@frontmcp/sdk 0.6.0 → 0.6.2

package/src/tool/ui/ui-resource-template.js

@@ -1,64 +0,0 @@
-"use strict";
-/**
- * UI Resource Template for ui:// URIs
- *
- * Single URI pattern for widget resources:
- *
- * Static Widget URI: ui://widget/{toolName}.html
- *   - Used by OpenAI at discovery/listing time
- *   - Returns the pre-compiled static HTML for the tool
- *   - Widget reads tool output from platform context (e.g., window.openai.toolOutput)
- *
- * The actual read logic is handled by ReadResourceFlow's ui:// interception
- * in read-resource.flow.ts.
- *
- * IMPORTANT: Resources MUST be visible in resources/list for OpenAI ChatGPT
- * to discover and render widgets.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.StaticWidgetResourceTemplate = void 0;
-const resource_decorator_1 = require("../../common/decorators/resource.decorator");
-const template_helpers_1 = require("./template-helpers");
-/**
- * Static Widget Resource Template for OpenAI discovery.
- *
- * URI format: ui://widget/{toolName}.html
- *
- * This is the format OpenAI expects in tools/list _meta.openai/outputTemplate.
- * When OpenAI fetches this resource, we return the pre-compiled static HTML for the tool.
- *
- * The widget includes:
- * - FrontMCP Bridge for reading tool output from platform context
- * - CDN scripts for React/MDX/etc (based on uiType)
- * - Pre-transpiled component embedded in HTML
- *
- * At runtime, the widget reads tool output from:
- * - OpenAI: window.openai.toolOutput
- * - Generic: window.__mcpToolOutput
- */
-exports.StaticWidgetResourceTemplate = (0, resource_decorator_1.resourceTemplate)({
-    name: 'static-widget',
-    description: 'Static widget HTML for tool UI (OpenAI discovery)',
-    uriTemplate: 'ui://widget/{toolName}.html',
-    mimeType: 'text/html+skybridge',
-})((uri, params) => {
-    // This handler should NOT be called because ReadResourceFlow
-    // intercepts ui:// URIs before reaching the resource instance.
-    return {
-        contents: [
-            {
-                uri,
-                mimeType: 'text/html+skybridge',
-                text: `<!DOCTYPE html>
-<html>
-<head><title>Widget Placeholder</title></head>
-<body>
-  <p>Widget for tool: ${(0, template_helpers_1.escapeHtml)(String(params['toolName'] || 'unknown'))}</p>
-  <p>This is a placeholder. The actual widget HTML is served from the ToolUIRegistry cache.</p>
-</body>
-</html>`,
-            },
-        ],
-    };
-});
-//# sourceMappingURL=ui-resource-template.js.map

package/src/tool/ui/ui-resource-template.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ui-resource-template.js","sourceRoot":"","sources":["../../../../src/tool/ui/ui-resource-template.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;;;AAEH,mFAA8E;AAC9E,yDAAgD;AAEhD;;;;;;;;;;;;;;;;GAgBG;AACU,QAAA,4BAA4B,GAAG,IAAA,qCAAgB,EAAC;IAC3D,IAAI,EAAE,eAAe;IACrB,WAAW,EAAE,mDAAmD;IAChE,WAAW,EAAE,6BAA6B;IAC1C,QAAQ,EAAE,qBAAqB;CAChC,CAAC,CAAC,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE;IACjB,6DAA6D;IAC7D,+DAA+D;IAC/D,OAAO;QACL,QAAQ,EAAE;YACR;gBACE,GAAG;gBACH,QAAQ,EAAE,qBAAqB;gBAC/B,IAAI,EAAE;;;;wBAIU,IAAA,6BAAU,EAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC,CAAC;;;QAGnE;aACD;SACF;KACF,CAAC;AACJ,CAAC,CAAC,CAAC","sourcesContent":["/**\n * UI Resource Template for ui:// URIs\n *\n * Single URI pattern for widget resources:\n *\n * Static Widget URI: ui://widget/{toolName}.html\n *   - Used by OpenAI at discovery/listing time\n *   - Returns the pre-compiled static HTML for the tool\n *   - Widget reads tool output from platform context (e.g., window.openai.toolOutput)\n *\n * The actual read logic is handled by ReadResourceFlow's ui:// interception\n * in read-resource.flow.ts.\n *\n * IMPORTANT: Resources MUST be visible in resources/list for OpenAI ChatGPT\n * to discover and render widgets.\n */\n\nimport { resourceTemplate } from '../../common/decorators/resource.decorator';\nimport { escapeHtml } from './template-helpers';\n\n/**\n * Static Widget Resource Template for OpenAI discovery.\n *\n * URI format: ui://widget/{toolName}.html\n *\n * This is the format OpenAI expects in tools/list _meta.openai/outputTemplate.\n * When OpenAI fetches this resource, we return the pre-compiled static HTML for the tool.\n *\n * The widget includes:\n * - FrontMCP Bridge for reading tool output from platform context\n * - CDN scripts for React/MDX/etc (based on uiType)\n * - Pre-transpiled component embedded in HTML\n *\n * At runtime, the widget reads tool output from:\n * - OpenAI: window.openai.toolOutput\n * - Generic: window.__mcpToolOutput\n */\nexport const StaticWidgetResourceTemplate = resourceTemplate({\n  name: 'static-widget',\n  description: 'Static widget HTML for tool UI (OpenAI discovery)',\n  uriTemplate: 'ui://widget/{toolName}.html',\n  mimeType: 'text/html+skybridge',\n})((uri, params) => {\n  // This handler should NOT be called because ReadResourceFlow\n  // intercepts ui:// URIs before reaching the resource instance.\n  return {\n    contents: [\n      {\n        uri,\n        mimeType: 'text/html+skybridge',\n        text: `<!DOCTYPE html>\n<html>\n<head><title>Widget Placeholder</title></head>\n<body>\n  <p>Widget for tool: ${escapeHtml(String(params['toolName'] || 'unknown'))}</p>\n  <p>This is a placeholder. The actual widget HTML is served from the ToolUIRegistry cache.</p>\n</body>\n</html>`,\n      },\n    ],\n  };\n});\n"]}

package/src/tool/ui/ui-resource.handler.js

@@ -1,129 +0,0 @@
-"use strict";
-/**
- * UI Resource Handler
- *
- * Handles resources/read requests for ui:// URIs, serving widget HTML
- * from the ToolUIRegistry.
- *
- * Supported URI format:
- * - ui://widget/{toolName}.html - Static widget HTML (pre-compiled at startup)
- *
- * The static widget is registered at server startup for tools with
- * `servingMode: 'static'`. The widget HTML includes the FrontMCP Bridge
- * which reads tool output from the platform context at runtime.
- *
- * @example
- * ```typescript
- * // Client requests widget HTML (OpenAI discovery)
- * const result = await client.readResource({
- *   uri: 'ui://widget/get_weather.html'
- * });
- *
- * // Returns pre-compiled widget with FrontMCP Bridge
- * // Widget reads tool output from window.openai.toolOutput at runtime
- * ```
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.handleUIResourceRead = handleUIResourceRead;
-exports.createUIResourceHandler = createUIResourceHandler;
-const ui_1 = require("@frontmcp/ui");
-const registry_1 = require("@frontmcp/ui/registry");
-/**
- * Generate a placeholder widget HTML that reads from window.openai.toolOutput.
- *
- * Delegates to @frontmcp/ui's createDefaultBaseTemplate which provides:
- * - Tailwind CSS with @theme configuration
- * - Platform polyfills (callTool, detectMcpSession, getToolOutput)
- * - Polling for toolOutput injection
- * - Default JSON renderer (data-type-specific renderers are in @frontmcp/ui)
- *
- * This is returned when the static widget URI is fetched before the tool is called.
- * OpenAI caches this HTML, so it must be dynamic (read toolOutput at runtime).
- *
- * @param toolName - The name of the tool
- * @returns HTML string with a dynamic widget that renders toolOutput
- */
-function generatePlaceholderWidget(toolName) {
-    return (0, ui_1.createDefaultBaseTemplate)({ toolName });
-}
-/**
- * Handle a UI resource read request
- *
- * @param uri - The UI resource URI
- * @param registry - The ToolUIRegistry containing cached HTML
- * @param platformType - Optional platform type for dynamic MIME type selection
- * @returns Handle result with content or error
- */
-function handleUIResourceRead(uri, registry, platformType) {
-    // Check if this is a UI resource URI
-    if (!(0, registry_1.isUIResourceUri)(uri)) {
-        return { handled: false };
-    }
-    // Get the platform-appropriate MIME type
-    const mimeType = (0, registry_1.getUIResourceMimeType)(platformType);
-    // Try static widget URI (ui://widget/{toolName}.html)
-    // This is used by OpenAI at discovery time
-    const widgetParsed = (0, registry_1.parseWidgetUri)(uri);
-    if (widgetParsed) {
-        // Check for pre-compiled static widget from the developer's template
-        // Static widgets are compiled at server startup for tools with servingMode: 'static'
-        const cachedWidget = registry.getStaticWidget(widgetParsed.toolName);
-        if (cachedWidget) {
-            // Return the developer's actual template (SSR'd React/MDX component)
-            // This template includes the FrontMCP Bridge for runtime data access
-            return {
-                handled: true,
-                result: {
-                    contents: [
-                        {
-                            uri,
-                            mimeType,
-                            text: cachedWidget,
-                        },
-                    ],
-                },
-            };
-        }
-        // Fallback to dynamic placeholder widget if no pre-compiled template.
-        // This is returned when the tool doesn't have a UI template configured
-        // or uses a different serving mode.
-        //
-        // OpenAI caches widget HTML from outputTemplate URI, so we must return
-        // a template that reads from window.openai.toolOutput at runtime.
-        const html = generatePlaceholderWidget(widgetParsed.toolName);
-        return {
-            handled: true,
-            result: {
-                contents: [
-                    {
-                        uri,
-                        mimeType,
-                        text: html,
-                    },
-                ],
-            },
-        };
-    }
-    // Unknown UI resource URI format
-    return {
-        handled: true,
-        error: `Invalid UI resource URI format: ${uri}. Expected: ui://widget/{toolName}.html`,
-    };
-}
-/**
- * Create a UI resource handler function
- *
- * @param options - Handler options
- * @returns Handler function that can be used in the read-resource flow
- */
-function createUIResourceHandler(options) {
-    const { registry, onError } = options;
-    return function handleUIResource(uri) {
-        const result = handleUIResourceRead(uri, registry);
-        if (result.handled && result.error && onError) {
-            onError(result.error, uri);
-        }
-        return result;
-    };
-}
-//# sourceMappingURL=ui-resource.handler.js.map

package/src/tool/ui/ui-resource.handler.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ui-resource.handler.js","sourceRoot":"","sources":["../../../../src/tool/ui/ui-resource.handler.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;;AAkEH,oDAgEC;AAkBD,0DAYC;AA5JD,qCAAyD;AACzD,oDAQ+B;AA0B/B;;;;;;;;;;;;;;GAcG;AACH,SAAS,yBAAyB,CAAC,QAAgB;IACjD,OAAO,IAAA,8BAAyB,EAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;AACjD,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,oBAAoB,CAClC,GAAW,EACX,QAAwB,EACxB,YAA6B;IAE7B,qCAAqC;IACrC,IAAI,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IAED,yCAAyC;IACzC,MAAM,QAAQ,GAAG,IAAA,gCAAqB,EAAC,YAAY,CAAC,CAAC;IAErD,sDAAsD;IACtD,2CAA2C;IAC3C,MAAM,YAAY,GAAG,IAAA,yBAAc,EAAC,GAAG,CAAC,CAAC;IACzC,IAAI,YAAY,EAAE,CAAC;QACjB,qEAAqE;QACrE,qFAAqF;QACrF,MAAM,YAAY,GAAG,QAAQ,CAAC,eAAe,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QACrE,IAAI,YAAY,EAAE,CAAC;YACjB,qEAAqE;YACrE,qEAAqE;YACrE,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE;oBACN,QAAQ,EAAE;wBACR;4BACE,GAAG;4BACH,QAAQ;4BACR,IAAI,EAAE,YAAY;yBACnB;qBACF;iBACF;aACF,CAAC;QACJ,CAAC;QAED,sEAAsE;QACtE,uEAAuE;QACvE,oCAAoC;QACpC,EAAE;QACF,uEAAuE;QACvE,kEAAkE;QAClE,MAAM,IAAI,GAAG,yBAAyB,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QAE9D,OAAO;YACL,OAAO,EAAE,IAAI;YACb,MAAM,EAAE;gBACN,QAAQ,EAAE;oBACR;wBACE,GAAG;wBACH,QAAQ;wBACR,IAAI,EAAE,IAAI;qBACX;iBACF;aACF;SACF,CAAC;IACJ,CAAC;IAED,iCAAiC;IACjC,OAAO;QACL,OAAO,EAAE,IAAI;QACb,KAAK,EAAE,mCAAmC,GAAG,yCAAyC;KACvF,CAAC;AACJ,CAAC;AAYD;;;;;GAKG;AACH,SAAgB,uBAAuB,CAAC,OAAiC;IACvE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAEtC,OAAO,SAAS,gBAAgB,CAAC,GAAW;QAC1C,MAAM,MAAM,GAAG,oBAAoB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAEnD,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,KAAK,IAAI,OAAO,EAAE,CAAC;YAC9C,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC7B,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC","sourcesContent":["/**\n * UI Resource Handler\n *\n * Handles resources/read requests for ui:// URIs, serving widget HTML\n * from the ToolUIRegistry.\n *\n * Supported URI format:\n * - ui://widget/{toolName}.html - Static widget HTML (pre-compiled at startup)\n *\n * The static widget is registered at server startup for tools with\n * `servingMode: 'static'`. The widget HTML includes the FrontMCP Bridge\n * which reads tool output from the platform context at runtime.\n *\n * @example\n * ```typescript\n * // Client requests widget HTML (OpenAI discovery)\n * const result = await client.readResource({\n *   uri: 'ui://widget/get_weather.html'\n * });\n *\n * // Returns pre-compiled widget with FrontMCP Bridge\n * // Widget reads tool output from window.openai.toolOutput at runtime\n * ```\n */\n\nimport type { ReadResourceResult } from '@modelcontextprotocol/sdk/types.js';\nimport type { AIPlatformType } from '../../notification/notification.service';\nimport { createDefaultBaseTemplate } from '@frontmcp/ui';\nimport {\n  type ToolUIRegistry,\n  UI_RESOURCE_SCHEME,\n  isUIResourceUri,\n  isStaticWidgetUri,\n  parseWidgetUri,\n  getUIResourceMimeType,\n  type ParsedWidgetUri,\n} from '@frontmcp/ui/registry';\n\n/**\n * Result of handling a UI resource request\n */\nexport interface UIResourceHandleResult {\n  /** Whether the URI was handled */\n  handled: boolean;\n  /** The resource result if handled successfully */\n  result?: ReadResourceResult;\n  /** Error message if handling failed */\n  error?: string;\n}\n\n/**\n * Options for handling a UI resource read request\n */\nexport interface HandleUIResourceOptions {\n  /** The UI resource URI */\n  uri: string;\n  /** The ToolUIRegistry containing cached HTML */\n  registry: ToolUIRegistry;\n  /** Platform type of the connected client */\n  platformType?: AIPlatformType;\n}\n\n/**\n * Generate a placeholder widget HTML that reads from window.openai.toolOutput.\n *\n * Delegates to @frontmcp/ui's createDefaultBaseTemplate which provides:\n * - Tailwind CSS with @theme configuration\n * - Platform polyfills (callTool, detectMcpSession, getToolOutput)\n * - Polling for toolOutput injection\n * - Default JSON renderer (data-type-specific renderers are in @frontmcp/ui)\n *\n * This is returned when the static widget URI is fetched before the tool is called.\n * OpenAI caches this HTML, so it must be dynamic (read toolOutput at runtime).\n *\n * @param toolName - The name of the tool\n * @returns HTML string with a dynamic widget that renders toolOutput\n */\nfunction generatePlaceholderWidget(toolName: string): string {\n  return createDefaultBaseTemplate({ toolName });\n}\n\n/**\n * Handle a UI resource read request\n *\n * @param uri - The UI resource URI\n * @param registry - The ToolUIRegistry containing cached HTML\n * @param platformType - Optional platform type for dynamic MIME type selection\n * @returns Handle result with content or error\n */\nexport function handleUIResourceRead(\n  uri: string,\n  registry: ToolUIRegistry,\n  platformType?: AIPlatformType,\n): UIResourceHandleResult {\n  // Check if this is a UI resource URI\n  if (!isUIResourceUri(uri)) {\n    return { handled: false };\n  }\n\n  // Get the platform-appropriate MIME type\n  const mimeType = getUIResourceMimeType(platformType);\n\n  // Try static widget URI (ui://widget/{toolName}.html)\n  // This is used by OpenAI at discovery time\n  const widgetParsed = parseWidgetUri(uri);\n  if (widgetParsed) {\n    // Check for pre-compiled static widget from the developer's template\n    // Static widgets are compiled at server startup for tools with servingMode: 'static'\n    const cachedWidget = registry.getStaticWidget(widgetParsed.toolName);\n    if (cachedWidget) {\n      // Return the developer's actual template (SSR'd React/MDX component)\n      // This template includes the FrontMCP Bridge for runtime data access\n      return {\n        handled: true,\n        result: {\n          contents: [\n            {\n              uri,\n              mimeType,\n              text: cachedWidget,\n            },\n          ],\n        },\n      };\n    }\n\n    // Fallback to dynamic placeholder widget if no pre-compiled template.\n    // This is returned when the tool doesn't have a UI template configured\n    // or uses a different serving mode.\n    //\n    // OpenAI caches widget HTML from outputTemplate URI, so we must return\n    // a template that reads from window.openai.toolOutput at runtime.\n    const html = generatePlaceholderWidget(widgetParsed.toolName);\n\n    return {\n      handled: true,\n      result: {\n        contents: [\n          {\n            uri,\n            mimeType,\n            text: html,\n          },\n        ],\n      },\n    };\n  }\n\n  // Unknown UI resource URI format\n  return {\n    handled: true,\n    error: `Invalid UI resource URI format: ${uri}. Expected: ui://widget/{toolName}.html`,\n  };\n}\n\n/**\n * Options for creating a UI resource handler\n */\nexport interface UIResourceHandlerOptions {\n  /** ToolUIRegistry instance */\n  registry: ToolUIRegistry;\n  /** Optional custom error handler */\n  onError?: (error: string, uri: string) => void;\n}\n\n/**\n * Create a UI resource handler function\n *\n * @param options - Handler options\n * @returns Handler function that can be used in the read-resource flow\n */\nexport function createUIResourceHandler(options: UIResourceHandlerOptions) {\n  const { registry, onError } = options;\n\n  return function handleUIResource(uri: string): UIResourceHandleResult {\n    const result = handleUIResourceRead(uri, registry);\n\n    if (result.handled && result.error && onError) {\n      onError(result.error, uri);\n    }\n\n    return result;\n  };\n}\n"]}

package/src/transport/adapters/transport.local.adapter.js

@@ -1,148 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.LocalTransportAdapter = void 0;
-const index_js_1 = require("@modelcontextprotocol/sdk/server/index.js");
-const types_js_1 = require("@modelcontextprotocol/sdk/types.js");
-const transport_event_store_1 = require("../transport.event-store");
-const common_1 = require("../../common");
-const mcp_handlers_1 = require("../mcp-handlers");
-class LocalTransportAdapter {
-    scope;
-    key;
-    onDispose;
-    logger;
-    transport;
-    eventStore = new transport_event_store_1.InMemoryEventStore();
-    elicitHandler = undefined;
-    #requestId = 1;
-    ready;
-    server;
-    constructor(scope, key, onDispose, res) {
-        this.scope = scope;
-        this.key = key;
-        this.onDispose = onDispose;
-        this.logger = scope.logger.child('LocalTransportAdapter');
-        this.transport = this.createTransport(key.sessionId, res);
-        this.ready = this.connectServer();
-    }
-    connectServer() {
-        const { info } = this.scope.metadata;
-        // Check if completions capability should be enabled (when prompts or resources are present)
-        const hasPrompts = this.scope.prompts.hasAny();
-        const hasResources = this.scope.resources.hasAny();
-        const hasTools = this.scope.tools.hasAny();
-        const completionsCapability = hasPrompts || hasResources ? { completions: {} } : {};
-        const serverOptions = {
-            instructions: '',
-            capabilities: {
-                ...this.scope.tools.getCapabilities(),
-                ...this.scope.resources.getCapabilities(),
-                ...this.scope.prompts.getCapabilities(),
-                ...completionsCapability,
-                // MCP logging protocol support - allows clients to set log level via logging/setLevel
-                logging: {},
-            },
-            serverInfo: info,
-        };
-        this.logger.info('connectServer: advertising capabilities', {
-            hasTools,
-            hasResources,
-            hasPrompts,
-            capabilities: JSON.stringify(serverOptions.capabilities),
-            serverInfo: JSON.stringify(serverOptions.serverInfo),
-        });
-        this.server = new index_js_1.Server(info, serverOptions);
-        const handlers = (0, mcp_handlers_1.createMcpHandlers)({
-            scope: this.scope,
-            serverOptions,
-        });
-        for (const handler of handlers) {
-            this.server.setRequestHandler(handler.requestSchema, handler.handler);
-        }
-        // Register server with notification service for server→client notifications
-        this.scope.notifications.registerServer(this.key.sessionId, this.server);
-        return this.server.connect(this.transport);
-    }
-    get newRequestId() {
-        return this.#requestId++;
-    }
-    async destroy(reason) {
-        console.log('destroying transporter, reason:', reason);
-        // Unregister server from notification service
-        this.scope.notifications.unregisterServer(this.key.sessionId);
-        try {
-            // if(!this.transport.closed){
-            //   this.transport.close();
-            // }
-        }
-        catch {
-            /* empty */
-        }
-        if (reason) {
-            console.warn(`Destroying transporter: ${reason}`);
-        }
-        else {
-            try {
-                this.onDispose?.();
-            }
-            catch {
-                /* empty */
-            }
-        }
-    }
-    /**
-     * Ping the connected client for this transport.
-     * Returns true on success, false on timeout/error.
-     */
-    async ping(timeoutMs = 10_000) {
-        try {
-            await this.ready; // ensure server.connect(...) finished
-            // Preferred if your SDK exposes it:
-            // await this.server.ping({ timeout: timeoutMs });
-            // Works on all versions (low-level request):
-            await this.server.request({ method: 'ping' }, types_js_1.EmptyResultSchema, { timeout: timeoutMs });
-            return true;
-        }
-        catch {
-            return false;
-        }
-    }
-    ensureAuthInfo(req, transport) {
-        const { token, user, session } = req[common_1.ServerRequestTokens.auth];
-        // Session should always exist now (created in session.verify for public mode)
-        // But add defensive fallback for safety in case session is undefined
-        const sessionId = session?.id ?? `fallback:${Date.now()}`;
-        const sessionPayload = session?.payload ?? { protocol: 'streamable-http' };
-        req.auth = {
-            token,
-            user,
-            sessionId,
-            sessionIdPayload: sessionPayload,
-            scopes: [],
-            clientId: user.sub ?? '',
-            transport,
-        };
-        return req.auth;
-    }
-    handleIfElicitResult(req) {
-        if (!this.elicitHandler) {
-            return false;
-        }
-        if (req.body.error) {
-            const { code, message } = req.body.error;
-            if (code === -32600 && message === 'Elicitation not supported') {
-                this.elicitHandler.reject(req.body.error);
-                return true;
-            }
-            return false;
-        }
-        const parsed = types_js_1.ElicitResultSchema.safeParse(req.body?.result);
-        if (parsed.success) {
-            this.elicitHandler.resolve(parsed.data);
-            return true;
-        }
-        return false;
-    }
-}
-exports.LocalTransportAdapter = LocalTransportAdapter;
-//# sourceMappingURL=transport.local.adapter.js.map

package/src/transport/adapters/transport.local.adapter.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"transport.local.adapter.js","sourceRoot":"","sources":["../../../../src/transport/adapters/transport.local.adapter.ts"],"names":[],"mappings":";;;AAEA,wEAAgF;AAChF,iEAAoH;AACpH,oEAA8D;AAK9D,yCAAmF;AAEnF,kDAAoD;AAEpD,MAAsB,qBAAqB;IAWpB;IACA;IACA;IAZX,MAAM,CAAiB;IACvB,SAAS,CAAI;IACb,UAAU,GAAG,IAAI,0CAAkB,EAAE,CAAC;IACtC,aAAa,GACrB,SAAS,CAAC;IACZ,UAAU,GAAG,CAAC,CAAC;IACf,KAAK,CAAgB;IACrB,MAAM,CAAY;IAElB,YACqB,KAAY,EACZ,GAAiB,EACjB,SAAqB,EACxC,GAAmB;QAHA,UAAK,GAAL,KAAK,CAAO;QACZ,QAAG,GAAH,GAAG,CAAc;QACjB,cAAS,GAAT,SAAS,CAAY;QAGxC,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC1D,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IACpC,CAAC;IAcD,aAAa;QACX,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAErC,4FAA4F;QAC5F,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QAC/C,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;QAC3C,MAAM,qBAAqB,GAAG,UAAU,IAAI,YAAY,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAEpF,MAAM,aAAa,GAAG;YACpB,YAAY,EAAE,EAAE;YAChB,YAAY,EAAE;gBACZ,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,eAAe,EAAE;gBACrC,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,eAAe,EAAE;gBACzC,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE;gBACvC,GAAG,qBAAqB;gBACxB,sFAAsF;gBACtF,OAAO,EAAE,EAAE;aACZ;YACD,UAAU,EAAE,IAAI;SACjB,CAAC;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE;YAC1D,QAAQ;YACR,YAAY;YACZ,UAAU;YACV,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,YAAY,CAAC;YACxD,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,UAAU,CAAC;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,GAAG,IAAI,iBAAS,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAG,IAAA,gCAAiB,EAAC;YACjC,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,aAAa;SACd,CAAC,CAAC;QAEH,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,OAAc,CAAC,CAAC;QAC/E,CAAC;QAED,4EAA4E;QAC5E,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAEzE,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,UAAU,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,MAAe;QAC3B,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,MAAM,CAAC,CAAC;QAEvD,8CAA8C;QAC9C,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAE9D,IAAI,CAAC;YACH,8BAA8B;YAC9B,4BAA4B;YAC5B,IAAI;QACN,CAAC;QAAC,MAAM,CAAC;YACP,WAAW;QACb,CAAC;QACD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC,2BAA2B,MAAM,EAAE,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,IAAI,CAAC;gBACH,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC;YACrB,CAAC;YAAC,MAAM,CAAC;gBACP,WAAW;YACb,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,IAAI,CAAC,SAAS,GAAG,MAAM;QAC3B,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC,sCAAsC;YACxD,oCAAoC;YACpC,kDAAkD;YAElD,6CAA6C;YAC7C,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,4BAAiB,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;YACzF,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAES,cAAc,CAAC,GAA+B,EAAE,SAAmC;QAC3F,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,4BAAmB,CAAC,IAAI,CAAC,CAAC;QAE/D,8EAA8E;QAC9E,qEAAqE;QACrE,MAAM,SAAS,GAAG,OAAO,EAAE,EAAE,IAAI,YAAY,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAC1D,MAAM,cAAc,GAAG,OAAO,EAAE,OAAO,IAAI,EAAE,QAAQ,EAAE,iBAA0B,EAAE,CAAC;QAEpF,GAAG,CAAC,IAAI,GAAG;YACT,KAAK;YACL,IAAI;YACJ,SAAS;YACT,gBAAgB,EAAE,cAAc;YAChC,MAAM,EAAE,EAAE;YACV,QAAQ,EAAE,IAAI,CAAC,GAAG,IAAI,EAAE;YACxB,SAAS;SACS,CAAC;QACrB,OAAO,GAAG,CAAC,IAAI,CAAC;IAClB,CAAC;IAED,oBAAoB,CAAC,GAA+B;QAClD,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC;YACzC,IAAI,IAAI,KAAK,CAAC,KAAK,IAAI,OAAO,KAAK,2BAA2B,EAAE,CAAC;gBAC/D,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC1C,OAAO,IAAI,CAAC;YACd,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,MAAM,GAAG,6BAAkB,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACxC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AArKD,sDAqKC","sourcesContent":["import { AuthenticatedServerRequest } from '../../server/server.types';\nimport { TransportKey, TypedElicitResult } from '../transport.types';\nimport { Server as McpServer } from '@modelcontextprotocol/sdk/server/index.js';\nimport { EmptyResultSchema, ElicitResult, RequestId, ElicitResultSchema } from '@modelcontextprotocol/sdk/types.js';\nimport { InMemoryEventStore } from '../transport.event-store';\nimport { AuthInfo } from '@modelcontextprotocol/sdk/server/auth/types.js';\nimport { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';\nimport { SSEServerTransport } from '../legacy/legacy.sse.tranporter';\nimport { ZodType } from 'zod';\nimport { FrontMcpLogger, ServerRequestTokens, ServerResponse } from '../../common';\nimport { Scope } from '../../scope';\nimport { createMcpHandlers } from '../mcp-handlers';\n\nexport abstract class LocalTransportAdapter<T extends StreamableHTTPServerTransport | SSEServerTransport> {\n  protected logger: FrontMcpLogger;\n  protected transport: T;\n  protected eventStore = new InMemoryEventStore();\n  protected elicitHandler: { resolve: (result: ElicitResult) => void; reject: (err: unknown) => void } | undefined =\n    undefined;\n  #requestId = 1;\n  ready: Promise<void>;\n  server: McpServer;\n\n  constructor(\n    protected readonly scope: Scope,\n    protected readonly key: TransportKey,\n    protected readonly onDispose: () => void,\n    res: ServerResponse,\n  ) {\n    this.logger = scope.logger.child('LocalTransportAdapter');\n    this.transport = this.createTransport(key.sessionId, res);\n    this.ready = this.connectServer();\n  }\n\n  abstract createTransport(sessionId: string, response: ServerResponse): T;\n\n  abstract initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;\n\n  abstract sendElicitRequest<T extends ZodType>(\n    relatedRequestId: RequestId,\n    message: string,\n    requestedSchema: T,\n  ): Promise<TypedElicitResult<T>>;\n\n  abstract handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void>;\n\n  connectServer() {\n    const { info } = this.scope.metadata;\n\n    // Check if completions capability should be enabled (when prompts or resources are present)\n    const hasPrompts = this.scope.prompts.hasAny();\n    const hasResources = this.scope.resources.hasAny();\n    const hasTools = this.scope.tools.hasAny();\n    const completionsCapability = hasPrompts || hasResources ? { completions: {} } : {};\n\n    const serverOptions = {\n      instructions: '',\n      capabilities: {\n        ...this.scope.tools.getCapabilities(),\n        ...this.scope.resources.getCapabilities(),\n        ...this.scope.prompts.getCapabilities(),\n        ...completionsCapability,\n        // MCP logging protocol support - allows clients to set log level via logging/setLevel\n        logging: {},\n      },\n      serverInfo: info,\n    };\n\n    this.logger.info('connectServer: advertising capabilities', {\n      hasTools,\n      hasResources,\n      hasPrompts,\n      capabilities: JSON.stringify(serverOptions.capabilities),\n      serverInfo: JSON.stringify(serverOptions.serverInfo),\n    });\n\n    this.server = new McpServer(info, serverOptions);\n    const handlers = createMcpHandlers({\n      scope: this.scope,\n      serverOptions,\n    });\n\n    for (const handler of handlers) {\n      this.server.setRequestHandler(handler.requestSchema, handler.handler as any);\n    }\n\n    // Register server with notification service for server→client notifications\n    this.scope.notifications.registerServer(this.key.sessionId, this.server);\n\n    return this.server.connect(this.transport);\n  }\n\n  get newRequestId(): RequestId {\n    return this.#requestId++;\n  }\n\n  async destroy(reason?: string): Promise<void> {\n    console.log('destroying transporter, reason:', reason);\n\n    // Unregister server from notification service\n    this.scope.notifications.unregisterServer(this.key.sessionId);\n\n    try {\n      // if(!this.transport.closed){\n      //   this.transport.close();\n      // }\n    } catch {\n      /* empty */\n    }\n    if (reason) {\n      console.warn(`Destroying transporter: ${reason}`);\n    } else {\n      try {\n        this.onDispose?.();\n      } catch {\n        /* empty */\n      }\n    }\n  }\n\n  /**\n   * Ping the connected client for this transport.\n   * Returns true on success, false on timeout/error.\n   */\n  async ping(timeoutMs = 10_000): Promise<boolean> {\n    try {\n      await this.ready; // ensure server.connect(...) finished\n      // Preferred if your SDK exposes it:\n      // await this.server.ping({ timeout: timeoutMs });\n\n      // Works on all versions (low-level request):\n      await this.server.request({ method: 'ping' }, EmptyResultSchema, { timeout: timeoutMs });\n      return true;\n    } catch {\n      return false;\n    }\n  }\n\n  protected ensureAuthInfo(req: AuthenticatedServerRequest, transport: LocalTransportAdapter<T>) {\n    const { token, user, session } = req[ServerRequestTokens.auth];\n\n    // Session should always exist now (created in session.verify for public mode)\n    // But add defensive fallback for safety in case session is undefined\n    const sessionId = session?.id ?? `fallback:${Date.now()}`;\n    const sessionPayload = session?.payload ?? { protocol: 'streamable-http' as const };\n\n    req.auth = {\n      token,\n      user,\n      sessionId,\n      sessionIdPayload: sessionPayload,\n      scopes: [],\n      clientId: user.sub ?? '',\n      transport,\n    } satisfies AuthInfo;\n    return req.auth;\n  }\n\n  handleIfElicitResult(req: AuthenticatedServerRequest): boolean {\n    if (!this.elicitHandler) {\n      return false;\n    }\n    if (req.body.error) {\n      const { code, message } = req.body.error;\n      if (code === -32600 && message === 'Elicitation not supported') {\n        this.elicitHandler.reject(req.body.error);\n        return true;\n      }\n      return false;\n    }\n\n    const parsed = ElicitResultSchema.safeParse(req.body?.result);\n    if (parsed.success) {\n      this.elicitHandler.resolve(parsed.data);\n      return true;\n    }\n    return false;\n  }\n}\n"]}

package/src/transport/adapters/transport.sse.adapter.js

@@ -1,65 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TransportSSEAdapter = void 0;
-const legacy_sse_tranporter_1 = require("../legacy/legacy.sse.tranporter");
-const transport_local_adapter_1 = require("./transport.local.adapter");
-const v4_1 = require("zod/v4");
-const transport_error_1 = require("../transport.error");
-class TransportSSEAdapter extends transport_local_adapter_1.LocalTransportAdapter {
-    sessionId;
-    createTransport(sessionId, res) {
-        this.sessionId = sessionId;
-        this.logger.info(`new transport session: ${sessionId.slice(0, 40)}`);
-        const scopePath = this.scope.fullPath;
-        const transport = new legacy_sse_tranporter_1.SSEServerTransport(`${scopePath}/message`, res, {
-            sessionId: sessionId,
-        });
-        transport.onerror = (error) => {
-            // Use safe logging to avoid Node.js 24 util.inspect bug with Zod errors
-            console.error('SSE error:', error instanceof Error ? error.message : 'Unknown error');
-        };
-        transport.onclose = this.destroy.bind(this);
-        return transport;
-    }
-    initialize(req, res) {
-        this.logger.verbose(`[${this.sessionId}] handle initialize request`);
-        this.ensureAuthInfo(req, this);
-        return Promise.resolve();
-    }
-    async handleRequest(req, res) {
-        const authInfo = this.ensureAuthInfo(req, this);
-        if (this.handleIfElicitResult(req)) {
-            this.logger.verbose(`[${this.sessionId}] handle get request`);
-            return;
-        }
-        if (req.method === 'GET') {
-            this.logger.verbose(`[${this.sessionId}] handle get request`);
-            return this.transport.handleMessage(req.body, { requestInfo: req, authInfo });
-        }
-        else {
-            this.logger.verbose(`[${this.sessionId}] handle post request`);
-            return this.transport.handlePostMessage(req, res, req.body);
-        }
-    }
-    async sendElicitRequest(relatedRequestId, message, requestedSchema) {
-        console.log('sendElicitRequest', { relatedRequestId });
-        await this.transport.send((0, transport_error_1.rpcRequest)(this.newRequestId, 'elicitation/create', {
-            message,
-            requestedSchema: (0, v4_1.toJSONSchema)(requestedSchema),
-        }));
-        return new Promise((resolve, reject) => {
-            this.elicitHandler = {
-                resolve: (result) => {
-                    resolve(result);
-                    this.elicitHandler = undefined;
-                },
-                reject: (err) => {
-                    reject(err);
-                    this.elicitHandler = undefined;
-                },
-            };
-        });
-    }
-}
-exports.TransportSSEAdapter = TransportSSEAdapter;
-//# sourceMappingURL=transport.sse.adapter.js.map

package/src/transport/adapters/transport.sse.adapter.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"transport.sse.adapter.js","sourceRoot":"","sources":["../../../../src/transport/adapters/transport.sse.adapter.ts"],"names":[],"mappings":";;;AAEA,2EAAqE;AACrE,uEAAkE;AAGlE,+BAAsC;AACtC,wDAAgD;AAGhD,MAAa,mBAAoB,SAAQ,+CAAyC;IAChF,SAAS,CAAS;IAET,eAAe,CAAC,SAAiB,EAAE,GAAmB;QAC7D,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;QACrE,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QACtC,MAAM,SAAS,GAAG,IAAI,0CAAkB,CAAC,GAAG,SAAS,UAAU,EAAE,GAAG,EAAE;YACpE,SAAS,EAAE,SAAS;SACrB,CAAC,CAAC;QACH,SAAS,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,EAAE;YAC5B,wEAAwE;YACxE,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;QACxF,CAAC,CAAC;QACF,SAAS,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5C,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,UAAU,CAAC,GAA+B,EAAE,GAAmB;QAC7D,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,6BAA6B,CAAC,CAAC;QACrE,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC/B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAA+B,EAAE,GAAmB;QACtE,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAEhD,IAAI,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,sBAAsB,CAAC,CAAC;YAC9D,OAAO;QACT,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,sBAAsB,CAAC,CAAC;YAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,CAAC;QAChF,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,SAAS,uBAAuB,CAAC,CAAC;YAC/D,OAAO,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,gBAA2B,EAC3B,OAAe,EACf,eAAkB;QAElB,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,EAAE,gBAAgB,EAAE,CAAC,CAAC;QACvD,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CACvB,IAAA,4BAAU,EAAC,IAAI,CAAC,YAAY,EAAE,oBAAoB,EAAE;YAClD,OAAO;YACP,eAAe,EAAE,IAAA,iBAAY,EAAC,eAAsB,CAAC;SACtD,CAAC,CACH,CAAC;QAEF,OAAO,IAAI,OAAO,CAAuB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3D,IAAI,CAAC,aAAa,GAAG;gBACnB,OAAO,EAAE,CAAC,MAAM,EAAE,EAAE;oBAClB,OAAO,CAAC,MAA8B,CAAC,CAAC;oBACxC,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;gBACD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE;oBACd,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;aACF,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAlED,kDAkEC","sourcesContent":["import { AuthenticatedServerRequest } from '../../server/server.types';\nimport { TypedElicitResult } from '../transport.types';\nimport { SSEServerTransport } from '../legacy/legacy.sse.tranporter';\nimport { LocalTransportAdapter } from './transport.local.adapter';\nimport { RequestId } from '@modelcontextprotocol/sdk/types.js';\nimport { ZodType } from 'zod';\nimport { toJSONSchema } from 'zod/v4';\nimport { rpcRequest } from '../transport.error';\nimport { ServerResponse } from '../../common';\n\nexport class TransportSSEAdapter extends LocalTransportAdapter<SSEServerTransport> {\n  sessionId: string;\n\n  override createTransport(sessionId: string, res: ServerResponse): SSEServerTransport {\n    this.sessionId = sessionId;\n    this.logger.info(`new transport session: ${sessionId.slice(0, 40)}`);\n    const scopePath = this.scope.fullPath;\n    const transport = new SSEServerTransport(`${scopePath}/message`, res, {\n      sessionId: sessionId,\n    });\n    transport.onerror = (error) => {\n      // Use safe logging to avoid Node.js 24 util.inspect bug with Zod errors\n      console.error('SSE error:', error instanceof Error ? error.message : 'Unknown error');\n    };\n    transport.onclose = this.destroy.bind(this);\n    return transport;\n  }\n\n  initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    this.logger.verbose(`[${this.sessionId}] handle initialize request`);\n    this.ensureAuthInfo(req, this);\n    return Promise.resolve();\n  }\n\n  async handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    const authInfo = this.ensureAuthInfo(req, this);\n\n    if (this.handleIfElicitResult(req)) {\n      this.logger.verbose(`[${this.sessionId}] handle get request`);\n      return;\n    }\n    if (req.method === 'GET') {\n      this.logger.verbose(`[${this.sessionId}] handle get request`);\n      return this.transport.handleMessage(req.body, { requestInfo: req, authInfo });\n    } else {\n      this.logger.verbose(`[${this.sessionId}] handle post request`);\n      return this.transport.handlePostMessage(req, res, req.body);\n    }\n  }\n\n  async sendElicitRequest<T extends ZodType>(\n    relatedRequestId: RequestId,\n    message: string,\n    requestedSchema: T,\n  ): Promise<TypedElicitResult<T>> {\n    console.log('sendElicitRequest', { relatedRequestId });\n    await this.transport.send(\n      rpcRequest(this.newRequestId, 'elicitation/create', {\n        message,\n        requestedSchema: toJSONSchema(requestedSchema as any),\n      }),\n    );\n\n    return new Promise<TypedElicitResult<T>>((resolve, reject) => {\n      this.elicitHandler = {\n        resolve: (result) => {\n          resolve(result as TypedElicitResult<T>);\n          this.elicitHandler = undefined;\n        },\n        reject: (err) => {\n          reject(err);\n          this.elicitHandler = undefined;\n        },\n      };\n    });\n  }\n}\n"]}

package/src/transport/adapters/transport.streamable-http.adapter.js

@@ -1,112 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TransportStreamableHttpAdapter = exports.resolveSessionIdGenerator = void 0;
-const streamableHttp_js_1 = require("@modelcontextprotocol/sdk/server/streamableHttp.js");
-const transport_local_adapter_1 = require("./transport.local.adapter");
-const v4_1 = require("zod/v4");
-const transport_error_1 = require("../transport.error");
-/**
- * Stateless HTTP requests must be able to send multiple initialize calls without
- * tripping the MCP transport's "already initialized" guard. The upstream SDK
- * treats any transport with a session ID generator as stateful, so we disable
- * session generation entirely for stateless transports.
- */
-const resolveSessionIdGenerator = (transportType, sessionId) => {
-    return transportType === 'stateless-http' ? undefined : () => sessionId;
-};
-exports.resolveSessionIdGenerator = resolveSessionIdGenerator;
-class TransportStreamableHttpAdapter extends transport_local_adapter_1.LocalTransportAdapter {
-    createTransport(sessionId, response) {
-        const sessionIdGenerator = (0, exports.resolveSessionIdGenerator)(this.key.type, sessionId);
-        return new streamableHttp_js_1.StreamableHTTPServerTransport({
-            sessionIdGenerator,
-            onsessionclosed: () => {
-                // this.destroy();
-            },
-            onsessioninitialized: (sessionId) => {
-                if (sessionId) {
-                    console.log(`session initialized: ${sessionId.slice(0, 40)}`);
-                }
-                else {
-                    console.log(`stateless session initialized`);
-                }
-            },
-            // Disable eventStore to prevent priming events - Claude.ai's client doesn't handle them
-            // The priming event has empty data with no `event:` type, which violates MCP spec
-            // ("Event types MUST be message") and confuses some clients
-            eventStore: undefined,
-        });
-    }
-    initialize(req, res) {
-        this.ensureAuthInfo(req, this);
-        this.logger.info('[StreamableHttpAdapter] initialize() called', {
-            method: req.method,
-            sessionId: this.key.sessionId.slice(0, 30),
-            bodyMethod: req.body?.method,
-        });
-        // Intercept response to log what gets sent back to client
-        const originalWrite = res.write.bind(res);
-        const originalEnd = res.end.bind(res);
-        let responseBody = '';
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        res.write = function (chunk, encodingOrCb, cb) {
-            if (chunk) {
-                responseBody += typeof chunk === 'string' ? chunk : Buffer.isBuffer(chunk) ? chunk.toString() : String(chunk);
-            }
-            return originalWrite.call(this, chunk, encodingOrCb, cb);
-        };
-        // eslint-disable-next-line @typescript-eslint/no-this-alias
-        const adapter = this;
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        res.end = function (chunk, encodingOrCb, cb) {
-            if (chunk) {
-                responseBody += typeof chunk === 'string' ? chunk : Buffer.isBuffer(chunk) ? chunk.toString() : String(chunk);
-            }
-            adapter.logger.info('[StreamableHttpAdapter] initialize response', {
-                statusCode: res.statusCode,
-                headers: res.getHeaders?.() ?? {},
-                bodyPreview: responseBody.slice(0, 1000),
-            });
-            return originalEnd.call(this, chunk, encodingOrCb, cb);
-        };
-        return this.transport.handleRequest(req, res, req.body);
-    }
-    async handleRequest(req, res) {
-        this.ensureAuthInfo(req, this);
-        //
-        // if ((await this.isInitialized) && isInitializeRequest(req.body)) {
-        //   await this.transport.close();
-        //   this.isInitialized = this.connectStreamableTransport(req.authSession.session!.id);
-        //   await this.ready;
-        // }
-        if (req.method === 'GET') {
-            return this.transport.handleRequest(req, res);
-        }
-        else {
-            if (this.handleIfElicitResult(req)) {
-                return;
-            }
-            return this.transport.handleRequest(req, res, req.body);
-        }
-    }
-    async sendElicitRequest(relatedRequestId, message, requestedSchema) {
-        await this.transport.send((0, transport_error_1.rpcRequest)(this.newRequestId, 'elicitation/create', {
-            message,
-            requestedSchema: (0, v4_1.toJSONSchema)(requestedSchema),
-        }), { relatedRequestId });
-        return new Promise((resolve, reject) => {
-            this.elicitHandler = {
-                resolve: (result) => {
-                    resolve(result);
-                    this.elicitHandler = undefined;
-                },
-                reject: (err) => {
-                    reject(err);
-                    this.elicitHandler = undefined;
-                },
-            };
-        });
-    }
-}
-exports.TransportStreamableHttpAdapter = TransportStreamableHttpAdapter;
-//# sourceMappingURL=transport.streamable-http.adapter.js.map

package/src/transport/adapters/transport.streamable-http.adapter.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"transport.streamable-http.adapter.js","sourceRoot":"","sources":["../../../../src/transport/adapters/transport.streamable-http.adapter.ts"],"names":[],"mappings":";;;AAAA,0FAAmG;AAGnG,uEAAkE;AAGlE,+BAAsC;AACtC,wDAAgD;AAGhD;;;;;GAKG;AACI,MAAM,yBAAyB,GAAG,CACvC,aAA4B,EAC5B,SAAiB,EACW,EAAE;IAC9B,OAAO,aAAa,KAAK,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC;AAC1E,CAAC,CAAC;AALW,QAAA,yBAAyB,6BAKpC;AAEF,MAAa,8BAA+B,SAAQ,+CAAoD;IAC7F,eAAe,CAAC,SAAiB,EAAE,QAAwB;QAClE,MAAM,kBAAkB,GAAG,IAAA,iCAAyB,EAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAE/E,OAAO,IAAI,iDAA6B,CAAC;YACvC,kBAAkB;YAClB,eAAe,EAAE,GAAG,EAAE;gBACpB,kBAAkB;YACpB,CAAC;YACD,oBAAoB,EAAE,CAAC,SAAS,EAAE,EAAE;gBAClC,IAAI,SAAS,EAAE,CAAC;oBACd,OAAO,CAAC,GAAG,CAAC,wBAAwB,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;gBAChE,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC;YACD,wFAAwF;YACxF,kFAAkF;YAClF,4DAA4D;YAC5D,UAAU,EAAE,SAAS;SACtB,CAAC,CAAC;IACL,CAAC;IAED,UAAU,CAAC,GAA+B,EAAE,GAAmB;QAC7D,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAE/B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6CAA6C,EAAE;YAC9D,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC1C,UAAU,EAAG,GAAG,CAAC,IAA4B,EAAE,MAAM;SACtD,CAAC,CAAC;QAEH,0DAA0D;QAC1D,MAAM,aAAa,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAqB,CAAC;QAC9D,MAAM,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAmB,CAAC;QACxD,IAAI,YAAY,GAAG,EAAE,CAAC;QAEtB,8DAA8D;QAC9D,GAAG,CAAC,KAAK,GAAG,UAAgC,KAAU,EAAE,YAAkB,EAAE,EAAQ;YAClF,IAAI,KAAK,EAAE,CAAC;gBACV,YAAY,IAAI,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAChH,CAAC;YACD,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;QAC3D,CAAqB,CAAC;QAEtB,4DAA4D;QAC5D,MAAM,OAAO,GAAG,IAAI,CAAC;QACrB,8DAA8D;QAC9D,GAAG,CAAC,GAAG,GAAG,UAAgC,KAAW,EAAE,YAAkB,EAAE,EAAQ;YACjF,IAAI,KAAK,EAAE,CAAC;gBACV,YAAY,IAAI,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAChH,CAAC;YACD,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,6CAA6C,EAAE;gBACjE,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,OAAO,EAAE,GAAG,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE;gBACjC,WAAW,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;aACzC,CAAC,CAAC;YACH,OAAO,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;QACzD,CAAmB,CAAC;QAEpB,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAA+B,EAAE,GAAmB;QACtE,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC/B,EAAE;QACF,qEAAqE;QACrE,kCAAkC;QAClC,uFAAuF;QACvF,sBAAsB;QACtB,IAAI;QAEJ,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnC,OAAO;YACT,CAAC;YACD,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,gBAA2B,EAC3B,OAAe,EACf,eAAkB;QAElB,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CACvB,IAAA,4BAAU,EAAC,IAAI,CAAC,YAAY,EAAE,oBAAoB,EAAE;YAClD,OAAO;YACP,eAAe,EAAE,IAAA,iBAAY,EAAC,eAAsB,CAAC;SACtD,CAAC,EACF,EAAE,gBAAgB,EAAE,CACrB,CAAC;QAEF,OAAO,IAAI,OAAO,CAAuB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3D,IAAI,CAAC,aAAa,GAAG;gBACnB,OAAO,EAAE,CAAC,MAAM,EAAE,EAAE;oBAClB,OAAO,CAAC,MAA8B,CAAC,CAAC;oBACxC,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;gBACD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE;oBACd,MAAM,CAAC,GAAG,CAAC,CAAC;oBACZ,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;gBACjC,CAAC;aACF,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AA5GD,wEA4GC","sourcesContent":["import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';\nimport { TransportType, TypedElicitResult } from '../transport.types';\nimport { AuthenticatedServerRequest } from '../../server/server.types';\nimport { LocalTransportAdapter } from './transport.local.adapter';\nimport { RequestId } from '@modelcontextprotocol/sdk/types.js';\nimport { ZodType } from 'zod';\nimport { toJSONSchema } from 'zod/v4';\nimport { rpcRequest } from '../transport.error';\nimport { ServerResponse } from '../../common';\n\n/**\n * Stateless HTTP requests must be able to send multiple initialize calls without\n * tripping the MCP transport's \"already initialized\" guard. The upstream SDK\n * treats any transport with a session ID generator as stateful, so we disable\n * session generation entirely for stateless transports.\n */\nexport const resolveSessionIdGenerator = (\n  transportType: TransportType,\n  sessionId: string,\n): (() => string) | undefined => {\n  return transportType === 'stateless-http' ? undefined : () => sessionId;\n};\n\nexport class TransportStreamableHttpAdapter extends LocalTransportAdapter<StreamableHTTPServerTransport> {\n  override createTransport(sessionId: string, response: ServerResponse): StreamableHTTPServerTransport {\n    const sessionIdGenerator = resolveSessionIdGenerator(this.key.type, sessionId);\n\n    return new StreamableHTTPServerTransport({\n      sessionIdGenerator,\n      onsessionclosed: () => {\n        // this.destroy();\n      },\n      onsessioninitialized: (sessionId) => {\n        if (sessionId) {\n          console.log(`session initialized: ${sessionId.slice(0, 40)}`);\n        } else {\n          console.log(`stateless session initialized`);\n        }\n      },\n      // Disable eventStore to prevent priming events - Claude.ai's client doesn't handle them\n      // The priming event has empty data with no `event:` type, which violates MCP spec\n      // (\"Event types MUST be message\") and confuses some clients\n      eventStore: undefined,\n    });\n  }\n\n  initialize(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    this.ensureAuthInfo(req, this);\n\n    this.logger.info('[StreamableHttpAdapter] initialize() called', {\n      method: req.method,\n      sessionId: this.key.sessionId.slice(0, 30),\n      bodyMethod: (req.body as { method?: string })?.method,\n    });\n\n    // Intercept response to log what gets sent back to client\n    const originalWrite = res.write.bind(res) as typeof res.write;\n    const originalEnd = res.end.bind(res) as typeof res.end;\n    let responseBody = '';\n\n    // eslint-disable-next-line @typescript-eslint/no-explicit-any\n    res.write = function (this: ServerResponse, chunk: any, encodingOrCb?: any, cb?: any): boolean {\n      if (chunk) {\n        responseBody += typeof chunk === 'string' ? chunk : Buffer.isBuffer(chunk) ? chunk.toString() : String(chunk);\n      }\n      return originalWrite.call(this, chunk, encodingOrCb, cb);\n    } as typeof res.write;\n\n    // eslint-disable-next-line @typescript-eslint/no-this-alias\n    const adapter = this;\n    // eslint-disable-next-line @typescript-eslint/no-explicit-any\n    res.end = function (this: ServerResponse, chunk?: any, encodingOrCb?: any, cb?: any): ServerResponse {\n      if (chunk) {\n        responseBody += typeof chunk === 'string' ? chunk : Buffer.isBuffer(chunk) ? chunk.toString() : String(chunk);\n      }\n      adapter.logger.info('[StreamableHttpAdapter] initialize response', {\n        statusCode: res.statusCode,\n        headers: res.getHeaders?.() ?? {},\n        bodyPreview: responseBody.slice(0, 1000),\n      });\n      return originalEnd.call(this, chunk, encodingOrCb, cb);\n    } as typeof res.end;\n\n    return this.transport.handleRequest(req, res, req.body);\n  }\n\n  async handleRequest(req: AuthenticatedServerRequest, res: ServerResponse): Promise<void> {\n    this.ensureAuthInfo(req, this);\n    //\n    // if ((await this.isInitialized) && isInitializeRequest(req.body)) {\n    //   await this.transport.close();\n    //   this.isInitialized = this.connectStreamableTransport(req.authSession.session!.id);\n    //   await this.ready;\n    // }\n\n    if (req.method === 'GET') {\n      return this.transport.handleRequest(req, res);\n    } else {\n      if (this.handleIfElicitResult(req)) {\n        return;\n      }\n      return this.transport.handleRequest(req, res, req.body);\n    }\n  }\n\n  async sendElicitRequest<T extends ZodType>(\n    relatedRequestId: RequestId,\n    message: string,\n    requestedSchema: T,\n  ): Promise<TypedElicitResult<T>> {\n    await this.transport.send(\n      rpcRequest(this.newRequestId, 'elicitation/create', {\n        message,\n        requestedSchema: toJSONSchema(requestedSchema as any),\n      }),\n      { relatedRequestId },\n    );\n\n    return new Promise<TypedElicitResult<T>>((resolve, reject) => {\n      this.elicitHandler = {\n        resolve: (result) => {\n          resolve(result as TypedElicitResult<T>);\n          this.elicitHandler = undefined;\n        },\n        reject: (err) => {\n          reject(err);\n          this.elicitHandler = undefined;\n        },\n      };\n    });\n  }\n}\n"]}