npm - @ai-sdk/mcp - Versions diffs - 1.0.42 → 1.0.43 - Mend

@ai-sdk/mcp 1.0.42 → 1.0.43

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/CHANGELOG.md +6 -0
package/README.md +134 -0
package/dist/index.js +20 -10
package/dist/index.js.map +1 -1
package/dist/index.mjs +20 -10
package/dist/index.mjs.map +1 -1
package/package.json +1 -1
package/src/tool/mcp-http-transport.ts +25 -10

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ai-sdk/mcp",
-  "version": "1.0.42",
+  "version": "1.0.43",
   "license": "Apache-2.0",
   "sideEffects": false,
   "main": "./dist/index.js",

package/src/tool/mcp-http-transport.ts CHANGED Viewed

@@ -16,6 +16,7 @@ import {
   extractResourceMetadataUrl,
   UnauthorizedError,
   auth,
+  type AuthResult,
   type OAuthClientProvider,
 } from './oauth';
 import { LATEST_PROTOCOL_VERSION } from './types';
@@ -37,6 +38,7 @@ export class HttpMCPTransport implements MCPTransport {
   private inboundSseConnection?: { close: () => void };
   private redirectMode: RequestRedirect;
   private fetchFn: FetchFunction;
+  private authPromise?: Promise<AuthResult>;
   // Inbound SSE resumption and reconnection state
   private lastInboundEventId?: string;
@@ -100,6 +102,27 @@ export class HttpMCPTransport implements MCPTransport {
     );
   }
+  /**
+   * Runs a single OAuth recovery flow for concurrent 401 responses.
+   */
+  private authorizeOnce(resourceMetadataUrl?: URL): Promise<AuthResult> {
+    if (!this.authProvider) {
+      return Promise.resolve('REDIRECT');
+    }
+    if (!this.authPromise) {
+      this.authPromise = auth(this.authProvider, {
+        serverUrl: this.url,
+        resourceMetadataUrl,
+        fetchFn: this.fetchFn,
+      }).finally(() => {
+        this.authPromise = undefined;
+      });
+    }
+    return this.authPromise;
+  }
   async start(): Promise<void> {
     if (this.abortController) {
       throw new MCPClientError({
@@ -160,11 +183,7 @@ export class HttpMCPTransport implements MCPTransport {
         if (response.status === 401 && this.authProvider && !triedAuth) {
           this.resourceMetadataUrl = extractResourceMetadataUrl(response);
           try {
-            const result = await auth(this.authProvider, {
-              serverUrl: this.url,
-              resourceMetadataUrl: this.resourceMetadataUrl,
-              fetchFn: this.fetchFn,
-            });
+            const result = await this.authorizeOnce(this.resourceMetadataUrl);
             if (result !== 'AUTHORIZED') {
               const error = new UnauthorizedError();
               throw error;
@@ -340,11 +359,7 @@ export class HttpMCPTransport implements MCPTransport {
       if (response.status === 401 && this.authProvider && !triedAuth) {
         this.resourceMetadataUrl = extractResourceMetadataUrl(response);
         try {
-          const result = await auth(this.authProvider, {
-            serverUrl: this.url,
-            resourceMetadataUrl: this.resourceMetadataUrl,
-            fetchFn: this.fetchFn,
-          });
+          const result = await this.authorizeOnce(this.resourceMetadataUrl);
           if (result !== 'AUTHORIZED') {
             const error = new UnauthorizedError();
             this.onerror?.(error);