@decocms/runtime 1.0.0-alpha.22 → 1.0.0-alpha.24

package/package.json

@@ -1,24 +1,22 @@
 {
   "name": "@decocms/runtime",
-  "version": "1.0.0-alpha.22",
+  "version": "1.0.0-alpha.24",
   "type": "module",
   "dependencies": {
     "@cloudflare/workers-types": "^4.20250617.0",
     "@deco/mcp": "npm:@jsr/deco__mcp@0.5.5",
-    "@decocms/bindings": "1.0.1-alpha.12",
+    "@decocms/bindings": "1.0.1-alpha.14",
     "@modelcontextprotocol/sdk": "1.20.2",
     "@ai-sdk/provider": "^2.0.0",
     "hono": "^4.10.7",
     "jose": "^6.0.11",
     "zod": "^3.25.76",
-    "zod-from-json-schema": "^0.0.5",
     "zod-to-json-schema": "3.25.0"
   },
   "exports": {
     ".": "./src/index.ts",
     "./proxy": "./src/proxy.ts",
     "./client": "./src/client.ts",
-    "./mcp-client": "./src/mcp-client.ts",
     "./bindings": "./src/bindings/index.ts",
     "./asset-server": "./src/asset-server/index.ts",
     "./tools": "./src/tools.ts"

package/src/index.ts

@@ -3,6 +3,7 @@ import { decodeJwt } from "jose";
 import type { z } from "zod";
 import { createContractBinding, createIntegrationBinding } from "./bindings.ts";
 import { type CORSOptions, handlePreflight, withCORS } from "./cors.ts";
+import { createOAuthHandlers } from "./oauth.ts";
 import { State } from "./state.ts";
 import {
   createMCPServer,
@@ -82,6 +83,7 @@ export interface RequestContext<TSchema extends z.ZodTypeAny = any> {
   state: z.infer<TSchema>;
   token: string;
   meshUrl: string;
+  authorization?: string | null;
   ensureAuthenticated: (options?: {
     workspaceHint?: string;
   }) => User | undefined;
@@ -158,14 +160,19 @@ export const withBindings = <TEnv>({
   tokenOrContext,
   url,
   bindings: inlineBindings,
+  authToken,
 }: {
   env: TEnv;
   server: MCPServer<TEnv, any>;
+  // token is x-mesh-token
   tokenOrContext?: string | RequestContext;
+  // authToken is the authorization header
+  authToken?: string | null;
   url?: string;
   bindings?: Binding[];
 }): TEnv => {
   const env = _env as DefaultEnv<any>;
+  const authorization = authToken ? authToken.split(" ")[1] : undefined;
 
   let context;
   if (typeof tokenOrContext === "string") {
@@ -179,6 +186,7 @@ export const withBindings = <TEnv>({
       }) ?? {};
 
     context = {
+      authorization,
       state: decoded.state ?? metadata.state,
       token: tokenOrContext,
       meshUrl: (decoded.meshUrl as string) ?? metadata.meshUrl,
@@ -196,6 +204,7 @@ export const withBindings = <TEnv>({
         connectionId?: string;
       }) ?? {};
     const appName = decoded.appName as string | undefined;
+    context.authorization ??= authorization;
     context.callerApp = appName;
     context.connectionId ??=
       (decoded.connectionId as string) ?? metadata.connectionId;
@@ -203,6 +212,7 @@ export const withBindings = <TEnv>({
   } else {
     context = {
       state: {},
+      authorization,
       token: undefined,
       meshUrl: undefined,
       connectionId: undefined,
@@ -233,6 +243,8 @@ export const withRuntime = <TEnv, TSchema extends z.ZodTypeAny = never>(
 ) => {
   const server = createMCPServer<TEnv, TSchema>(userFns);
   const corsOptions = userFns.cors;
+  const oauth = userFns.oauth;
+  const oauthHandlers = oauth ? createOAuthHandlers(oauth) : null;
 
   const fetcher = async (
     req: Request,
@@ -240,7 +252,53 @@ export const withRuntime = <TEnv, TSchema extends z.ZodTypeAny = never>(
     ctx: any,
   ) => {
     const url = new URL(req.url);
+
+    // OAuth routes (when configured)
+    if (oauthHandlers) {
+      // Protected resource metadata (RFC9728) - both paths MUST be supported
+      if (
+        url.pathname === "/.well-known/oauth-protected-resource" ||
+        url.pathname === "/mcp/.well-known/oauth-protected-resource"
+      ) {
+        return oauthHandlers.handleProtectedResourceMetadata(req);
+      }
+
+      // Authorization server metadata (RFC8414)
+      if (url.pathname === "/.well-known/oauth-authorization-server") {
+        return oauthHandlers.handleAuthorizationServerMetadata(req);
+      }
+
+      // Authorization endpoint - redirects to external OAuth provider
+      if (url.pathname === "/authorize") {
+        return oauthHandlers.handleAuthorize(req);
+      }
+
+      // OAuth callback - receives code from external OAuth provider
+      if (url.pathname === "/oauth/callback") {
+        return oauthHandlers.handleOAuthCallback(req);
+      }
+
+      // Token endpoint - exchanges code for tokens
+      if (url.pathname === "/token" && req.method === "POST") {
+        return oauthHandlers.handleToken(req);
+      }
+
+      // Dynamic client registration (RFC7591)
+      if (
+        (url.pathname === "/register" || url.pathname === "/mcp/register") &&
+        req.method === "POST"
+      ) {
+        return oauthHandlers.handleClientRegistration(req);
+      }
+    }
+
+    // MCP endpoint
     if (url.pathname === "/mcp") {
+      // If OAuth is configured, require authentication
+      if (oauthHandlers && !oauthHandlers.hasAuth(req)) {
+        return oauthHandlers.createUnauthorizedResponse(req);
+      }
+
       return server.fetch(req, env, ctx);
     }
 
@@ -273,7 +331,7 @@ export const withRuntime = <TEnv, TSchema extends z.ZodTypeAny = never>(
   };
 
   return {
-    fetch: async (req: Request, env: TEnv & DefaultEnv<TSchema>, ctx: any) => {
+    fetch: async (req: Request, env: TEnv & DefaultEnv<TSchema>, ctx?: any) => {
       // Handle CORS preflight (OPTIONS) requests
       if (corsOptions !== false && req.method === "OPTIONS") {
         const options = corsOptions ?? {};
@@ -281,6 +339,7 @@ export const withRuntime = <TEnv, TSchema extends z.ZodTypeAny = never>(
       }
 
       const bindings = withBindings({
+        authToken: req.headers.get("authorization") ?? null,
         env,
         server,
         bindings: userFns.bindings,

package/src/oauth.ts

@@ -0,0 +1,490 @@
+import type { OAuthClient, OAuthConfig, OAuthParams } from "./tools.ts";
+
+/**
+ * Generate a cryptographically secure random token
+ */
+function generateRandomToken(length = 32): string {
+  const chars =
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+  const array = new Uint8Array(length);
+  crypto.getRandomValues(array);
+  return Array.from(array, (byte) => chars[byte % chars.length]).join("");
+}
+
+/**
+ * Validate redirect URI format per OAuth 2.1
+ */
+function isValidRedirectUri(uri: string): boolean {
+  try {
+    const url = new URL(uri);
+    return (
+      url.protocol === "https:" ||
+      url.hostname === "localhost" ||
+      url.hostname === "127.0.0.1" ||
+      // Allow custom schemes for native apps (e.g., cursor://, vscode://)
+      !url.protocol.startsWith("http")
+    );
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Encode data as base64url JSON
+ */
+function encodeState<T>(data: T): string {
+  return btoa(JSON.stringify(data))
+    .replace(/\+/g, "-")
+    .replace(/\//g, "_")
+    .replace(/=+$/, "");
+}
+
+/**
+ * Decode base64url JSON data
+ */
+function decodeState<T>(encoded: string): T | null {
+  try {
+    const base64 = encoded.replace(/-/g, "+").replace(/_/g, "/");
+    return JSON.parse(atob(base64)) as T;
+  } catch {
+    return null;
+  }
+}
+
+interface PendingAuthState {
+  redirectUri: string;
+  clientState?: string;
+  codeChallenge?: string;
+  codeChallengeMethod?: string;
+}
+
+interface CodePayload {
+  accessToken: string;
+  tokenType: string;
+  codeChallenge?: string;
+  codeChallengeMethod?: string;
+}
+
+/**
+ * Create OAuth endpoint handlers for MCP servers
+ * The MCP server acts as an OAuth Authorization Server proxy
+ * Stateless implementation - no persistence required
+ * Per MCP Authorization spec: https://modelcontextprotocol.io/specification/draft/basic/authorization
+ */
+export function createOAuthHandlers(oauth: OAuthConfig) {
+  /**
+   * Build OAuth 2.0 Protected Resource Metadata (RFC9728)
+   * Points to THIS server as the authorization server
+   */
+  const handleProtectedResourceMetadata = (req: Request): Response => {
+    const url = new URL(req.url);
+    const resourceUrl = `${url.origin}/mcp`;
+
+    return Response.json({
+      resource: resourceUrl,
+      // Point to ourselves - we are the authorization server proxy
+      authorization_servers: [url.origin],
+      scopes_supported: ["*"],
+      bearer_methods_supported: ["header"],
+      resource_signing_alg_values_supported: ["RS256", "none"],
+    });
+  };
+
+  /**
+   * Build OAuth 2.0 Authorization Server Metadata (RFC8414)
+   * Exposes our endpoints for authorization, token exchange, and registration
+   */
+  const handleAuthorizationServerMetadata = (req: Request): Response => {
+    const url = new URL(req.url);
+    const baseUrl = url.origin;
+
+    return Response.json({
+      issuer: baseUrl,
+      authorization_endpoint: `${baseUrl}/authorize`,
+      token_endpoint: `${baseUrl}/token`,
+      registration_endpoint: `${baseUrl}/register`,
+      scopes_supported: ["*"],
+      response_types_supported: ["code"],
+      response_modes_supported: ["query"],
+      grant_types_supported: ["authorization_code", "refresh_token"],
+      token_endpoint_auth_methods_supported: ["none", "client_secret_post"],
+      code_challenge_methods_supported: ["S256", "plain"],
+    });
+  };
+
+  /**
+   * Handle authorization request - redirects to external OAuth provider
+   * Stateless: encodes all needed info in the state parameter
+   */
+  const handleAuthorize = (req: Request): Response => {
+    const url = new URL(req.url);
+    const redirectUri = url.searchParams.get("redirect_uri");
+    const responseType = url.searchParams.get("response_type");
+    const clientState = url.searchParams.get("state");
+    const codeChallenge = url.searchParams.get("code_challenge");
+    const codeChallengeMethod = url.searchParams.get("code_challenge_method");
+
+    // Validate required params
+    if (!redirectUri) {
+      return Response.json(
+        {
+          error: "invalid_request",
+          error_description: "redirect_uri required",
+        },
+        { status: 400 },
+      );
+    }
+
+    if (responseType !== "code") {
+      return Response.json(
+        {
+          error: "unsupported_response_type",
+          error_description: "Only 'code' is supported",
+        },
+        { status: 400 },
+      );
+    }
+
+    // Encode pending auth state
+    const pendingState: PendingAuthState = {
+      redirectUri,
+      clientState: clientState ?? undefined,
+      codeChallenge: codeChallenge ?? undefined,
+      codeChallengeMethod: codeChallengeMethod ?? undefined,
+    };
+    const encodedState = encodeState(pendingState);
+
+    // Build callback URL pointing to our internal callback
+    const callbackUrl = new URL(`${url.origin}/oauth/callback`);
+    callbackUrl.searchParams.set("state", encodedState);
+
+    // Get the external authorization URL from the config
+    const externalAuthUrl = oauth.authorizationUrl(callbackUrl.toString());
+
+    // Redirect to external OAuth provider
+    return Response.redirect(externalAuthUrl, 302);
+  };
+
+  /**
+   * Handle OAuth callback from external provider
+   * Stateless: decodes state to get redirect info, encodes token in code
+   */
+  const handleOAuthCallback = async (req: Request): Promise<Response> => {
+    const url = new URL(req.url);
+    const code = url.searchParams.get("code");
+    const encodedState = url.searchParams.get("state");
+    const error = url.searchParams.get("error");
+
+    // Decode state
+    const pending = encodedState
+      ? decodeState<PendingAuthState>(encodedState)
+      : null;
+
+    if (error) {
+      const errorDescription =
+        url.searchParams.get("error_description") ?? "Authorization failed";
+      if (pending?.redirectUri) {
+        const redirectUrl = new URL(pending.redirectUri);
+        redirectUrl.searchParams.set("error", error);
+        redirectUrl.searchParams.set("error_description", errorDescription);
+        if (pending.clientState)
+          redirectUrl.searchParams.set("state", pending.clientState);
+        return Response.redirect(redirectUrl.toString(), 302);
+      }
+      return Response.json(
+        { error, error_description: errorDescription },
+        { status: 400 },
+      );
+    }
+
+    if (!code || !pending) {
+      return Response.json(
+        {
+          error: "invalid_request",
+          error_description: "Missing code or state",
+        },
+        { status: 400 },
+      );
+    }
+
+    try {
+      // Exchange code with external provider
+      const oauthParams: OAuthParams = { code };
+      const tokenResponse = await oauth.exchangeCode(oauthParams);
+
+      // Encode the token in our own code (stateless)
+      const codePayload: CodePayload = {
+        accessToken: tokenResponse.access_token,
+        tokenType: tokenResponse.token_type,
+        codeChallenge: pending.codeChallenge,
+        codeChallengeMethod: pending.codeChallengeMethod,
+      };
+      const ourCode = encodeState(codePayload);
+
+      // Redirect back to client with our code
+      const redirectUrl = new URL(pending.redirectUri);
+      redirectUrl.searchParams.set("code", ourCode);
+      if (pending.clientState) {
+        redirectUrl.searchParams.set("state", pending.clientState);
+      }
+
+      return Response.redirect(redirectUrl.toString(), 302);
+    } catch (err) {
+      console.error("OAuth callback error:", err);
+
+      // Redirect back to client with error
+      const redirectUrl = new URL(pending.redirectUri);
+      redirectUrl.searchParams.set("error", "server_error");
+      redirectUrl.searchParams.set(
+        "error_description",
+        "Failed to exchange authorization code",
+      );
+      if (pending.clientState)
+        redirectUrl.searchParams.set("state", pending.clientState);
+
+      return Response.redirect(redirectUrl.toString(), 302);
+    }
+  };
+
+  /**
+   * Handle token exchange - decodes our code to get the actual token
+   * Stateless: token is encoded in the code
+   */
+  const handleToken = async (req: Request): Promise<Response> => {
+    try {
+      const contentType = req.headers.get("content-type") ?? "";
+      let body: Record<string, string>;
+
+      if (contentType.includes("application/x-www-form-urlencoded")) {
+        const formData = await req.formData();
+        body = Object.fromEntries(formData.entries()) as Record<string, string>;
+      } else {
+        body = await req.json();
+      }
+
+      const { code, code_verifier, grant_type } = body;
+
+      if (grant_type !== "authorization_code") {
+        return Response.json(
+          {
+            error: "unsupported_grant_type",
+            error_description: "Only authorization_code supported",
+          },
+          { status: 400 },
+        );
+      }
+
+      if (!code) {
+        return Response.json(
+          { error: "invalid_request", error_description: "code is required" },
+          { status: 400 },
+        );
+      }
+
+      // Decode the code to get the token
+      const payload = decodeState<CodePayload>(code);
+      if (!payload || !payload.accessToken) {
+        return Response.json(
+          {
+            error: "invalid_grant",
+            error_description: "Invalid or expired code",
+          },
+          { status: 400 },
+        );
+      }
+
+      // Verify PKCE if code challenge was provided
+      if (payload.codeChallenge) {
+        if (!code_verifier) {
+          return Response.json(
+            {
+              error: "invalid_grant",
+              error_description: "code_verifier required",
+            },
+            { status: 400 },
+          );
+        }
+
+        // Verify the code verifier
+        let computedChallenge: string;
+        if (payload.codeChallengeMethod === "S256") {
+          const encoder = new TextEncoder();
+          const data = encoder.encode(code_verifier);
+          const hash = await crypto.subtle.digest("SHA-256", data);
+          computedChallenge = btoa(String.fromCharCode(...new Uint8Array(hash)))
+            .replace(/\+/g, "-")
+            .replace(/\//g, "_")
+            .replace(/=+$/, "");
+        } else {
+          computedChallenge = code_verifier;
+        }
+
+        if (computedChallenge !== payload.codeChallenge) {
+          return Response.json(
+            {
+              error: "invalid_grant",
+              error_description: "Invalid code_verifier",
+            },
+            { status: 400 },
+          );
+        }
+      }
+
+      // Return the actual token
+      return Response.json(
+        {
+          access_token: payload.accessToken,
+          token_type: payload.tokenType,
+        },
+        {
+          headers: {
+            "Cache-Control": "no-store",
+            Pragma: "no-cache",
+          },
+        },
+      );
+    } catch (err) {
+      console.error("Token exchange error:", err);
+      return Response.json(
+        {
+          error: "server_error",
+          error_description: "Failed to process token request",
+        },
+        { status: 500 },
+      );
+    }
+  };
+
+  /**
+   * Handle dynamic client registration (RFC7591)
+   * Stateless: just generates a client_id and returns it, no storage needed
+   */
+  const handleClientRegistration = async (req: Request): Promise<Response> => {
+    try {
+      const body = (await req.json()) as {
+        redirect_uris?: string[];
+        client_name?: string;
+        grant_types?: string[];
+        response_types?: string[];
+        token_endpoint_auth_method?: string;
+        scope?: string;
+        client_uri?: string;
+      };
+
+      // Validate redirect URIs
+      if (!body.redirect_uris || body.redirect_uris.length === 0) {
+        return Response.json(
+          {
+            error: "invalid_redirect_uri",
+            error_description: "At least one redirect_uri is required",
+          },
+          { status: 400 },
+        );
+      }
+
+      for (const uri of body.redirect_uris) {
+        if (!isValidRedirectUri(uri)) {
+          return Response.json(
+            {
+              error: "invalid_redirect_uri",
+              error_description: `Invalid redirect URI: ${uri}`,
+            },
+            { status: 400 },
+          );
+        }
+      }
+
+      const clientId = generateRandomToken(32);
+      const clientSecret =
+        body.token_endpoint_auth_method !== "none"
+          ? generateRandomToken(32)
+          : undefined;
+      const now = Math.floor(Date.now() / 1000);
+
+      const client: OAuthClient = {
+        client_id: clientId,
+        client_secret: clientSecret,
+        client_name: body.client_name,
+        redirect_uris: body.redirect_uris,
+        grant_types: body.grant_types ?? ["authorization_code"],
+        response_types: body.response_types ?? ["code"],
+        token_endpoint_auth_method:
+          body.token_endpoint_auth_method ?? "client_secret_post",
+        scope: body.scope,
+        client_id_issued_at: now,
+        client_secret_expires_at: 0,
+      };
+
+      // Save client if persistence is provided
+      if (oauth.persistence) {
+        await oauth.persistence.saveClient(client);
+      }
+
+      return new Response(JSON.stringify(client), {
+        status: 201,
+        headers: {
+          "Content-Type": "application/json",
+          "Cache-Control": "no-store",
+          Pragma: "no-cache",
+        },
+      });
+    } catch (err) {
+      console.error("Client registration error:", err);
+      return Response.json(
+        {
+          error: "invalid_client_metadata",
+          error_description: "Invalid client registration request",
+        },
+        { status: 400 },
+      );
+    }
+  };
+
+  /**
+   * Return 401 with WWW-Authenticate header for unauthenticated MCP requests
+   * Per MCP spec: MUST include resource_metadata URL
+   */
+  const createUnauthorizedResponse = (req: Request): Response => {
+    const url = new URL(req.url);
+    const resourceMetadataUrl = `${url.origin}/.well-known/oauth-protected-resource`;
+    const wwwAuthenticateValue = `Bearer resource_metadata="${resourceMetadataUrl}", scope="*"`;
+
+    return Response.json(
+      {
+        jsonrpc: "2.0",
+        error: {
+          code: -32000,
+          message: "Unauthorized: Authentication required",
+        },
+        id: null,
+      },
+      {
+        status: 401,
+        headers: {
+          "WWW-Authenticate": wwwAuthenticateValue,
+          "Access-Control-Expose-Headers": "WWW-Authenticate",
+        },
+      },
+    );
+  };
+
+  /**
+   * Check if request has authentication token
+   */
+  const hasAuth = (req: Request): boolean => {
+    const authHeader = req.headers.get("Authorization");
+    const meshToken = req.headers.get("x-mesh-token");
+    return !!(authHeader || meshToken);
+  };
+
+  return {
+    handleProtectedResourceMetadata,
+    handleAuthorizationServerMetadata,
+    handleAuthorize,
+    handleOAuthCallback,
+    handleToken,
+    handleClientRegistration,
+    createUnauthorizedResponse,
+    hasAuth,
+  };
+}

package/src/proxy.ts

@@ -1,157 +1 @@
-/* oxlint-disable no-explicit-any */
-import { convertJsonSchemaToZod } from "zod-from-json-schema";
-import { MCPConnection } from "./connection.ts";
-import { createServerClient } from "./mcp-client.ts";
-import type { CreateStubAPIOptions } from "./mcp.ts";
-
-const safeParse = (content: string) => {
-  try {
-    return JSON.parse(content as string);
-  } catch {
-    return content;
-  }
-};
-
-const toolsMap = new Map<
-  string,
-  Promise<
-    Array<{
-      name: string;
-      inputSchema: any;
-      outputSchema?: any;
-      description: string;
-    }>
-  >
->();
-
-/**
- * The base fetcher used to fetch the MCP from API.
- */
-export function createMCPClientProxy<T extends Record<string, unknown>>(
-  options: CreateStubAPIOptions,
-): T {
-  const connection: MCPConnection = options.connection;
-
-  return new Proxy<T>({} as T, {
-    get(_, name) {
-      if (name === "toJSON") {
-        return null;
-      }
-      if (typeof name !== "string") {
-        throw new Error("Name must be a string");
-      }
-      async function callToolFn(args: unknown) {
-        const debugId = options?.debugId?.();
-        const extraHeaders = debugId
-          ? { "x-trace-debug-id": debugId }
-          : undefined;
-
-        // Create a connection with the tool name in the URL path for better logging
-        // Only modify connections that have a URL property (HTTP, SSE, Websocket)
-        // Use automatic detection based on URL, with optional override
-
-        const { client, callStreamableTool } = await createServerClient(
-          { connection },
-          undefined,
-          extraHeaders,
-        );
-
-        if (options?.streamable?.[String(name)]) {
-          return callStreamableTool(String(name), args);
-        }
-
-        const { structuredContent, isError, content } = await client.callTool(
-          {
-            name: String(name),
-            arguments: args as Record<string, unknown>,
-          },
-          undefined,
-          {
-            timeout: 3000000,
-          },
-        );
-
-        if (isError) {
-          // @ts-expect-error - content is not typed
-          const maybeErrorMessage = content?.[0]?.text;
-          const error =
-            typeof maybeErrorMessage === "string"
-              ? safeParse(maybeErrorMessage)
-              : null;
-
-          const throwableError =
-            error?.code && typeof options?.getErrorByStatusCode === "function"
-              ? options.getErrorByStatusCode(
-                  error.code,
-                  error.message,
-                  error.traceId,
-                )
-              : null;
-
-          if (throwableError) {
-            throw throwableError;
-          }
-
-          throw new Error(
-            `Tool ${String(name)} returned an error: ${JSON.stringify(
-              structuredContent ?? content,
-            )}`,
-          );
-        }
-        return structuredContent;
-      }
-
-      const listToolsFn = async () => {
-        const { client } = await createServerClient({ connection });
-        const { tools } = await client.listTools();
-
-        return tools as {
-          name: string;
-          inputSchema: any;
-          outputSchema?: any;
-          description: string;
-        }[];
-      };
-
-      async function listToolsOnce() {
-        const conn = connection;
-        const key = JSON.stringify(conn);
-
-        try {
-          if (!toolsMap.has(key)) {
-            toolsMap.set(key, listToolsFn());
-          }
-
-          return await toolsMap.get(key)!;
-        } catch (error) {
-          console.error("Failed to list tools", error);
-
-          toolsMap.delete(key);
-          return;
-        }
-      }
-      callToolFn.asTool = async () => {
-        const tools = (await listToolsOnce()) ?? [];
-        const tool = tools.find((t) => t.name === name);
-        if (!tool) {
-          throw new Error(`Tool ${name} not found`);
-        }
-
-        return {
-          ...tool,
-          id: tool.name,
-          inputSchema: tool.inputSchema
-            ? convertJsonSchemaToZod(tool.inputSchema)
-            : undefined,
-          outputSchema: tool.outputSchema
-            ? convertJsonSchemaToZod(tool.outputSchema)
-            : undefined,
-          execute: (input: any) => {
-            return callToolFn(input.context);
-          },
-        };
-      };
-      return callToolFn;
-    },
-  });
-}
+export * from "@decocms/bindings/client";

package/src/tools.ts

@@ -149,11 +149,76 @@ export interface OnChangeCallback<TSchema extends z.ZodTypeAny = never> {
   state: z.infer<TSchema>;
   scopes: string[];
 }
+
+export interface OAuthParams {
+  code: string;
+  code_verifier?: string;
+  code_challenge_method?: "S256" | "plain";
+}
+
+export interface OAuthTokenResponse {
+  access_token: string;
+  token_type: string;
+  expires_in?: number;
+  refresh_token?: string;
+  scope?: string;
+  [key: string]: unknown;
+}
+
+/**
+ * OAuth client for dynamic client registration (RFC7591)
+ */
+export interface OAuthClient {
+  client_id: string;
+  client_secret?: string;
+  client_name?: string;
+  redirect_uris: string[];
+  grant_types?: string[];
+  response_types?: string[];
+  token_endpoint_auth_method?: string;
+  scope?: string;
+  client_id_issued_at?: number;
+  client_secret_expires_at?: number;
+}
+
+/**
+ * OAuth configuration for MCP servers implementing PKCE flow
+ * Per MCP Authorization spec: https://modelcontextprotocol.io/specification/draft/basic/authorization
+ */
+export interface OAuthConfig {
+  mode: "PKCE";
+  /**
+   * The external authorization server URL (e.g., "https://openrouter.ai")
+   * Used in protected resource metadata to indicate where clients should authenticate
+   */
+  authorizationServer: string;
+  /**
+   * Generates the authorization URL where users should be redirected
+   * @param callbackUrl - The URL the OAuth provider will redirect back to with the code
+   * @returns The full authorization URL to redirect the user to
+   */
+  authorizationUrl: (callbackUrl: string) => string;
+  /**
+   * Exchanges the authorization code for access tokens
+   * Called when the OAuth callback is received with a code
+   */
+  exchangeCode: (oauthParams: OAuthParams) => Promise<OAuthTokenResponse>;
+  /**
+   * Optional: persistence for dynamic client registration (RFC7591)
+   * If not provided, clients are accepted without validation
+   */
+  persistence?: {
+    getClient: (clientId: string) => Promise<OAuthClient | null>;
+    saveClient: (client: OAuthClient) => Promise<void>;
+  };
+}
+
 export interface CreateMCPServerOptions<
   Env = unknown,
   TSchema extends z.ZodTypeAny = never,
 > {
   before?: (env: Env & DefaultEnv<TSchema>) => Promise<void> | void;
+  oauth?: OAuthConfig;
   configuration?: {
     onChange?: (
       env: Env & DefaultEnv<TSchema>,

package/src/http-client-transport.ts

@@ -1 +0,0 @@
-export { HTTPClientTransport } from "@decocms/bindings/client";

package/src/mcp-client.ts

@@ -1,139 +0,0 @@
-import {
-  Client as BaseClient,
-  ClientOptions,
-} from "@modelcontextprotocol/sdk/client/index.js";
-import {
-  SSEClientTransport,
-  SSEClientTransportOptions,
-} from "@modelcontextprotocol/sdk/client/sse.js";
-import { WebSocketClientTransport } from "@modelcontextprotocol/sdk/client/websocket.js";
-import { RequestOptions } from "@modelcontextprotocol/sdk/shared/protocol.js";
-import {
-  Implementation,
-  ListToolsRequest,
-  ListToolsResultSchema,
-} from "@modelcontextprotocol/sdk/types.js";
-import { MCPConnection } from "./connection.ts";
-import { HTTPClientTransport } from "./http-client-transport.ts";
-
-/**
- * WARNNING: This is a hack to prevent schema compilation errors.
- * More info at: https://github.com/modelcontextprotocol/typescript-sdk/issues/923
- *
- * Make sure to keep this updated with the right version of the SDK.
- * https://github.com/modelcontextprotocol/typescript-sdk/blob/bf817939917277a4c59f2e19e7b44b8dd7ff140c/src/client/index.ts#L480
- */
-class Client extends BaseClient {
-  constructor(_clientInfo: Implementation, options?: ClientOptions) {
-    super(_clientInfo, options);
-  }
-
-  override async listTools(
-    params?: ListToolsRequest["params"],
-    options?: RequestOptions,
-  ) {
-    const result = await this.request(
-      { method: "tools/list", params },
-      ListToolsResultSchema,
-      options,
-    );
-
-    return result;
-  }
-}
-
-export interface ServerClient {
-  client: Client;
-  callStreamableTool: (tool: string, args: unknown) => Promise<Response>;
-}
-export const createServerClient = async (
-  mcpServer: { connection: MCPConnection; name?: string },
-  signal?: AbortSignal,
-  extraHeaders?: Record<string, string>,
-): Promise<ServerClient> => {
-  const transport = createTransport(mcpServer.connection, signal, extraHeaders);
-
-  if (!transport) {
-    throw new Error("Unknown MCP connection type");
-  }
-
-  const client = new Client({
-    name: mcpServer?.name ?? "MCP Client",
-    version: "1.0.0",
-  });
-
-  await client.connect(transport);
-
-  return {
-    client,
-    callStreamableTool: (tool, args) => {
-      if (mcpServer.connection.type !== "HTTP") {
-        throw new Error("HTTP connection required");
-      }
-      return fetch(mcpServer.connection.url + `/call-tool/${tool}`, {
-        method: "POST",
-        redirect: "manual",
-        body: JSON.stringify(args),
-        headers: {
-          ...extraHeaders,
-          Authorization: `Bearer ${mcpServer.connection.token}`,
-        },
-      });
-    },
-  };
-};
-
-export const createTransport = (
-  connection: MCPConnection,
-  signal?: AbortSignal,
-  extraHeaders?: Record<string, string>,
-) => {
-  if (connection.type === "Websocket") {
-    return new WebSocketClientTransport(new URL(connection.url));
-  }
-
-  if (connection.type !== "SSE" && connection.type !== "HTTP") {
-    return null;
-  }
-
-  const authHeaders: Record<string, string> = connection.token
-    ? { authorization: `Bearer ${connection.token}` }
-    : {};
-
-  const headers: Record<string, string> = {
-    ...authHeaders,
-    ...(extraHeaders ?? {}),
-    ...("headers" in connection ? connection.headers || {} : {}),
-  };
-
-  if (connection.type === "SSE") {
-    const config: SSEClientTransportOptions = {
-      requestInit: { headers, signal },
-    };
-
-    if (connection.token) {
-      config.eventSourceInit = {
-        fetch: (req, init) => {
-          return fetch(req, {
-            ...init,
-            headers: {
-              ...headers,
-              Accept: "text/event-stream",
-            },
-            signal,
-          });
-        },
-      };
-    }
-
-    return new SSEClientTransport(new URL(connection.url), config);
-  }
-  return new HTTPClientTransport(new URL(connection.url), {
-    requestInit: {
-      headers,
-      signal,
-      // @ts-ignore - this is a valid option for fetch
-      credentials: "include",
-    },
-  });
-};