@ai-sdk/mcp 1.0.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/CHANGELOG.md +21 -0
  2. package/LICENSE +13 -0
  3. package/dist/index.d.mts +301 -0
  4. package/dist/index.d.ts +301 -0
  5. package/dist/index.js +1754 -0
  6. package/dist/index.js.map +1 -0
  7. package/dist/index.mjs +1727 -0
  8. package/dist/index.mjs.map +1 -0
  9. package/dist/mcp-stdio/index.d.mts +89 -0
  10. package/dist/mcp-stdio/index.d.ts +89 -0
  11. package/dist/mcp-stdio/index.js +351 -0
  12. package/dist/mcp-stdio/index.js.map +1 -0
  13. package/dist/mcp-stdio/index.mjs +324 -0
  14. package/dist/mcp-stdio/index.mjs.map +1 -0
  15. package/package.json +75 -0
package/CHANGELOG.md ADDED
@@ -0,0 +1,21 @@
1
+ # @ai-sdk/mcp
2
+
3
+ ## 1.0.0-beta.0
4
+
5
+ ### Major Changes
6
+
7
+ - eca63f3: feat(ai): add OAuth for MCP clients + refactor to new package
8
+
9
+ This change replaces
10
+
11
+ ```ts
12
+ import { experimental_createMCPClient } from 'ai';
13
+ import { Experimental_StdioMCPTransport } from 'ai/mcp-stdio';
14
+ ```
15
+
16
+ with
17
+
18
+ ```ts
19
+ import { experimental_createMCPClient } from '@ai-sdk/mcp';
20
+ import { Experimental_StdioMCPTransport } from '@ai-sdk/mcp/mcp-stdio';
21
+ ```
package/LICENSE ADDED
@@ -0,0 +1,13 @@
1
+ Copyright 2023 Vercel, Inc.
2
+
3
+ Licensed under the Apache License, Version 2.0 (the "License");
4
+ you may not use this file except in compliance with the License.
5
+ You may obtain a copy of the License at
6
+
7
+ http://www.apache.org/licenses/LICENSE-2.0
8
+
9
+ Unless required by applicable law or agreed to in writing, software
10
+ distributed under the License is distributed on an "AS IS" BASIS,
11
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ See the License for the specific language governing permissions and
13
+ limitations under the License.
package/dist/index.d.mts ADDED
@@ -0,0 +1,301 @@
1
+ import { z } from 'zod/v4';
2
+ import { FetchFunction, FlexibleSchema, Tool } from '@ai-sdk/provider-utils';
3
+ import { JSONObject } from '@ai-sdk/provider';
4
+
5
+ declare const JSONRPCRequestSchema: z.ZodObject<{
6
+ jsonrpc: z.ZodLiteral<"2.0">;
7
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
8
+ method: z.ZodString;
9
+ params: z.ZodOptional<z.ZodObject<{
10
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
11
+ }, z.core.$loose>>;
12
+ }, z.core.$strict>;
13
+ type JSONRPCRequest = z.infer<typeof JSONRPCRequestSchema>;
14
+ declare const JSONRPCResponseSchema: z.ZodObject<{
15
+ jsonrpc: z.ZodLiteral<"2.0">;
16
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
17
+ result: z.ZodObject<{
18
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
19
+ }, z.core.$loose>;
20
+ }, z.core.$strict>;
21
+ type JSONRPCResponse = z.infer<typeof JSONRPCResponseSchema>;
22
+ declare const JSONRPCErrorSchema: z.ZodObject<{
23
+ jsonrpc: z.ZodLiteral<"2.0">;
24
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
25
+ error: z.ZodObject<{
26
+ code: z.ZodNumber;
27
+ message: z.ZodString;
28
+ data: z.ZodOptional<z.ZodUnknown>;
29
+ }, z.core.$strip>;
30
+ }, z.core.$strict>;
31
+ type JSONRPCError = z.infer<typeof JSONRPCErrorSchema>;
32
+ declare const JSONRPCNotificationSchema: z.ZodObject<{
33
+ jsonrpc: z.ZodLiteral<"2.0">;
34
+ method: z.ZodString;
35
+ params: z.ZodOptional<z.ZodObject<{
36
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
37
+ }, z.core.$loose>>;
38
+ }, z.core.$strict>;
39
+ type JSONRPCNotification = z.infer<typeof JSONRPCNotificationSchema>;
40
+ declare const JSONRPCMessageSchema: z.ZodUnion<readonly [z.ZodObject<{
41
+ jsonrpc: z.ZodLiteral<"2.0">;
42
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
43
+ method: z.ZodString;
44
+ params: z.ZodOptional<z.ZodObject<{
45
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
46
+ }, z.core.$loose>>;
47
+ }, z.core.$strict>, z.ZodObject<{
48
+ jsonrpc: z.ZodLiteral<"2.0">;
49
+ method: z.ZodString;
50
+ params: z.ZodOptional<z.ZodObject<{
51
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
52
+ }, z.core.$loose>>;
53
+ }, z.core.$strict>, z.ZodObject<{
54
+ jsonrpc: z.ZodLiteral<"2.0">;
55
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
56
+ result: z.ZodObject<{
57
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
58
+ }, z.core.$loose>;
59
+ }, z.core.$strict>, z.ZodObject<{
60
+ jsonrpc: z.ZodLiteral<"2.0">;
61
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
62
+ error: z.ZodObject<{
63
+ code: z.ZodNumber;
64
+ message: z.ZodString;
65
+ data: z.ZodOptional<z.ZodUnknown>;
66
+ }, z.core.$strip>;
67
+ }, z.core.$strict>]>;
68
+ type JSONRPCMessage = z.infer<typeof JSONRPCMessageSchema>;
69
+
70
+ /**
71
+ * OAuth 2.1 token response
72
+ */
73
+ declare const OAuthTokensSchema: z.ZodObject<{
74
+ access_token: z.ZodString;
75
+ id_token: z.ZodOptional<z.ZodString>;
76
+ token_type: z.ZodString;
77
+ expires_in: z.ZodOptional<z.ZodNumber>;
78
+ scope: z.ZodOptional<z.ZodString>;
79
+ refresh_token: z.ZodOptional<z.ZodString>;
80
+ }, z.core.$strip>;
81
+ declare const OAuthMetadataSchema: z.ZodObject<{
82
+ issuer: z.ZodString;
83
+ authorization_endpoint: z.ZodString;
84
+ token_endpoint: z.ZodString;
85
+ registration_endpoint: z.ZodOptional<z.ZodString>;
86
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
87
+ response_types_supported: z.ZodArray<z.ZodString>;
88
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
89
+ code_challenge_methods_supported: z.ZodArray<z.ZodString>;
90
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
91
+ token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
92
+ }, z.core.$loose>;
93
+ /**
94
+ * OpenID Connect Discovery metadata that may include OAuth 2.0 fields
95
+ * This schema represents the real-world scenario where OIDC providers
96
+ * return a mix of OpenID Connect and OAuth 2.0 metadata fields
97
+ */
98
+ declare const OpenIdProviderDiscoveryMetadataSchema: z.ZodObject<{
99
+ issuer: z.ZodString;
100
+ authorization_endpoint: z.ZodString;
101
+ token_endpoint: z.ZodString;
102
+ userinfo_endpoint: z.ZodOptional<z.ZodString>;
103
+ jwks_uri: z.ZodString;
104
+ registration_endpoint: z.ZodOptional<z.ZodString>;
105
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
106
+ response_types_supported: z.ZodArray<z.ZodString>;
107
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
108
+ subject_types_supported: z.ZodArray<z.ZodString>;
109
+ id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
110
+ claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
111
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
112
+ code_challenge_methods_supported: z.ZodArray<z.ZodString>;
113
+ }, z.core.$loose>;
114
+ declare const OAuthClientInformationSchema: z.ZodObject<{
115
+ client_id: z.ZodString;
116
+ client_secret: z.ZodOptional<z.ZodString>;
117
+ client_id_issued_at: z.ZodOptional<z.ZodNumber>;
118
+ client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
119
+ }, z.core.$strip>;
120
+ declare const OAuthClientMetadataSchema: z.ZodObject<{
121
+ redirect_uris: z.ZodArray<z.ZodString>;
122
+ token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
123
+ grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
124
+ response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
125
+ client_name: z.ZodOptional<z.ZodString>;
126
+ client_uri: z.ZodOptional<z.ZodString>;
127
+ logo_uri: z.ZodOptional<z.ZodString>;
128
+ scope: z.ZodOptional<z.ZodString>;
129
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
130
+ tos_uri: z.ZodOptional<z.ZodString>;
131
+ policy_uri: z.ZodOptional<z.ZodString>;
132
+ jwks_uri: z.ZodOptional<z.ZodString>;
133
+ jwks: z.ZodOptional<z.ZodAny>;
134
+ software_id: z.ZodOptional<z.ZodString>;
135
+ software_version: z.ZodOptional<z.ZodString>;
136
+ software_statement: z.ZodOptional<z.ZodString>;
137
+ }, z.core.$strip>;
138
+ type OAuthMetadata = z.infer<typeof OAuthMetadataSchema>;
139
+ type OpenIdProviderDiscoveryMetadata = z.infer<typeof OpenIdProviderDiscoveryMetadataSchema>;
140
+ type OAuthTokens = z.infer<typeof OAuthTokensSchema>;
141
+ type OAuthClientInformation = z.infer<typeof OAuthClientInformationSchema>;
142
+ type AuthorizationServerMetadata = OAuthMetadata | OpenIdProviderDiscoveryMetadata;
143
+ type OAuthClientMetadata = z.infer<typeof OAuthClientMetadataSchema>;
144
+
145
+ type AuthResult = 'AUTHORIZED' | 'REDIRECT';
146
+ interface OAuthClientProvider {
147
+ /**
148
+ * Returns current access token if present; undefined otherwise.
149
+ */
150
+ tokens(): OAuthTokens | undefined | Promise<OAuthTokens | undefined>;
151
+ saveTokens(tokens: OAuthTokens): void | Promise<void>;
152
+ redirectToAuthorization(authorizationUrl: URL): void | Promise<void>;
153
+ saveCodeVerifier(codeVerifier: string): void | Promise<void>;
154
+ codeVerifier(): string | Promise<string>;
155
+ /**
156
+ * Adds custom client authentication to OAuth token requests.
157
+ *
158
+ * This optional method allows implementations to customize how client credentials
159
+ * are included in token exchange and refresh requests. When provided, this method
160
+ * is called instead of the default authentication logic, giving full control over
161
+ * the authentication mechanism.
162
+ *
163
+ * Common use cases include:
164
+ * - Supporting authentication methods beyond the standard OAuth 2.0 methods
165
+ * - Adding custom headers for proprietary authentication schemes
166
+ * - Implementing client assertion-based authentication (e.g., JWT bearer tokens)
167
+ *
168
+ * @param headers - The request headers (can be modified to add authentication)
169
+ * @param params - The request body parameters (can be modified to add credentials)
170
+ * @param url - The token endpoint URL being called
171
+ * @param metadata - Optional OAuth metadata for the server, which may include supported authentication methods
172
+ */
173
+ addClientAuthentication?(headers: Headers, params: URLSearchParams, url: string | URL, metadata?: AuthorizationServerMetadata): void | Promise<void>;
174
+ /**
175
+ * If implemented, provides a way for the client to invalidate (e.g. delete) the specified
176
+ * credentials, in the case where the server has indicated that they are no longer valid.
177
+ * This avoids requiring the user to intervene manually.
178
+ */
179
+ invalidateCredentials?(scope: 'all' | 'client' | 'tokens' | 'verifier'): void | Promise<void>;
180
+ get redirectUrl(): string | URL;
181
+ get clientMetadata(): OAuthClientMetadata;
182
+ clientInformation(): OAuthClientInformation | undefined | Promise<OAuthClientInformation | undefined>;
183
+ saveClientInformation?(clientInformation: OAuthClientInformation): void | Promise<void>;
184
+ state?(): string | Promise<string>;
185
+ validateResourceURL?(serverUrl: string | URL, resource?: string): Promise<URL | undefined>;
186
+ }
187
+ declare class UnauthorizedError extends Error {
188
+ constructor(message?: string);
189
+ }
190
+ declare function auth(provider: OAuthClientProvider, options: {
191
+ serverUrl: string | URL;
192
+ authorizationCode?: string;
193
+ scope?: string;
194
+ resourceMetadataUrl?: URL;
195
+ fetchFn?: FetchFunction;
196
+ }): Promise<AuthResult>;
197
+
198
+ /**
199
+ * Transport interface for MCP (Model Context Protocol) communication.
200
+ * Maps to the `Transport` interface in the MCP spec.
201
+ */
202
+ interface MCPTransport {
203
+ /**
204
+ * Initialize and start the transport
205
+ */
206
+ start(): Promise<void>;
207
+ /**
208
+ * Send a JSON-RPC message through the transport
209
+ * @param message The JSON-RPC message to send
210
+ */
211
+ send(message: JSONRPCMessage): Promise<void>;
212
+ /**
213
+ * Clean up and close the transport
214
+ */
215
+ close(): Promise<void>;
216
+ /**
217
+ * Event handler for transport closure
218
+ */
219
+ onclose?: () => void;
220
+ /**
221
+ * Event handler for transport errors
222
+ */
223
+ onerror?: (error: Error) => void;
224
+ /**
225
+ * Event handler for received messages
226
+ */
227
+ onmessage?: (message: JSONRPCMessage) => void;
228
+ }
229
+ type MCPTransportConfig = {
230
+ type: 'sse' | 'http';
231
+ /**
232
+ * The URL of the MCP server.
233
+ */
234
+ url: string;
235
+ /**
236
+ * Additional HTTP headers to be sent with requests.
237
+ */
238
+ headers?: Record<string, string>;
239
+ /**
240
+ * An optional OAuth client provider to use for authentication for MCP servers.
241
+ */
242
+ authProvider?: OAuthClientProvider;
243
+ };
244
+
245
+ type ToolSchemas = Record<string, {
246
+ inputSchema: FlexibleSchema<JSONObject | unknown>;
247
+ }> | 'automatic' | undefined;
248
+ type McpToolSet<TOOL_SCHEMAS extends ToolSchemas = 'automatic'> = TOOL_SCHEMAS extends Record<string, {
249
+ inputSchema: FlexibleSchema<any>;
250
+ }> ? {
251
+ [K in keyof TOOL_SCHEMAS]: TOOL_SCHEMAS[K] extends {
252
+ inputSchema: FlexibleSchema<infer INPUT>;
253
+ } ? Tool<INPUT, CallToolResult> & Required<Pick<Tool<INPUT, CallToolResult>, 'execute'>> : never;
254
+ } : McpToolSet<Record<string, {
255
+ inputSchema: FlexibleSchema<unknown>;
256
+ }>>;
257
+ declare const CallToolResultSchema: z.ZodUnion<[z.ZodObject<{
258
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
259
+ content: z.ZodArray<z.ZodUnion<readonly [z.ZodObject<{
260
+ type: z.ZodLiteral<"text">;
261
+ text: z.ZodString;
262
+ }, z.core.$loose>, z.ZodObject<{
263
+ type: z.ZodLiteral<"image">;
264
+ data: z.ZodBase64;
265
+ mimeType: z.ZodString;
266
+ }, z.core.$loose>, z.ZodObject<{
267
+ type: z.ZodLiteral<"resource">;
268
+ resource: z.ZodUnion<readonly [z.ZodObject<{
269
+ uri: z.ZodString;
270
+ mimeType: z.ZodOptional<z.ZodString>;
271
+ text: z.ZodString;
272
+ }, z.core.$loose>, z.ZodObject<{
273
+ uri: z.ZodString;
274
+ mimeType: z.ZodOptional<z.ZodString>;
275
+ blob: z.ZodBase64;
276
+ }, z.core.$loose>]>;
277
+ }, z.core.$loose>]>>;
278
+ isError: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
279
+ }, z.core.$loose>, z.ZodObject<{
280
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
281
+ toolResult: z.ZodUnknown;
282
+ }, z.core.$loose>]>;
283
+ type CallToolResult = z.infer<typeof CallToolResultSchema>;
284
+
285
+ interface MCPClientConfig {
286
+ /** Transport configuration for connecting to the MCP server */
287
+ transport: MCPTransportConfig | MCPTransport;
288
+ /** Optional callback for uncaught errors */
289
+ onUncaughtError?: (error: unknown) => void;
290
+ /** Optional client name, defaults to 'ai-sdk-mcp-client' */
291
+ name?: string;
292
+ }
293
+ declare function createMCPClient(config: MCPClientConfig): Promise<MCPClient>;
294
+ interface MCPClient {
295
+ tools<TOOL_SCHEMAS extends ToolSchemas = 'automatic'>(options?: {
296
+ schemas?: TOOL_SCHEMAS;
297
+ }): Promise<McpToolSet<TOOL_SCHEMAS>>;
298
+ close: () => Promise<void>;
299
+ }
300
+
301
+ export { type JSONRPCError, type JSONRPCMessage, type JSONRPCNotification, type JSONRPCRequest, type JSONRPCResponse, type MCPTransport, type OAuthClientInformation, type OAuthClientMetadata, type OAuthClientProvider, type OAuthTokens, UnauthorizedError, auth, type MCPClient as experimental_MCPClient, type MCPClientConfig as experimental_MCPClientConfig, createMCPClient as experimental_createMCPClient };
package/dist/index.d.ts ADDED
@@ -0,0 +1,301 @@
1
+ import { z } from 'zod/v4';
2
+ import { FetchFunction, FlexibleSchema, Tool } from '@ai-sdk/provider-utils';
3
+ import { JSONObject } from '@ai-sdk/provider';
4
+
5
+ declare const JSONRPCRequestSchema: z.ZodObject<{
6
+ jsonrpc: z.ZodLiteral<"2.0">;
7
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
8
+ method: z.ZodString;
9
+ params: z.ZodOptional<z.ZodObject<{
10
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
11
+ }, z.core.$loose>>;
12
+ }, z.core.$strict>;
13
+ type JSONRPCRequest = z.infer<typeof JSONRPCRequestSchema>;
14
+ declare const JSONRPCResponseSchema: z.ZodObject<{
15
+ jsonrpc: z.ZodLiteral<"2.0">;
16
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
17
+ result: z.ZodObject<{
18
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
19
+ }, z.core.$loose>;
20
+ }, z.core.$strict>;
21
+ type JSONRPCResponse = z.infer<typeof JSONRPCResponseSchema>;
22
+ declare const JSONRPCErrorSchema: z.ZodObject<{
23
+ jsonrpc: z.ZodLiteral<"2.0">;
24
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
25
+ error: z.ZodObject<{
26
+ code: z.ZodNumber;
27
+ message: z.ZodString;
28
+ data: z.ZodOptional<z.ZodUnknown>;
29
+ }, z.core.$strip>;
30
+ }, z.core.$strict>;
31
+ type JSONRPCError = z.infer<typeof JSONRPCErrorSchema>;
32
+ declare const JSONRPCNotificationSchema: z.ZodObject<{
33
+ jsonrpc: z.ZodLiteral<"2.0">;
34
+ method: z.ZodString;
35
+ params: z.ZodOptional<z.ZodObject<{
36
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
37
+ }, z.core.$loose>>;
38
+ }, z.core.$strict>;
39
+ type JSONRPCNotification = z.infer<typeof JSONRPCNotificationSchema>;
40
+ declare const JSONRPCMessageSchema: z.ZodUnion<readonly [z.ZodObject<{
41
+ jsonrpc: z.ZodLiteral<"2.0">;
42
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
43
+ method: z.ZodString;
44
+ params: z.ZodOptional<z.ZodObject<{
45
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
46
+ }, z.core.$loose>>;
47
+ }, z.core.$strict>, z.ZodObject<{
48
+ jsonrpc: z.ZodLiteral<"2.0">;
49
+ method: z.ZodString;
50
+ params: z.ZodOptional<z.ZodObject<{
51
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
52
+ }, z.core.$loose>>;
53
+ }, z.core.$strict>, z.ZodObject<{
54
+ jsonrpc: z.ZodLiteral<"2.0">;
55
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
56
+ result: z.ZodObject<{
57
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
58
+ }, z.core.$loose>;
59
+ }, z.core.$strict>, z.ZodObject<{
60
+ jsonrpc: z.ZodLiteral<"2.0">;
61
+ id: z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>;
62
+ error: z.ZodObject<{
63
+ code: z.ZodNumber;
64
+ message: z.ZodString;
65
+ data: z.ZodOptional<z.ZodUnknown>;
66
+ }, z.core.$strip>;
67
+ }, z.core.$strict>]>;
68
+ type JSONRPCMessage = z.infer<typeof JSONRPCMessageSchema>;
69
+
70
+ /**
71
+ * OAuth 2.1 token response
72
+ */
73
+ declare const OAuthTokensSchema: z.ZodObject<{
74
+ access_token: z.ZodString;
75
+ id_token: z.ZodOptional<z.ZodString>;
76
+ token_type: z.ZodString;
77
+ expires_in: z.ZodOptional<z.ZodNumber>;
78
+ scope: z.ZodOptional<z.ZodString>;
79
+ refresh_token: z.ZodOptional<z.ZodString>;
80
+ }, z.core.$strip>;
81
+ declare const OAuthMetadataSchema: z.ZodObject<{
82
+ issuer: z.ZodString;
83
+ authorization_endpoint: z.ZodString;
84
+ token_endpoint: z.ZodString;
85
+ registration_endpoint: z.ZodOptional<z.ZodString>;
86
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
87
+ response_types_supported: z.ZodArray<z.ZodString>;
88
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
89
+ code_challenge_methods_supported: z.ZodArray<z.ZodString>;
90
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
91
+ token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
92
+ }, z.core.$loose>;
93
+ /**
94
+ * OpenID Connect Discovery metadata that may include OAuth 2.0 fields
95
+ * This schema represents the real-world scenario where OIDC providers
96
+ * return a mix of OpenID Connect and OAuth 2.0 metadata fields
97
+ */
98
+ declare const OpenIdProviderDiscoveryMetadataSchema: z.ZodObject<{
99
+ issuer: z.ZodString;
100
+ authorization_endpoint: z.ZodString;
101
+ token_endpoint: z.ZodString;
102
+ userinfo_endpoint: z.ZodOptional<z.ZodString>;
103
+ jwks_uri: z.ZodString;
104
+ registration_endpoint: z.ZodOptional<z.ZodString>;
105
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
106
+ response_types_supported: z.ZodArray<z.ZodString>;
107
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
108
+ subject_types_supported: z.ZodArray<z.ZodString>;
109
+ id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
110
+ claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
111
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
112
+ code_challenge_methods_supported: z.ZodArray<z.ZodString>;
113
+ }, z.core.$loose>;
114
+ declare const OAuthClientInformationSchema: z.ZodObject<{
115
+ client_id: z.ZodString;
116
+ client_secret: z.ZodOptional<z.ZodString>;
117
+ client_id_issued_at: z.ZodOptional<z.ZodNumber>;
118
+ client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
119
+ }, z.core.$strip>;
120
+ declare const OAuthClientMetadataSchema: z.ZodObject<{
121
+ redirect_uris: z.ZodArray<z.ZodString>;
122
+ token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
123
+ grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
124
+ response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
125
+ client_name: z.ZodOptional<z.ZodString>;
126
+ client_uri: z.ZodOptional<z.ZodString>;
127
+ logo_uri: z.ZodOptional<z.ZodString>;
128
+ scope: z.ZodOptional<z.ZodString>;
129
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
130
+ tos_uri: z.ZodOptional<z.ZodString>;
131
+ policy_uri: z.ZodOptional<z.ZodString>;
132
+ jwks_uri: z.ZodOptional<z.ZodString>;
133
+ jwks: z.ZodOptional<z.ZodAny>;
134
+ software_id: z.ZodOptional<z.ZodString>;
135
+ software_version: z.ZodOptional<z.ZodString>;
136
+ software_statement: z.ZodOptional<z.ZodString>;
137
+ }, z.core.$strip>;
138
+ type OAuthMetadata = z.infer<typeof OAuthMetadataSchema>;
139
+ type OpenIdProviderDiscoveryMetadata = z.infer<typeof OpenIdProviderDiscoveryMetadataSchema>;
140
+ type OAuthTokens = z.infer<typeof OAuthTokensSchema>;
141
+ type OAuthClientInformation = z.infer<typeof OAuthClientInformationSchema>;
142
+ type AuthorizationServerMetadata = OAuthMetadata | OpenIdProviderDiscoveryMetadata;
143
+ type OAuthClientMetadata = z.infer<typeof OAuthClientMetadataSchema>;
144
+
145
+ type AuthResult = 'AUTHORIZED' | 'REDIRECT';
146
+ interface OAuthClientProvider {
147
+ /**
148
+ * Returns current access token if present; undefined otherwise.
149
+ */
150
+ tokens(): OAuthTokens | undefined | Promise<OAuthTokens | undefined>;
151
+ saveTokens(tokens: OAuthTokens): void | Promise<void>;
152
+ redirectToAuthorization(authorizationUrl: URL): void | Promise<void>;
153
+ saveCodeVerifier(codeVerifier: string): void | Promise<void>;
154
+ codeVerifier(): string | Promise<string>;
155
+ /**
156
+ * Adds custom client authentication to OAuth token requests.
157
+ *
158
+ * This optional method allows implementations to customize how client credentials
159
+ * are included in token exchange and refresh requests. When provided, this method
160
+ * is called instead of the default authentication logic, giving full control over
161
+ * the authentication mechanism.
162
+ *
163
+ * Common use cases include:
164
+ * - Supporting authentication methods beyond the standard OAuth 2.0 methods
165
+ * - Adding custom headers for proprietary authentication schemes
166
+ * - Implementing client assertion-based authentication (e.g., JWT bearer tokens)
167
+ *
168
+ * @param headers - The request headers (can be modified to add authentication)
169
+ * @param params - The request body parameters (can be modified to add credentials)
170
+ * @param url - The token endpoint URL being called
171
+ * @param metadata - Optional OAuth metadata for the server, which may include supported authentication methods
172
+ */
173
+ addClientAuthentication?(headers: Headers, params: URLSearchParams, url: string | URL, metadata?: AuthorizationServerMetadata): void | Promise<void>;
174
+ /**
175
+ * If implemented, provides a way for the client to invalidate (e.g. delete) the specified
176
+ * credentials, in the case where the server has indicated that they are no longer valid.
177
+ * This avoids requiring the user to intervene manually.
178
+ */
179
+ invalidateCredentials?(scope: 'all' | 'client' | 'tokens' | 'verifier'): void | Promise<void>;
180
+ get redirectUrl(): string | URL;
181
+ get clientMetadata(): OAuthClientMetadata;
182
+ clientInformation(): OAuthClientInformation | undefined | Promise<OAuthClientInformation | undefined>;
183
+ saveClientInformation?(clientInformation: OAuthClientInformation): void | Promise<void>;
184
+ state?(): string | Promise<string>;
185
+ validateResourceURL?(serverUrl: string | URL, resource?: string): Promise<URL | undefined>;
186
+ }
187
+ declare class UnauthorizedError extends Error {
188
+ constructor(message?: string);
189
+ }
190
+ declare function auth(provider: OAuthClientProvider, options: {
191
+ serverUrl: string | URL;
192
+ authorizationCode?: string;
193
+ scope?: string;
194
+ resourceMetadataUrl?: URL;
195
+ fetchFn?: FetchFunction;
196
+ }): Promise<AuthResult>;
197
+
198
+ /**
199
+ * Transport interface for MCP (Model Context Protocol) communication.
200
+ * Maps to the `Transport` interface in the MCP spec.
201
+ */
202
+ interface MCPTransport {
203
+ /**
204
+ * Initialize and start the transport
205
+ */
206
+ start(): Promise<void>;
207
+ /**
208
+ * Send a JSON-RPC message through the transport
209
+ * @param message The JSON-RPC message to send
210
+ */
211
+ send(message: JSONRPCMessage): Promise<void>;
212
+ /**
213
+ * Clean up and close the transport
214
+ */
215
+ close(): Promise<void>;
216
+ /**
217
+ * Event handler for transport closure
218
+ */
219
+ onclose?: () => void;
220
+ /**
221
+ * Event handler for transport errors
222
+ */
223
+ onerror?: (error: Error) => void;
224
+ /**
225
+ * Event handler for received messages
226
+ */
227
+ onmessage?: (message: JSONRPCMessage) => void;
228
+ }
229
+ type MCPTransportConfig = {
230
+ type: 'sse' | 'http';
231
+ /**
232
+ * The URL of the MCP server.
233
+ */
234
+ url: string;
235
+ /**
236
+ * Additional HTTP headers to be sent with requests.
237
+ */
238
+ headers?: Record<string, string>;
239
+ /**
240
+ * An optional OAuth client provider to use for authentication for MCP servers.
241
+ */
242
+ authProvider?: OAuthClientProvider;
243
+ };
244
+
245
+ type ToolSchemas = Record<string, {
246
+ inputSchema: FlexibleSchema<JSONObject | unknown>;
247
+ }> | 'automatic' | undefined;
248
+ type McpToolSet<TOOL_SCHEMAS extends ToolSchemas = 'automatic'> = TOOL_SCHEMAS extends Record<string, {
249
+ inputSchema: FlexibleSchema<any>;
250
+ }> ? {
251
+ [K in keyof TOOL_SCHEMAS]: TOOL_SCHEMAS[K] extends {
252
+ inputSchema: FlexibleSchema<infer INPUT>;
253
+ } ? Tool<INPUT, CallToolResult> & Required<Pick<Tool<INPUT, CallToolResult>, 'execute'>> : never;
254
+ } : McpToolSet<Record<string, {
255
+ inputSchema: FlexibleSchema<unknown>;
256
+ }>>;
257
+ declare const CallToolResultSchema: z.ZodUnion<[z.ZodObject<{
258
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
259
+ content: z.ZodArray<z.ZodUnion<readonly [z.ZodObject<{
260
+ type: z.ZodLiteral<"text">;
261
+ text: z.ZodString;
262
+ }, z.core.$loose>, z.ZodObject<{
263
+ type: z.ZodLiteral<"image">;
264
+ data: z.ZodBase64;
265
+ mimeType: z.ZodString;
266
+ }, z.core.$loose>, z.ZodObject<{
267
+ type: z.ZodLiteral<"resource">;
268
+ resource: z.ZodUnion<readonly [z.ZodObject<{
269
+ uri: z.ZodString;
270
+ mimeType: z.ZodOptional<z.ZodString>;
271
+ text: z.ZodString;
272
+ }, z.core.$loose>, z.ZodObject<{
273
+ uri: z.ZodString;
274
+ mimeType: z.ZodOptional<z.ZodString>;
275
+ blob: z.ZodBase64;
276
+ }, z.core.$loose>]>;
277
+ }, z.core.$loose>]>>;
278
+ isError: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
279
+ }, z.core.$loose>, z.ZodObject<{
280
+ _meta: z.ZodOptional<z.ZodObject<{}, z.core.$loose>>;
281
+ toolResult: z.ZodUnknown;
282
+ }, z.core.$loose>]>;
283
+ type CallToolResult = z.infer<typeof CallToolResultSchema>;
284
+
285
+ interface MCPClientConfig {
286
+ /** Transport configuration for connecting to the MCP server */
287
+ transport: MCPTransportConfig | MCPTransport;
288
+ /** Optional callback for uncaught errors */
289
+ onUncaughtError?: (error: unknown) => void;
290
+ /** Optional client name, defaults to 'ai-sdk-mcp-client' */
291
+ name?: string;
292
+ }
293
+ declare function createMCPClient(config: MCPClientConfig): Promise<MCPClient>;
294
+ interface MCPClient {
295
+ tools<TOOL_SCHEMAS extends ToolSchemas = 'automatic'>(options?: {
296
+ schemas?: TOOL_SCHEMAS;
297
+ }): Promise<McpToolSet<TOOL_SCHEMAS>>;
298
+ close: () => Promise<void>;
299
+ }
300
+
301
+ export { type JSONRPCError, type JSONRPCMessage, type JSONRPCNotification, type JSONRPCRequest, type JSONRPCResponse, type MCPTransport, type OAuthClientInformation, type OAuthClientMetadata, type OAuthClientProvider, type OAuthTokens, UnauthorizedError, auth, type MCPClient as experimental_MCPClient, type MCPClientConfig as experimental_MCPClientConfig, createMCPClient as experimental_createMCPClient };