe,CAAC,CAAW;IACnC,OAAO,CAAC,6BAA6B,CAAU;IAE/C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACjC,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,gBAAgB,KAAK,IAAI,CAAC;gBAE5D,OAAO,EAAE,oCAAoC;IAWzD;;;OAGG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAO5B;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAyB9B;;OAEG;IACG,aAAa,CAAC,GAAG,EAAE,eAAe,GAAG;QAAE,IAAI,CAAC,EAAE,QAAQ,CAAA;KAAE,EAAE,GAAG,EAAE,cAAc,EAAE,UAAU,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IA2BzH;;OAEG;YACW,gBAAgB;IAwE9B;;;OAGG;YACW,YAAY;IA8B1B;;OAEG;IACH,OAAO,CAAC,aAAa;IAWrB;;OAEG;YACW,wBAAwB;IAatC;;OAEG;YACW,iBAAiB;IA0K/B;;OAEG;YACW,mBAAmB;IAYjC;;;OAGG;IACH,OAAO,CAAC,eAAe;IA2DvB,OAAO,CAAC,uBAAuB;IAoBzB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAYtB,IAAI,CAAC,OAAO,EAAE,cAAc,EAAE,OAAO,CAAC,EAAE;QAAE,gBAAgB,CAAC,EAAE,SAAS,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;CAgG/F"}
node_modules/@modelcontextprotocol/sdk/dist/esm/server/streamableHttp.js
Generated Vendored
+553 -104
View File
@@ -1,20 +1,12 @@
/**
* Node.js HTTP Streamable HTTP Server Transport
*
* This is a thin wrapper around `WebStandardStreamableHTTPServerTransport` that provides
* compatibility with Node.js HTTP server (IncomingMessage/ServerResponse).
*
* For web-standard environments (Cloudflare Workers, Deno, Bun), use `WebStandardStreamableHTTPServerTransport` directly.
*/
import { getRequestListener } from '@hono/node-server';
import { WebStandardStreamableHTTPServerTransport } from './webStandardStreamableHttp.js';
import { isInitializeRequest, isJSONRPCError, isJSONRPCRequest, isJSONRPCResponse, JSONRPCMessageSchema, SUPPORTED_PROTOCOL_VERSIONS, DEFAULT_NEGOTIATED_PROTOCOL_VERSION } from "../types.js";
import getRawBody from "raw-body";
import contentType from "content-type";
import { randomUUID } from "node:crypto";
const MAXIMUM_MESSAGE_SIZE = "4mb";
/**
* Server transport for Streamable HTTP: this implements the MCP Streamable HTTP transport specification.
* It supports both SSE streaming and direct HTTP responses.
*
* This is a wrapper around `WebStandardStreamableHTTPServerTransport` that provides Node.js HTTP compatibility.
* It uses the `@hono/node-server` library to convert between Node.js HTTP and Web Standard APIs.
*
* Usage example:
*
* ```typescript
@@ -46,116 +38,573 @@ import { WebStandardStreamableHTTPServerTransport } from './webStandardStreamabl
* - No session validation is performed
*/
export class StreamableHTTPServerTransport {
constructor(options = {}) {
// Store auth and parsedBody per request for passing through to handleRequest
this._requestContext = new WeakMap();
this._webStandardTransport = new WebStandardStreamableHTTPServerTransport(options);
// Create a request listener that wraps the web standard transport
// getRequestListener converts Node.js HTTP to Web Standard and properly handles SSE streaming
// overrideGlobalObjects: false prevents Hono from overwriting global Response, which would
// break frameworks like Next.js whose response classes extend the native Response
this._requestListener = getRequestListener(async (webRequest) => {
// Get context if available (set during handleRequest)
const context = this._requestContext.get(webRequest);
return this._webStandardTransport.handleRequest(webRequest, {
authInfo: context?.authInfo,
parsedBody: context?.parsedBody
});
}, { overrideGlobalObjects: false });
}
/**
* Gets the session ID for this transport instance.
*/
get sessionId() {
return this._webStandardTransport.sessionId;
}
/**
* Sets callback for when the transport is closed.
*/
set onclose(handler) {
this._webStandardTransport.onclose = handler;
}
get onclose() {
return this._webStandardTransport.onclose;
}
/**
* Sets callback for transport errors.
*/
set onerror(handler) {
this._webStandardTransport.onerror = handler;
}
get onerror() {
return this._webStandardTransport.onerror;
}
/**
* Sets callback for incoming messages.
*/
set onmessage(handler) {
this._webStandardTransport.onmessage = handler;
}
get onmessage() {
return this._webStandardTransport.onmessage;
constructor(options) {
var _a, _b;
this._started = false;
this._streamMapping = new Map();
this._requestToStreamMapping = new Map();
this._requestResponseMap = new Map();
this._initialized = false;
this._enableJsonResponse = false;
this._standaloneSseStreamId = '_GET_stream';
this.sessionIdGenerator = options.sessionIdGenerator;
this._enableJsonResponse = (_a = options.enableJsonResponse) !== null && _a !== void 0 ? _a : false;
this._eventStore = options.eventStore;
this._onsessioninitialized = options.onsessioninitialized;
this._onsessionclosed = options.onsessionclosed;
this._allowedHosts = options.allowedHosts;
this._allowedOrigins = options.allowedOrigins;
this._enableDnsRebindingProtection = (_b = options.enableDnsRebindingProtection) !== null && _b !== void 0 ? _b : false;
}
/**
* Starts the transport. This is required by the Transport interface but is a no-op
* for the Streamable HTTP transport as connections are managed per-request.
*/
async start() {
return this._webStandardTransport.start();
if (this._started) {
throw new Error("Transport already started");
}
this._started = true;
}
/**
* Closes the transport and all active connections.
* Validates request headers for DNS rebinding protection.
* @returns Error message if validation fails, undefined if validation passes.
*/
async close() {
return this._webStandardTransport.close();
validateRequestHeaders(req) {
// Skip validation if protection is not enabled
if (!this._enableDnsRebindingProtection) {
return undefined;
}
// Validate Host header if allowedHosts is configured
if (this._allowedHosts && this._allowedHosts.length > 0) {
const hostHeader = req.headers.host;
if (!hostHeader || !this._allowedHosts.includes(hostHeader)) {
return `Invalid Host header: ${hostHeader}`;
}
}
// Validate Origin header if allowedOrigins is configured
if (this._allowedOrigins && this._allowedOrigins.length > 0) {
const originHeader = req.headers.origin;
if (!originHeader || !this._allowedOrigins.includes(originHeader)) {
return `Invalid Origin header: ${originHeader}`;
}
}
return undefined;
}
/**
* Sends a JSON-RPC message through the transport.
*/
async send(message, options) {
return this._webStandardTransport.send(message, options);
}
/**
* Handles an incoming HTTP request, whether GET or POST.
*
* This method converts Node.js HTTP objects to Web Standard Request/Response
* and delegates to the underlying WebStandardStreamableHTTPServerTransport.
*
* @param req - Node.js IncomingMessage, optionally with auth property from middleware
* @param res - Node.js ServerResponse
* @param parsedBody - Optional pre-parsed body from body-parser middleware
* Handles an incoming HTTP request, whether GET or POST
*/
async handleRequest(req, res, parsedBody) {
// Store context for this request to pass through auth and parsedBody
// We need to intercept the request creation to attach this context
const authInfo = req.auth;
// Create a custom handler that includes our context
// overrideGlobalObjects: false prevents Hono from overwriting global Response, which would
// break frameworks like Next.js whose response classes extend the native Response
const handler = getRequestListener(async (webRequest) => {
return this._webStandardTransport.handleRequest(webRequest, {
authInfo,
parsedBody
});
}, { overrideGlobalObjects: false });
// Delegate to the request listener which handles all the Node.js <-> Web Standard conversion
// including proper SSE streaming support
await handler(req, res);
var _a;
// Validate request headers for DNS rebinding protection
const validationError = this.validateRequestHeaders(req);
if (validationError) {
res.writeHead(403).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: validationError
},
id: null
}));
(_a = this.onerror) === null || _a === void 0 ? void 0 : _a.call(this, new Error(validationError));
return;
}
if (req.method === "POST") {
await this.handlePostRequest(req, res, parsedBody);
}
else if (req.method === "GET") {
await this.handleGetRequest(req, res);
}
else if (req.method === "DELETE") {
await this.handleDeleteRequest(req, res);
}
else {
await this.handleUnsupportedRequest(res);
}
}
/**
* Close an SSE stream for a specific request, triggering client reconnection.
* Use this to implement polling behavior during long-running operations -
* client will reconnect after the retry interval specified in the priming event.
* Handles GET requests for SSE stream
*/
closeSSEStream(requestId) {
this._webStandardTransport.closeSSEStream(requestId);
async handleGetRequest(req, res) {
// The client MUST include an Accept header, listing text/event-stream as a supported content type.
const acceptHeader = req.headers.accept;
if (!(acceptHeader === null || acceptHeader === void 0 ? void 0 : acceptHeader.includes("text/event-stream"))) {
res.writeHead(406).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: "Not Acceptable: Client must accept text/event-stream"
},
id: null
}));
return;
}
// If an Mcp-Session-Id is returned by the server during initialization,
// clients using the Streamable HTTP transport MUST include it
// in the Mcp-Session-Id header on all of their subsequent HTTP requests.
if (!this.validateSession(req, res)) {
return;
}
if (!this.validateProtocolVersion(req, res)) {
return;
}
// Handle resumability: check for Last-Event-ID header
if (this._eventStore) {
const lastEventId = req.headers['last-event-id'];
if (lastEventId) {
await this.replayEvents(lastEventId, res);
return;
}
}
// The server MUST either return Content-Type: text/event-stream in response to this HTTP GET,
// or else return HTTP 405 Method Not Allowed
const headers = {
"Content-Type": "text/event-stream",
"Cache-Control": "no-cache, no-transform",
Connection: "keep-alive",
};
// After initialization, always include the session ID if we have one
if (this.sessionId !== undefined) {
headers["mcp-session-id"] = this.sessionId;
}
// Check if there's already an active standalone SSE stream for this session
if (this._streamMapping.get(this._standaloneSseStreamId) !== undefined) {
// Only one GET SSE stream is allowed per session
res.writeHead(409).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: "Conflict: Only one SSE stream is allowed per session"
},
id: null
}));
return;
}
// We need to send headers immediately as messages will arrive much later,
// otherwise the client will just wait for the first message
res.writeHead(200, headers).flushHeaders();
// Assign the response to the standalone SSE stream
this._streamMapping.set(this._standaloneSseStreamId, res);
// Set up close handler for client disconnects
res.on("close", () => {
this._streamMapping.delete(this._standaloneSseStreamId);
});
}
/**
* Close the standalone GET SSE stream, triggering client reconnection.
* Use this to implement polling behavior for server-initiated notifications.
* Replays events that would have been sent after the specified event ID
* Only used when resumability is enabled
*/
closeStandaloneSSEStream() {
this._webStandardTransport.closeStandaloneSSEStream();
async replayEvents(lastEventId, res) {
var _a, _b;
if (!this._eventStore) {
return;
}
try {
const headers = {
"Content-Type": "text/event-stream",
"Cache-Control": "no-cache, no-transform",
Connection: "keep-alive",
};
if (this.sessionId !== undefined) {
headers["mcp-session-id"] = this.sessionId;
}
res.writeHead(200, headers).flushHeaders();
const streamId = await ((_a = this._eventStore) === null || _a === void 0 ? void 0 : _a.replayEventsAfter(lastEventId, {
send: async (eventId, message) => {
var _a;
if (!this.writeSSEEvent(res, message, eventId)) {
(_a = this.onerror) === null || _a === void 0 ? void 0 : _a.call(this, new Error("Failed replay events"));
res.end();
}
}
}));
this._streamMapping.set(streamId, res);
}
catch (error) {
(_b = this.onerror) === null || _b === void 0 ? void 0 : _b.call(this, error);
}
}
/**
* Writes an event to the SSE stream with proper formatting
*/
writeSSEEvent(res, message, eventId) {
let eventData = `event: message\n`;
// Include event ID if provided - this is important for resumability
if (eventId) {
eventData += `id: ${eventId}\n`;
}
eventData += `data: ${JSON.stringify(message)}\n\n`;
return res.write(eventData);
}
/**
* Handles unsupported requests (PUT, PATCH, etc.)
*/
async handleUnsupportedRequest(res) {
res.writeHead(405, {
"Allow": "GET, POST, DELETE"
}).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: "Method not allowed."
},
id: null
}));
}
/**
* Handles POST requests containing JSON-RPC messages
*/
async handlePostRequest(req, res, parsedBody) {
var _a, _b, _c, _d, _e;
try {
// Validate the Accept header
const acceptHeader = req.headers.accept;
// The client MUST include an Accept header, listing both application/json and text/event-stream as supported content types.
if (!(acceptHeader === null || acceptHeader === void 0 ? void 0 : acceptHeader.includes("application/json")) || !acceptHeader.includes("text/event-stream")) {
res.writeHead(406).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: "Not Acceptable: Client must accept both application/json and text/event-stream"
},
id: null
}));
return;
}
const ct = req.headers["content-type"];
if (!ct || !ct.includes("application/json")) {
res.writeHead(415).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: "Unsupported Media Type: Content-Type must be application/json"
},
id: null
}));
return;
}
const authInfo = req.auth;
const requestInfo = { headers: req.headers };
let rawMessage;
if (parsedBody !== undefined) {
rawMessage = parsedBody;
}
else {
const parsedCt = contentType.parse(ct);
const body = await getRawBody(req, {
limit: MAXIMUM_MESSAGE_SIZE,
encoding: (_a = parsedCt.parameters.charset) !== null && _a !== void 0 ? _a : "utf-8",
});
rawMessage = JSON.parse(body.toString());
}
let messages;
// handle batch and single messages
if (Array.isArray(rawMessage)) {
messages = rawMessage.map(msg => JSONRPCMessageSchema.parse(msg));
}
else {
messages = [JSONRPCMessageSchema.parse(rawMessage)];
}
// Check if this is an initialization request
// https://spec.modelcontextprotocol.io/specification/2025-03-26/basic/lifecycle/
const isInitializationRequest = messages.some(isInitializeRequest);
if (isInitializationRequest) {
// If it's a server with session management and the session ID is already set we should reject the request
// to avoid re-initialization.
if (this._initialized && this.sessionId !== undefined) {
res.writeHead(400).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32600,
message: "Invalid Request: Server already initialized"
},
id: null
}));
return;
}
if (messages.length > 1) {
res.writeHead(400).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32600,
message: "Invalid Request: Only one initialization request is allowed"
},
id: null
}));
return;
}
this.sessionId = (_b = this.sessionIdGenerator) === null || _b === void 0 ? void 0 : _b.call(this);
this._initialized = true;
// If we have a session ID and an onsessioninitialized handler, call it immediately
// This is needed in cases where the server needs to keep track of multiple sessions
if (this.sessionId && this._onsessioninitialized) {
await Promise.resolve(this._onsessioninitialized(this.sessionId));
}
}
if (!isInitializationRequest) {
// If an Mcp-Session-Id is returned by the server during initialization,
// clients using the Streamable HTTP transport MUST include it
// in the Mcp-Session-Id header on all of their subsequent HTTP requests.
if (!this.validateSession(req, res)) {
return;
}
// Mcp-Protocol-Version header is required for all requests after initialization.
if (!this.validateProtocolVersion(req, res)) {
return;
}
}
// check if it contains requests
const hasRequests = messages.some(isJSONRPCRequest);
if (!hasRequests) {
// if it only contains notifications or responses, return 202
res.writeHead(202).end();
// handle each message
for (const message of messages) {
(_c = this.onmessage) === null || _c === void 0 ? void 0 : _c.call(this, message, { authInfo, requestInfo });
}
}
else if (hasRequests) {
// The default behavior is to use SSE streaming
// but in some cases server will return JSON responses
const streamId = randomUUID();
if (!this._enableJsonResponse) {
const headers = {
"Content-Type": "text/event-stream",
"Cache-Control": "no-cache",
Connection: "keep-alive",
};
// After initialization, always include the session ID if we have one
if (this.sessionId !== undefined) {
headers["mcp-session-id"] = this.sessionId;
}
res.writeHead(200, headers);
}
// Store the response for this request to send messages back through this connection
// We need to track by request ID to maintain the connection
for (const message of messages) {
if (isJSONRPCRequest(message)) {
this._streamMapping.set(streamId, res);
this._requestToStreamMapping.set(message.id, streamId);
}
}
// Set up close handler for client disconnects
res.on("close", () => {
this._streamMapping.delete(streamId);
});
// handle each message
for (const message of messages) {
(_d = this.onmessage) === null || _d === void 0 ? void 0 : _d.call(this, message, { authInfo, requestInfo });
}
// The server SHOULD NOT close the SSE stream before sending all JSON-RPC responses
// This will be handled by the send() method when responses are ready
}
}
catch (error) {
// return JSON-RPC formatted error
res.writeHead(400).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32700,
message: "Parse error",
data: String(error)
},
id: null
}));
(_e = this.onerror) === null || _e === void 0 ? void 0 : _e.call(this, error);
}
}
/**
* Handles DELETE requests to terminate sessions
*/
async handleDeleteRequest(req, res) {
var _a;
if (!this.validateSession(req, res)) {
return;
}
if (!this.validateProtocolVersion(req, res)) {
return;
}
await Promise.resolve((_a = this._onsessionclosed) === null || _a === void 0 ? void 0 : _a.call(this, this.sessionId));
await this.close();
res.writeHead(200).end();
}
/**
* Validates session ID for non-initialization requests
* Returns true if the session is valid, false otherwise
*/
validateSession(req, res) {
if (this.sessionIdGenerator === undefined) {
// If the sessionIdGenerator ID is not set, the session management is disabled
// and we don't need to validate the session ID
return true;
}
if (!this._initialized) {
// If the server has not been initialized yet, reject all requests
res.writeHead(400).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: "Bad Request: Server not initialized"
},
id: null
}));
return false;
}
const sessionId = req.headers["mcp-session-id"];
if (!sessionId) {
// Non-initialization requests without a session ID should return 400 Bad Request
res.writeHead(400).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: "Bad Request: Mcp-Session-Id header is required"
},
id: null
}));
return false;
}
else if (Array.isArray(sessionId)) {
res.writeHead(400).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: "Bad Request: Mcp-Session-Id header must be a single value"
},
id: null
}));
return false;
}
else if (sessionId !== this.sessionId) {
// Reject requests with invalid session ID with 404 Not Found
res.writeHead(404).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32001,
message: "Session not found"
},
id: null
}));
return false;
}
return true;
}
validateProtocolVersion(req, res) {
var _a;
let protocolVersion = (_a = req.headers["mcp-protocol-version"]) !== null && _a !== void 0 ? _a : DEFAULT_NEGOTIATED_PROTOCOL_VERSION;
if (Array.isArray(protocolVersion)) {
protocolVersion = protocolVersion[protocolVersion.length - 1];
}
if (!SUPPORTED_PROTOCOL_VERSIONS.includes(protocolVersion)) {
res.writeHead(400).end(JSON.stringify({
jsonrpc: "2.0",
error: {
code: -32000,
message: `Bad Request: Unsupported protocol version (supported versions: ${SUPPORTED_PROTOCOL_VERSIONS.join(", ")})`
},
id: null
}));
return false;
}
return true;
}
async close() {
var _a;
// Close all SSE connections
this._streamMapping.forEach((response) => {
response.end();
});
this._streamMapping.clear();
// Clear any pending responses
this._requestResponseMap.clear();
(_a = this.onclose) === null || _a === void 0 ? void 0 : _a.call(this);
}
async send(message, options) {
let requestId = options === null || options === void 0 ? void 0 : options.relatedRequestId;
if (isJSONRPCResponse(message) || isJSONRPCError(message)) {
// If the message is a response, use the request ID from the message
requestId = message.id;
}
// Check if this message should be sent on the standalone SSE stream (no request ID)
// Ignore notifications from tools (which have relatedRequestId set)
// Those will be sent via dedicated response SSE streams
if (requestId === undefined) {
// For standalone SSE streams, we can only send requests and notifications
if (isJSONRPCResponse(message) || isJSONRPCError(message)) {
throw new Error("Cannot send a response on a standalone SSE stream unless resuming a previous client request");
}
const standaloneSse = this._streamMapping.get(this._standaloneSseStreamId);
if (standaloneSse === undefined) {
// The spec says the server MAY send messages on the stream, so it's ok to discard if no stream
return;
}
// Generate and store event ID if event store is provided
let eventId;
if (this._eventStore) {
// Stores the event and gets the generated event ID
eventId = await this._eventStore.storeEvent(this._standaloneSseStreamId, message);
}
// Send the message to the standalone SSE stream
this.writeSSEEvent(standaloneSse, message, eventId);
return;
}
// Get the response for this request
const streamId = this._requestToStreamMapping.get(requestId);
const response = this._streamMapping.get(streamId);
if (!streamId) {
throw new Error(`No connection established for request ID: ${String(requestId)}`);
}
if (!this._enableJsonResponse) {
// For SSE responses, generate event ID if event store is provided
let eventId;
if (this._eventStore) {
eventId = await this._eventStore.storeEvent(streamId, message);
}
if (response) {
// Write the event to the response stream
this.writeSSEEvent(response, message, eventId);
}
}
if (isJSONRPCResponse(message) || isJSONRPCError(message)) {
this._requestResponseMap.set(requestId, message);
const relatedIds = Array.from(this._requestToStreamMapping.entries())
.filter(([_, streamId]) => this._streamMapping.get(streamId) === response)
.map(([id]) => id);
// Check if we have responses for all requests using this connection
const allResponsesReady = relatedIds.every(id => this._requestResponseMap.has(id));
if (allResponsesReady) {
if (!response) {
throw new Error(`No connection established for request ID: ${String(requestId)}`);
}
if (this._enableJsonResponse) {
// All responses ready, send as JSON
const headers = {
'Content-Type': 'application/json',
};
if (this.sessionId !== undefined) {
headers['mcp-session-id'] = this.sessionId;
}
const responses = relatedIds
.map(id => this._requestResponseMap.get(id));
response.writeHead(200, headers);
if (responses.length === 1) {
response.end(JSON.stringify(responses[0]));
}
else {
response.end(JSON.stringify(responses));
}
}
else {
// End the SSE stream
response.end();
}
// Clean up
for (const id of relatedIds) {
this._requestResponseMap.delete(id);
this._requestToStreamMapping.delete(id);
}
}
}
}
}
//# sourceMappingURL=streamableHttp.js.map
node_modules/@modelcontextprotocol/sdk/dist/esm/server/streamableHttp.js.map
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long