npm - @cyanheads/mcp-ts-core - Versions diffs - 0.1.0-beta.12 - Mend

@cyanheads/mcp-ts-core 0.1.0-beta.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (485) hide show

package/CLAUDE.md +583 -0
package/LICENSE +201 -0
package/README.md +287 -0
package/biome.json +103 -0
package/dist/app.d.ts +82 -0
package/dist/app.d.ts.map +1 -0
package/dist/app.js +222 -0
package/dist/app.js.map +1 -0
package/dist/cli/init.d.ts +8 -0
package/dist/cli/init.d.ts.map +1 -0
package/dist/cli/init.js +161 -0
package/dist/cli/init.js.map +1 -0
package/dist/config/index.d.ts +349 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +464 -0
package/dist/config/index.js.map +1 -0
package/dist/context.d.ts +119 -0
package/dist/context.d.ts.map +1 -0
package/dist/context.js +144 -0
package/dist/context.js.map +1 -0
package/dist/index.d.ts +8 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +9 -0
package/dist/index.js.map +1 -0
package/dist/mcp-server/prompts/prompt-registration.d.ts +33 -0
package/dist/mcp-server/prompts/prompt-registration.d.ts.map +1 -0
package/dist/mcp-server/prompts/prompt-registration.js +91 -0
package/dist/mcp-server/prompts/prompt-registration.js.map +1 -0
package/dist/mcp-server/prompts/utils/newPromptDefinition.d.ts +49 -0
package/dist/mcp-server/prompts/utils/newPromptDefinition.d.ts.map +1 -0
package/dist/mcp-server/prompts/utils/newPromptDefinition.js +39 -0
package/dist/mcp-server/prompts/utils/newPromptDefinition.js.map +1 -0
package/dist/mcp-server/prompts/utils/promptDefinition.d.ts +37 -0
package/dist/mcp-server/prompts/utils/promptDefinition.d.ts.map +1 -0
package/dist/mcp-server/prompts/utils/promptDefinition.js +2 -0
package/dist/mcp-server/prompts/utils/promptDefinition.js.map +1 -0
package/dist/mcp-server/resources/resource-registration.d.ts +27 -0
package/dist/mcp-server/resources/resource-registration.d.ts.map +1 -0
package/dist/mcp-server/resources/resource-registration.js +85 -0
package/dist/mcp-server/resources/resource-registration.js.map +1 -0
package/dist/mcp-server/resources/utils/newResourceDefinition.d.ts +84 -0
package/dist/mcp-server/resources/utils/newResourceDefinition.d.ts.map +1 -0
package/dist/mcp-server/resources/utils/newResourceDefinition.js +40 -0
package/dist/mcp-server/resources/utils/newResourceDefinition.js.map +1 -0
package/dist/mcp-server/resources/utils/newResourceHandlerFactory.d.ts +32 -0
package/dist/mcp-server/resources/utils/newResourceHandlerFactory.d.ts.map +1 -0
package/dist/mcp-server/resources/utils/newResourceHandlerFactory.js +103 -0
package/dist/mcp-server/resources/utils/newResourceHandlerFactory.js.map +1 -0
package/dist/mcp-server/resources/utils/resourceDefinition.d.ts +94 -0
package/dist/mcp-server/resources/utils/resourceDefinition.d.ts.map +1 -0
package/dist/mcp-server/resources/utils/resourceDefinition.js +2 -0
package/dist/mcp-server/resources/utils/resourceDefinition.js.map +1 -0
package/dist/mcp-server/resources/utils/resourceHandlerFactory.d.ts +14 -0
package/dist/mcp-server/resources/utils/resourceHandlerFactory.d.ts.map +1 -0
package/dist/mcp-server/resources/utils/resourceHandlerFactory.js +111 -0
package/dist/mcp-server/resources/utils/resourceHandlerFactory.js.map +1 -0
package/dist/mcp-server/roots/roots-registration.d.ts +22 -0
package/dist/mcp-server/roots/roots-registration.d.ts.map +1 -0
package/dist/mcp-server/roots/roots-registration.js +25 -0
package/dist/mcp-server/roots/roots-registration.js.map +1 -0
package/dist/mcp-server/server.d.ts +34 -0
package/dist/mcp-server/server.d.ts.map +1 -0
package/dist/mcp-server/server.js +62 -0
package/dist/mcp-server/server.js.map +1 -0
package/dist/mcp-server/tasks/core/sessionAwareTaskStore.d.ts +42 -0
package/dist/mcp-server/tasks/core/sessionAwareTaskStore.d.ts.map +1 -0
package/dist/mcp-server/tasks/core/sessionAwareTaskStore.js +70 -0
package/dist/mcp-server/tasks/core/sessionAwareTaskStore.js.map +1 -0
package/dist/mcp-server/tasks/core/storageBackedTaskStore.d.ts +109 -0
package/dist/mcp-server/tasks/core/storageBackedTaskStore.d.ts.map +1 -0
package/dist/mcp-server/tasks/core/storageBackedTaskStore.js +209 -0
package/dist/mcp-server/tasks/core/storageBackedTaskStore.js.map +1 -0
package/dist/mcp-server/tasks/core/taskManager.d.ts +103 -0
package/dist/mcp-server/tasks/core/taskManager.d.ts.map +1 -0
package/dist/mcp-server/tasks/core/taskManager.js +144 -0
package/dist/mcp-server/tasks/core/taskManager.js.map +1 -0
package/dist/mcp-server/tasks/core/taskTypes.d.ts +11 -0
package/dist/mcp-server/tasks/core/taskTypes.d.ts.map +1 -0
package/dist/mcp-server/tasks/core/taskTypes.js +13 -0
package/dist/mcp-server/tasks/core/taskTypes.js.map +1 -0
package/dist/mcp-server/tasks/utils/taskToolDefinition.d.ts +108 -0
package/dist/mcp-server/tasks/utils/taskToolDefinition.d.ts.map +1 -0
package/dist/mcp-server/tasks/utils/taskToolDefinition.js +14 -0
package/dist/mcp-server/tasks/utils/taskToolDefinition.js.map +1 -0
package/dist/mcp-server/tools/tool-registration.d.ts +49 -0
package/dist/mcp-server/tools/tool-registration.d.ts.map +1 -0
package/dist/mcp-server/tools/tool-registration.js +269 -0
package/dist/mcp-server/tools/tool-registration.js.map +1 -0
package/dist/mcp-server/tools/utils/newToolDefinition.d.ts +73 -0
package/dist/mcp-server/tools/utils/newToolDefinition.d.ts.map +1 -0
package/dist/mcp-server/tools/utils/newToolDefinition.js +45 -0
package/dist/mcp-server/tools/utils/newToolDefinition.js.map +1 -0
package/dist/mcp-server/tools/utils/newToolHandlerFactory.d.ts +33 -0
package/dist/mcp-server/tools/utils/newToolHandlerFactory.d.ts.map +1 -0
package/dist/mcp-server/tools/utils/newToolHandlerFactory.js +107 -0
package/dist/mcp-server/tools/utils/newToolHandlerFactory.js.map +1 -0
package/dist/mcp-server/tools/utils/toolDefinition.d.ts +118 -0
package/dist/mcp-server/tools/utils/toolDefinition.d.ts.map +1 -0
package/dist/mcp-server/tools/utils/toolDefinition.js +2 -0
package/dist/mcp-server/tools/utils/toolDefinition.js.map +1 -0
package/dist/mcp-server/tools/utils/toolHandlerFactory.d.ts +34 -0
package/dist/mcp-server/tools/utils/toolHandlerFactory.d.ts.map +1 -0
package/dist/mcp-server/tools/utils/toolHandlerFactory.js +68 -0
package/dist/mcp-server/tools/utils/toolHandlerFactory.js.map +1 -0
package/dist/mcp-server/transports/ITransport.d.ts +15 -0
package/dist/mcp-server/transports/ITransport.d.ts.map +1 -0
package/dist/mcp-server/transports/ITransport.js +2 -0
package/dist/mcp-server/transports/ITransport.js.map +1 -0
package/dist/mcp-server/transports/auth/authFactory.d.ts +11 -0
package/dist/mcp-server/transports/auth/authFactory.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/authFactory.js +43 -0
package/dist/mcp-server/transports/auth/authFactory.js.map +1 -0
package/dist/mcp-server/transports/auth/authMiddleware.d.ts +24 -0
package/dist/mcp-server/transports/auth/authMiddleware.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/authMiddleware.js +69 -0
package/dist/mcp-server/transports/auth/authMiddleware.js.map +1 -0
package/dist/mcp-server/transports/auth/lib/authContext.d.ts +34 -0
package/dist/mcp-server/transports/auth/lib/authContext.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/lib/authContext.js +25 -0
package/dist/mcp-server/transports/auth/lib/authContext.js.map +1 -0
package/dist/mcp-server/transports/auth/lib/authTypes.d.ts +19 -0
package/dist/mcp-server/transports/auth/lib/authTypes.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/lib/authTypes.js +2 -0
package/dist/mcp-server/transports/auth/lib/authTypes.js.map +1 -0
package/dist/mcp-server/transports/auth/lib/authUtils.d.ts +18 -0
package/dist/mcp-server/transports/auth/lib/authUtils.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/lib/authUtils.js +64 -0
package/dist/mcp-server/transports/auth/lib/authUtils.js.map +1 -0
package/dist/mcp-server/transports/auth/lib/checkScopes.d.ts +25 -0
package/dist/mcp-server/transports/auth/lib/checkScopes.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/lib/checkScopes.js +34 -0
package/dist/mcp-server/transports/auth/lib/checkScopes.js.map +1 -0
package/dist/mcp-server/transports/auth/lib/claimParser.d.ts +34 -0
package/dist/mcp-server/transports/auth/lib/claimParser.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/lib/claimParser.js +58 -0
package/dist/mcp-server/transports/auth/lib/claimParser.js.map +1 -0
package/dist/mcp-server/transports/auth/lib/withAuth.d.ts +25 -0
package/dist/mcp-server/transports/auth/lib/withAuth.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/lib/withAuth.js +30 -0
package/dist/mcp-server/transports/auth/lib/withAuth.js.map +1 -0
package/dist/mcp-server/transports/auth/strategies/authStrategy.d.ts +18 -0
package/dist/mcp-server/transports/auth/strategies/authStrategy.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/strategies/authStrategy.js +2 -0
package/dist/mcp-server/transports/auth/strategies/authStrategy.js.map +1 -0
package/dist/mcp-server/transports/auth/strategies/jwtStrategy.d.ts +14 -0
package/dist/mcp-server/transports/auth/strategies/jwtStrategy.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/strategies/jwtStrategy.js +86 -0
package/dist/mcp-server/transports/auth/strategies/jwtStrategy.js.map +1 -0
package/dist/mcp-server/transports/auth/strategies/oauthStrategy.d.ts +14 -0
package/dist/mcp-server/transports/auth/strategies/oauthStrategy.d.ts.map +1 -0
package/dist/mcp-server/transports/auth/strategies/oauthStrategy.js +113 -0
package/dist/mcp-server/transports/auth/strategies/oauthStrategy.js.map +1 -0
package/dist/mcp-server/transports/http/httpErrorHandler.d.ts +25 -0
package/dist/mcp-server/transports/http/httpErrorHandler.d.ts.map +1 -0
package/dist/mcp-server/transports/http/httpErrorHandler.js +112 -0
package/dist/mcp-server/transports/http/httpErrorHandler.js.map +1 -0
package/dist/mcp-server/transports/http/httpTransport.d.ts +47 -0
package/dist/mcp-server/transports/http/httpTransport.d.ts.map +1 -0
package/dist/mcp-server/transports/http/httpTransport.js +396 -0
package/dist/mcp-server/transports/http/httpTransport.js.map +1 -0
package/dist/mcp-server/transports/http/httpTypes.d.ts +17 -0
package/dist/mcp-server/transports/http/httpTypes.d.ts.map +1 -0
package/dist/mcp-server/transports/http/httpTypes.js +2 -0
package/dist/mcp-server/transports/http/httpTypes.js.map +1 -0
package/dist/mcp-server/transports/http/protectedResourceMetadata.d.ts +21 -0
package/dist/mcp-server/transports/http/protectedResourceMetadata.d.ts.map +1 -0
package/dist/mcp-server/transports/http/protectedResourceMetadata.js +44 -0
package/dist/mcp-server/transports/http/protectedResourceMetadata.js.map +1 -0
package/dist/mcp-server/transports/http/sessionIdUtils.d.ts +33 -0
package/dist/mcp-server/transports/http/sessionIdUtils.d.ts.map +1 -0
package/dist/mcp-server/transports/http/sessionIdUtils.js +54 -0
package/dist/mcp-server/transports/http/sessionIdUtils.js.map +1 -0
package/dist/mcp-server/transports/http/sessionStore.d.ts +87 -0
package/dist/mcp-server/transports/http/sessionStore.d.ts.map +1 -0
package/dist/mcp-server/transports/http/sessionStore.js +209 -0
package/dist/mcp-server/transports/http/sessionStore.js.map +1 -0
package/dist/mcp-server/transports/manager.d.ts +22 -0
package/dist/mcp-server/transports/manager.d.ts.map +1 -0
package/dist/mcp-server/transports/manager.js +62 -0
package/dist/mcp-server/transports/manager.js.map +1 -0
package/dist/mcp-server/transports/stdio/stdioTransport.d.ts +44 -0
package/dist/mcp-server/transports/stdio/stdioTransport.d.ts.map +1 -0
package/dist/mcp-server/transports/stdio/stdioTransport.js +63 -0
package/dist/mcp-server/transports/stdio/stdioTransport.js.map +1 -0
package/dist/services/graph/core/GraphService.d.ts +205 -0
package/dist/services/graph/core/GraphService.d.ts.map +1 -0
package/dist/services/graph/core/GraphService.js +231 -0
package/dist/services/graph/core/GraphService.js.map +1 -0
package/dist/services/graph/core/IGraphProvider.d.ts +295 -0
package/dist/services/graph/core/IGraphProvider.d.ts.map +1 -0
package/dist/services/graph/core/IGraphProvider.js +8 -0
package/dist/services/graph/core/IGraphProvider.js.map +1 -0
package/dist/services/graph/types.d.ts +107 -0
package/dist/services/graph/types.d.ts.map +1 -0
package/dist/services/graph/types.js +8 -0
package/dist/services/graph/types.js.map +1 -0
package/dist/services/llm/core/ILlmProvider.d.ts +86 -0
package/dist/services/llm/core/ILlmProvider.d.ts.map +1 -0
package/dist/services/llm/core/ILlmProvider.js +2 -0
package/dist/services/llm/core/ILlmProvider.js.map +1 -0
package/dist/services/llm/providers/openrouter.provider.d.ts +187 -0
package/dist/services/llm/providers/openrouter.provider.d.ts.map +1 -0
package/dist/services/llm/providers/openrouter.provider.js +302 -0
package/dist/services/llm/providers/openrouter.provider.js.map +1 -0
package/dist/services/llm/types.d.ts +16 -0
package/dist/services/llm/types.d.ts.map +1 -0
package/dist/services/llm/types.js +9 -0
package/dist/services/llm/types.js.map +1 -0
package/dist/services/speech/core/ISpeechProvider.d.ts +92 -0
package/dist/services/speech/core/ISpeechProvider.d.ts.map +1 -0
package/dist/services/speech/core/ISpeechProvider.js +34 -0
package/dist/services/speech/core/ISpeechProvider.js.map +1 -0
package/dist/services/speech/core/SpeechService.d.ts +87 -0
package/dist/services/speech/core/SpeechService.d.ts.map +1 -0
package/dist/services/speech/core/SpeechService.js +135 -0
package/dist/services/speech/core/SpeechService.js.map +1 -0
package/dist/services/speech/providers/elevenlabs.provider.d.ts +77 -0
package/dist/services/speech/providers/elevenlabs.provider.d.ts.map +1 -0
package/dist/services/speech/providers/elevenlabs.provider.js +199 -0
package/dist/services/speech/providers/elevenlabs.provider.js.map +1 -0
package/dist/services/speech/providers/whisper.provider.d.ts +94 -0
package/dist/services/speech/providers/whisper.provider.d.ts.map +1 -0
package/dist/services/speech/providers/whisper.provider.js +240 -0
package/dist/services/speech/providers/whisper.provider.js.map +1 -0
package/dist/services/speech/types.d.ts +173 -0
package/dist/services/speech/types.d.ts.map +1 -0
package/dist/services/speech/types.js +8 -0
package/dist/services/speech/types.js.map +1 -0
package/dist/storage/core/IStorageProvider.d.ts +159 -0
package/dist/storage/core/IStorageProvider.d.ts.map +1 -0
package/dist/storage/core/IStorageProvider.js +2 -0
package/dist/storage/core/IStorageProvider.js.map +1 -0
package/dist/storage/core/StorageService.d.ts +22 -0
package/dist/storage/core/StorageService.d.ts.map +1 -0
package/dist/storage/core/StorageService.js +151 -0
package/dist/storage/core/StorageService.js.map +1 -0
package/dist/storage/core/storageFactory.d.ts +66 -0
package/dist/storage/core/storageFactory.d.ts.map +1 -0
package/dist/storage/core/storageFactory.js +122 -0
package/dist/storage/core/storageFactory.js.map +1 -0
package/dist/storage/core/storageValidation.d.ts +77 -0
package/dist/storage/core/storageValidation.d.ts.map +1 -0
package/dist/storage/core/storageValidation.js +303 -0
package/dist/storage/core/storageValidation.js.map +1 -0
package/dist/storage/providers/cloudflare/d1Provider.d.ts +94 -0
package/dist/storage/providers/cloudflare/d1Provider.d.ts.map +1 -0
package/dist/storage/providers/cloudflare/d1Provider.js +347 -0
package/dist/storage/providers/cloudflare/d1Provider.js.map +1 -0
package/dist/storage/providers/cloudflare/kvProvider.d.ts +21 -0
package/dist/storage/providers/cloudflare/kvProvider.d.ts.map +1 -0
package/dist/storage/providers/cloudflare/kvProvider.js +183 -0
package/dist/storage/providers/cloudflare/kvProvider.js.map +1 -0
package/dist/storage/providers/cloudflare/r2Provider.d.ts +28 -0
package/dist/storage/providers/cloudflare/r2Provider.d.ts.map +1 -0
package/dist/storage/providers/cloudflare/r2Provider.js +222 -0
package/dist/storage/providers/cloudflare/r2Provider.js.map +1 -0
package/dist/storage/providers/fileSystem/fileSystemProvider.d.ts +20 -0
package/dist/storage/providers/fileSystem/fileSystemProvider.d.ts.map +1 -0
package/dist/storage/providers/fileSystem/fileSystemProvider.js +282 -0
package/dist/storage/providers/fileSystem/fileSystemProvider.js.map +1 -0
package/dist/storage/providers/inMemory/inMemoryProvider.d.ts +21 -0
package/dist/storage/providers/inMemory/inMemoryProvider.d.ts.map +1 -0
package/dist/storage/providers/inMemory/inMemoryProvider.js +139 -0
package/dist/storage/providers/inMemory/inMemoryProvider.js.map +1 -0
package/dist/storage/providers/supabase/supabase.types.d.ts +49 -0
package/dist/storage/providers/supabase/supabase.types.d.ts.map +1 -0
package/dist/storage/providers/supabase/supabase.types.js +8 -0
package/dist/storage/providers/supabase/supabase.types.js.map +1 -0
package/dist/storage/providers/supabase/supabaseProvider.d.ts +24 -0
package/dist/storage/providers/supabase/supabaseProvider.d.ts.map +1 -0
package/dist/storage/providers/supabase/supabaseProvider.js +209 -0
package/dist/storage/providers/supabase/supabaseProvider.js.map +1 -0
package/dist/testing/index.d.ts +53 -0
package/dist/testing/index.d.ts.map +1 -0
package/dist/testing/index.js +132 -0
package/dist/testing/index.js.map +1 -0
package/dist/types-global/errors.d.ts +83 -0
package/dist/types-global/errors.d.ts.map +1 -0
package/dist/types-global/errors.js +113 -0
package/dist/types-global/errors.js.map +1 -0
package/dist/utils/formatting/diffFormatter.d.ts +227 -0
package/dist/utils/formatting/diffFormatter.d.ts.map +1 -0
package/dist/utils/formatting/diffFormatter.js +369 -0
package/dist/utils/formatting/diffFormatter.js.map +1 -0
package/dist/utils/formatting/index.d.ts +9 -0
package/dist/utils/formatting/index.d.ts.map +1 -0
package/dist/utils/formatting/index.js +9 -0
package/dist/utils/formatting/index.js.map +1 -0
package/dist/utils/formatting/markdownBuilder.d.ts +543 -0
package/dist/utils/formatting/markdownBuilder.d.ts.map +1 -0
package/dist/utils/formatting/markdownBuilder.js +674 -0
package/dist/utils/formatting/markdownBuilder.js.map +1 -0
package/dist/utils/formatting/tableFormatter.d.ts +261 -0
package/dist/utils/formatting/tableFormatter.d.ts.map +1 -0
package/dist/utils/formatting/tableFormatter.js +456 -0
package/dist/utils/formatting/tableFormatter.js.map +1 -0
package/dist/utils/formatting/treeFormatter.d.ts +344 -0
package/dist/utils/formatting/treeFormatter.d.ts.map +1 -0
package/dist/utils/formatting/treeFormatter.js +400 -0
package/dist/utils/formatting/treeFormatter.js.map +1 -0
package/dist/utils/internal/encoding.d.ts +42 -0
package/dist/utils/internal/encoding.d.ts.map +1 -0
package/dist/utils/internal/encoding.js +87 -0
package/dist/utils/internal/encoding.js.map +1 -0
package/dist/utils/internal/error-handler/errorHandler.d.ts +140 -0
package/dist/utils/internal/error-handler/errorHandler.d.ts.map +1 -0
package/dist/utils/internal/error-handler/errorHandler.js +318 -0
package/dist/utils/internal/error-handler/errorHandler.js.map +1 -0
package/dist/utils/internal/error-handler/helpers.d.ts +98 -0
package/dist/utils/internal/error-handler/helpers.d.ts.map +1 -0
package/dist/utils/internal/error-handler/helpers.js +214 -0
package/dist/utils/internal/error-handler/helpers.js.map +1 -0
package/dist/utils/internal/error-handler/mappings.d.ts +85 -0
package/dist/utils/internal/error-handler/mappings.d.ts.map +1 -0
package/dist/utils/internal/error-handler/mappings.js +234 -0
package/dist/utils/internal/error-handler/mappings.js.map +1 -0
package/dist/utils/internal/error-handler/types.d.ts +160 -0
package/dist/utils/internal/error-handler/types.d.ts.map +1 -0
package/dist/utils/internal/error-handler/types.js +6 -0
package/dist/utils/internal/error-handler/types.js.map +1 -0
package/dist/utils/internal/health.d.ts +60 -0
package/dist/utils/internal/health.d.ts.map +1 -0
package/dist/utils/internal/health.js +46 -0
package/dist/utils/internal/health.js.map +1 -0
package/dist/utils/internal/logger.d.ts +300 -0
package/dist/utils/internal/logger.d.ts.map +1 -0
package/dist/utils/internal/logger.js +573 -0
package/dist/utils/internal/logger.js.map +1 -0
package/dist/utils/internal/performance.d.ts +78 -0
package/dist/utils/internal/performance.d.ts.map +1 -0
package/dist/utils/internal/performance.js +227 -0
package/dist/utils/internal/performance.js.map +1 -0
package/dist/utils/internal/requestContext.d.ts +200 -0
package/dist/utils/internal/requestContext.d.ts.map +1 -0
package/dist/utils/internal/requestContext.js +163 -0
package/dist/utils/internal/requestContext.js.map +1 -0
package/dist/utils/internal/runtime.d.ts +49 -0
package/dist/utils/internal/runtime.d.ts.map +1 -0
package/dist/utils/internal/runtime.js +90 -0
package/dist/utils/internal/runtime.js.map +1 -0
package/dist/utils/internal/startupBanner.d.ts +23 -0
package/dist/utils/internal/startupBanner.d.ts.map +1 -0
package/dist/utils/internal/startupBanner.js +34 -0
package/dist/utils/internal/startupBanner.js.map +1 -0
package/dist/utils/metrics/tokenCounter.d.ts +97 -0
package/dist/utils/metrics/tokenCounter.d.ts.map +1 -0
package/dist/utils/metrics/tokenCounter.js +162 -0
package/dist/utils/metrics/tokenCounter.js.map +1 -0
package/dist/utils/network/fetchWithTimeout.d.ts +91 -0
package/dist/utils/network/fetchWithTimeout.d.ts.map +1 -0
package/dist/utils/network/fetchWithTimeout.js +305 -0
package/dist/utils/network/fetchWithTimeout.js.map +1 -0
package/dist/utils/pagination/pagination.d.ts +157 -0
package/dist/utils/pagination/pagination.d.ts.map +1 -0
package/dist/utils/pagination/pagination.js +191 -0
package/dist/utils/pagination/pagination.js.map +1 -0
package/dist/utils/parsing/csvParser.d.ts +84 -0
package/dist/utils/parsing/csvParser.d.ts.map +1 -0
package/dist/utils/parsing/csvParser.js +132 -0
package/dist/utils/parsing/csvParser.js.map +1 -0
package/dist/utils/parsing/dateParser.d.ts +103 -0
package/dist/utils/parsing/dateParser.d.ts.map +1 -0
package/dist/utils/parsing/dateParser.js +142 -0
package/dist/utils/parsing/dateParser.js.map +1 -0
package/dist/utils/parsing/frontmatterParser.d.ts +91 -0
package/dist/utils/parsing/frontmatterParser.d.ts.map +1 -0
package/dist/utils/parsing/frontmatterParser.js +163 -0
package/dist/utils/parsing/frontmatterParser.js.map +1 -0
package/dist/utils/parsing/index.d.ts +15 -0
package/dist/utils/parsing/index.d.ts.map +1 -0
package/dist/utils/parsing/index.js +15 -0
package/dist/utils/parsing/index.js.map +1 -0
package/dist/utils/parsing/jsonParser.d.ts +115 -0
package/dist/utils/parsing/jsonParser.d.ts.map +1 -0
package/dist/utils/parsing/jsonParser.js +177 -0
package/dist/utils/parsing/jsonParser.js.map +1 -0
package/dist/utils/parsing/pdfParser.d.ts +563 -0
package/dist/utils/parsing/pdfParser.d.ts.map +1 -0
package/dist/utils/parsing/pdfParser.js +775 -0
package/dist/utils/parsing/pdfParser.js.map +1 -0
package/dist/utils/parsing/thinkBlock.d.ts +31 -0
package/dist/utils/parsing/thinkBlock.d.ts.map +1 -0
package/dist/utils/parsing/thinkBlock.js +31 -0
package/dist/utils/parsing/thinkBlock.js.map +1 -0
package/dist/utils/parsing/xmlParser.d.ts +69 -0
package/dist/utils/parsing/xmlParser.d.ts.map +1 -0
package/dist/utils/parsing/xmlParser.js +140 -0
package/dist/utils/parsing/xmlParser.js.map +1 -0
package/dist/utils/parsing/yamlParser.d.ts +64 -0
package/dist/utils/parsing/yamlParser.d.ts.map +1 -0
package/dist/utils/parsing/yamlParser.js +129 -0
package/dist/utils/parsing/yamlParser.js.map +1 -0
package/dist/utils/scheduling/scheduler.d.ts +174 -0
package/dist/utils/scheduling/scheduler.d.ts.map +1 -0
package/dist/utils/scheduling/scheduler.js +248 -0
package/dist/utils/scheduling/scheduler.js.map +1 -0
package/dist/utils/security/idGenerator.d.ts +189 -0
package/dist/utils/security/idGenerator.d.ts.map +1 -0
package/dist/utils/security/idGenerator.js +301 -0
package/dist/utils/security/idGenerator.js.map +1 -0
package/dist/utils/security/index.d.ts +8 -0
package/dist/utils/security/index.d.ts.map +1 -0
package/dist/utils/security/index.js +8 -0
package/dist/utils/security/index.js.map +1 -0
package/dist/utils/security/rateLimiter.d.ts +171 -0
package/dist/utils/security/rateLimiter.d.ts.map +1 -0
package/dist/utils/security/rateLimiter.js +294 -0
package/dist/utils/security/rateLimiter.js.map +1 -0
package/dist/utils/security/sanitization.d.ts +430 -0
package/dist/utils/security/sanitization.d.ts.map +1 -0
package/dist/utils/security/sanitization.js +759 -0
package/dist/utils/security/sanitization.js.map +1 -0
package/dist/utils/telemetry/index.d.ts +12 -0
package/dist/utils/telemetry/index.d.ts.map +1 -0
package/dist/utils/telemetry/index.js +12 -0
package/dist/utils/telemetry/index.js.map +1 -0
package/dist/utils/telemetry/instrumentation.d.ts +62 -0
package/dist/utils/telemetry/instrumentation.d.ts.map +1 -0
package/dist/utils/telemetry/instrumentation.js +223 -0
package/dist/utils/telemetry/instrumentation.js.map +1 -0
package/dist/utils/telemetry/metrics.d.ts +170 -0
package/dist/utils/telemetry/metrics.d.ts.map +1 -0
package/dist/utils/telemetry/metrics.js +205 -0
package/dist/utils/telemetry/metrics.js.map +1 -0
package/dist/utils/telemetry/semconv.d.ts +147 -0
package/dist/utils/telemetry/semconv.d.ts.map +1 -0
package/dist/utils/telemetry/semconv.js +159 -0
package/dist/utils/telemetry/semconv.js.map +1 -0
package/dist/utils/telemetry/trace.d.ts +141 -0
package/dist/utils/telemetry/trace.d.ts.map +1 -0
package/dist/utils/telemetry/trace.js +193 -0
package/dist/utils/telemetry/trace.js.map +1 -0
package/dist/utils/types/guards.d.ts +209 -0
package/dist/utils/types/guards.d.ts.map +1 -0
package/dist/utils/types/guards.js +229 -0
package/dist/utils/types/guards.js.map +1 -0
package/dist/utils/types/index.d.ts +6 -0
package/dist/utils/types/index.d.ts.map +1 -0
package/dist/utils/types/index.js +6 -0
package/dist/utils/types/index.js.map +1 -0
package/dist/worker.d.ts +59 -0
package/dist/worker.d.ts.map +1 -0
package/dist/worker.js +216 -0
package/dist/worker.js.map +1 -0
package/package.json +377 -0
package/skills/README.md +38 -0
package/skills/add-export/SKILL.md +49 -0
package/skills/add-prompt/SKILL.md +97 -0
package/skills/add-provider/SKILL.md +53 -0
package/skills/add-resource/SKILL.md +107 -0
package/skills/add-service/SKILL.md +113 -0
package/skills/add-tool/SKILL.md +110 -0
package/skills/api-auth/SKILL.md +173 -0
package/skills/api-config/SKILL.md +68 -0
package/skills/api-context/SKILL.md +321 -0
package/skills/api-errors/SKILL.md +146 -0
package/skills/api-services/SKILL.md +24 -0
package/skills/api-services/references/graph.md +124 -0
package/skills/api-services/references/llm.md +46 -0
package/skills/api-services/references/speech.md +72 -0
package/skills/api-testing/SKILL.md +263 -0
package/skills/api-utils/SKILL.md +106 -0
package/skills/api-utils/references/formatting.md +237 -0
package/skills/api-utils/references/parsing.md +263 -0
package/skills/api-utils/references/security.md +226 -0
package/skills/api-workers/SKILL.md +165 -0
package/skills/devcheck/SKILL.md +31 -0
package/skills/maintenance/SKILL.md +52 -0
package/skills/migrate-mcp-ts-template/SKILL.md +131 -0
package/skills/release/SKILL.md +67 -0
package/skills/setup/SKILL.md +89 -0
package/skills/walkthrough-init/SKILL.md +50 -0
package/templates/.env.example +17 -0
package/templates/AGENTS.md +113 -0
package/templates/CLAUDE.md +113 -0
package/templates/_tsconfig.json +33 -0
package/templates/biome.template.json +43 -0
package/templates/package.json +26 -0
package/templates/src/index.ts +16 -0
package/templates/src/mcp-server/prompts/definitions/echo.prompt.ts +19 -0
package/templates/src/mcp-server/resources/definitions/echo.resource.ts +30 -0
package/templates/src/mcp-server/tools/definitions/echo.tool.ts +24 -0
package/templates/vitest.config.ts +12 -0
package/tsconfig.base.json +44 -0
package/vitest.config.base.ts +38 -0

package/dist/mcp-server/transports/http/httpTransport.js ADDED Viewed

@@ -0,0 +1,396 @@
+/**
+ * @fileoverview Configures and starts the HTTP MCP transport using Hono.
+ * This implementation uses the official @hono/mcp package for a fully
+ * web-standard, platform-agnostic transport layer.
+ *
+ * Implements MCP Specification 2025-06-18 Streamable HTTP Transport.
+ * @see {@link https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#streamable-http | MCP Streamable HTTP Transport}
+ * @module src/mcp-server/transports/http/httpTransport
+ */
+import http from 'node:http';
+import { StreamableHTTPTransport } from '@hono/mcp';
+import { serve } from '@hono/node-server';
+import { SUPPORTED_PROTOCOL_VERSIONS } from '@modelcontextprotocol/sdk/types.js';
+import { Hono } from 'hono';
+import { cors } from 'hono/cors';
+import { config } from '../../../config/index.js';
+import { createAuthStrategy } from '../../../mcp-server/transports/auth/authFactory.js';
+import { createAuthMiddleware } from '../../../mcp-server/transports/auth/authMiddleware.js';
+import { authContext } from '../../../mcp-server/transports/auth/lib/authContext.js';
+import { httpErrorHandler } from '../../../mcp-server/transports/http/httpErrorHandler.js';
+import { protectedResourceMetadataHandler } from '../../../mcp-server/transports/http/protectedResourceMetadata.js';
+import { generateSecureSessionId } from '../../../mcp-server/transports/http/sessionIdUtils.js';
+import { SessionStore } from '../../../mcp-server/transports/http/sessionStore.js';
+import { JsonRpcErrorCode, McpError } from '../../../types-global/errors.js';
+import { logger } from '../../../utils/internal/logger.js';
+import { logStartupBanner } from '../../../utils/internal/startupBanner.js';
+import { createObservableGauge } from '../../../utils/telemetry/metrics.js';
+/**
+ * Extends the base StreamableHTTPTransport to include a session ID.
+ */
+class McpSessionTransport extends StreamableHTTPTransport {
+    sessionId;
+    constructor(sessionId) {
+        super();
+        this.sessionId = sessionId;
+    }
+}
+/**
+ * Creates a Hono HTTP application for the MCP server.
+ *
+ * This function is generic and can create apps with different binding types:
+ * - Node.js environments use HonoNodeBindings (default)
+ * - Cloudflare Workers use CloudflareBindings
+ *
+ * The function itself doesn't access bindings; they're only used at runtime
+ * when the app processes requests in its specific environment.
+ *
+ * @template TBindings - The Hono binding type (must extend object, defaults to HonoNodeBindings for Node.js)
+ * @param mcpServer - The MCP server instance
+ * @param parentContext - Parent request context for logging
+ * @returns Configured Hono application with the specified binding type
+ */
+export async function createHttpApp(serverFactory, parentContext) {
+    const app = new Hono();
+    const transportContext = {
+        ...parentContext,
+        component: 'HttpTransportSetup',
+    };
+    // Initialize session store for stateful mode
+    const sessionStore = config.mcpSessionMode === 'stateful'
+        ? new SessionStore(config.mcpStatefulSessionStaleTimeoutMs)
+        : null;
+    // Wire session count to OTel observable gauge for durable metrics
+    if (sessionStore && config.openTelemetry.enabled) {
+        createObservableGauge('mcp.sessions.active', 'Number of active MCP sessions', () => sessionStore.getSessionCount(), '{sessions}');
+    }
+    // OpenTelemetry request tracing — outermost middleware on the MCP endpoint
+    // so the span captures the full lifecycle (CORS, auth, handler).
+    // On Bun, Node.js HTTP auto-instrumentation is a no-op; this fills that gap.
+    // @hono/otel is a Tier 3 optional peer — lazy import inside the guard.
+    if (config.openTelemetry.enabled) {
+        const { httpInstrumentationMiddleware } = await import('@hono/otel').catch(() => {
+            throw new McpError(JsonRpcErrorCode.ConfigurationError, 'Install "@hono/otel" to use OpenTelemetry HTTP instrumentation: bun add @hono/otel');
+        });
+        app.use(config.mcpHttpEndpointPath, httpInstrumentationMiddleware({
+            captureRequestHeaders: ['mcp-session-id'],
+        }));
+        logger.debug('OTel request tracing middleware enabled for MCP endpoint.', transportContext);
+    }
+    // CORS (with permissive fallback)
+    const allowedOrigin = Array.isArray(config.mcpAllowedOrigins) && config.mcpAllowedOrigins.length > 0
+        ? config.mcpAllowedOrigins
+        : '*';
+    if (allowedOrigin === '*') {
+        logger.warning('CORS origin set to wildcard (*). Set MCP_ALLOWED_ORIGINS for production deployments.', transportContext);
+    }
+    // Per Fetch spec, Access-Control-Allow-Origin: * with
+    // Access-Control-Allow-Credentials: true is invalid — browsers reject the
+    // preflight. Only enable credentials when origin is explicitly configured.
+    app.use('*', cors({
+        origin: allowedOrigin,
+        allowMethods: ['GET', 'POST', 'DELETE', 'OPTIONS'],
+        allowHeaders: ['Content-Type', 'Authorization', 'Mcp-Session-Id', 'MCP-Protocol-Version'],
+        exposeHeaders: ['Mcp-Session-Id'],
+        ...(allowedOrigin !== '*' && { credentials: true }),
+    }));
+    // Centralized error handling
+    app.onError(httpErrorHandler);
+    // MCP Spec 2025-06-18: Origin header validation for DNS rebinding protection
+    // https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#security-warning
+    app.use(config.mcpHttpEndpointPath, async (c, next) => {
+        const origin = c.req.header('origin');
+        if (origin) {
+            const isAllowed = allowedOrigin === '*' || (Array.isArray(allowedOrigin) && allowedOrigin.includes(origin));
+            if (!isAllowed) {
+                logger.warning('Rejected request with invalid Origin header', {
+                    ...transportContext,
+                    origin,
+                    allowedOrigins: allowedOrigin,
+                });
+                return c.json({ error: 'Invalid origin. DNS rebinding protection.' }, 403);
+            }
+        }
+        // Origin is valid or not present, continue
+        return await next();
+    });
+    // Health and GET /mcp status remain unprotected for convenience
+    app.get('/healthz', (c) => c.json({ status: 'ok' }));
+    // RFC 9728 Protected Resource Metadata — always mounted, unauthenticated
+    // https://datatracker.ietf.org/doc/html/rfc9728
+    app.get('/.well-known/oauth-protected-resource', protectedResourceMetadataHandler);
+    // MCP Spec 2025-06-18: GET with Accept: text/event-stream opens an SSE stream
+    // for server-initiated messages. Plain GET (browser, health check) returns info.
+    app.get(config.mcpHttpEndpointPath, (c, next) => {
+        if (c.req.header('accept')?.includes('text/event-stream')) {
+            return next(); // Fall through to transport handler for SSE
+        }
+        return c.json({
+            status: 'ok',
+            server: {
+                name: config.mcpServerName,
+                version: config.mcpServerVersion,
+                description: config.mcpServerDescription,
+                environment: config.environment,
+                transport: config.mcpTransportType,
+                sessionMode: config.mcpSessionMode,
+            },
+        });
+    });
+    // Create auth strategy and middleware if auth is enabled
+    // IMPORTANT: Auth middleware must be registered BEFORE route handlers
+    // so Hono applies it to all subsequent routes on this path.
+    const authStrategy = createAuthStrategy();
+    if (authStrategy) {
+        const authMiddleware = createAuthMiddleware(authStrategy);
+        app.use(config.mcpHttpEndpointPath, authMiddleware);
+        logger.info('Authentication middleware enabled for MCP endpoint.', transportContext);
+    }
+    else {
+        logger.info('Authentication is disabled; MCP endpoint is unprotected.', transportContext);
+    }
+    // MCP Spec 2025-06-18: DELETE endpoint for session termination
+    // Clients SHOULD send DELETE to explicitly terminate sessions
+    // https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#session-management
+    app.delete(config.mcpHttpEndpointPath, (c) => {
+        const sessionId = c.req.header('mcp-session-id');
+        if (!sessionId) {
+            logger.warning('DELETE request without session ID', transportContext);
+            return c.json({ error: 'Mcp-Session-Id header required' }, 400);
+        }
+        logger.info('Session termination requested', {
+            ...transportContext,
+            sessionId,
+        });
+        // For stateless mode or if session management is disabled, return 405
+        if (config.mcpSessionMode === 'stateless' || !sessionStore) {
+            return c.json({ error: 'Session termination not supported in stateless mode' }, 405);
+        }
+        // SECURITY: Validate session ownership before termination
+        const authInfo = authContext.getStore()?.authInfo;
+        const sessionIdentity = authInfo
+            ? Object.fromEntries(Object.entries({
+                tenantId: authInfo.tenantId,
+                clientId: authInfo.clientId,
+                subject: authInfo.subject,
+            }).filter(([, v]) => v != null))
+            : undefined;
+        if (!sessionStore.isValidForIdentity(sessionId, sessionIdentity)) {
+            logger.warning('Session termination rejected - ownership validation failed', {
+                ...transportContext,
+                sessionId,
+                requestTenant: sessionIdentity?.tenantId,
+                requestClient: sessionIdentity?.clientId,
+            });
+            return c.json({ error: 'Session not found or access denied' }, 404);
+        }
+        // Terminate the session in the store
+        sessionStore.terminate(sessionId);
+        logger.info('Session terminated successfully', {
+            ...transportContext,
+            sessionId,
+        });
+        return c.json({ status: 'terminated', sessionId }, 200);
+    });
+    // JSON-RPC over HTTP (Streamable)
+    app.all(config.mcpHttpEndpointPath, async (c) => {
+        const protocolVersion = c.req.header('mcp-protocol-version') ?? '2025-03-26';
+        logger.debug('Handling MCP request.', {
+            ...transportContext,
+            path: c.req.path,
+            method: c.req.method,
+            protocolVersion,
+        });
+        // Per MCP Spec 2025-06-18: MCP-Protocol-Version header MUST be validated
+        // Server MUST respond with 400 Bad Request for unsupported versions
+        // We default to 2025-03-26 for backward compatibility if not provided
+        const supportedVersions = SUPPORTED_PROTOCOL_VERSIONS;
+        if (!supportedVersions.includes(protocolVersion)) {
+            logger.warning('Unsupported MCP protocol version requested.', {
+                ...transportContext,
+                protocolVersion,
+                supportedVersions,
+            });
+            return c.json({
+                error: 'Unsupported MCP protocol version',
+                protocolVersion,
+                supportedVersions,
+            }, 400);
+        }
+        const providedSessionId = c.req.header('mcp-session-id');
+        // Extract identity from auth context (if auth is enabled)
+        // This MUST happen before session validation for security
+        const authInfo = authContext.getStore()?.authInfo;
+        const sessionIdentity = authInfo
+            ? Object.fromEntries(Object.entries({
+                tenantId: authInfo.tenantId,
+                clientId: authInfo.clientId,
+                subject: authInfo.subject,
+            }).filter(([, v]) => v != null))
+            : undefined;
+        // MCP Spec 2025-06-18: Return 404 for invalid/terminated sessions
+        // https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#session-management
+        // SECURITY: Validate session WITH identity binding to prevent hijacking
+        if (sessionStore &&
+            providedSessionId &&
+            !sessionStore.isValidForIdentity(providedSessionId, sessionIdentity)) {
+            logger.warning('Session validation failed - invalid or hijacked session', {
+                ...transportContext,
+                sessionId: providedSessionId,
+                requestTenant: sessionIdentity?.tenantId,
+                requestClient: sessionIdentity?.clientId,
+            });
+            return c.json({ error: 'Session not found or expired' }, 404);
+        }
+        // Defer session minting for stateful mode: only assign a session ID to
+        // requests that already carry one (returning clients) or after the SDK
+        // processes the request (new initialize handshakes). This prevents
+        // allocating sessions for requests that will fail protocol validation.
+        const sessionId = providedSessionId ?? generateSecureSessionId();
+        const transport = new McpSessionTransport(sessionId);
+        const handleRpc = async () => {
+            // SDK 1.26.0: Protocol.connect() throws if already connected.
+            // Create a fresh McpServer per request to prevent cross-client data leaks.
+            // See GHSA-345p-7cg4-v4c7.
+            const server = await serverFactory();
+            await server.connect(transport);
+            const response = await transport.handleRequest(c);
+            if (response) {
+                // Only register the session in the store AFTER a successful response.
+                // This avoids minting sessions for requests that fail protocol
+                // validation (e.g. tools/list without prior initialize).
+                if (sessionStore && response.ok) {
+                    sessionStore.getOrCreate(sessionId, sessionIdentity);
+                }
+                // MCP Spec 2025-06-18: For stateful sessions, return Mcp-Session-Id header
+                // in InitializeResponse (and all subsequent responses)
+                if (config.mcpSessionMode === 'stateful' && response.ok) {
+                    response.headers.set('Mcp-Session-Id', sessionId);
+                    logger.debug('Added Mcp-Session-Id header to response', {
+                        ...transportContext,
+                        sessionId,
+                    });
+                }
+                return response;
+            }
+            return c.body(null, 204);
+        };
+        // Auth context is already populated by the middleware's authContext.run().
+        // ALS propagates through all async continuations in this handler.
+        try {
+            return await handleRpc();
+        }
+        catch (err) {
+            // Close transport only on error — success path must keep the SSE stream
+            // alive for Hono to consume. streamSSE returns a Response wrapping a
+            // ReadableStream; closing the transport aborts the stream before Hono
+            // can read it, producing an empty-message Error on the client.
+            await transport.close?.().catch((closeErr) => {
+                logger.debug('Failed to close transport after error', {
+                    ...transportContext,
+                    sessionId,
+                    error: closeErr instanceof Error ? closeErr.message : String(closeErr),
+                });
+            });
+            throw err instanceof Error ? err : new Error(String(err));
+        }
+    });
+    logger.info('Hono application setup complete.', transportContext);
+    return { app, sessionStore };
+}
+function isPortInUse(port, host, parentContext) {
+    const context = { ...parentContext, operation: 'isPortInUse', port, host };
+    logger.debug(`Checking if port ${port} is in use...`, context);
+    return new Promise((resolve) => {
+        const tempServer = http.createServer();
+        tempServer
+            .once('error', (err) => resolve(err.code === 'EADDRINUSE'))
+            .once('listening', () => tempServer.close(() => resolve(false)))
+            .listen(port, host);
+    });
+}
+function startHttpServerWithRetry(app, initialPort, host, maxRetries, parentContext) {
+    const startContext = {
+        ...parentContext,
+        operation: 'startHttpServerWithRetry',
+    };
+    logger.info(`Attempting to start HTTP server on port ${initialPort} with ${maxRetries} retries.`, startContext);
+    const { promise, resolve, reject } = Promise.withResolvers();
+    const tryBind = (port, attempt) => {
+        if (attempt > maxRetries + 1) {
+            const error = new Error(`Failed to bind to any port after ${maxRetries} retries.`);
+            logger.fatal(error.message, { ...startContext, port, attempt });
+            return reject(error);
+        }
+        isPortInUse(port, host, { ...startContext, port, attempt })
+            .then((inUse) => {
+            if (inUse) {
+                logger.warning(`Port ${port} is in use, retrying...`, {
+                    ...startContext,
+                    port,
+                    attempt,
+                });
+                setTimeout(() => tryBind(port + 1, attempt + 1), config.mcpHttpPortRetryDelayMs);
+                return;
+            }
+            try {
+                const serverInstance = serve({ fetch: app.fetch, port, hostname: host }, (info) => {
+                    const serverAddress = `http://${info.address}:${info.port}${config.mcpHttpEndpointPath}`;
+                    logger.info(`HTTP transport listening at ${serverAddress}`, {
+                        ...startContext,
+                        port,
+                        address: serverAddress,
+                    });
+                    logStartupBanner(`\n🚀 MCP Server running at: ${serverAddress}`, 'http');
+                });
+                resolve(serverInstance);
+            }
+            catch (err) {
+                logger.warning(`Binding attempt failed for port ${port}, retrying...`, {
+                    ...startContext,
+                    port,
+                    attempt,
+                    error: String(err),
+                });
+                setTimeout(() => tryBind(port + 1, attempt + 1), config.mcpHttpPortRetryDelayMs);
+            }
+        })
+            .catch((err) => reject(err instanceof Error ? err : new Error(String(err))));
+    };
+    tryBind(initialPort, 1);
+    return promise;
+}
+export async function startHttpTransport(serverFactory, parentContext) {
+    const transportContext = {
+        ...parentContext,
+        component: 'HttpTransportStart',
+    };
+    logger.info('Starting HTTP transport.', transportContext);
+    const { app, sessionStore } = await createHttpApp(serverFactory, transportContext);
+    const server = await startHttpServerWithRetry(app, config.mcpHttpPort, config.mcpHttpHost, config.mcpHttpMaxPortRetries, transportContext);
+    logger.info('HTTP transport started successfully.', transportContext);
+    return {
+        server,
+        stop: (ctx) => stopHttpTransport(server, sessionStore, ctx),
+    };
+}
+function stopHttpTransport(server, sessionStore, parentContext) {
+    const operationContext = {
+        ...parentContext,
+        operation: 'stopHttpTransport',
+        transportType: 'Http',
+    };
+    logger.info('Attempting to stop http transport...', operationContext);
+    sessionStore?.destroy();
+    return new Promise((resolve, reject) => {
+        server.close((err) => {
+            if (err) {
+                logger.error('Error closing HTTP server.', err, operationContext);
+                return reject(err);
+            }
+            logger.info('HTTP server closed successfully.', operationContext);
+            resolve();
+        });
+    });
+}
+//# sourceMappingURL=httpTransport.js.map

package/dist/mcp-server/transports/http/httpTransport.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"httpTransport.js","sourceRoot":"","sources":["../../../../src/mcp-server/transports/http/httpTransport.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,WAAW,CAAC;AACpD,OAAO,EAAmB,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,EAAE,2BAA2B,EAAE,MAAM,oCAAoC,CAAC;AACjF,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,oBAAoB,EAAE,MAAM,gDAAgD,CAAC;AACtF,OAAO,EAAE,WAAW,EAAE,MAAM,iDAAiD,CAAC;AAC9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,kDAAkD,CAAC;AAEpF,OAAO,EAAE,gCAAgC,EAAE,MAAM,2DAA2D,CAAC;AAC7G,OAAO,EAAE,uBAAuB,EAAE,MAAM,gDAAgD,CAAC;AACzF,OAAO,EAAwB,YAAY,EAAE,MAAM,8CAA8C,CAAC;AAClG,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,4BAA4B,CAAC;AAEpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AACrE,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAC;AAErE;;GAEG;AACH,MAAM,mBAAoB,SAAQ,uBAAuB;IAChD,SAAS,CAAS;IAEzB,YAAY,SAAiB;QAC3B,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;CACF;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,aAAuC,EACvC,aAA6B;IAE7B,MAAM,GAAG,GAAG,IAAI,IAAI,EAA2B,CAAC;IAChD,MAAM,gBAAgB,GAAG;QACvB,GAAG,aAAa;QAChB,SAAS,EAAE,oBAAoB;KAChC,CAAC;IAEF,6CAA6C;IAC7C,MAAM,YAAY,GAChB,MAAM,CAAC,cAAc,KAAK,UAAU;QAClC,CAAC,CAAC,IAAI,YAAY,CAAC,MAAM,CAAC,gCAAgC,CAAC;QAC3D,CAAC,CAAC,IAAI,CAAC;IAEX,kEAAkE;IAClE,IAAI,YAAY,IAAI,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;QACjD,qBAAqB,CACnB,qBAAqB,EACrB,+BAA+B,EAC/B,GAAG,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,EACpC,YAAY,CACb,CAAC;IACJ,CAAC;IAED,2EAA2E;IAC3E,iEAAiE;IACjE,6EAA6E;IAC7E,uEAAuE;IACvE,IAAI,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;QACjC,MAAM,EAAE,6BAA6B,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;YAC9E,MAAM,IAAI,QAAQ,CAChB,gBAAgB,CAAC,kBAAkB,EACnC,oFAAoF,CACrF,CAAC;QACJ,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,GAAG,CACL,MAAM,CAAC,mBAAmB,EAC1B,6BAA6B,CAAC;YAC5B,qBAAqB,EAAE,CAAC,gBAAgB,CAAC;SAC1C,CAAC,CACH,CAAC;QACF,MAAM,CAAC,KAAK,CAAC,2DAA2D,EAAE,gBAAgB,CAAC,CAAC;IAC9F,CAAC;IAED,kCAAkC;IAClC,MAAM,aAAa,GACjB,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,MAAM,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC;QAC5E,CAAC,CAAC,MAAM,CAAC,iBAAiB;QAC1B,CAAC,CAAC,GAAG,CAAC;IAEV,IAAI,aAAa,KAAK,GAAG,EAAE,CAAC;QAC1B,MAAM,CAAC,OAAO,CACZ,sFAAsF,EACtF,gBAAgB,CACjB,CAAC;IACJ,CAAC;IAED,sDAAsD;IACtD,0EAA0E;IAC1E,2EAA2E;IAC3E,GAAG,CAAC,GAAG,CACL,GAAG,EACH,IAAI,CAAC;QACH,MAAM,EAAE,aAAa;QACrB,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,CAAC;QAClD,YAAY,EAAE,CAAC,cAAc,EAAE,eAAe,EAAE,gBAAgB,EAAE,sBAAsB,CAAC;QACzF,aAAa,EAAE,CAAC,gBAAgB,CAAC;QACjC,GAAG,CAAC,aAAa,KAAK,GAAG,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;KACpD,CAAC,CACH,CAAC;IAEF,6BAA6B;IAC7B,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAE9B,6EAA6E;IAC7E,6FAA6F;IAC7F,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,mBAAmB,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACpD,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACtC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,SAAS,GACb,aAAa,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;YAE5F,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,CAAC,OAAO,CAAC,6CAA6C,EAAE;oBAC5D,GAAG,gBAAgB;oBACnB,MAAM;oBACN,cAAc,EAAE,aAAa;iBAC9B,CAAC,CAAC;gBACH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,2CAA2C,EAAE,EAAE,GAAG,CAAC,CAAC;YAC7E,CAAC;QACH,CAAC;QACD,2CAA2C;QAC3C,OAAO,MAAM,IAAI,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;IAEH,gEAAgE;IAChE,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAErD,yEAAyE;IACzE,gDAAgD;IAChD,GAAG,CAAC,GAAG,CAAC,uCAAuC,EAAE,gCAAgC,CAAC,CAAC;IAEnF,8EAA8E;IAC9E,iFAAiF;IACjF,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE;QAC9C,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;YAC1D,OAAO,IAAI,EAAE,CAAC,CAAC,4CAA4C;QAC7D,CAAC;QACD,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,IAAI;YACZ,MAAM,EAAE;gBACN,IAAI,EAAE,MAAM,CAAC,aAAa;gBAC1B,OAAO,EAAE,MAAM,CAAC,gBAAgB;gBAChC,WAAW,EAAE,MAAM,CAAC,oBAAoB;gBACxC,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,SAAS,EAAE,MAAM,CAAC,gBAAgB;gBAClC,WAAW,EAAE,MAAM,CAAC,cAAc;aACnC;SACF,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,yDAAyD;IACzD,sEAAsE;IACtE,4DAA4D;IAC5D,MAAM,YAAY,GAAG,kBAAkB,EAAE,CAAC;IAC1C,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,cAAc,GAAG,oBAAoB,CAAC,YAAY,CAAC,CAAC;QAC1D,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,mBAAmB,EAAE,cAAc,CAAC,CAAC;QACpD,MAAM,CAAC,IAAI,CAAC,qDAAqD,EAAE,gBAAgB,CAAC,CAAC;IACvF,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,0DAA0D,EAAE,gBAAgB,CAAC,CAAC;IAC5F,CAAC;IAED,+DAA+D;IAC/D,8DAA8D;IAC9D,+FAA+F;IAC/F,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC,CAAC,EAAE,EAAE;QAC3C,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAEjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,CAAC,OAAO,CAAC,mCAAmC,EAAE,gBAAgB,CAAC,CAAC;YACtE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gCAAgC,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;YAC3C,GAAG,gBAAgB;YACnB,SAAS;SACV,CAAC,CAAC;QAEH,sEAAsE;QACtE,IAAI,MAAM,CAAC,cAAc,KAAK,WAAW,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3D,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qDAAqD,EAAE,EAAE,GAAG,CAAC,CAAC;QACvF,CAAC;QAED,0DAA0D;QAC1D,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC;QAClD,MAAM,eAAe,GAAgC,QAAQ;YAC3D,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC;gBACb,QAAQ,EAAE,QAAQ,CAAC,QAAQ;gBAC3B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;gBAC3B,OAAO,EAAE,QAAQ,CAAC,OAAO;aAC1B,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,CAChC;YACH,CAAC,CAAC,SAAS,CAAC;QAEd,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,CAAC;YACjE,MAAM,CAAC,OAAO,CAAC,4DAA4D,EAAE;gBAC3E,GAAG,gBAAgB;gBACnB,SAAS;gBACT,aAAa,EAAE,eAAe,EAAE,QAAQ;gBACxC,aAAa,EAAE,eAAe,EAAE,QAAQ;aACzC,CAAC,CAAC;YACH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oCAAoC,EAAE,EAAE,GAAG,CAAC,CAAC;QACtE,CAAC;QAED,qCAAqC;QACrC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAElC,MAAM,CAAC,IAAI,CAAC,iCAAiC,EAAE;YAC7C,GAAG,gBAAgB;YACnB,SAAS;SACV,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,kCAAkC;IAClC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,mBAAmB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9C,MAAM,eAAe,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,sBAAsB,CAAC,IAAI,YAAY,CAAC;QAC7E,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE;YACpC,GAAG,gBAAgB;YACnB,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI;YAChB,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM;YACpB,eAAe;SAChB,CAAC,CAAC;QAEH,yEAAyE;QACzE,oEAAoE;QACpE,sEAAsE;QACtE,MAAM,iBAAiB,GAAG,2BAA2B,CAAC;QACtD,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;YACjD,MAAM,CAAC,OAAO,CAAC,6CAA6C,EAAE;gBAC5D,GAAG,gBAAgB;gBACnB,eAAe;gBACf,iBAAiB;aAClB,CAAC,CAAC;YACH,OAAO,CAAC,CAAC,IAAI,CACX;gBACE,KAAK,EAAE,kCAAkC;gBACzC,eAAe;gBACf,iBAAiB;aAClB,EACD,GAAG,CACJ,CAAC;QACJ,CAAC;QAED,MAAM,iBAAiB,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAEzD,0DAA0D;QAC1D,0DAA0D;QAC1D,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC;QAClD,MAAM,eAAe,GAAgC,QAAQ;YAC3D,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC;gBACb,QAAQ,EAAE,QAAQ,CAAC,QAAQ;gBAC3B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;gBAC3B,OAAO,EAAE,QAAQ,CAAC,OAAO;aAC1B,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,CAChC;YACH,CAAC,CAAC,SAAS,CAAC;QAEd,kEAAkE;QAClE,+FAA+F;QAC/F,wEAAwE;QACxE,IACE,YAAY;YACZ,iBAAiB;YACjB,CAAC,YAAY,CAAC,kBAAkB,CAAC,iBAAiB,EAAE,eAAe,CAAC,EACpE,CAAC;YACD,MAAM,CAAC,OAAO,CAAC,yDAAyD,EAAE;gBACxE,GAAG,gBAAgB;gBACnB,SAAS,EAAE,iBAAiB;gBAC5B,aAAa,EAAE,eAAe,EAAE,QAAQ;gBACxC,aAAa,EAAE,eAAe,EAAE,QAAQ;aACzC,CAAC,CAAC;YACH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,8BAA8B,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,uEAAuE;QACvE,uEAAuE;QACvE,mEAAmE;QACnE,uEAAuE;QACvE,MAAM,SAAS,GAAG,iBAAiB,IAAI,uBAAuB,EAAE,CAAC;QAEjE,MAAM,SAAS,GAAG,IAAI,mBAAmB,CAAC,SAAS,CAAC,CAAC;QAErD,MAAM,SAAS,GAAG,KAAK,IAAuB,EAAE;YAC9C,8DAA8D;YAC9D,2EAA2E;YAC3E,2BAA2B;YAC3B,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;YACrC,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAChC,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;YAElD,IAAI,QAAQ,EAAE,CAAC;gBACb,sEAAsE;gBACtE,+DAA+D;gBAC/D,yDAAyD;gBACzD,IAAI,YAAY,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;oBAChC,YAAY,CAAC,WAAW,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;gBACvD,CAAC;gBAED,2EAA2E;gBAC3E,uDAAuD;gBACvD,IAAI,MAAM,CAAC,cAAc,KAAK,UAAU,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;oBACxD,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;oBAClD,MAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE;wBACtD,GAAG,gBAAgB;wBACnB,SAAS;qBACV,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,QAAQ,CAAC;YAClB,CAAC;YACD,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAC3B,CAAC,CAAC;QAEF,2EAA2E;QAC3E,kEAAkE;QAClE,IAAI,CAAC;YACH,OAAO,MAAM,SAAS,EAAE,CAAC;QAC3B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,wEAAwE;YACxE,qEAAqE;YACrE,sEAAsE;YACtE,+DAA+D;YAC/D,MAAM,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,QAAiB,EAAE,EAAE;gBACpD,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;oBACpD,GAAG,gBAAgB;oBACnB,SAAS;oBACT,KAAK,EAAE,QAAQ,YAAY,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;iBACvE,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YACH,MAAM,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,gBAAgB,CAAC,CAAC;IAClE,OAAO,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC;AAC/B,CAAC;AAED,SAAS,WAAW,CAAC,IAAY,EAAE,IAAY,EAAE,aAA6B;IAC5E,MAAM,OAAO,GAAG,EAAE,GAAG,aAAa,EAAE,SAAS,EAAE,aAAa,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAC3E,MAAM,CAAC,KAAK,CAAC,oBAAoB,IAAI,eAAe,EAAE,OAAO,CAAC,CAAC;IAC/D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QACvC,UAAU;aACP,IAAI,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC;aACjF,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;aAC/D,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,wBAAwB,CAC/B,GAAkC,EAClC,WAAmB,EACnB,IAAY,EACZ,UAAkB,EAClB,aAA6B;IAE7B,MAAM,YAAY,GAAG;QACnB,GAAG,aAAa;QAChB,SAAS,EAAE,0BAA0B;KACtC,CAAC;IACF,MAAM,CAAC,IAAI,CACT,2CAA2C,WAAW,SAAS,UAAU,WAAW,EACpF,YAAY,CACb,CAAC;IAEF,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,aAAa,EAAc,CAAC;IAEzE,MAAM,OAAO,GAAG,CAAC,IAAY,EAAE,OAAe,EAAE,EAAE;QAChD,IAAI,OAAO,GAAG,UAAU,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,oCAAoC,UAAU,WAAW,CAAC,CAAC;YACnF,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,GAAG,YAAY,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;YAChE,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;QACvB,CAAC;QAED,WAAW,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,GAAG,YAAY,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;aACxD,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;YACd,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,CAAC,OAAO,CAAC,QAAQ,IAAI,yBAAyB,EAAE;oBACpD,GAAG,YAAY;oBACf,IAAI;oBACJ,OAAO;iBACR,CAAC,CAAC;gBACH,UAAU,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,uBAAuB,CAAC,CAAC;gBACjF,OAAO;YACT,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,cAAc,GAAG,KAAK,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE;oBAChF,MAAM,aAAa,GAAG,UAAU,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,mBAAmB,EAAE,CAAC;oBACzF,MAAM,CAAC,IAAI,CAAC,+BAA+B,aAAa,EAAE,EAAE;wBAC1D,GAAG,YAAY;wBACf,IAAI;wBACJ,OAAO,EAAE,aAAa;qBACvB,CAAC,CAAC;oBACH,gBAAgB,CAAC,+BAA+B,aAAa,EAAE,EAAE,MAAM,CAAC,CAAC;gBAC3E,CAAC,CAAC,CAAC;gBACH,OAAO,CAAC,cAAc,CAAC,CAAC;YAC1B,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,MAAM,CAAC,OAAO,CAAC,mCAAmC,IAAI,eAAe,EAAE;oBACrE,GAAG,YAAY;oBACf,IAAI;oBACJ,OAAO;oBACP,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC;iBACnB,CAAC,CAAC;gBACH,UAAU,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,uBAAuB,CAAC,CAAC;YACnF,CAAC;QACH,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC,CAAC;IAEF,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IACxB,OAAO,OAAO,CAAC;AACjB,CAAC;AAYD,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,aAAuC,EACvC,aAA6B;IAE7B,MAAM,gBAAgB,GAAG;QACvB,GAAG,aAAa;QAChB,SAAS,EAAE,oBAAoB;KAChC,CAAC;IACF,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,gBAAgB,CAAC,CAAC;IAE1D,MAAM,EAAE,GAAG,EAAE,YAAY,EAAE,GAAG,MAAM,aAAa,CAAC,aAAa,EAAE,gBAAgB,CAAC,CAAC;IAEnF,MAAM,MAAM,GAAG,MAAM,wBAAwB,CAC3C,GAAG,EACH,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,qBAAqB,EAC5B,gBAAgB,CACjB,CAAC;IAEF,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE,gBAAgB,CAAC,CAAC;IAEtE,OAAO;QACL,MAAM;QACN,IAAI,EAAE,CAAC,GAAmB,EAAE,EAAE,CAAC,iBAAiB,CAAC,MAAM,EAAE,YAAY,EAAE,GAAG,CAAC;KAC5E,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CACxB,MAAkB,EAClB,YAAiC,EACjC,aAA6B;IAE7B,MAAM,gBAAgB,GAAG;QACvB,GAAG,aAAa;QAChB,SAAS,EAAE,mBAAmB;QAC9B,aAAa,EAAE,MAAM;KACtB,CAAC;IACF,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE,gBAAgB,CAAC,CAAC;IAEtE,YAAY,EAAE,OAAO,EAAE,CAAC;IAExB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACnB,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;gBAClE,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;YACrB,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,gBAAgB,CAAC,CAAC;YAClE,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/mcp-server/transports/http/httpTypes.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * @fileoverview Defines custom types for the Hono HTTP transport layer.
+ * @module src/mcp-server/transports/http/httpTypes
+ */
+import type { IncomingMessage, ServerResponse } from 'node:http';
+/**
+ * Extends Hono's Bindings to include the raw Node.js request and response objects.
+ * This is necessary for integrating with libraries like the MCP SDK that
+ * need to write directly to the response stream.
+ *
+ * As per `@hono/node-server`, the response object is available on `c.env.outgoing`.
+ */
+export type HonoNodeBindings = {
+    incoming: IncomingMessage;
+    outgoing: ServerResponse;
+};
+//# sourceMappingURL=httpTypes.d.ts.map

package/dist/mcp-server/transports/http/httpTypes.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"httpTypes.d.ts","sourceRoot":"","sources":["../../../../src/mcp-server/transports/http/httpTypes.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAEjE;;;;;;GAMG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,QAAQ,EAAE,eAAe,CAAC;IAC1B,QAAQ,EAAE,cAAc,CAAC;CAC1B,CAAC"}

package/dist/mcp-server/transports/http/httpTypes.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=httpTypes.js.map

package/dist/mcp-server/transports/http/httpTypes.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"httpTypes.js","sourceRoot":"","sources":["../../../../src/mcp-server/transports/http/httpTypes.ts"],"names":[],"mappings":""}

package/dist/mcp-server/transports/http/protectedResourceMetadata.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * @fileoverview RFC 9728 OAuth Protected Resource Metadata endpoint handler.
+ * Serves `/.well-known/oauth-protected-resource` to enable MCP clients to
+ * discover the authorization server for this resource. Always returns 200
+ * regardless of auth mode — oauth mode includes full authorization server
+ * metadata; jwt/none modes return a minimal resource identifier only.
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc9728 | RFC 9728: OAuth 2.0 Protected Resource Metadata}
+ * @module src/mcp-server/transports/http/protectedResourceMetadata
+ */
+import type { Context } from 'hono';
+/**
+ * Hono route handler for the RFC 9728 Protected Resource Metadata endpoint.
+ *
+ * Always mounted and always returns 200. Behavior varies by auth mode:
+ * - `oauth`: full metadata including `authorization_servers`, signing algorithms
+ * - `jwt`/`none`: minimal metadata with just the resource identifier
+ *
+ * Response is cacheable for 1 hour per RFC 9728 recommendations.
+ */
+export declare function protectedResourceMetadataHandler(c: Context): Response;
+//# sourceMappingURL=protectedResourceMetadata.d.ts.map

package/dist/mcp-server/transports/http/protectedResourceMetadata.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"protectedResourceMetadata.d.ts","sourceRoot":"","sources":["../../../../src/mcp-server/transports/http/protectedResourceMetadata.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAMpC;;;;;;;;GAQG;AACH,wBAAgB,gCAAgC,CAAC,CAAC,EAAE,OAAO,GAAG,QAAQ,CA0BrE"}

package/dist/mcp-server/transports/http/protectedResourceMetadata.js ADDED Viewed

@@ -0,0 +1,44 @@
+/**
+ * @fileoverview RFC 9728 OAuth Protected Resource Metadata endpoint handler.
+ * Serves `/.well-known/oauth-protected-resource` to enable MCP clients to
+ * discover the authorization server for this resource. Always returns 200
+ * regardless of auth mode — oauth mode includes full authorization server
+ * metadata; jwt/none modes return a minimal resource identifier only.
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc9728 | RFC 9728: OAuth 2.0 Protected Resource Metadata}
+ * @module src/mcp-server/transports/http/protectedResourceMetadata
+ */
+import { config } from '../../../config/index.js';
+import { logger } from '../../../utils/internal/logger.js';
+import { requestContextService } from '../../../utils/internal/requestContext.js';
+/**
+ * Hono route handler for the RFC 9728 Protected Resource Metadata endpoint.
+ *
+ * Always mounted and always returns 200. Behavior varies by auth mode:
+ * - `oauth`: full metadata including `authorization_servers`, signing algorithms
+ * - `jwt`/`none`: minimal metadata with just the resource identifier
+ *
+ * Response is cacheable for 1 hour per RFC 9728 recommendations.
+ */
+export function protectedResourceMetadataHandler(c) {
+    const context = requestContextService.createRequestContext({
+        operation: 'protectedResourceMetadataHandler',
+    });
+    const origin = new URL(c.req.url).origin;
+    const resource = config.mcpServerResourceIdentifier ?? config.oauthAudience ?? `${origin}/mcp`;
+    const metadata = {
+        resource,
+        bearer_methods_supported: ['header'],
+    };
+    if (config.mcpAuthMode === 'oauth' && config.oauthIssuerUrl) {
+        metadata.authorization_servers = [config.oauthIssuerUrl];
+        metadata.resource_signing_alg_values_supported = ['RS256', 'ES256', 'PS256'];
+    }
+    logger.debug('Serving Protected Resource Metadata.', {
+        ...context,
+        resource,
+        authMode: config.mcpAuthMode,
+    });
+    c.header('Cache-Control', 'public, max-age=3600');
+    return c.json(metadata);
+}
+//# sourceMappingURL=protectedResourceMetadata.js.map

package/dist/mcp-server/transports/http/protectedResourceMetadata.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"protectedResourceMetadata.js","sourceRoot":"","sources":["../../../../src/mcp-server/transports/http/protectedResourceMetadata.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,4BAA4B,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAE3E;;;;;;;;GAQG;AACH,MAAM,UAAU,gCAAgC,CAAC,CAAU;IACzD,MAAM,OAAO,GAAG,qBAAqB,CAAC,oBAAoB,CAAC;QACzD,SAAS,EAAE,kCAAkC;KAC9C,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,MAAM,QAAQ,GAAG,MAAM,CAAC,2BAA2B,IAAI,MAAM,CAAC,aAAa,IAAI,GAAG,MAAM,MAAM,CAAC;IAE/F,MAAM,QAAQ,GAA4B;QACxC,QAAQ;QACR,wBAAwB,EAAE,CAAC,QAAQ,CAAC;KACrC,CAAC;IAEF,IAAI,MAAM,CAAC,WAAW,KAAK,OAAO,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;QAC5D,QAAQ,CAAC,qBAAqB,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QACzD,QAAQ,CAAC,qCAAqC,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC/E,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,sCAAsC,EAAE;QACnD,GAAG,OAAO;QACV,QAAQ;QACR,QAAQ,EAAE,MAAM,CAAC,WAAW;KAC7B,CAAC,CAAC;IAEH,CAAC,CAAC,MAAM,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAAC;IAClD,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAC1B,CAAC"}

package/dist/mcp-server/transports/http/sessionIdUtils.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * Generates a cryptographically secure session ID.
+ *
+ * Uses 32 bytes (256 bits) of entropy, which provides sufficient security
+ * for session identification per OWASP guidelines.
+ *
+ * @returns A 64-character hexadecimal session ID
+ *
+ * @example
+ * ```typescript
+ * const sessionId = generateSecureSessionId();
+ * // Returns: "a1b2c3d4e5f6...048" (64 hex characters)
+ * ```
+ */
+export declare function generateSecureSessionId(): string;
+/**
+ * Validates a session ID format.
+ *
+ * Session IDs must be exactly 64 hexadecimal characters (representing 32 bytes).
+ * This validation helps prevent injection attacks and ensures consistency.
+ *
+ * @param sessionId - The session ID to validate
+ * @returns True if the session ID has a valid format, false otherwise
+ *
+ * @example
+ * ```typescript
+ * validateSessionIdFormat('abc123'); // false - too short
+ * validateSessionIdFormat('g1h2...'); // false - invalid hex
+ * validateSessionIdFormat('a1b2c3...048'); // true - 64 hex chars
+ * ```
+ */
+export declare function validateSessionIdFormat(sessionId: string): boolean;
+//# sourceMappingURL=sessionIdUtils.d.ts.map

package/dist/mcp-server/transports/http/sessionIdUtils.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"sessionIdUtils.d.ts","sourceRoot":"","sources":["../../../../src/mcp-server/transports/http/sessionIdUtils.ts"],"names":[],"mappings":"AAQA;;;;;;;;;;;;;GAaG;AACH,wBAAgB,uBAAuB,IAAI,MAAM,CAWhD;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAGlE"}

package/dist/mcp-server/transports/http/sessionIdUtils.js ADDED Viewed

@@ -0,0 +1,54 @@
+/**
+ * @fileoverview Utilities for generating and validating cryptographically secure session IDs.
+ * @module src/mcp-server/transports/http/sessionIdUtils
+ */
+import { randomBytes } from 'node:crypto';
+import { runtimeCaps } from '../../../utils/internal/runtime.js';
+/**
+ * Generates a cryptographically secure session ID.
+ *
+ * Uses 32 bytes (256 bits) of entropy, which provides sufficient security
+ * for session identification per OWASP guidelines.
+ *
+ * @returns A 64-character hexadecimal session ID
+ *
+ * @example
+ * ```typescript
+ * const sessionId = generateSecureSessionId();
+ * // Returns: "a1b2c3d4e5f6...048" (64 hex characters)
+ * ```
+ */
+export function generateSecureSessionId() {
+    if (runtimeCaps.isNode && runtimeCaps.hasBuffer) {
+        // Node.js environment - use crypto.randomBytes
+        const bytes = randomBytes(32); // 256 bits
+        return bytes.toString('hex');
+    }
+    else {
+        // Worker/Browser environment - use Web Crypto API
+        const bytes = new Uint8Array(32);
+        crypto.getRandomValues(bytes);
+        return Array.from(bytes, (b) => b.toString(16).padStart(2, '0')).join('');
+    }
+}
+/**
+ * Validates a session ID format.
+ *
+ * Session IDs must be exactly 64 hexadecimal characters (representing 32 bytes).
+ * This validation helps prevent injection attacks and ensures consistency.
+ *
+ * @param sessionId - The session ID to validate
+ * @returns True if the session ID has a valid format, false otherwise
+ *
+ * @example
+ * ```typescript
+ * validateSessionIdFormat('abc123'); // false - too short
+ * validateSessionIdFormat('g1h2...'); // false - invalid hex
+ * validateSessionIdFormat('a1b2c3...048'); // true - 64 hex chars
+ * ```
+ */
+export function validateSessionIdFormat(sessionId) {
+    // Must be exactly 64 hexadecimal characters (32 bytes)
+    return /^[a-f0-9]{64}$/.test(sessionId);
+}
+//# sourceMappingURL=sessionIdUtils.js.map

package/dist/mcp-server/transports/http/sessionIdUtils.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sessionIdUtils.js","sourceRoot":"","sources":["../../../../src/mcp-server/transports/http/sessionIdUtils.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,OAAO,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAE1D;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,uBAAuB;IACrC,IAAI,WAAW,CAAC,MAAM,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;QAChD,+CAA+C;QAC/C,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW;QAC1C,OAAO,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN,kDAAkD;QAClD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC5E,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,uBAAuB,CAAC,SAAiB;IACvD,uDAAuD;IACvD,OAAO,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAC1C,CAAC"}