@frontmcp/sdk 0.4.1 → 0.5.0

package/src/tool/ui/ui-resource.handler.js

@@ -0,0 +1,129 @@
+"use strict";
+/**
+ * UI Resource Handler
+ *
+ * Handles resources/read requests for ui:// URIs, serving widget HTML
+ * from the ToolUIRegistry.
+ *
+ * Supported URI format:
+ * - ui://widget/{toolName}.html - Static widget HTML (pre-compiled at startup)
+ *
+ * The static widget is registered at server startup for tools with
+ * `servingMode: 'static'`. The widget HTML includes the FrontMCP Bridge
+ * which reads tool output from the platform context at runtime.
+ *
+ * @example
+ * ```typescript
+ * // Client requests widget HTML (OpenAI discovery)
+ * const result = await client.readResource({
+ *   uri: 'ui://widget/get_weather.html'
+ * });
+ *
+ * // Returns pre-compiled widget with FrontMCP Bridge
+ * // Widget reads tool output from window.openai.toolOutput at runtime
+ * ```
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.handleUIResourceRead = handleUIResourceRead;
+exports.createUIResourceHandler = createUIResourceHandler;
+const ui_1 = require("@frontmcp/ui");
+const registry_1 = require("@frontmcp/ui/registry");
+/**
+ * Generate a placeholder widget HTML that reads from window.openai.toolOutput.
+ *
+ * Delegates to @frontmcp/ui's createDefaultBaseTemplate which provides:
+ * - Tailwind CSS with @theme configuration
+ * - Platform polyfills (callTool, detectMcpSession, getToolOutput)
+ * - Polling for toolOutput injection
+ * - Default JSON renderer (data-type-specific renderers are in @frontmcp/ui)
+ *
+ * This is returned when the static widget URI is fetched before the tool is called.
+ * OpenAI caches this HTML, so it must be dynamic (read toolOutput at runtime).
+ *
+ * @param toolName - The name of the tool
+ * @returns HTML string with a dynamic widget that renders toolOutput
+ */
+function generatePlaceholderWidget(toolName) {
+    return (0, ui_1.createDefaultBaseTemplate)({ toolName });
+}
+/**
+ * Handle a UI resource read request
+ *
+ * @param uri - The UI resource URI
+ * @param registry - The ToolUIRegistry containing cached HTML
+ * @param platformType - Optional platform type for dynamic MIME type selection
+ * @returns Handle result with content or error
+ */
+function handleUIResourceRead(uri, registry, platformType) {
+    // Check if this is a UI resource URI
+    if (!(0, registry_1.isUIResourceUri)(uri)) {
+        return { handled: false };
+    }
+    // Get the platform-appropriate MIME type
+    const mimeType = (0, registry_1.getUIResourceMimeType)(platformType);
+    // Try static widget URI (ui://widget/{toolName}.html)
+    // This is used by OpenAI at discovery time
+    const widgetParsed = (0, registry_1.parseWidgetUri)(uri);
+    if (widgetParsed) {
+        // Check for pre-compiled static widget from the developer's template
+        // Static widgets are compiled at server startup for tools with servingMode: 'static'
+        const cachedWidget = registry.getStaticWidget(widgetParsed.toolName);
+        if (cachedWidget) {
+            // Return the developer's actual template (SSR'd React/MDX component)
+            // This template includes the FrontMCP Bridge for runtime data access
+            return {
+                handled: true,
+                result: {
+                    contents: [
+                        {
+                            uri,
+                            mimeType,
+                            text: cachedWidget,
+                        },
+                    ],
+                },
+            };
+        }
+        // Fallback to dynamic placeholder widget if no pre-compiled template.
+        // This is returned when the tool doesn't have a UI template configured
+        // or uses a different serving mode.
+        //
+        // OpenAI caches widget HTML from outputTemplate URI, so we must return
+        // a template that reads from window.openai.toolOutput at runtime.
+        const html = generatePlaceholderWidget(widgetParsed.toolName);
+        return {
+            handled: true,
+            result: {
+                contents: [
+                    {
+                        uri,
+                        mimeType,
+                        text: html,
+                    },
+                ],
+            },
+        };
+    }
+    // Unknown UI resource URI format
+    return {
+        handled: true,
+        error: `Invalid UI resource URI format: ${uri}. Expected: ui://widget/{toolName}.html`,
+    };
+}
+/**
+ * Create a UI resource handler function
+ *
+ * @param options - Handler options
+ * @returns Handler function that can be used in the read-resource flow
+ */
+function createUIResourceHandler(options) {
+    const { registry, onError } = options;
+    return function handleUIResource(uri) {
+        const result = handleUIResourceRead(uri, registry);
+        if (result.handled && result.error && onError) {
+            onError(result.error, uri);
+        }
+        return result;
+    };
+}
+//# sourceMappingURL=ui-resource.handler.js.map

package/src/tool/ui/ui-resource.handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ui-resource.handler.js","sourceRoot":"","sources":["../../../../src/tool/ui/ui-resource.handler.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;;AAkEH,oDAgEC;AAkBD,0DAYC;AA5JD,qCAAyD;AACzD,oDAQ+B;AA0B/B;;;;;;;;;;;;;;GAcG;AACH,SAAS,yBAAyB,CAAC,QAAgB;IACjD,OAAO,IAAA,8BAAyB,EAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;AACjD,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,oBAAoB,CAClC,GAAW,EACX,QAAwB,EACxB,YAA6B;IAE7B,qCAAqC;IACrC,IAAI,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IAED,yCAAyC;IACzC,MAAM,QAAQ,GAAG,IAAA,gCAAqB,EAAC,YAAY,CAAC,CAAC;IAErD,sDAAsD;IACtD,2CAA2C;IAC3C,MAAM,YAAY,GAAG,IAAA,yBAAc,EAAC,GAAG,CAAC,CAAC;IACzC,IAAI,YAAY,EAAE,CAAC;QACjB,qEAAqE;QACrE,qFAAqF;QACrF,MAAM,YAAY,GAAG,QAAQ,CAAC,eAAe,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QACrE,IAAI,YAAY,EAAE,CAAC;YACjB,qEAAqE;YACrE,qEAAqE;YACrE,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE;oBACN,QAAQ,EAAE;wBACR;4BACE,GAAG;4BACH,QAAQ;4BACR,IAAI,EAAE,YAAY;yBACnB;qBACF;iBACF;aACF,CAAC;QACJ,CAAC;QAED,sEAAsE;QACtE,uEAAuE;QACvE,oCAAoC;QACpC,EAAE;QACF,uEAAuE;QACvE,kEAAkE;QAClE,MAAM,IAAI,GAAG,yBAAyB,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QAE9D,OAAO;YACL,OAAO,EAAE,IAAI;YACb,MAAM,EAAE;gBACN,QAAQ,EAAE;oBACR;wBACE,GAAG;wBACH,QAAQ;wBACR,IAAI,EAAE,IAAI;qBACX;iBACF;aACF;SACF,CAAC;IACJ,CAAC;IAED,iCAAiC;IACjC,OAAO;QACL,OAAO,EAAE,IAAI;QACb,KAAK,EAAE,mCAAmC,GAAG,yCAAyC;KACvF,CAAC;AACJ,CAAC;AAYD;;;;;GAKG;AACH,SAAgB,uBAAuB,CAAC,OAAiC;IACvE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAEtC,OAAO,SAAS,gBAAgB,CAAC,GAAW;QAC1C,MAAM,MAAM,GAAG,oBAAoB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAEnD,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,KAAK,IAAI,OAAO,EAAE,CAAC;YAC9C,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC7B,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC","sourcesContent":["/**\n * UI Resource Handler\n *\n * Handles resources/read requests for ui:// URIs, serving widget HTML\n * from the ToolUIRegistry.\n *\n * Supported URI format:\n * - ui://widget/{toolName}.html - Static widget HTML (pre-compiled at startup)\n *\n * The static widget is registered at server startup for tools with\n * `servingMode: 'static'`. The widget HTML includes the FrontMCP Bridge\n * which reads tool output from the platform context at runtime.\n *\n * @example\n * ```typescript\n * // Client requests widget HTML (OpenAI discovery)\n * const result = await client.readResource({\n *   uri: 'ui://widget/get_weather.html'\n * });\n *\n * // Returns pre-compiled widget with FrontMCP Bridge\n * // Widget reads tool output from window.openai.toolOutput at runtime\n * ```\n */\n\nimport type { ReadResourceResult } from '@modelcontextprotocol/sdk/types.js';\nimport type { AIPlatformType } from '../../notification/notification.service';\nimport { createDefaultBaseTemplate } from '@frontmcp/ui';\nimport {\n  type ToolUIRegistry,\n  UI_RESOURCE_SCHEME,\n  isUIResourceUri,\n  isStaticWidgetUri,\n  parseWidgetUri,\n  getUIResourceMimeType,\n  type ParsedWidgetUri,\n} from '@frontmcp/ui/registry';\n\n/**\n * Result of handling a UI resource request\n */\nexport interface UIResourceHandleResult {\n  /** Whether the URI was handled */\n  handled: boolean;\n  /** The resource result if handled successfully */\n  result?: ReadResourceResult;\n  /** Error message if handling failed */\n  error?: string;\n}\n\n/**\n * Options for handling a UI resource read request\n */\nexport interface HandleUIResourceOptions {\n  /** The UI resource URI */\n  uri: string;\n  /** The ToolUIRegistry containing cached HTML */\n  registry: ToolUIRegistry;\n  /** Platform type of the connected client */\n  platformType?: AIPlatformType;\n}\n\n/**\n * Generate a placeholder widget HTML that reads from window.openai.toolOutput.\n *\n * Delegates to @frontmcp/ui's createDefaultBaseTemplate which provides:\n * - Tailwind CSS with @theme configuration\n * - Platform polyfills (callTool, detectMcpSession, getToolOutput)\n * - Polling for toolOutput injection\n * - Default JSON renderer (data-type-specific renderers are in @frontmcp/ui)\n *\n * This is returned when the static widget URI is fetched before the tool is called.\n * OpenAI caches this HTML, so it must be dynamic (read toolOutput at runtime).\n *\n * @param toolName - The name of the tool\n * @returns HTML string with a dynamic widget that renders toolOutput\n */\nfunction generatePlaceholderWidget(toolName: string): string {\n  return createDefaultBaseTemplate({ toolName });\n}\n\n/**\n * Handle a UI resource read request\n *\n * @param uri - The UI resource URI\n * @param registry - The ToolUIRegistry containing cached HTML\n * @param platformType - Optional platform type for dynamic MIME type selection\n * @returns Handle result with content or error\n */\nexport function handleUIResourceRead(\n  uri: string,\n  registry: ToolUIRegistry,\n  platformType?: AIPlatformType,\n): UIResourceHandleResult {\n  // Check if this is a UI resource URI\n  if (!isUIResourceUri(uri)) {\n    return { handled: false };\n  }\n\n  // Get the platform-appropriate MIME type\n  const mimeType = getUIResourceMimeType(platformType);\n\n  // Try static widget URI (ui://widget/{toolName}.html)\n  // This is used by OpenAI at discovery time\n  const widgetParsed = parseWidgetUri(uri);\n  if (widgetParsed) {\n    // Check for pre-compiled static widget from the developer's template\n    // Static widgets are compiled at server startup for tools with servingMode: 'static'\n    const cachedWidget = registry.getStaticWidget(widgetParsed.toolName);\n    if (cachedWidget) {\n      // Return the developer's actual template (SSR'd React/MDX component)\n      // This template includes the FrontMCP Bridge for runtime data access\n      return {\n        handled: true,\n        result: {\n          contents: [\n            {\n              uri,\n              mimeType,\n              text: cachedWidget,\n            },\n          ],\n        },\n      };\n    }\n\n    // Fallback to dynamic placeholder widget if no pre-compiled template.\n    // This is returned when the tool doesn't have a UI template configured\n    // or uses a different serving mode.\n    //\n    // OpenAI caches widget HTML from outputTemplate URI, so we must return\n    // a template that reads from window.openai.toolOutput at runtime.\n    const html = generatePlaceholderWidget(widgetParsed.toolName);\n\n    return {\n      handled: true,\n      result: {\n        contents: [\n          {\n            uri,\n            mimeType,\n            text: html,\n          },\n        ],\n      },\n    };\n  }\n\n  // Unknown UI resource URI format\n  return {\n    handled: true,\n    error: `Invalid UI resource URI format: ${uri}. Expected: ui://widget/{toolName}.html`,\n  };\n}\n\n/**\n * Options for creating a UI resource handler\n */\nexport interface UIResourceHandlerOptions {\n  /** ToolUIRegistry instance */\n  registry: ToolUIRegistry;\n  /** Optional custom error handler */\n  onError?: (error: string, uri: string) => void;\n}\n\n/**\n * Create a UI resource handler function\n *\n * @param options - Handler options\n * @returns Handler function that can be used in the read-resource flow\n */\nexport function createUIResourceHandler(options: UIResourceHandlerOptions) {\n  const { registry, onError } = options;\n\n  return function handleUIResource(uri: string): UIResourceHandleResult {\n    const result = handleUIResourceRead(uri, registry);\n\n    if (result.handled && result.error && onError) {\n      onError(result.error, uri);\n    }\n\n    return result;\n  };\n}\n"]}

package/src/transport/adapters/transport.local.adapter.d.ts

@@ -6,7 +6,7 @@ import { InMemoryEventStore } from '../transport.event-store';
 import { AuthInfo } from '@modelcontextprotocol/sdk/server/auth/types.js';
 import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
 import { SSEServerTransport } from '../legacy/legacy.sse.tranporter';
-import { ZodObject } from 'zod';
+import { ZodType } from 'zod';
 import { FrontMcpLogger, ServerResponse } from '../../common';
 import { Scope } from '../../scope';
 export declare abstract class LocalTransportAdapter<T extends StreamableHTTPServerTransport | SSEServerTransport> {
@@ -26,7 +26,7 @@ export declare abstract class LocalTransportAdapter<T extends StreamableHTTPServ
     constructor(scope: Scope, key: TransportKey, onDispose: () => void, res: ServerResponse);
     abstract createTransport(sessionId: string, response: ServerResponse): T;
     abstract initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;
-    abstract sendElicitRequest<T extends ZodObject<any>>(relatedRequestId: RequestId, message: string, requestedSchema: T): Promise<TypedElicitResult<T>>;
+    abstract sendElicitRequest<T extends ZodType>(relatedRequestId: RequestId, message: string, requestedSchema: T): Promise<TypedElicitResult<T>>;
     abstract handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;
     connectServer(): Promise<void>;
     get newRequestId(): RequestId;

package/src/transport/adapters/transport.local.adapter.js

@@ -27,17 +27,30 @@ class LocalTransportAdapter {
     }
     connectServer() {
         const { info } = this.scope.metadata;
-        // TODO: collect server options from scope
+        // Check if completions capability should be enabled (when prompts or resources are present)
+        const hasPrompts = this.scope.prompts.hasAny();
+        const hasResources = this.scope.resources.hasAny();
+        const hasTools = this.scope.tools.hasAny();
+        const completionsCapability = hasPrompts || hasResources ? { completions: {} } : {};
         const serverOptions = {
             instructions: '',
             capabilities: {
-                tools: {
-                    subscribe: true,
-                    listChanged: true,
-                },
+                ...this.scope.tools.getCapabilities(),
+                ...this.scope.resources.getCapabilities(),
+                ...this.scope.prompts.getCapabilities(),
+                ...completionsCapability,
+                // MCP logging protocol support - allows clients to set log level via logging/setLevel
+                logging: {},
             },
             serverInfo: info,
         };
+        this.logger.info('connectServer: advertising capabilities', {
+            hasTools,
+            hasResources,
+            hasPrompts,
+            capabilities: JSON.stringify(serverOptions.capabilities),
+            serverInfo: JSON.stringify(serverOptions.serverInfo),
+        });
         this.server = new index_js_1.Server(info, serverOptions);
         const handlers = (0, mcp_handlers_1.createMcpHandlers)({
             scope: this.scope,
@@ -46,6 +59,8 @@ class LocalTransportAdapter {
         for (const handler of handlers) {
             this.server.setRequestHandler(handler.requestSchema, handler.handler);
         }
+        // Register server with notification service for server→client notifications
+        this.scope.notifications.registerServer(this.key.sessionId, this.server);
         return this.server.connect(this.transport);
     }
     get newRequestId() {
@@ -53,6 +68,8 @@ class LocalTransportAdapter {
     }
     async destroy(reason) {
         console.log('destroying transporter, reason:', reason);
+        // Unregister server from notification service
+        this.scope.notifications.unregisterServer(this.key.sessionId);
         try {
             // if(!this.transport.closed){
             //   this.transport.close();
@@ -92,11 +109,15 @@ class LocalTransportAdapter {
     }
     ensureAuthInfo(req, transport) {
         const { token, user, session } = req[common_1.ServerRequestTokens.auth];
+        // Session should always exist now (created in session.verify for public mode)
+        // But add defensive fallback for safety in case session is undefined
+        const sessionId = session?.id ?? `fallback:${Date.now()}`;
+        const sessionPayload = session?.payload ?? { protocol: 'streamable-http' };
         req.auth = {
             token,
             user,
-            sessionId: session.id,
-            sessionIdPayload: session.payload,
+            sessionId,
+            sessionIdPayload: sessionPayload,
             scopes: [],
             clientId: user.sub ?? '',
             transport,

package/src/transport/adapters/transport.local.adapter.js.map

@@ -1 +1 @@
-{"version":3,"file":"transport.local.adapter.js","sourceRoot":"","sources":["../../../../src/transport/adapters/transport.local.adapter.ts"],"names":[],"mappings":";;;AAEA,wEAA8E;AAC9E,iEAAkH;AAClH,oEAA4D;AAK5D,yCAAiF;AAEjF,kDAAkD;AAElD,MAAsB,qBAAqB;IAWpB;IACA;IACA;IAZX,MAAM,CAAiB;IACvB,SAAS,CAAI;IACb,UAAU,GAAG,IAAI,0CAAkB,EAAE,CAAC;IACtC,aAAa,GACrB,SAAS,CAAC;IACZ,UAAU,GAAG,CAAC,CAAC;IACf,KAAK,CAAgB;IACrB,MAAM,CAAY;IAElB,YACqB,KAAY,EACZ,GAAiB,EACjB,SAAqB,EACxC,GAAmB;QAHA,UAAK,GAAL,KAAK,CAAO;QACZ,QAAG,GAAH,GAAG,CAAc;QACjB,cAAS,GAAT,SAAS,CAAY;QAGxC,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC1D,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IACpC,CAAC;IAcD,aAAa;QACX,MAAM,EAAC,IAAI,EAAC,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAEnC,0CAA0C;QAC1C,MAAM,aAAa,GAAG;YACpB,YAAY,EAAE,EAAE;YAChB,YAAY,EAAE;gBACZ,KAAK,EAAE;oBACL,SAAS,EAAE,IAAI;oBACf,WAAW,EAAE,IAAI;iBAClB;aACF;YACD,UAAU,EAAE,IAAI;SACjB,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,IAAI,iBAAS,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAG,IAAA,gCAAiB,EAAC;YACjC,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,aAAa;SACd,CAAC,CAAC;QAEH,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,OAAc,CAAC,CAAC;QAC/E,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,MAAe;QAC3B,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,MAAM,CAAC,CAAC;QAEvD,IAAI,CAAC;YACH,8BAA8B;YAC9B,4BAA4B;YAC5B,IAAI;QACN,CAAC;QAAC,MAAM,CAAC;YACP,WAAW;QACb,CAAC;QACD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC,2BAA2B,MAAM,EAAE,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,IAAI,CAAC;gBACH,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC;YACrB,CAAC;YAAC,MAAM,CAAC;gBACP,WAAW;YACb,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,IAAI,CAAC,SAAS,GAAG,MAAM;QAC3B,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC,sCAAsC;YACxD,oCAAoC;YACpC,kDAAkD;YAElD,6CAA6C;YAC7C,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAC,MAAM,EAAE,MAAM,EAAC,EAAE,4BAAiB,EAAE,EAAC,OAAO,EAAE,SAAS,EAAC,CAAC,CAAC;YACrF,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAES,cAAc,CAAC,GAA+B,EAAE,SAAmC;QAC3F,MAAM,EAAC,KAAK,EAAE,IAAI,EAAE,OAAO,EAAC,GAAG,GAAG,CAAC,4BAAmB,CAAC,IAAI,CAAC,CAAC;QAC7D,GAAG,CAAC,IAAI,GAAG;YACT,KAAK;YACL,IAAI;YACJ,SAAS,EAAE,OAAQ,CAAC,EAAE;YACtB,gBAAgB,EAAE,OAAQ,CAAC,OAAO;YAClC,MAAM,EAAE,EAAE;YACV,QAAQ,EAAE,IAAI,CAAC,GAAG,IAAI,EAAE;YACxB,SAAS;SACS,CAAC;QACrB,OAAO,GAAG,CAAC,IAAI,CAAC;IAClB,CAAC;IAED,oBAAoB,CAAC,GAA+B;QAElD,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,EAAC,IAAI,EAAE,OAAO,EAAC,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC;YACvC,IAAI,IAAI,KAAK,CAAC,KAAK,IAAI,OAAO,KAAK,2BAA2B,EAAE,CAAC;gBAC/D,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC1C,OAAO,IAAI,CAAC;YACd,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,MAAM,GAAG,6BAAkB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACxC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAzID,sDAyIC","sourcesContent":["import {AuthenticatedServerRequest} from '../../server/server.types';\nimport {TransportKey, TypedElicitResult} from '../transport.types';\nimport {Server as McpServer} from '@modelcontextprotocol/sdk/server/index.js';\nimport {EmptyResultSchema, ElicitResult, RequestId, ElicitResultSchema} from '@modelcontextprotocol/sdk/types.js';\nimport {InMemoryEventStore} from '../transport.event-store';\nimport {AuthInfo} from '@modelcontextprotocol/sdk/server/auth/types.js';\nimport {StreamableHTTPServerTransport} from '@modelcontextprotocol/sdk/server/streamableHttp.js';\nimport {SSEServerTransport} from '../legacy/legacy.sse.tranporter';\nimport {ZodObject} from 'zod';\nimport {FrontMcpLogger, ServerRequestTokens, ServerResponse} from '../../common';\nimport {Scope} from '../../scope';\nimport {createMcpHandlers} from '../mcp-handlers';\n\nexport abstract class LocalTransportAdapter<T extends StreamableHTTPServerTransport | SSEServerTransport> {\n  protected logger: FrontMcpLogger;\n  protected transport: T;\n  protected eventStore = new InMemoryEventStore();\n  protected elicitHandler: { resolve: (result: ElicitResult) => void; reject: (err: unknown) => void } | undefined =\n    undefined;\n  #requestId = 1;\n  ready: Promise<void>;\n  server: McpServer;\n\n  constructor(\n    protected readonly scope: Scope,\n    protected readonly key: TransportKey,\n    protected readonly onDispose: () => void,\n    res: ServerResponse,\n  ) {\n    this.logger = scope.logger.child('LocalTransportAdapter');\n    this.transport = this.createTransport(key.sessionId, res);\n    this.ready = this.connectServer();\n  }\n\n  abstract createTransport(sessionId: string, response: ServerResponse): T;\n\n  abstract initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;\n\n  abstract sendElicitRequest<T extends ZodObject<any>>(\n    relatedRequestId: RequestId,\n    message: string,\n    requestedSchema: T,\n  ): Promise<TypedElicitResult<T>>;\n\n  abstract handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;\n\n  connectServer() {\n    const {info} = this.scope.metadata;\n\n    // TODO: collect server options from scope\n    const serverOptions = {\n      instructions: '',\n      capabilities: {\n        tools: {\n          subscribe: true,\n          listChanged: true,\n        },\n      },\n      serverInfo: info,\n    };\n    this.server = new McpServer(info, serverOptions);\n    const handlers = createMcpHandlers({\n      scope: this.scope,\n      serverOptions,\n    });\n\n    for (const handler of handlers) {\n      this.server.setRequestHandler(handler.requestSchema, handler.handler as any);\n    }\n    return this.server.connect(this.transport);\n  }\n\n  get newRequestId(): RequestId {\n    return this.#requestId++;\n  }\n\n  async destroy(reason?: string): Promise<void> {\n    console.log('destroying transporter, reason:', reason);\n\n    try {\n      // if(!this.transport.closed){\n      //   this.transport.close();\n      // }\n    } catch {\n      /* empty */\n    }\n    if (reason) {\n      console.warn(`Destroying transporter: ${reason}`);\n    } else {\n      try {\n        this.onDispose?.();\n      } catch {\n        /* empty */\n      }\n    }\n  }\n\n  /**\n   * Ping the connected client for this transport.\n   * Returns true on success, false on timeout/error.\n   */\n  async ping(timeoutMs = 10_000): Promise<boolean> {\n    try {\n      await this.ready; // ensure server.connect(...) finished\n      // Preferred if your SDK exposes it:\n      // await this.server.ping({ timeout: timeoutMs });\n\n      // Works on all versions (low-level request):\n      await this.server.request({method: 'ping'}, EmptyResultSchema, {timeout: timeoutMs});\n      return true;\n    } catch {\n      return false;\n    }\n  }\n\n  protected ensureAuthInfo(req: AuthenticatedServerRequest, transport: LocalTransportAdapter<T>) {\n    const {token, user, session} = req[ServerRequestTokens.auth];\n    req.auth = {\n      token,\n      user,\n      sessionId: session!.id,\n      sessionIdPayload: session!.payload,\n      scopes: [],\n      clientId: user.sub ?? '',\n      transport,\n    } satisfies AuthInfo;\n    return req.auth;\n  }\n\n  handleIfElicitResult(req: AuthenticatedServerRequest): boolean {\n\n    if (!this.elicitHandler) {\n      return false;\n    }\n    if (req.body.error) {\n      const {code, message} = req.body.error;\n      if (code === -32600 && message === 'Elicitation not supported') {\n        this.elicitHandler.reject(req.body.error);\n        return true;\n      }\n      return false;\n    }\n\n    const parsed = ElicitResultSchema.safeParse(req.body?.result);\n    if (parsed.success) {\n      this.elicitHandler.resolve(parsed.data);\n      return true;\n    }\n    return false;\n  }\n}\n"]}
+{"version":3,"file":"transport.local.adapter.js","sourceRoot":"","sources":["../../../../src/transport/adapters/transport.local.adapter.ts"],"names":[],"mappings":";;;AAEA,wEAAgF;AAChF,iEAAoH;AACpH,oEAA8D;AAK9D,yCAAmF;AAEnF,kDAAoD;AAEpD,MAAsB,qBAAqB;IAWpB;IACA;IACA;IAZX,MAAM,CAAiB;IACvB,SAAS,CAAI;IACb,UAAU,GAAG,IAAI,0CAAkB,EAAE,CAAC;IACtC,aAAa,GACrB,SAAS,CAAC;IACZ,UAAU,GAAG,CAAC,CAAC;IACf,KAAK,CAAgB;IACrB,MAAM,CAAY;IAElB,YACqB,KAAY,EACZ,GAAiB,EACjB,SAAqB,EACxC,GAAmB;QAHA,UAAK,GAAL,KAAK,CAAO;QACZ,QAAG,GAAH,GAAG,CAAc;QACjB,cAAS,GAAT,SAAS,CAAY;QAGxC,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC1D,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IACpC,CAAC;IAcD,aAAa;QACX,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAErC,4FAA4F;QAC5F,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QAC/C,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;QAC3C,MAAM,qBAAqB,GAAG,UAAU,IAAI,YAAY,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAEpF,MAAM,aAAa,GAAG;YACpB,YAAY,EAAE,EAAE;YAChB,YAAY,EAAE;gBACZ,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,eAAe,EAAE;gBACrC,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,eAAe,EAAE;gBACzC,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE;gBACvC,GAAG,qBAAqB;gBACxB,sFAAsF;gBACtF,OAAO,EAAE,EAAE;aACZ;YACD,UAAU,EAAE,IAAI;SACjB,CAAC;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE;YAC1D,QAAQ;YACR,YAAY;YACZ,UAAU;YACV,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,YAAY,CAAC;YACxD,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,UAAU,CAAC;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,GAAG,IAAI,iBAAS,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAG,IAAA,gCAAiB,EAAC;YACjC,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,aAAa;SACd,CAAC,CAAC;QAEH,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,OAAc,CAAC,CAAC;QAC/E,CAAC;QAED,4EAA4E;QAC5E,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,MAAe;QAC3B,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,MAAM,CAAC,CAAC;QAEvD,8CAA8C;QAC9C,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAE9D,IAAI,CAAC;YACH,8BAA8B;YAC9B,4BAA4B;YAC5B,IAAI;QACN,CAAC;QAAC,MAAM,CAAC;YACP,WAAW;QACb,CAAC;QACD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC,2BAA2B,MAAM,EAAE,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,IAAI,CAAC;gBACH,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC;YACrB,CAAC;YAAC,MAAM,CAAC;gBACP,WAAW;YACb,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,IAAI,CAAC,SAAS,GAAG,MAAM;QAC3B,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC,sCAAsC;YACxD,oCAAoC;YACpC,kDAAkD;YAElD,6CAA6C;YAC7C,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,4BAAiB,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;YACzF,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAES,cAAc,CAAC,GAA+B,EAAE,SAAmC;QAC3F,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,4BAAmB,CAAC,IAAI,CAAC,CAAC;QAE/D,8EAA8E;QAC9E,qEAAqE;QACrE,MAAM,SAAS,GAAG,OAAO,EAAE,EAAE,IAAI,YAAY,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAC1D,MAAM,cAAc,GAAG,OAAO,EAAE,OAAO,IAAI,EAAE,QAAQ,EAAE,iBAA0B,EAAE,CAAC;QAEpF,GAAG,CAAC,IAAI,GAAG;YACT,KAAK;YACL,IAAI;YACJ,SAAS;YACT,gBAAgB,EAAE,cAAc;YAChC,MAAM,EAAE,EAAE;YACV,QAAQ,EAAE,IAAI,CAAC,GAAG,IAAI,EAAE;YACxB,SAAS;SACS,CAAC;QACrB,OAAO,GAAG,CAAC,IAAI,CAAC;IAClB,CAAC;IAED,oBAAoB,CAAC,GAA+B;QAClD,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC;YACzC,IAAI,IAAI,KAAK,CAAC,KAAK,IAAI,OAAO,KAAK,2BAA2B,EAAE,CAAC;gBAC/D,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC1C,OAAO,IAAI,CAAC;YACd,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,MAAM,GAAG,6BAAkB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACxC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AArKD,sDAqKC","sourcesContent":["import { AuthenticatedServerRequest } from '../../server/server.types';\nimport { TransportKey, TypedElicitResult } from '../transport.types';\nimport { Server as McpServer } from '@modelcontextprotocol/sdk/server/index.js';\nimport { EmptyResultSchema, ElicitResult, RequestId, ElicitResultSchema } from '@modelcontextprotocol/sdk/types.js';\nimport { InMemoryEventStore } from '../transport.event-store';\nimport { AuthInfo } from '@modelcontextprotocol/sdk/server/auth/types.js';\nimport { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';\nimport { SSEServerTransport } from '../legacy/legacy.sse.tranporter';\nimport { ZodType } from 'zod';\nimport { FrontMcpLogger, ServerRequestTokens, ServerResponse } from '../../common';\nimport { Scope } from '../../scope';\nimport { createMcpHandlers } from '../mcp-handlers';\n\nexport abstract class LocalTransportAdapter<T extends StreamableHTTPServerTransport | SSEServerTransport> {\n  protected logger: FrontMcpLogger;\n  protected transport: T;\n  protected eventStore = new InMemoryEventStore();\n  protected elicitHandler: { resolve: (result: ElicitResult) => void; reject: (err: unknown) => void } | undefined =\n    undefined;\n  #requestId = 1;\n  ready: Promise<void>;\n  server: McpServer;\n\n  constructor(\n    protected readonly scope: Scope,\n    protected readonly key: TransportKey,\n    protected readonly onDispose: () => void,\n    res: ServerResponse,\n  ) {\n    this.logger = scope.logger.child('LocalTransportAdapter');\n    this.transport = this.createTransport(key.sessionId, res);\n    this.ready = this.connectServer();\n  }\n\n  abstract createTransport(sessionId: string, response: ServerResponse): T;\n\n  abstract initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;\n\n  abstract sendElicitRequest<T extends ZodType>(\n    relatedRequestId: RequestId,\n    message: string,\n    requestedSchema: T,\n  ): Promise<TypedElicitResult<T>>;\n\n  abstract handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;\n\n  connectServer() {\n    const { info } = this.scope.metadata;\n\n    // Check if completions capability should be enabled (when prompts or resources are present)\n    const hasPrompts = this.scope.prompts.hasAny();\n    const hasResources = this.scope.resources.hasAny();\n    const hasTools = this.scope.tools.hasAny();\n    const completionsCapability = hasPrompts || hasResources ? { completions: {} } : {};\n\n    const serverOptions = {\n      instructions: '',\n      capabilities: {\n        ...this.scope.tools.getCapabilities(),\n        ...this.scope.resources.getCapabilities(),\n        ...this.scope.prompts.getCapabilities(),\n        ...completionsCapability,\n        // MCP logging protocol support - allows clients to set log level via logging/setLevel\n        logging: {},\n      },\n      serverInfo: info,\n    };\n\n    this.logger.info('connectServer: advertising capabilities', {\n      hasTools,\n      hasResources,\n      hasPrompts,\n      capabilities: JSON.stringify(serverOptions.capabilities),\n      serverInfo: JSON.stringify(serverOptions.serverInfo),\n    });\n\n    this.server = new McpServer(info, serverOptions);\n    const handlers = createMcpHandlers({\n      scope: this.scope,\n      serverOptions,\n    });\n\n    for (const handler of handlers) {\n      this.server.setRequestHandler(handler.requestSchema, handler.handler as any);\n    }\n\n    // Register server with notification service for server→client notifications\n    this.scope.notifications.registerServer(this.key.sessionId, this.server);\n\n    return this.server.connect(this.transport);\n  }\n\n  get newRequestId(): RequestId {\n    return this.#requestId++;\n  }\n\n  async destroy(reason?: string): Promise<void> {\n    console.log('destroying transporter, reason:', reason);\n\n    // Unregister server from notification service\n    this.scope.notifications.unregisterServer(this.key.sessionId);\n\n    try {\n      // if(!this.transport.closed){\n      //   this.transport.close();\n      // }\n    } catch {\n      /* empty */\n    }\n    if (reason) {\n      console.warn(`Destroying transporter: ${reason}`);\n    } else {\n      try {\n        this.onDispose?.();\n      } catch {\n        /* empty */\n      }\n    }\n  }\n\n  /**\n   * Ping the connected client for this transport.\n   * Returns true on success, false on timeout/error.\n   */\n  async ping(timeoutMs = 10_000): Promise<boolean> {\n    try {\n      await this.ready; // ensure server.connect(...) finished\n      // Preferred if your SDK exposes it:\n      // await this.server.ping({ timeout: timeoutMs });\n\n      // Works on all versions (low-level request):\n      await this.server.request({ method: 'ping' }, EmptyResultSchema, { timeout: timeoutMs });\n      return true;\n    } catch {\n      return false;\n    }\n  }\n\n  protected ensureAuthInfo(req: AuthenticatedServerRequest, transport: LocalTransportAdapter<T>) {\n    const { token, user, session } = req[ServerRequestTokens.auth];\n\n    // Session should always exist now (created in session.verify for public mode)\n    // But add defensive fallback for safety in case session is undefined\n    const sessionId = session?.id ?? `fallback:${Date.now()}`;\n    const sessionPayload = session?.payload ?? { protocol: 'streamable-http' as const };\n\n    req.auth = {\n      token,\n      user,\n      sessionId,\n      sessionIdPayload: sessionPayload,\n      scopes: [],\n      clientId: user.sub ?? '',\n      transport,\n    } satisfies AuthInfo;\n    return req.auth;\n  }\n\n  handleIfElicitResult(req: AuthenticatedServerRequest): boolean {\n    if (!this.elicitHandler) {\n      return false;\n    }\n    if (req.body.error) {\n      const { code, message } = req.body.error;\n      if (code === -32600 && message === 'Elicitation not supported') {\n        this.elicitHandler.reject(req.body.error);\n        return true;\n      }\n      return false;\n    }\n\n    const parsed = ElicitResultSchema.safeParse(req.body?.result);\n    if (parsed.success) {\n      this.elicitHandler.resolve(parsed.data);\n      return true;\n    }\n    return false;\n  }\n}\n"]}

package/src/transport/adapters/transport.sse.adapter.d.ts

@@ -3,12 +3,12 @@ import { TypedElicitResult } from '../transport.types';
 import { SSEServerTransport } from '../legacy/legacy.sse.tranporter';
 import { LocalTransportAdapter } from './transport.local.adapter';
 import { RequestId } from '@modelcontextprotocol/sdk/types.js';
-import { ZodObject } from 'node_modules/zod/v3/types.cjs';
+import { ZodType } from 'zod';
 import { ServerResponse } from '../../common';
 export declare class TransportSSEAdapter extends LocalTransportAdapter<SSEServerTransport> {
     sessionId: string;
     createTransport(sessionId: string, res: ServerResponse): SSEServerTransport;
     initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;
     handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;
-    sendElicitRequest<T extends ZodObject<any>>(relatedRequestId: RequestId, message: string, requestedSchema: T): Promise<TypedElicitResult<T>>;
+    sendElicitRequest<T extends ZodType>(relatedRequestId: RequestId, message: string, requestedSchema: T): Promise<TypedElicitResult<T>>;
 }

package/src/transport/adapters/transport.sse.adapter.js

@@ -3,8 +3,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.TransportSSEAdapter = void 0;
 const legacy_sse_tranporter_1 = require("../legacy/legacy.sse.tranporter");
 const transport_local_adapter_1 = require("./transport.local.adapter");
+const v4_1 = require("zod/v4");
 const transport_error_1 = require("../transport.error");
-const zod_to_json_schema_1 = require("zod-to-json-schema");
 class TransportSSEAdapter extends transport_local_adapter_1.LocalTransportAdapter {
     sessionId;
     createTransport(sessionId, res) {
@@ -15,7 +15,8 @@ class TransportSSEAdapter extends transport_local_adapter_1.LocalTransportAdapte
             sessionId: sessionId,
         });
         transport.onerror = (error) => {
-            console.error('SSE error:', error);
+            // Use safe logging to avoid Node.js 24 util.inspect bug with Zod errors
+            console.error('SSE error:', error instanceof Error ? error.message : 'Unknown error');
         };
         transport.onclose = this.destroy.bind(this);
         return transport;
@@ -44,7 +45,7 @@ class TransportSSEAdapter extends transport_local_adapter_1.LocalTransportAdapte
         console.log('sendElicitRequest', { relatedRequestId });
         await this.transport.send((0, transport_error_1.rpcRequest)(this.newRequestId, 'elicitation/create', {
             message,
-            requestedSchema: (0, zod_to_json_schema_1.zodToJsonSchema)(requestedSchema),
+            requestedSchema: (0, v4_1.toJSONSchema)(requestedSchema),
         }));
         return new Promise((resolve, reject) => {
             this.elicitHandler = {

package/src/transport/adapters/transport.sse.adapter.js.map

@@ -1 +1 @@
-{"version":3,"file":"transport.sse.adapter.js","sourceRoot":"","sources":["../../../../src/transport/adapters/transport.sse.adapter.ts"],"names":[],"mappings":";;;AAEA,2EAAqE;AACrE,uEAAkE;AAGlE,wDAAgD;AAChD,2DAAqD;AAGrD,MAAa,mBAAoB,SAAQ,+CAAyC;IAChF,SAAS,CAAS;IAET,eAAe,CAAC,SAAiB,EAAE,GAAmB;QAC7D,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;QACrE,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QACtC,MAAM,SAAS,GAAG,IAAI,0CAAkB,CAAC,GAAG,SAAS,UAAU,EAAE,GAAG,EAAE;YACpE,SAAS,EAAE,SAAS;SACrB,CAAC,CAAC;QACH,SAAS,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,EAAE;YAC5B,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QACrC,CAAC,CAAC;QACF,SAAS,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5C,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,UAAU,CAAC,GAA+B,EAAE,GAAmB;QAC7D,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,6BAA6B,CAAC,CAAC;QACrE,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC/B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAA+B,EAAE,GAAmB;QACtE,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAEhD,IAAI,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,sBAAsB,CAAC,CAAC;YAC9D,OAAO;QACT,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,sBAAsB,CAAC,CAAC;YAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,CAAC;QAChF,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,uBAAuB,CAAC,CAAC;YAC/D,OAAO,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,gBAA2B,EAC3B,OAAe,EACf,eAAkB;QAElB,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,EAAE,gBAAgB,EAAE,CAAC,CAAC;QACvD,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CACvB,IAAA,4BAAU,EAAC,IAAI,CAAC,YAAY,EAAE,oBAAoB,EAAE;YAClD,OAAO;YACP,eAAe,EAAE,IAAA,oCAAe,EAAC,eAAsB,CAAC;SACzD,CAAC,CACH,CAAC;QAEF,OAAO,IAAI,OAAO,CAAuB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3D,IAAI,CAAC,aAAa,GAAG;gBACnB,OAAO,EAAE,CAAC,MAAM,EAAE,EAAE;oBAClB,OAAO,CAAC,MAA8B,CAAC,CAAC;oBACxC,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;gBACD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE;oBACd,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;aACF,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAjED,kDAiEC","sourcesContent":["import { AuthenticatedServerRequest } from '../../server/server.types';\nimport { TypedElicitResult } from '../transport.types';\nimport { SSEServerTransport } from '../legacy/legacy.sse.tranporter';\nimport { LocalTransportAdapter } from './transport.local.adapter';\nimport { RequestId } from '@modelcontextprotocol/sdk/types.js';\nimport { ZodObject } from 'node_modules/zod/v3/types.cjs';\nimport { rpcRequest } from '../transport.error';\nimport { zodToJsonSchema } from 'zod-to-json-schema';\nimport { ServerResponse } from '../../common';\n\nexport class TransportSSEAdapter extends LocalTransportAdapter<SSEServerTransport> {\n  sessionId: string;\n\n  override createTransport(sessionId: string, res: ServerResponse): SSEServerTransport {\n    this.sessionId = sessionId;\n    this.logger.info(`new transport session: ${sessionId.slice(0, 40)}`);\n    const scopePath = this.scope.fullPath;\n    const transport = new SSEServerTransport(`${scopePath}/message`, res, {\n      sessionId: sessionId,\n    });\n    transport.onerror = (error) => {\n      console.error('SSE error:', error);\n    };\n    transport.onclose = this.destroy.bind(this);\n    return transport;\n  }\n\n  initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    this.logger.verbose(`[${this.sessionId}] handle initialize request`);\n    this.ensureAuthInfo(req, this);\n    return Promise.resolve();\n  }\n\n  async handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    const authInfo = this.ensureAuthInfo(req, this);\n\n    if (this.handleIfElicitResult(req)) {\n      this.logger.verbose(`[${this.sessionId}] handle get request`);\n      return;\n    }\n    if (req.method === 'GET') {\n      this.logger.verbose(`[${this.sessionId}] handle get request`);\n      return this.transport.handleMessage(req.body, { requestInfo: req, authInfo });\n    } else {\n      this.logger.verbose(`[${this.sessionId}] handle post request`);\n      return this.transport.handlePostMessage(req, res, req.body);\n    }\n  }\n\n  async sendElicitRequest<T extends ZodObject<any>>(\n    relatedRequestId: RequestId,\n    message: string,\n    requestedSchema: T,\n  ): Promise<TypedElicitResult<T>> {\n    console.log('sendElicitRequest', { relatedRequestId });\n    await this.transport.send(\n      rpcRequest(this.newRequestId, 'elicitation/create', {\n        message,\n        requestedSchema: zodToJsonSchema(requestedSchema as any),\n      }),\n    );\n\n    return new Promise<TypedElicitResult<T>>((resolve, reject) => {\n      this.elicitHandler = {\n        resolve: (result) => {\n          resolve(result as TypedElicitResult<T>);\n          this.elicitHandler = undefined;\n        },\n        reject: (err) => {\n          reject(err);\n          this.elicitHandler = undefined;\n        },\n      };\n    });\n  }\n}\n"]}
+{"version":3,"file":"transport.sse.adapter.js","sourceRoot":"","sources":["../../../../src/transport/adapters/transport.sse.adapter.ts"],"names":[],"mappings":";;;AAEA,2EAAqE;AACrE,uEAAkE;AAGlE,+BAAsC;AACtC,wDAAgD;AAGhD,MAAa,mBAAoB,SAAQ,+CAAyC;IAChF,SAAS,CAAS;IAET,eAAe,CAAC,SAAiB,EAAE,GAAmB;QAC7D,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;QACrE,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QACtC,MAAM,SAAS,GAAG,IAAI,0CAAkB,CAAC,GAAG,SAAS,UAAU,EAAE,GAAG,EAAE;YACpE,SAAS,EAAE,SAAS;SACrB,CAAC,CAAC;QACH,SAAS,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,EAAE;YAC5B,wEAAwE;YACxE,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;QACxF,CAAC,CAAC;QACF,SAAS,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5C,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,UAAU,CAAC,GAA+B,EAAE,GAAmB;QAC7D,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,6BAA6B,CAAC,CAAC;QACrE,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC/B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAA+B,EAAE,GAAmB;QACtE,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAEhD,IAAI,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,sBAAsB,CAAC,CAAC;YAC9D,OAAO;QACT,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,sBAAsB,CAAC,CAAC;YAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,CAAC;QAChF,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,uBAAuB,CAAC,CAAC;YAC/D,OAAO,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,gBAA2B,EAC3B,OAAe,EACf,eAAkB;QAElB,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,EAAE,gBAAgB,EAAE,CAAC,CAAC;QACvD,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CACvB,IAAA,4BAAU,EAAC,IAAI,CAAC,YAAY,EAAE,oBAAoB,EAAE;YAClD,OAAO;YACP,eAAe,EAAE,IAAA,iBAAY,EAAC,eAAsB,CAAC;SACtD,CAAC,CACH,CAAC;QAEF,OAAO,IAAI,OAAO,CAAuB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3D,IAAI,CAAC,aAAa,GAAG;gBACnB,OAAO,EAAE,CAAC,MAAM,EAAE,EAAE;oBAClB,OAAO,CAAC,MAA8B,CAAC,CAAC;oBACxC,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;gBACD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE;oBACd,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;aACF,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAlED,kDAkEC","sourcesContent":["import { AuthenticatedServerRequest } from '../../server/server.types';\nimport { TypedElicitResult } from '../transport.types';\nimport { SSEServerTransport } from '../legacy/legacy.sse.tranporter';\nimport { LocalTransportAdapter } from './transport.local.adapter';\nimport { RequestId } from '@modelcontextprotocol/sdk/types.js';\nimport { ZodType } from 'zod';\nimport { toJSONSchema } from 'zod/v4';\nimport { rpcRequest } from '../transport.error';\nimport { ServerResponse } from '../../common';\n\nexport class TransportSSEAdapter extends LocalTransportAdapter<SSEServerTransport> {\n  sessionId: string;\n\n  override createTransport(sessionId: string, res: ServerResponse): SSEServerTransport {\n    this.sessionId = sessionId;\n    this.logger.info(`new transport session: ${sessionId.slice(0, 40)}`);\n    const scopePath = this.scope.fullPath;\n    const transport = new SSEServerTransport(`${scopePath}/message`, res, {\n      sessionId: sessionId,\n    });\n    transport.onerror = (error) => {\n      // Use safe logging to avoid Node.js 24 util.inspect bug with Zod errors\n      console.error('SSE error:', error instanceof Error ? error.message : 'Unknown error');\n    };\n    transport.onclose = this.destroy.bind(this);\n    return transport;\n  }\n\n  initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    this.logger.verbose(`[${this.sessionId}] handle initialize request`);\n    this.ensureAuthInfo(req, this);\n    return Promise.resolve();\n  }\n\n  async handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    const authInfo = this.ensureAuthInfo(req, this);\n\n    if (this.handleIfElicitResult(req)) {\n      this.logger.verbose(`[${this.sessionId}] handle get request`);\n      return;\n    }\n    if (req.method === 'GET') {\n      this.logger.verbose(`[${this.sessionId}] handle get request`);\n      return this.transport.handleMessage(req.body, { requestInfo: req, authInfo });\n    } else {\n      this.logger.verbose(`[${this.sessionId}] handle post request`);\n      return this.transport.handlePostMessage(req, res, req.body);\n    }\n  }\n\n  async sendElicitRequest<T extends ZodType>(\n    relatedRequestId: RequestId,\n    message: string,\n    requestedSchema: T,\n  ): Promise<TypedElicitResult<T>> {\n    console.log('sendElicitRequest', { relatedRequestId });\n    await this.transport.send(\n      rpcRequest(this.newRequestId, 'elicitation/create', {\n        message,\n        requestedSchema: toJSONSchema(requestedSchema as any),\n      }),\n    );\n\n    return new Promise<TypedElicitResult<T>>((resolve, reject) => {\n      this.elicitHandler = {\n        resolve: (result) => {\n          resolve(result as TypedElicitResult<T>);\n          this.elicitHandler = undefined;\n        },\n        reject: (err) => {\n          reject(err);\n          this.elicitHandler = undefined;\n        },\n      };\n    });\n  }\n}\n"]}

package/src/transport/adapters/transport.streamable-http.adapter.d.ts

@@ -1,13 +1,20 @@
 import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
-import { TypedElicitResult } from '../transport.types';
+import { TransportType, TypedElicitResult } from '../transport.types';
 import { AuthenticatedServerRequest } from '../../server/server.types';
 import { LocalTransportAdapter } from './transport.local.adapter';
 import { RequestId } from '@modelcontextprotocol/sdk/types.js';
-import { ZodObject } from 'zod';
+import { ZodType } from 'zod';
 import { ServerResponse } from '../../common';
+/**
+ * Stateless HTTP requests must be able to send multiple initialize calls without
+ * tripping the MCP transport's "already initialized" guard. The upstream SDK
+ * treats any transport with a session ID generator as stateful, so we disable
+ * session generation entirely for stateless transports.
+ */
+export declare const resolveSessionIdGenerator: (transportType: TransportType, sessionId: string) => (() => string) | undefined;
 export declare class TransportStreamableHttpAdapter extends LocalTransportAdapter<StreamableHTTPServerTransport> {
     createTransport(sessionId: string, response: ServerResponse): StreamableHTTPServerTransport;
     initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;
     handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;
-    sendElicitRequest<T extends ZodObject<any>>(relatedRequestId: RequestId, message: string, requestedSchema: T): Promise<TypedElicitResult<T>>;
+    sendElicitRequest<T extends ZodType>(relatedRequestId: RequestId, message: string, requestedSchema: T): Promise<TypedElicitResult<T>>;
 }

package/src/transport/adapters/transport.streamable-http.adapter.js

@@ -1,27 +1,73 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.TransportStreamableHttpAdapter = void 0;
+exports.TransportStreamableHttpAdapter = exports.resolveSessionIdGenerator = void 0;
 const streamableHttp_js_1 = require("@modelcontextprotocol/sdk/server/streamableHttp.js");
 const transport_local_adapter_1 = require("./transport.local.adapter");
-const zod_to_json_schema_1 = require("zod-to-json-schema");
+const v4_1 = require("zod/v4");
 const transport_error_1 = require("../transport.error");
+/**
+ * Stateless HTTP requests must be able to send multiple initialize calls without
+ * tripping the MCP transport's "already initialized" guard. The upstream SDK
+ * treats any transport with a session ID generator as stateful, so we disable
+ * session generation entirely for stateless transports.
+ */
+const resolveSessionIdGenerator = (transportType, sessionId) => {
+    return transportType === 'stateless-http' ? undefined : () => sessionId;
+};
+exports.resolveSessionIdGenerator = resolveSessionIdGenerator;
 class TransportStreamableHttpAdapter extends transport_local_adapter_1.LocalTransportAdapter {
     createTransport(sessionId, response) {
+        const sessionIdGenerator = (0, exports.resolveSessionIdGenerator)(this.key.type, sessionId);
         return new streamableHttp_js_1.StreamableHTTPServerTransport({
-            sessionIdGenerator: () => {
-                return sessionId;
-            },
+            sessionIdGenerator,
             onsessionclosed: () => {
                 // this.destroy();
             },
             onsessioninitialized: (sessionId) => {
-                console.log(`session initialized: ${sessionId.slice(0, 40)}`);
+                if (sessionId) {
+                    console.log(`session initialized: ${sessionId.slice(0, 40)}`);
+                }
+                else {
+                    console.log(`stateless session initialized`);
+                }
             },
-            eventStore: this.eventStore,
+            // Disable eventStore to prevent priming events - Claude.ai's client doesn't handle them
+            // The priming event has empty data with no `event:` type, which violates MCP spec
+            // ("Event types MUST be message") and confuses some clients
+            eventStore: undefined,
         });
     }
     initialize(req, res) {
         this.ensureAuthInfo(req, this);
+        this.logger.info('[StreamableHttpAdapter] initialize() called', {
+            method: req.method,
+            sessionId: this.key.sessionId.slice(0, 30),
+            bodyMethod: req.body?.method,
+        });
+        // Intercept response to log what gets sent back to client
+        const originalWrite = res.write.bind(res);
+        const originalEnd = res.end.bind(res);
+        let responseBody = '';
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        res.write = function (chunk, encodingOrCb, cb) {
+            if (chunk) {
+                responseBody += typeof chunk === 'string' ? chunk : Buffer.isBuffer(chunk) ? chunk.toString() : String(chunk);
+            }
+            return originalWrite.call(this, chunk, encodingOrCb, cb);
+        };
+        const adapter = this;
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        res.end = function (chunk, encodingOrCb, cb) {
+            if (chunk) {
+                responseBody += typeof chunk === 'string' ? chunk : Buffer.isBuffer(chunk) ? chunk.toString() : String(chunk);
+            }
+            adapter.logger.info('[StreamableHttpAdapter] initialize response', {
+                statusCode: res.statusCode,
+                headers: res.getHeaders?.() ?? {},
+                bodyPreview: responseBody.slice(0, 1000),
+            });
+            return originalEnd.call(this, chunk, encodingOrCb, cb);
+        };
         return this.transport.handleRequest(req, res, req.body);
     }
     async handleRequest(req, res) {
@@ -45,7 +91,7 @@ class TransportStreamableHttpAdapter extends transport_local_adapter_1.LocalTran
     async sendElicitRequest(relatedRequestId, message, requestedSchema) {
         await this.transport.send((0, transport_error_1.rpcRequest)(this.newRequestId, 'elicitation/create', {
             message,
-            requestedSchema: (0, zod_to_json_schema_1.zodToJsonSchema)(requestedSchema),
+            requestedSchema: (0, v4_1.toJSONSchema)(requestedSchema),
         }), { relatedRequestId });
         return new Promise((resolve, reject) => {
             this.elicitHandler = {

package/src/transport/adapters/transport.streamable-http.adapter.js.map

@@ -1 +1 @@
-{"version":3,"file":"transport.streamable-http.adapter.js","sourceRoot":"","sources":["../../../../src/transport/adapters/transport.streamable-http.adapter.ts"],"names":[],"mappings":";;;AAAA,0FAAmG;AAGnG,uEAAkE;AAElE,2DAAqD;AAErD,wDAAgD;AAGhD,MAAa,8BAA+B,SAAQ,+CAAoD;IAE7F,eAAe,CAAC,SAAiB,EAAE,QAAwB;QAChE,OAAO,IAAI,iDAA6B,CAAC;YACvC,kBAAkB,EAAE,GAAG,EAAE;gBACvB,OAAO,SAAS,CAAA;YAClB,CAAC;YACD,eAAe,EAAE,GAAG,EAAE;gBACpB,kBAAkB;YACpB,CAAC;YACD,oBAAoB,EAAE,CAAC,SAAS,EAAE,EAAE;gBAClC,OAAO,CAAC,GAAG,CAAC,wBAAwB,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;YAChE,CAAC;YACD,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAC,CAAA;IACN,CAAC;IAED,UAAU,CAAC,GAA+B,EAAE,GAAmB;QAC7D,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC/B,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAA+B,EAAE,GAAmB;QACtE,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC/B,EAAE;QACF,qEAAqE;QACrE,kCAAkC;QAClC,uFAAuF;QACvF,sBAAsB;QACtB,IAAI;QAEJ,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnC,OAAO;YACT,CAAC;YACD,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,gBAA2B,EAC3B,OAAe,EACf,eAAkB;QAElB,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CACvB,IAAA,4BAAU,EAAC,IAAI,CAAC,YAAY,EAAE,oBAAoB,EAAE;YAClD,OAAO;YACP,eAAe,EAAE,IAAA,oCAAe,EAAC,eAAsB,CAAC;SACzD,CAAC,EACF,EAAE,gBAAgB,EAAE,CACrB,CAAC;QAEF,OAAO,IAAI,OAAO,CAAuB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3D,IAAI,CAAC,aAAa,GAAG;gBACnB,OAAO,EAAE,CAAC,MAAM,EAAE,EAAE;oBAClB,OAAO,CAAC,MAA8B,CAAC,CAAC;oBACxC,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;gBACD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE;oBACd,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;aACF,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;CAEF;AApED,wEAoEC","sourcesContent":["import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';\nimport { TypedElicitResult } from '../transport.types';\nimport { AuthenticatedServerRequest } from '../../server/server.types';\nimport { LocalTransportAdapter } from './transport.local.adapter';\nimport { RequestId } from '@modelcontextprotocol/sdk/types.js';\nimport { zodToJsonSchema } from 'zod-to-json-schema';\nimport { ZodObject } from 'zod';\nimport { rpcRequest } from '../transport.error';\nimport { ServerResponse } from '../../common';\n\nexport class TransportStreamableHttpAdapter extends LocalTransportAdapter<StreamableHTTPServerTransport> {\n\n  override createTransport(sessionId: string, response: ServerResponse): StreamableHTTPServerTransport {\n      return new StreamableHTTPServerTransport({\n        sessionIdGenerator: () => {\n          return sessionId\n        },\n        onsessionclosed: () => {\n          // this.destroy();\n        },\n        onsessioninitialized: (sessionId) => {\n          console.log(`session initialized: ${sessionId.slice(0, 40)}`);\n        },\n        eventStore: this.eventStore,\n      })\n  }\n\n  initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    this.ensureAuthInfo(req, this);\n    return this.transport.handleRequest(req, res, req.body);\n  }\n\n  async handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    this.ensureAuthInfo(req, this);\n    //\n    // if ((await this.isInitialized) && isInitializeRequest(req.body)) {\n    //   await this.transport.close();\n    //   this.isInitialized = this.connectStreamableTransport(req.authSession.session!.id);\n    //   await this.ready;\n    // }\n\n    if (req.method === 'GET') {\n      return this.transport.handleRequest(req, res);\n    } else {\n      if (this.handleIfElicitResult(req)) {\n        return;\n      }\n      return this.transport.handleRequest(req, res, req.body);\n    }\n  }\n\n  async sendElicitRequest<T extends ZodObject<any>>(\n    relatedRequestId: RequestId,\n    message: string,\n    requestedSchema: T,\n  ): Promise<TypedElicitResult<T>> {\n    await this.transport.send(\n      rpcRequest(this.newRequestId, 'elicitation/create', {\n        message,\n        requestedSchema: zodToJsonSchema(requestedSchema as any),\n      }),\n      { relatedRequestId },\n    );\n\n    return new Promise<TypedElicitResult<T>>((resolve, reject) => {\n      this.elicitHandler = {\n        resolve: (result) => {\n          resolve(result as TypedElicitResult<T>);\n          this.elicitHandler = undefined;\n        },\n        reject: (err) => {\n          reject(err);\n          this.elicitHandler = undefined;\n        },\n      };\n    });\n  }\n\n}\n"]}
+{"version":3,"file":"transport.streamable-http.adapter.js","sourceRoot":"","sources":["../../../../src/transport/adapters/transport.streamable-http.adapter.ts"],"names":[],"mappings":";;;AAAA,0FAAmG;AAGnG,uEAAkE;AAGlE,+BAAsC;AACtC,wDAAgD;AAGhD;;;;;GAKG;AACI,MAAM,yBAAyB,GAAG,CACvC,aAA4B,EAC5B,SAAiB,EACW,EAAE;IAC9B,OAAO,aAAa,KAAK,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC;AAC1E,CAAC,CAAC;AALW,QAAA,yBAAyB,6BAKpC;AAEF,MAAa,8BAA+B,SAAQ,+CAAoD;IAC7F,eAAe,CAAC,SAAiB,EAAE,QAAwB;QAClE,MAAM,kBAAkB,GAAG,IAAA,iCAAyB,EAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAE/E,OAAO,IAAI,iDAA6B,CAAC;YACvC,kBAAkB;YAClB,eAAe,EAAE,GAAG,EAAE;gBACpB,kBAAkB;YACpB,CAAC;YACD,oBAAoB,EAAE,CAAC,SAAS,EAAE,EAAE;gBAClC,IAAI,SAAS,EAAE,CAAC;oBACd,OAAO,CAAC,GAAG,CAAC,wBAAwB,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;gBAChE,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC;YACD,wFAAwF;YACxF,kFAAkF;YAClF,4DAA4D;YAC5D,UAAU,EAAE,SAAS;SACtB,CAAC,CAAC;IACL,CAAC;IAED,UAAU,CAAC,GAA+B,EAAE,GAAmB;QAC7D,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAE/B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6CAA6C,EAAE;YAC9D,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC1C,UAAU,EAAG,GAAG,CAAC,IAA4B,EAAE,MAAM;SACtD,CAAC,CAAC;QAEH,0DAA0D;QAC1D,MAAM,aAAa,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAqB,CAAC;QAC9D,MAAM,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAmB,CAAC;QACxD,IAAI,YAAY,GAAG,EAAE,CAAC;QAEtB,8DAA8D;QAC9D,GAAG,CAAC,KAAK,GAAG,UAAgC,KAAU,EAAE,YAAkB,EAAE,EAAQ;YAClF,IAAI,KAAK,EAAE,CAAC;gBACV,YAAY,IAAI,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAChH,CAAC;YACD,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;QAC3D,CAAqB,CAAC;QAEtB,MAAM,OAAO,GAAG,IAAI,CAAC;QACrB,8DAA8D;QAC9D,GAAG,CAAC,GAAG,GAAG,UAAgC,KAAW,EAAE,YAAkB,EAAE,EAAQ;YACjF,IAAI,KAAK,EAAE,CAAC;gBACV,YAAY,IAAI,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAChH,CAAC;YACD,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,6CAA6C,EAAE;gBACjE,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,OAAO,EAAE,GAAG,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE;gBACjC,WAAW,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;aACzC,CAAC,CAAC;YACH,OAAO,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;QACzD,CAAmB,CAAC;QAEpB,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAA+B,EAAE,GAAmB;QACtE,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC/B,EAAE;QACF,qEAAqE;QACrE,kCAAkC;QAClC,uFAAuF;QACvF,sBAAsB;QACtB,IAAI;QAEJ,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnC,OAAO;YACT,CAAC;YACD,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,gBAA2B,EAC3B,OAAe,EACf,eAAkB;QAElB,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CACvB,IAAA,4BAAU,EAAC,IAAI,CAAC,YAAY,EAAE,oBAAoB,EAAE;YAClD,OAAO;YACP,eAAe,EAAE,IAAA,iBAAY,EAAC,eAAsB,CAAC;SACtD,CAAC,EACF,EAAE,gBAAgB,EAAE,CACrB,CAAC;QAEF,OAAO,IAAI,OAAO,CAAuB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3D,IAAI,CAAC,aAAa,GAAG;gBACnB,OAAO,EAAE,CAAC,MAAM,EAAE,EAAE;oBAClB,OAAO,CAAC,MAA8B,CAAC,CAAC;oBACxC,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;gBACD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE;oBACd,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;aACF,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AA3GD,wEA2GC","sourcesContent":["import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';\nimport { TransportType, TypedElicitResult } from '../transport.types';\nimport { AuthenticatedServerRequest } from '../../server/server.types';\nimport { LocalTransportAdapter } from './transport.local.adapter';\nimport { RequestId } from '@modelcontextprotocol/sdk/types.js';\nimport { ZodType } from 'zod';\nimport { toJSONSchema } from 'zod/v4';\nimport { rpcRequest } from '../transport.error';\nimport { ServerResponse } from '../../common';\n\n/**\n * Stateless HTTP requests must be able to send multiple initialize calls without\n * tripping the MCP transport's \"already initialized\" guard. The upstream SDK\n * treats any transport with a session ID generator as stateful, so we disable\n * session generation entirely for stateless transports.\n */\nexport const resolveSessionIdGenerator = (\n  transportType: TransportType,\n  sessionId: string,\n): (() => string) | undefined => {\n  return transportType === 'stateless-http' ? undefined : () => sessionId;\n};\n\nexport class TransportStreamableHttpAdapter extends LocalTransportAdapter<StreamableHTTPServerTransport> {\n  override createTransport(sessionId: string, response: ServerResponse): StreamableHTTPServerTransport {\n    const sessionIdGenerator = resolveSessionIdGenerator(this.key.type, sessionId);\n\n    return new StreamableHTTPServerTransport({\n      sessionIdGenerator,\n      onsessionclosed: () => {\n        // this.destroy();\n      },\n      onsessioninitialized: (sessionId) => {\n        if (sessionId) {\n          console.log(`session initialized: ${sessionId.slice(0, 40)}`);\n        } else {\n          console.log(`stateless session initialized`);\n        }\n      },\n      // Disable eventStore to prevent priming events - Claude.ai's client doesn't handle them\n      // The priming event has empty data with no `event:` type, which violates MCP spec\n      // (\"Event types MUST be message\") and confuses some clients\n      eventStore: undefined,\n    });\n  }\n\n  initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    this.ensureAuthInfo(req, this);\n\n    this.logger.info('[StreamableHttpAdapter] initialize() called', {\n      method: req.method,\n      sessionId: this.key.sessionId.slice(0, 30),\n      bodyMethod: (req.body as { method?: string })?.method,\n    });\n\n    // Intercept response to log what gets sent back to client\n    const originalWrite = res.write.bind(res) as typeof res.write;\n    const originalEnd = res.end.bind(res) as typeof res.end;\n    let responseBody = '';\n\n    // eslint-disable-next-line @typescript-eslint/no-explicit-any\n    res.write = function (this: ServerResponse, chunk: any, encodingOrCb?: any, cb?: any): boolean {\n      if (chunk) {\n        responseBody += typeof chunk === 'string' ? chunk : Buffer.isBuffer(chunk) ? chunk.toString() : String(chunk);\n      }\n      return originalWrite.call(this, chunk, encodingOrCb, cb);\n    } as typeof res.write;\n\n    const adapter = this;\n    // eslint-disable-next-line @typescript-eslint/no-explicit-any\n    res.end = function (this: ServerResponse, chunk?: any, encodingOrCb?: any, cb?: any): ServerResponse {\n      if (chunk) {\n        responseBody += typeof chunk === 'string' ? chunk : Buffer.isBuffer(chunk) ? chunk.toString() : String(chunk);\n      }\n      adapter.logger.info('[StreamableHttpAdapter] initialize response', {\n        statusCode: res.statusCode,\n        headers: res.getHeaders?.() ?? {},\n        bodyPreview: responseBody.slice(0, 1000),\n      });\n      return originalEnd.call(this, chunk, encodingOrCb, cb);\n    } as typeof res.end;\n\n    return this.transport.handleRequest(req, res, req.body);\n  }\n\n  async handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    this.ensureAuthInfo(req, this);\n    //\n    // if ((await this.isInitialized) && isInitializeRequest(req.body)) {\n    //   await this.transport.close();\n    //   this.isInitialized = this.connectStreamableTransport(req.authSession.session!.id);\n    //   await this.ready;\n    // }\n\n    if (req.method === 'GET') {\n      return this.transport.handleRequest(req, res);\n    } else {\n      if (this.handleIfElicitResult(req)) {\n        return;\n      }\n      return this.transport.handleRequest(req, res, req.body);\n    }\n  }\n\n  async sendElicitRequest<T extends ZodType>(\n    relatedRequestId: RequestId,\n    message: string,\n    requestedSchema: T,\n  ): Promise<TypedElicitResult<T>> {\n    await this.transport.send(\n      rpcRequest(this.newRequestId, 'elicitation/create', {\n        message,\n        requestedSchema: toJSONSchema(requestedSchema as any),\n      }),\n      { relatedRequestId },\n    );\n\n    return new Promise<TypedElicitResult<T>>((resolve, reject) => {\n      this.elicitHandler = {\n        resolve: (result) => {\n          resolve(result as TypedElicitResult<T>);\n          this.elicitHandler = undefined;\n        },\n        reject: (err) => {\n          reject(err);\n          this.elicitHandler = undefined;\n        },\n      };\n    });\n  }\n}\n"]}

package/src/transport/flows/handle.sse.flow.d.ts

@@ -10,72 +10,38 @@ export declare const stateSchema: z.ZodObject<{
     token: z.ZodString;
     session: z.ZodObject<{
         id: z.ZodString;
-        payload: z.ZodObject<{
+        payload: z.ZodOptional<z.ZodObject<{
             nodeId: z.ZodString;
             authSig: z.ZodString;
             uuid: z.ZodString;
             iat: z.ZodNumber;
-            protocol: z.ZodEnum<["legacy-sse", "sse", "streamable-http", "stateful-http", "stateless-http"]>;
-        }, "strip", z.ZodTypeAny, {
-            uuid: string;
-            nodeId: string;
-            authSig: string;
-            iat: number;
-            protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
-        }, {
-            uuid: string;
-            nodeId: string;
-            authSig: string;
-            iat: number;
-            protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
-        }>;
-    }, "strip", z.ZodTypeAny, {
-        id: string;
-        payload: {
-            uuid: string;
-            nodeId: string;
-            authSig: string;
-            iat: number;
-            protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
-        };
-    }, {
-        id: string;
-        payload: {
-            uuid: string;
-            nodeId: string;
-            authSig: string;
-            iat: number;
-            protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
-        };
-    }>;
-    requestType: z.ZodOptional<z.ZodEnum<["initialize", "message", "elicitResult"]>>;
-}, "strip", z.ZodTypeAny, {
-    session: {
-        id: string;
-        payload: {
-            uuid: string;
-            nodeId: string;
-            authSig: string;
-            iat: number;
-            protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
-        };
-    };
-    token: string;
-    requestType?: "message" | "initialize" | "elicitResult" | undefined;
-}, {
-    session: {
-        id: string;
-        payload: {
-            uuid: string;
-            nodeId: string;
-            authSig: string;
-            iat: number;
-            protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
-        };
-    };
-    token: string;
-    requestType?: "message" | "initialize" | "elicitResult" | undefined;
-}>;
+            protocol: z.ZodOptional<z.ZodEnum<{
+                "legacy-sse": "legacy-sse";
+                sse: "sse";
+                "streamable-http": "streamable-http";
+                "stateful-http": "stateful-http";
+                "stateless-http": "stateless-http";
+            }>>;
+            isPublic: z.ZodOptional<z.ZodBoolean>;
+            platformType: z.ZodOptional<z.ZodEnum<{
+                unknown: "unknown";
+                continue: "continue";
+                openai: "openai";
+                claude: "claude";
+                gemini: "gemini";
+                cursor: "cursor";
+                cody: "cody";
+                "generic-mcp": "generic-mcp";
+                "ext-apps": "ext-apps";
+            }>>;
+        }, z.core.$strip>>;
+    }, z.core.$strip>;
+    requestType: z.ZodOptional<z.ZodEnum<{
+        message: "message";
+        initialize: "initialize";
+        elicitResult: "elicitResult";
+    }>>;
+}, z.core.$strip>;
 declare const name: "handle:legacy-sse";
 declare global {
     interface ExtendFlows {
@@ -83,7 +49,7 @@ declare global {
     }
 }
 export default class HandleSseFlow extends FlowBase<typeof name> {
-    paseInput(): Promise<void>;
+    parseInput(): Promise<void>;
     router(): Promise<void>;
     onInitialize(): Promise<void>;
     onElicitResult(): Promise<void>;