@frontmcp/sdk 0.6.0 → 0.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/{src/auth → auth}/instances/instance.local-primary-auth.d.ts +1 -1
- package/{src/auth → auth}/instances/instance.remote-primary-auth.d.ts +1 -1
- package/{src/auth → auth}/session/index.d.ts +1 -0
- package/auth/session/vercel-kv-session.store.d.ts +96 -0
- package/{src/common → common}/interfaces/internal/primary-auth-provider.interface.d.ts +1 -4
- package/{src/common → common}/metadata/front-mcp.metadata.d.ts +1779 -67
- package/{src/common → common}/metadata/prompt.metadata.d.ts +4 -0
- package/{src/common → common}/metadata/resource.metadata.d.ts +8 -0
- package/{src/common → common}/metadata/tool-ui.metadata.d.ts +2 -2
- package/{src/common → common}/metadata/tool.metadata.d.ts +4 -0
- package/{src/common → common}/schemas/http-output.schema.d.ts +24 -6
- package/common/types/options/auth/app-auth.schema.d.ts +275 -0
- package/common/types/options/auth/auth.interfaces.d.ts +461 -0
- package/common/types/options/auth/auth.schema.d.ts +284 -0
- package/common/types/options/auth/auth.utils.d.ts +32 -0
- package/common/types/options/auth/index.d.ts +16 -0
- package/common/types/options/auth/orchestrated.schema.d.ts +381 -0
- package/common/types/options/auth/public.schema.d.ts +42 -0
- package/common/types/options/auth/shared.schemas.d.ts +120 -0
- package/common/types/options/auth/transparent.schema.d.ts +56 -0
- package/common/types/options/auth/transport.deprecated.d.ts +63 -0
- package/{src/common → common}/types/options/index.d.ts +1 -1
- package/common/types/options/redis.options.d.ts +190 -0
- package/{src/common → common}/types/options/server-info.options.d.ts +4 -0
- package/{src/common → common}/types/options/transport.options.d.ts +74 -5
- package/{src/common → common}/utils/decide-request-intent.utils.d.ts +6 -7
- package/common/utils/global-config.utils.d.ts +36 -0
- package/{src/common → common}/utils/index.d.ts +1 -0
- package/{src/completion → completion}/flows/complete.flow.d.ts +6 -8
- package/{src/errors → errors}/index.d.ts +1 -1
- package/{src/errors → errors}/mcp.error.d.ts +9 -0
- package/esm/index.mjs +22664 -0
- package/esm/mcp-apps/index.mjs +723 -0
- package/esm/package.json +81 -0
- package/{src/front-mcp → front-mcp}/front-mcp.providers.d.ts +246 -38
- package/front-mcp/index.d.ts +2 -0
- package/{src/index.d.ts → index.d.ts} +1 -1
- package/index.js +22957 -0
- package/logger/logger.tokens.d.ts +1 -0
- package/{src/logging → logging}/flows/set-level.flow.d.ts +6 -8
- package/mcp-apps/index.js +799 -0
- package/package.json +37 -17
- package/{src/prompt → prompt}/flows/get-prompt.flow.d.ts +14 -8
- package/{src/prompt → prompt}/flows/prompts-list.flow.d.ts +8 -7
- package/{src/resource → resource}/flows/read-resource.flow.d.ts +8 -9
- package/{src/resource → resource}/flows/resource-templates-list.flow.d.ts +8 -7
- package/{src/resource → resource}/flows/resources-list.flow.d.ts +8 -7
- package/{src/resource → resource}/flows/subscribe-resource.flow.d.ts +6 -8
- package/{src/resource → resource}/flows/unsubscribe-resource.flow.d.ts +6 -8
- package/store/adapters/store.vercel-kv.adapter.d.ts +86 -0
- package/{src/store → store}/index.d.ts +2 -0
- package/store/store.factory.d.ts +86 -0
- package/{src/tool → tool}/flows/call-tool.flow.d.ts +18 -9
- package/{src/tool → tool}/flows/tools-list.flow.d.ts +9 -8
- package/{src/tool → tool}/ui/index.d.ts +4 -4
- package/{src/tool → tool}/ui/platform-adapters.d.ts +2 -2
- package/{src/tool → tool}/ui/template-helpers.d.ts +5 -7
- package/{src/tool → tool}/ui/ui-resource.handler.d.ts +1 -1
- package/{src/transport → transport}/mcp-handlers/complete-request.handler.d.ts +4 -15
- package/{src/transport → transport}/mcp-handlers/get-prompt-request.handler.d.ts +5 -15
- package/{src/transport → transport}/mcp-handlers/index.d.ts +67 -195
- package/{src/transport → transport}/mcp-handlers/list-prompts-request.handler.d.ts +5 -15
- package/{src/transport → transport}/mcp-handlers/list-resource-templates-request.handler.d.ts +5 -15
- package/{src/transport → transport}/mcp-handlers/list-resources-request.handler.d.ts +5 -15
- package/{src/transport → transport}/mcp-handlers/list-tools-request.handler.d.ts +5 -15
- package/{src/transport → transport}/mcp-handlers/logging-set-level-request.handler.d.ts +3 -14
- package/{src/transport → transport}/mcp-handlers/read-resource-request.handler.d.ts +4 -15
- package/{src/transport → transport}/mcp-handlers/subscribe-request.handler.d.ts +3 -14
- package/{src/transport → transport}/mcp-handlers/unsubscribe-request.handler.d.ts +3 -14
- package/{src/transport → transport}/transport.registry.d.ts +5 -1
- package/README.md +0 -460
- package/src/adapter/adapter.instance.js +0 -70
- package/src/adapter/adapter.instance.js.map +0 -1
- package/src/adapter/adapter.regsitry.js +0 -54
- package/src/adapter/adapter.regsitry.js.map +0 -1
- package/src/adapter/adapter.utils.js +0 -83
- package/src/adapter/adapter.utils.js.map +0 -1
- package/src/app/app.registry.js +0 -66
- package/src/app/app.registry.js.map +0 -1
- package/src/app/app.utils.js +0 -58
- package/src/app/app.utils.js.map +0 -1
- package/src/app/instances/app.local.instance.js +0 -67
- package/src/app/instances/app.local.instance.js.map +0 -1
- package/src/app/instances/app.remote.instance.js +0 -36
- package/src/app/instances/app.remote.instance.js.map +0 -1
- package/src/app/instances/index.js +0 -6
- package/src/app/instances/index.js.map +0 -1
- package/src/auth/auth.registry.js +0 -219
- package/src/auth/auth.registry.js.map +0 -1
- package/src/auth/auth.utils.js +0 -84
- package/src/auth/auth.utils.js.map +0 -1
- package/src/auth/authorization/authorization.class.js +0 -217
- package/src/auth/authorization/authorization.class.js.map +0 -1
- package/src/auth/authorization/authorization.types.js +0 -79
- package/src/auth/authorization/authorization.types.js.map +0 -1
- package/src/auth/authorization/index.js +0 -19
- package/src/auth/authorization/index.js.map +0 -1
- package/src/auth/authorization/orchestrated.authorization.js +0 -306
- package/src/auth/authorization/orchestrated.authorization.js.map +0 -1
- package/src/auth/authorization/public.authorization.js +0 -132
- package/src/auth/authorization/public.authorization.js.map +0 -1
- package/src/auth/authorization/transparent.authorization.js +0 -147
- package/src/auth/authorization/transparent.authorization.js.map +0 -1
- package/src/auth/consent/consent.types.js +0 -119
- package/src/auth/consent/consent.types.js.map +0 -1
- package/src/auth/consent/index.js +0 -13
- package/src/auth/consent/index.js.map +0 -1
- package/src/auth/detection/auth-provider-detection.js +0 -230
- package/src/auth/detection/auth-provider-detection.js.map +0 -1
- package/src/auth/detection/index.js +0 -15
- package/src/auth/detection/index.js.map +0 -1
- package/src/auth/flows/auth.verify.flow.js +0 -379
- package/src/auth/flows/auth.verify.flow.js.map +0 -1
- package/src/auth/flows/oauth.authorize.flow.js +0 -822
- package/src/auth/flows/oauth.authorize.flow.js.map +0 -1
- package/src/auth/flows/oauth.callback.flow.js +0 -357
- package/src/auth/flows/oauth.callback.flow.js.map +0 -1
- package/src/auth/flows/oauth.register.flow.js +0 -201
- package/src/auth/flows/oauth.register.flow.js.map +0 -1
- package/src/auth/flows/oauth.token.flow.js +0 -319
- package/src/auth/flows/oauth.token.flow.js.map +0 -1
- package/src/auth/flows/session.verify.flow.js +0 -304
- package/src/auth/flows/session.verify.flow.js.map +0 -1
- package/src/auth/flows/well-known.jwks.flow.js +0 -89
- package/src/auth/flows/well-known.jwks.flow.js.map +0 -1
- package/src/auth/flows/well-known.oauth-authorization-server.flow.js +0 -122
- package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map +0 -1
- package/src/auth/flows/well-known.prm.flow.js +0 -106
- package/src/auth/flows/well-known.prm.flow.js.map +0 -1
- package/src/auth/instances/instance.local-primary-auth.js +0 -308
- package/src/auth/instances/instance.local-primary-auth.js.map +0 -1
- package/src/auth/instances/instance.remote-primary-auth.js +0 -49
- package/src/auth/instances/instance.remote-primary-auth.js.map +0 -1
- package/src/auth/jwks/dev-key-persistence.js +0 -219
- package/src/auth/jwks/dev-key-persistence.js.map +0 -1
- package/src/auth/jwks/index.js +0 -7
- package/src/auth/jwks/index.js.map +0 -1
- package/src/auth/jwks/jwks.service.js +0 -303
- package/src/auth/jwks/jwks.service.js.map +0 -1
- package/src/auth/jwks/jwks.types.js +0 -3
- package/src/auth/jwks/jwks.types.js.map +0 -1
- package/src/auth/jwks/jwks.utils.js +0 -32
- package/src/auth/jwks/jwks.utils.js.map +0 -1
- package/src/auth/machine-id.js +0 -32
- package/src/auth/machine-id.js.map +0 -1
- package/src/auth/oauth/flows/oauth.authorize.flow.js +0 -33
- package/src/auth/oauth/flows/oauth.authorize.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.device-authorization.flow.js +0 -48
- package/src/auth/oauth/flows/oauth.device-authorization.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.introspect.flow.js +0 -28
- package/src/auth/oauth/flows/oauth.introspect.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.par.flow.js +0 -29
- package/src/auth/oauth/flows/oauth.par.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.revoke.flow.js +0 -27
- package/src/auth/oauth/flows/oauth.revoke.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.token.flow.js +0 -59
- package/src/auth/oauth/flows/oauth.token.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.userinfo.flow.js +0 -24
- package/src/auth/oauth/flows/oauth.userinfo.flow.js.map +0 -1
- package/src/auth/oauth/flows/oidc.logout.flow.js +0 -20
- package/src/auth/oauth/flows/oidc.logout.flow.js.map +0 -1
- package/src/auth/session/authorization-vault.js +0 -817
- package/src/auth/session/authorization-vault.js.map +0 -1
- package/src/auth/session/authorization.store.js +0 -323
- package/src/auth/session/authorization.store.js.map +0 -1
- package/src/auth/session/encrypted-authorization-vault.js +0 -493
- package/src/auth/session/encrypted-authorization-vault.js.map +0 -1
- package/src/auth/session/index.js +0 -16
- package/src/auth/session/index.js.map +0 -1
- package/src/auth/session/record/session.base.js +0 -125
- package/src/auth/session/record/session.base.js.map +0 -1
- package/src/auth/session/record/session.stateful.js +0 -55
- package/src/auth/session/record/session.stateful.js.map +0 -1
- package/src/auth/session/record/session.stateless.js +0 -32
- package/src/auth/session/record/session.stateless.js.map +0 -1
- package/src/auth/session/record/session.transparent.js +0 -22
- package/src/auth/session/record/session.transparent.js.map +0 -1
- package/src/auth/session/redis-session.store.js +0 -204
- package/src/auth/session/redis-session.store.js.map +0 -1
- package/src/auth/session/session.crypto.js +0 -47
- package/src/auth/session/session.crypto.js.map +0 -1
- package/src/auth/session/session.schema.js +0 -13
- package/src/auth/session/session.schema.js.map +0 -1
- package/src/auth/session/session.service.js +0 -105
- package/src/auth/session/session.service.js.map +0 -1
- package/src/auth/session/session.transport.js +0 -20
- package/src/auth/session/session.transport.js.map +0 -1
- package/src/auth/session/session.types.js +0 -4
- package/src/auth/session/session.types.js.map +0 -1
- package/src/auth/session/token.refresh.js +0 -63
- package/src/auth/session/token.refresh.js.map +0 -1
- package/src/auth/session/token.store.js +0 -53
- package/src/auth/session/token.store.js.map +0 -1
- package/src/auth/session/token.vault.js +0 -54
- package/src/auth/session/token.vault.js.map +0 -1
- package/src/auth/session/transport-session.manager.js +0 -298
- package/src/auth/session/transport-session.manager.js.map +0 -1
- package/src/auth/session/transport-session.types.js +0 -111
- package/src/auth/session/transport-session.types.js.map +0 -1
- package/src/auth/session/utils/auth-token.utils.js +0 -57
- package/src/auth/session/utils/auth-token.utils.js.map +0 -1
- package/src/auth/session/utils/session-id.utils.js +0 -217
- package/src/auth/session/utils/session-id.utils.js.map +0 -1
- package/src/auth/session/utils/tiny-ttl-cache.js +0 -26
- package/src/auth/session/utils/tiny-ttl-cache.js.map +0 -1
- package/src/auth/session/vault-encryption.js +0 -263
- package/src/auth/session/vault-encryption.js.map +0 -1
- package/src/auth/ui/base-layout.js +0 -279
- package/src/auth/ui/base-layout.js.map +0 -1
- package/src/auth/ui/index.js +0 -34
- package/src/auth/ui/index.js.map +0 -1
- package/src/auth/ui/templates.js +0 -426
- package/src/auth/ui/templates.js.map +0 -1
- package/src/auth/utils/audience.validator.js +0 -196
- package/src/auth/utils/audience.validator.js.map +0 -1
- package/src/auth/utils/index.js +0 -7
- package/src/auth/utils/index.js.map +0 -1
- package/src/auth/utils/www-authenticate.utils.js +0 -183
- package/src/auth/utils/www-authenticate.utils.js.map +0 -1
- package/src/common/common.schema.js +0 -35
- package/src/common/common.schema.js.map +0 -1
- package/src/common/constants.js +0 -13
- package/src/common/constants.js.map +0 -1
- package/src/common/decorators/adapter.decorator.js +0 -20
- package/src/common/decorators/adapter.decorator.js.map +0 -1
- package/src/common/decorators/app.decorator.js +0 -44
- package/src/common/decorators/app.decorator.js.map +0 -1
- package/src/common/decorators/auth-provider.decorator.js +0 -20
- package/src/common/decorators/auth-provider.decorator.js.map +0 -1
- package/src/common/decorators/decorator-utils.js +0 -195
- package/src/common/decorators/decorator-utils.js.map +0 -1
- package/src/common/decorators/flow.decorator.js +0 -19
- package/src/common/decorators/flow.decorator.js.map +0 -1
- package/src/common/decorators/front-mcp.decorator.js +0 -67
- package/src/common/decorators/front-mcp.decorator.js.map +0 -1
- package/src/common/decorators/hook.decorator.js +0 -178
- package/src/common/decorators/hook.decorator.js.map +0 -1
- package/src/common/decorators/index.js +0 -16
- package/src/common/decorators/index.js.map +0 -1
- package/src/common/decorators/logger.decorator.js +0 -20
- package/src/common/decorators/logger.decorator.js.map +0 -1
- package/src/common/decorators/plugin.decorator.js +0 -39
- package/src/common/decorators/plugin.decorator.js.map +0 -1
- package/src/common/decorators/prompt.decorator.js +0 -38
- package/src/common/decorators/prompt.decorator.js.map +0 -1
- package/src/common/decorators/provider.decorator.js +0 -20
- package/src/common/decorators/provider.decorator.js.map +0 -1
- package/src/common/decorators/resource.decorator.js +0 -94
- package/src/common/decorators/resource.decorator.js.map +0 -1
- package/src/common/decorators/tool.decorator.js +0 -45
- package/src/common/decorators/tool.decorator.js.map +0 -1
- package/src/common/dynamic/dynamic.adapter.js +0 -28
- package/src/common/dynamic/dynamic.adapter.js.map +0 -1
- package/src/common/dynamic/dynamic.plugin.js +0 -42
- package/src/common/dynamic/dynamic.plugin.js.map +0 -1
- package/src/common/dynamic/dynamic.utils.js +0 -27
- package/src/common/dynamic/dynamic.utils.js.map +0 -1
- package/src/common/dynamic/index.js +0 -6
- package/src/common/dynamic/index.js.map +0 -1
- package/src/common/entries/adapter.entry.js +0 -8
- package/src/common/entries/adapter.entry.js.map +0 -1
- package/src/common/entries/app.entry.js +0 -9
- package/src/common/entries/app.entry.js.map +0 -1
- package/src/common/entries/auth-provider.entry.js +0 -8
- package/src/common/entries/auth-provider.entry.js.map +0 -1
- package/src/common/entries/base.entry.js +0 -17
- package/src/common/entries/base.entry.js.map +0 -1
- package/src/common/entries/flow.entry.js +0 -21
- package/src/common/entries/flow.entry.js.map +0 -1
- package/src/common/entries/hook.entry.js +0 -20
- package/src/common/entries/hook.entry.js.map +0 -1
- package/src/common/entries/index.js +0 -17
- package/src/common/entries/index.js.map +0 -1
- package/src/common/entries/logger.entry.js +0 -8
- package/src/common/entries/logger.entry.js.map +0 -1
- package/src/common/entries/plugin.entry.js +0 -8
- package/src/common/entries/plugin.entry.js.map +0 -1
- package/src/common/entries/prompt.entry.js +0 -18
- package/src/common/entries/prompt.entry.js.map +0 -1
- package/src/common/entries/provider.entry.js +0 -8
- package/src/common/entries/provider.entry.js.map +0 -1
- package/src/common/entries/resource.entry.js +0 -35
- package/src/common/entries/resource.entry.js.map +0 -1
- package/src/common/entries/scope.entry.js +0 -14
- package/src/common/entries/scope.entry.js.map +0 -1
- package/src/common/entries/tool.entry.js +0 -31
- package/src/common/entries/tool.entry.js.map +0 -1
- package/src/common/flow/flow.utils.js +0 -96
- package/src/common/flow/flow.utils.js.map +0 -1
- package/src/common/index.js +0 -20
- package/src/common/index.js.map +0 -1
- package/src/common/interfaces/adapter.interface.js +0 -3
- package/src/common/interfaces/adapter.interface.js.map +0 -1
- package/src/common/interfaces/app.interface.js +0 -3
- package/src/common/interfaces/app.interface.js.map +0 -1
- package/src/common/interfaces/auth-hook.interface.js +0 -135
- package/src/common/interfaces/auth-hook.interface.js.map +0 -1
- package/src/common/interfaces/auth-provider.interface.js +0 -18
- package/src/common/interfaces/auth-provider.interface.js.map +0 -1
- package/src/common/interfaces/base.interface.js +0 -3
- package/src/common/interfaces/base.interface.js.map +0 -1
- package/src/common/interfaces/execution-context.interface.js +0 -166
- package/src/common/interfaces/execution-context.interface.js.map +0 -1
- package/src/common/interfaces/flow.interface.js +0 -95
- package/src/common/interfaces/flow.interface.js.map +0 -1
- package/src/common/interfaces/front-mcp.interface.js +0 -3
- package/src/common/interfaces/front-mcp.interface.js.map +0 -1
- package/src/common/interfaces/hook.interface.js +0 -3
- package/src/common/interfaces/hook.interface.js.map +0 -1
- package/src/common/interfaces/index.js +0 -21
- package/src/common/interfaces/index.js.map +0 -1
- package/src/common/interfaces/internal/flow.utils.js +0 -83
- package/src/common/interfaces/internal/flow.utils.js.map +0 -1
- package/src/common/interfaces/internal/index.js +0 -7
- package/src/common/interfaces/internal/index.js.map +0 -1
- package/src/common/interfaces/internal/primary-auth-provider.interface.js +0 -81
- package/src/common/interfaces/internal/primary-auth-provider.interface.js.map +0 -1
- package/src/common/interfaces/internal/registry.interface.js +0 -3
- package/src/common/interfaces/internal/registry.interface.js.map +0 -1
- package/src/common/interfaces/logger.interface.js +0 -10
- package/src/common/interfaces/logger.interface.js.map +0 -1
- package/src/common/interfaces/plugin.interface.js +0 -3
- package/src/common/interfaces/plugin.interface.js.map +0 -1
- package/src/common/interfaces/prompt.interface.js +0 -81
- package/src/common/interfaces/prompt.interface.js.map +0 -1
- package/src/common/interfaces/provider.interface.js +0 -18
- package/src/common/interfaces/provider.interface.js.map +0 -1
- package/src/common/interfaces/resource.interface.js +0 -56
- package/src/common/interfaces/resource.interface.js.map +0 -1
- package/src/common/interfaces/scope.interface.js +0 -3
- package/src/common/interfaces/scope.interface.js.map +0 -1
- package/src/common/interfaces/server.interface.js +0 -18
- package/src/common/interfaces/server.interface.js.map +0 -1
- package/src/common/interfaces/session-hook.interface.js +0 -140
- package/src/common/interfaces/session-hook.interface.js.map +0 -1
- package/src/common/interfaces/tool-hook.interface.js +0 -92
- package/src/common/interfaces/tool-hook.interface.js.map +0 -1
- package/src/common/interfaces/tool.interface.js +0 -117
- package/src/common/interfaces/tool.interface.js.map +0 -1
- package/src/common/metadata/adapter.metadata.js +0 -10
- package/src/common/metadata/adapter.metadata.js.map +0 -1
- package/src/common/metadata/app.metadata.js +0 -30
- package/src/common/metadata/app.metadata.js.map +0 -1
- package/src/common/metadata/auth-provider.metadata.js +0 -19
- package/src/common/metadata/auth-provider.metadata.js.map +0 -1
- package/src/common/metadata/flow.metadata.js +0 -15
- package/src/common/metadata/flow.metadata.js.map +0 -1
- package/src/common/metadata/front-mcp.metadata.js +0 -29
- package/src/common/metadata/front-mcp.metadata.js.map +0 -1
- package/src/common/metadata/hook.metadata.js +0 -3
- package/src/common/metadata/hook.metadata.js.map +0 -1
- package/src/common/metadata/index.js +0 -17
- package/src/common/metadata/index.js.map +0 -1
- package/src/common/metadata/logger.metadata.js +0 -10
- package/src/common/metadata/logger.metadata.js.map +0 -1
- package/src/common/metadata/plugin.metadata.js +0 -18
- package/src/common/metadata/plugin.metadata.js.map +0 -1
- package/src/common/metadata/prompt.metadata.js +0 -27
- package/src/common/metadata/prompt.metadata.js.map +0 -1
- package/src/common/metadata/provider.metadata.js +0 -36
- package/src/common/metadata/provider.metadata.js.map +0 -1
- package/src/common/metadata/resource.metadata.js +0 -31
- package/src/common/metadata/resource.metadata.js.map +0 -1
- package/src/common/metadata/tool-ui.metadata.js +0 -12
- package/src/common/metadata/tool-ui.metadata.js.map +0 -1
- package/src/common/metadata/tool.metadata.js +0 -55
- package/src/common/metadata/tool.metadata.js.map +0 -1
- package/src/common/migrate/auth-transport.migrate.js +0 -140
- package/src/common/migrate/auth-transport.migrate.js.map +0 -1
- package/src/common/migrate/index.js +0 -6
- package/src/common/migrate/index.js.map +0 -1
- package/src/common/providers/base-config.provider.js +0 -128
- package/src/common/providers/base-config.provider.js.map +0 -1
- package/src/common/records/adapter.record.js +0 -11
- package/src/common/records/adapter.record.js.map +0 -1
- package/src/common/records/app.record.js +0 -9
- package/src/common/records/app.record.js.map +0 -1
- package/src/common/records/auth-provider.record.js +0 -12
- package/src/common/records/auth-provider.record.js.map +0 -1
- package/src/common/records/flow.record.js +0 -8
- package/src/common/records/flow.record.js.map +0 -1
- package/src/common/records/hook.record.js +0 -8
- package/src/common/records/hook.record.js.map +0 -1
- package/src/common/records/index.js +0 -16
- package/src/common/records/index.js.map +0 -1
- package/src/common/records/logger.record.js +0 -8
- package/src/common/records/logger.record.js.map +0 -1
- package/src/common/records/plugin.record.js +0 -11
- package/src/common/records/plugin.record.js.map +0 -1
- package/src/common/records/prompt.record.js +0 -9
- package/src/common/records/prompt.record.js.map +0 -1
- package/src/common/records/provider.record.js +0 -14
- package/src/common/records/provider.record.js.map +0 -1
- package/src/common/records/resource.record.js +0 -20
- package/src/common/records/resource.record.js.map +0 -1
- package/src/common/records/scope.record.js +0 -9
- package/src/common/records/scope.record.js.map +0 -1
- package/src/common/records/tool.record.js +0 -9
- package/src/common/records/tool.record.js.map +0 -1
- package/src/common/schemas/annotated-class.schema.js +0 -109
- package/src/common/schemas/annotated-class.schema.js.map +0 -1
- package/src/common/schemas/http-input.schema.js +0 -13
- package/src/common/schemas/http-input.schema.js.map +0 -1
- package/src/common/schemas/http-output.schema.js +0 -321
- package/src/common/schemas/http-output.schema.js.map +0 -1
- package/src/common/schemas/index.js +0 -8
- package/src/common/schemas/index.js.map +0 -1
- package/src/common/schemas/session-header.schema.js +0 -42
- package/src/common/schemas/session-header.schema.js.map +0 -1
- package/src/common/tokens/adapter.tokens.js +0 -11
- package/src/common/tokens/adapter.tokens.js.map +0 -1
- package/src/common/tokens/app.tokens.js +0 -30
- package/src/common/tokens/app.tokens.js.map +0 -1
- package/src/common/tokens/auth-provider.tokens.js +0 -12
- package/src/common/tokens/auth-provider.tokens.js.map +0 -1
- package/src/common/tokens/base.tokens.js +0 -9
- package/src/common/tokens/base.tokens.js.map +0 -1
- package/src/common/tokens/flow-hook.tokens.js +0 -9
- package/src/common/tokens/flow-hook.tokens.js.map +0 -1
- package/src/common/tokens/flow.tokens.js +0 -16
- package/src/common/tokens/flow.tokens.js.map +0 -1
- package/src/common/tokens/front-mcp.tokens.js +0 -24
- package/src/common/tokens/front-mcp.tokens.js.map +0 -1
- package/src/common/tokens/index.js +0 -17
- package/src/common/tokens/index.js.map +0 -1
- package/src/common/tokens/logger.tokens.js +0 -11
- package/src/common/tokens/logger.tokens.js.map +0 -1
- package/src/common/tokens/plugin.tokens.js +0 -18
- package/src/common/tokens/plugin.tokens.js.map +0 -1
- package/src/common/tokens/prompt.tokens.js +0 -14
- package/src/common/tokens/prompt.tokens.js.map +0 -1
- package/src/common/tokens/provider.tokens.js +0 -12
- package/src/common/tokens/provider.tokens.js.map +0 -1
- package/src/common/tokens/resource.tokens.js +0 -28
- package/src/common/tokens/resource.tokens.js.map +0 -1
- package/src/common/tokens/server.tokens.js +0 -11
- package/src/common/tokens/server.tokens.js.map +0 -1
- package/src/common/tokens/tool.tokens.js +0 -21
- package/src/common/tokens/tool.tokens.js.map +0 -1
- package/src/common/types/auth/index.js +0 -6
- package/src/common/types/auth/index.js.map +0 -1
- package/src/common/types/auth/jwt.types.js +0 -36
- package/src/common/types/auth/jwt.types.js.map +0 -1
- package/src/common/types/auth/session.types.js +0 -53
- package/src/common/types/auth/session.types.js.map +0 -1
- package/src/common/types/common.types.js +0 -3
- package/src/common/types/common.types.js.map +0 -1
- package/src/common/types/index.js +0 -7
- package/src/common/types/index.js.map +0 -1
- package/src/common/types/options/auth.options.d.ts +0 -1266
- package/src/common/types/options/auth.options.js +0 -560
- package/src/common/types/options/auth.options.js.map +0 -1
- package/src/common/types/options/http.options.js +0 -10
- package/src/common/types/options/http.options.js.map +0 -1
- package/src/common/types/options/index.js +0 -11
- package/src/common/types/options/index.js.map +0 -1
- package/src/common/types/options/logging.options.js +0 -33
- package/src/common/types/options/logging.options.js.map +0 -1
- package/src/common/types/options/redis.options.d.ts +0 -22
- package/src/common/types/options/redis.options.js +0 -45
- package/src/common/types/options/redis.options.js.map +0 -1
- package/src/common/types/options/server-info.options.js +0 -13
- package/src/common/types/options/server-info.options.js.map +0 -1
- package/src/common/types/options/session.options.js +0 -32
- package/src/common/types/options/session.options.js.map +0 -1
- package/src/common/types/options/transport.options.js +0 -121
- package/src/common/types/options/transport.options.js.map +0 -1
- package/src/common/utils/decide-request-intent.utils.js +0 -391
- package/src/common/utils/decide-request-intent.utils.js.map +0 -1
- package/src/common/utils/index.js +0 -6
- package/src/common/utils/index.js.map +0 -1
- package/src/common/utils/path.utils.js +0 -66
- package/src/common/utils/path.utils.js.map +0 -1
- package/src/completion/flows/complete.flow.js +0 -199
- package/src/completion/flows/complete.flow.js.map +0 -1
- package/src/context/frontmcp-context-storage.js +0 -183
- package/src/context/frontmcp-context-storage.js.map +0 -1
- package/src/context/frontmcp-context.js +0 -360
- package/src/context/frontmcp-context.js.map +0 -1
- package/src/context/frontmcp-context.provider.js +0 -61
- package/src/context/frontmcp-context.provider.js.map +0 -1
- package/src/context/index.js +0 -64
- package/src/context/index.js.map +0 -1
- package/src/context/request-context-storage.js +0 -183
- package/src/context/request-context-storage.js.map +0 -1
- package/src/context/request-context.js +0 -209
- package/src/context/request-context.js.map +0 -1
- package/src/context/request-context.provider.js +0 -51
- package/src/context/request-context.provider.js.map +0 -1
- package/src/context/session-key.provider.js +0 -65
- package/src/context/session-key.provider.js.map +0 -1
- package/src/context/trace-context.js +0 -142
- package/src/context/trace-context.js.map +0 -1
- package/src/errors/authorization-required.error.js +0 -274
- package/src/errors/authorization-required.error.js.map +0 -1
- package/src/errors/error-handler.js +0 -107
- package/src/errors/error-handler.js.map +0 -1
- package/src/errors/index.js +0 -44
- package/src/errors/index.js.map +0 -1
- package/src/errors/mcp.error.js +0 -398
- package/src/errors/mcp.error.js.map +0 -1
- package/src/exceptions/mcp-exceptions/session-missing.exception.js +0 -11
- package/src/exceptions/mcp-exceptions/session-missing.exception.js.map +0 -1
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js +0 -15
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js.map +0 -1
- package/src/flows/flow.instance.js +0 -420
- package/src/flows/flow.instance.js.map +0 -1
- package/src/flows/flow.registry.js +0 -121
- package/src/flows/flow.registry.js.map +0 -1
- package/src/flows/flow.stages.js +0 -113
- package/src/flows/flow.stages.js.map +0 -1
- package/src/flows/flow.utils.js +0 -36
- package/src/flows/flow.utils.js.map +0 -1
- package/src/front-mcp/front-mcp.js +0 -63
- package/src/front-mcp/front-mcp.js.map +0 -1
- package/src/front-mcp/front-mcp.providers.js +0 -29
- package/src/front-mcp/front-mcp.providers.js.map +0 -1
- package/src/front-mcp/front-mcp.tokens.js +0 -5
- package/src/front-mcp/front-mcp.tokens.js.map +0 -1
- package/src/front-mcp/index.d.ts +0 -1
- package/src/front-mcp/index.js +0 -5
- package/src/front-mcp/index.js.map +0 -1
- package/src/front-mcp/serverless-handler.js +0 -61
- package/src/front-mcp/serverless-handler.js.map +0 -1
- package/src/hooks/hook.instance.js +0 -26
- package/src/hooks/hook.instance.js.map +0 -1
- package/src/hooks/hook.registry.js +0 -152
- package/src/hooks/hook.registry.js.map +0 -1
- package/src/hooks/hooks.utils.js +0 -34
- package/src/hooks/hooks.utils.js.map +0 -1
- package/src/index.js +0 -36
- package/src/index.js.map +0 -1
- package/src/logger/instances/instance.console-logger.js +0 -75
- package/src/logger/instances/instance.console-logger.js.map +0 -1
- package/src/logger/instances/instance.logger.js +0 -77
- package/src/logger/instances/instance.logger.js.map +0 -1
- package/src/logger/logger.registry.js +0 -96
- package/src/logger/logger.registry.js.map +0 -1
- package/src/logger/logger.tokens.js +0 -3
- package/src/logger/logger.tokens.js.map +0 -1
- package/src/logger/logger.types.js +0 -8
- package/src/logger/logger.types.js.map +0 -1
- package/src/logger/logger.utils.js +0 -42
- package/src/logger/logger.utils.js.map +0 -1
- package/src/logging/flows/set-level.flow.js +0 -108
- package/src/logging/flows/set-level.flow.js.map +0 -1
- package/src/mcp-apps/csp.js +0 -267
- package/src/mcp-apps/csp.js.map +0 -1
- package/src/mcp-apps/index.js +0 -91
- package/src/mcp-apps/index.js.map +0 -1
- package/src/mcp-apps/schemas.js +0 -345
- package/src/mcp-apps/schemas.js.map +0 -1
- package/src/mcp-apps/template.js +0 -419
- package/src/mcp-apps/template.js.map +0 -1
- package/src/mcp-apps/types.js +0 -59
- package/src/mcp-apps/types.js.map +0 -1
- package/src/notification/index.js +0 -13
- package/src/notification/index.js.map +0 -1
- package/src/notification/notification.service.js +0 -731
- package/src/notification/notification.service.js.map +0 -1
- package/src/plugin/plugin.registry.js +0 -152
- package/src/plugin/plugin.registry.js.map +0 -1
- package/src/plugin/plugin.utils.js +0 -88
- package/src/plugin/plugin.utils.js.map +0 -1
- package/src/prompt/flows/get-prompt.flow.js +0 -214
- package/src/prompt/flows/get-prompt.flow.js.map +0 -1
- package/src/prompt/flows/prompts-list.flow.js +0 -176
- package/src/prompt/flows/prompts-list.flow.js.map +0 -1
- package/src/prompt/index.js +0 -17
- package/src/prompt/index.js.map +0 -1
- package/src/prompt/prompt.events.js +0 -25
- package/src/prompt/prompt.events.js.map +0 -1
- package/src/prompt/prompt.instance.js +0 -120
- package/src/prompt/prompt.instance.js.map +0 -1
- package/src/prompt/prompt.registry.js +0 -380
- package/src/prompt/prompt.registry.js.map +0 -1
- package/src/prompt/prompt.types.js +0 -11
- package/src/prompt/prompt.types.js.map +0 -1
- package/src/prompt/prompt.utils.js +0 -136
- package/src/prompt/prompt.utils.js.map +0 -1
- package/src/provider/provider.registry.js +0 -868
- package/src/provider/provider.registry.js.map +0 -1
- package/src/provider/provider.types.js +0 -3
- package/src/provider/provider.types.js.map +0 -1
- package/src/provider/provider.utils.js +0 -103
- package/src/provider/provider.utils.js.map +0 -1
- package/src/regsitry/index.js +0 -5
- package/src/regsitry/index.js.map +0 -1
- package/src/regsitry/registry.base.js +0 -32
- package/src/regsitry/registry.base.js.map +0 -1
- package/src/resource/flows/read-resource.flow.js +0 -270
- package/src/resource/flows/read-resource.flow.js.map +0 -1
- package/src/resource/flows/resource-templates-list.flow.js +0 -191
- package/src/resource/flows/resource-templates-list.flow.js.map +0 -1
- package/src/resource/flows/resources-list.flow.js +0 -196
- package/src/resource/flows/resources-list.flow.js.map +0 -1
- package/src/resource/flows/subscribe-resource.flow.js +0 -123
- package/src/resource/flows/subscribe-resource.flow.js.map +0 -1
- package/src/resource/flows/unsubscribe-resource.flow.js +0 -107
- package/src/resource/flows/unsubscribe-resource.flow.js.map +0 -1
- package/src/resource/index.js +0 -20
- package/src/resource/index.js.map +0 -1
- package/src/resource/resource.events.js +0 -17
- package/src/resource/resource.events.js.map +0 -1
- package/src/resource/resource.instance.js +0 -163
- package/src/resource/resource.instance.js.map +0 -1
- package/src/resource/resource.registry.js +0 -468
- package/src/resource/resource.registry.js.map +0 -1
- package/src/resource/resource.types.js +0 -11
- package/src/resource/resource.types.js.map +0 -1
- package/src/resource/resource.utils.js +0 -151
- package/src/resource/resource.utils.js.map +0 -1
- package/src/scope/flows/http.request.flow.js +0 -474
- package/src/scope/flows/http.request.flow.js.map +0 -1
- package/src/scope/index.js +0 -6
- package/src/scope/index.js.map +0 -1
- package/src/scope/scope.instance.js +0 -263
- package/src/scope/scope.instance.js.map +0 -1
- package/src/scope/scope.registry.js +0 -94
- package/src/scope/scope.registry.js.map +0 -1
- package/src/scope/scope.utils.js +0 -61
- package/src/scope/scope.utils.js.map +0 -1
- package/src/server/adapters/base.host.adapter.js +0 -8
- package/src/server/adapters/base.host.adapter.js.map +0 -1
- package/src/server/adapters/express.host.adapter.js +0 -70
- package/src/server/adapters/express.host.adapter.js.map +0 -1
- package/src/server/server.instance.js +0 -54
- package/src/server/server.instance.js.map +0 -1
- package/src/server/server.types.js +0 -3
- package/src/server/server.types.js.map +0 -1
- package/src/server/server.validation.js +0 -192
- package/src/server/server.validation.js.map +0 -1
- package/src/store/adapters/store.base.adapter.js +0 -16
- package/src/store/adapters/store.base.adapter.js.map +0 -1
- package/src/store/adapters/store.memory.adapter.js +0 -89
- package/src/store/adapters/store.memory.adapter.js.map +0 -1
- package/src/store/adapters/store.redis.adapter.js +0 -104
- package/src/store/adapters/store.redis.adapter.js.map +0 -1
- package/src/store/index.js +0 -12
- package/src/store/index.js.map +0 -1
- package/src/store/store.helpers.js +0 -67
- package/src/store/store.helpers.js.map +0 -1
- package/src/store/store.registry.js +0 -37
- package/src/store/store.registry.js.map +0 -1
- package/src/store/store.tokens.js +0 -7
- package/src/store/store.tokens.js.map +0 -1
- package/src/store/store.types.js +0 -11
- package/src/store/store.types.js.map +0 -1
- package/src/store/store.utils.js +0 -18
- package/src/store/store.utils.js.map +0 -1
- package/src/tool/flows/call-tool.flow.js +0 -616
- package/src/tool/flows/call-tool.flow.js.map +0 -1
- package/src/tool/flows/tools-list.flow.js +0 -328
- package/src/tool/flows/tools-list.flow.js.map +0 -1
- package/src/tool/tool.events.js +0 -16
- package/src/tool/tool.events.js.map +0 -1
- package/src/tool/tool.instance.js +0 -117
- package/src/tool/tool.instance.js.map +0 -1
- package/src/tool/tool.registry.js +0 -353
- package/src/tool/tool.registry.js.map +0 -1
- package/src/tool/tool.types.js +0 -10
- package/src/tool/tool.types.js.map +0 -1
- package/src/tool/tool.utils.js +0 -366
- package/src/tool/tool.utils.js.map +0 -1
- package/src/tool/ui/index.js +0 -63
- package/src/tool/ui/index.js.map +0 -1
- package/src/tool/ui/platform-adapters.js +0 -18
- package/src/tool/ui/platform-adapters.js.map +0 -1
- package/src/tool/ui/template-helpers.js +0 -112
- package/src/tool/ui/template-helpers.js.map +0 -1
- package/src/tool/ui/ui-resource-template.js +0 -64
- package/src/tool/ui/ui-resource-template.js.map +0 -1
- package/src/tool/ui/ui-resource.handler.js +0 -129
- package/src/tool/ui/ui-resource.handler.js.map +0 -1
- package/src/transport/adapters/transport.local.adapter.js +0 -148
- package/src/transport/adapters/transport.local.adapter.js.map +0 -1
- package/src/transport/adapters/transport.sse.adapter.js +0 -65
- package/src/transport/adapters/transport.sse.adapter.js.map +0 -1
- package/src/transport/adapters/transport.streamable-http.adapter.js +0 -112
- package/src/transport/adapters/transport.streamable-http.adapter.js.map +0 -1
- package/src/transport/flows/handle.sse.flow.js +0 -197
- package/src/transport/flows/handle.sse.flow.js.map +0 -1
- package/src/transport/flows/handle.stateless-http.flow.js +0 -102
- package/src/transport/flows/handle.stateless-http.flow.js.map +0 -1
- package/src/transport/flows/handle.streamable-http.flow.js +0 -315
- package/src/transport/flows/handle.streamable-http.flow.js.map +0 -1
- package/src/transport/legacy/legacy.sse.tranporter.js +0 -185
- package/src/transport/legacy/legacy.sse.tranporter.js.map +0 -1
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.js +0 -14
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.js.map +0 -1
- package/src/transport/mcp-handlers/call-tool-request.handler.js +0 -46
- package/src/transport/mcp-handlers/call-tool-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/complete-request.handler.js +0 -11
- package/src/transport/mcp-handlers/complete-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/get-prompt-request.handler.js +0 -11
- package/src/transport/mcp-handlers/get-prompt-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/index.js +0 -57
- package/src/transport/mcp-handlers/index.js.map +0 -1
- package/src/transport/mcp-handlers/initialize-request.handler.js +0 -109
- package/src/transport/mcp-handlers/initialize-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/list-prompts-request.handler.js +0 -11
- package/src/transport/mcp-handlers/list-prompts-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/list-resource-templates-request.handler.js +0 -12
- package/src/transport/mcp-handlers/list-resource-templates-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/list-resources-request.handler.js +0 -12
- package/src/transport/mcp-handlers/list-resources-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/list-tools-request.handler.js +0 -11
- package/src/transport/mcp-handlers/list-tools-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/logging-set-level-request.handler.js +0 -34
- package/src/transport/mcp-handlers/logging-set-level-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/mcp-handlers.types.js +0 -3
- package/src/transport/mcp-handlers/mcp-handlers.types.js.map +0 -1
- package/src/transport/mcp-handlers/read-resource-request.handler.js +0 -12
- package/src/transport/mcp-handlers/read-resource-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js +0 -26
- package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js.map +0 -1
- package/src/transport/mcp-handlers/subscribe-request.handler.js +0 -34
- package/src/transport/mcp-handlers/subscribe-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/unsubscribe-request.handler.js +0 -34
- package/src/transport/mcp-handlers/unsubscribe-request.handler.js.map +0 -1
- package/src/transport/transport.error.js +0 -25
- package/src/transport/transport.error.js.map +0 -1
- package/src/transport/transport.event-store.js +0 -36
- package/src/transport/transport.event-store.js.map +0 -1
- package/src/transport/transport.local.js +0 -71
- package/src/transport/transport.local.js.map +0 -1
- package/src/transport/transport.registry.js +0 -523
- package/src/transport/transport.registry.js.map +0 -1
- package/src/transport/transport.remote.js +0 -31
- package/src/transport/transport.remote.js.map +0 -1
- package/src/transport/transport.types.js +0 -3
- package/src/transport/transport.types.js.map +0 -1
- package/src/types/drinen-hooks.types.js +0 -3
- package/src/types/drinen-hooks.types.js.map +0 -1
- package/src/types/invoke.type.js +0 -34
- package/src/types/invoke.type.js.map +0 -1
- package/src/types/token.types.js +0 -3
- package/src/types/token.types.js.map +0 -1
- package/src/utils/content.utils.js +0 -194
- package/src/utils/content.utils.js.map +0 -1
- package/src/utils/index.js +0 -55
- package/src/utils/index.js.map +0 -1
- package/src/utils/lineage.utils.js +0 -82
- package/src/utils/lineage.utils.js.map +0 -1
- package/src/utils/metadata.utils.js +0 -26
- package/src/utils/metadata.utils.js.map +0 -1
- package/src/utils/naming.utils.js +0 -136
- package/src/utils/naming.utils.js.map +0 -1
- package/src/utils/server.utils.js +0 -59
- package/src/utils/server.utils.js.map +0 -1
- package/src/utils/string.utils.js +0 -10
- package/src/utils/string.utils.js.map +0 -1
- package/src/utils/token.utils.js +0 -65
- package/src/utils/token.utils.js.map +0 -1
- package/src/utils/types.utils.js +0 -3
- package/src/utils/types.utils.js.map +0 -1
- package/src/utils/uri-template.utils.js +0 -113
- package/src/utils/uri-template.utils.js.map +0 -1
- package/src/utils/uri-validation.utils.js +0 -76
- package/src/utils/uri-validation.utils.js.map +0 -1
- package/{src/adapter → adapter}/adapter.instance.d.ts +0 -0
- package/{src/adapter → adapter}/adapter.regsitry.d.ts +0 -0
- package/{src/adapter → adapter}/adapter.utils.d.ts +0 -0
- package/{src/app → app}/app.registry.d.ts +0 -0
- package/{src/app → app}/app.utils.d.ts +0 -0
- package/{src/app → app}/instances/app.local.instance.d.ts +0 -0
- package/{src/app → app}/instances/app.remote.instance.d.ts +0 -0
- package/{src/app → app}/instances/index.d.ts +0 -0
- package/{src/auth → auth}/auth.registry.d.ts +0 -0
- package/{src/auth → auth}/auth.utils.d.ts +0 -0
- package/{src/auth → auth}/authorization/authorization.class.d.ts +0 -0
- package/{src/auth → auth}/authorization/authorization.types.d.ts +0 -0
- package/{src/auth → auth}/authorization/index.d.ts +0 -0
- package/{src/auth → auth}/authorization/orchestrated.authorization.d.ts +0 -0
- package/{src/auth → auth}/authorization/public.authorization.d.ts +0 -0
- package/{src/auth → auth}/authorization/transparent.authorization.d.ts +0 -0
- package/{src/auth → auth}/consent/consent.types.d.ts +0 -0
- package/{src/auth → auth}/consent/index.d.ts +0 -0
- package/{src/auth → auth}/detection/auth-provider-detection.d.ts +0 -0
- package/{src/auth → auth}/detection/index.d.ts +0 -0
- package/{src/auth → auth}/flows/auth.verify.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/oauth.authorize.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/oauth.callback.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/oauth.register.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/oauth.token.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/session.verify.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/well-known.jwks.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/well-known.oauth-authorization-server.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/well-known.prm.flow.d.ts +0 -0
- package/{src/auth → auth}/jwks/dev-key-persistence.d.ts +0 -0
- package/{src/auth → auth}/jwks/index.d.ts +0 -0
- package/{src/auth → auth}/jwks/jwks.service.d.ts +0 -0
- package/{src/auth → auth}/jwks/jwks.types.d.ts +0 -0
- package/{src/auth → auth}/jwks/jwks.utils.d.ts +0 -0
- package/{src/auth → auth}/machine-id.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.authorize.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.device-authorization.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.introspect.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.par.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.revoke.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.token.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.userinfo.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oidc.logout.flow.d.ts +0 -0
- package/{src/auth → auth}/session/authorization-vault.d.ts +0 -0
- package/{src/auth → auth}/session/authorization.store.d.ts +0 -0
- package/{src/auth → auth}/session/encrypted-authorization-vault.d.ts +0 -0
- package/{src/auth → auth}/session/record/session.base.d.ts +0 -0
- package/{src/auth → auth}/session/record/session.stateful.d.ts +0 -0
- package/{src/auth → auth}/session/record/session.stateless.d.ts +0 -0
- package/{src/auth → auth}/session/record/session.transparent.d.ts +0 -0
- package/{src/auth → auth}/session/redis-session.store.d.ts +0 -0
- package/{src/auth → auth}/session/session.crypto.d.ts +0 -0
- package/{src/auth → auth}/session/session.schema.d.ts +0 -0
- package/{src/auth → auth}/session/session.service.d.ts +0 -0
- package/{src/auth → auth}/session/session.transport.d.ts +0 -0
- package/{src/auth → auth}/session/session.types.d.ts +0 -0
- package/{src/auth → auth}/session/token.refresh.d.ts +0 -0
- package/{src/auth → auth}/session/token.store.d.ts +0 -0
- package/{src/auth → auth}/session/token.vault.d.ts +0 -0
- package/{src/auth → auth}/session/transport-session.manager.d.ts +0 -0
- package/{src/auth → auth}/session/transport-session.types.d.ts +0 -0
- package/{src/auth → auth}/session/utils/auth-token.utils.d.ts +0 -0
- package/{src/auth → auth}/session/utils/session-id.utils.d.ts +0 -0
- package/{src/auth → auth}/session/utils/tiny-ttl-cache.d.ts +0 -0
- package/{src/auth → auth}/session/vault-encryption.d.ts +0 -0
- package/{src/auth → auth}/ui/base-layout.d.ts +0 -0
- package/{src/auth → auth}/ui/index.d.ts +0 -0
- package/{src/auth → auth}/ui/templates.d.ts +0 -0
- package/{src/auth → auth}/utils/audience.validator.d.ts +0 -0
- package/{src/auth → auth}/utils/index.d.ts +0 -0
- package/{src/auth → auth}/utils/www-authenticate.utils.d.ts +0 -0
- package/{src/common → common}/common.schema.d.ts +0 -0
- package/{src/common → common}/constants.d.ts +0 -0
- package/{src/common → common}/decorators/adapter.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/app.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/auth-provider.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/decorator-utils.d.ts +0 -0
- package/{src/common → common}/decorators/flow.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/front-mcp.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/hook.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/index.d.ts +0 -0
- package/{src/common → common}/decorators/logger.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/plugin.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/prompt.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/provider.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/resource.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/tool.decorator.d.ts +0 -0
- package/{src/common → common}/dynamic/dynamic.adapter.d.ts +0 -0
- package/{src/common → common}/dynamic/dynamic.plugin.d.ts +0 -0
- package/{src/common → common}/dynamic/dynamic.utils.d.ts +0 -0
- package/{src/common → common}/dynamic/index.d.ts +0 -0
- package/{src/common → common}/entries/adapter.entry.d.ts +0 -0
- package/{src/common → common}/entries/app.entry.d.ts +0 -0
- package/{src/common → common}/entries/auth-provider.entry.d.ts +0 -0
- package/{src/common → common}/entries/base.entry.d.ts +0 -0
- package/{src/common → common}/entries/flow.entry.d.ts +0 -0
- package/{src/common → common}/entries/hook.entry.d.ts +0 -0
- package/{src/common → common}/entries/index.d.ts +0 -0
- package/{src/common → common}/entries/logger.entry.d.ts +0 -0
- package/{src/common → common}/entries/plugin.entry.d.ts +0 -0
- package/{src/common → common}/entries/prompt.entry.d.ts +0 -0
- package/{src/common → common}/entries/provider.entry.d.ts +0 -0
- package/{src/common → common}/entries/resource.entry.d.ts +0 -0
- package/{src/common → common}/entries/scope.entry.d.ts +0 -0
- package/{src/common → common}/entries/tool.entry.d.ts +0 -0
- package/{src/common → common}/flow/flow.utils.d.ts +0 -0
- package/{src/common → common}/index.d.ts +0 -0
- package/{src/common → common}/interfaces/adapter.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/app.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/auth-hook.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/auth-provider.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/base.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/execution-context.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/flow.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/front-mcp.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/hook.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/index.d.ts +0 -0
- package/{src/common → common}/interfaces/internal/flow.utils.d.ts +0 -0
- package/{src/common → common}/interfaces/internal/index.d.ts +0 -0
- package/{src/common → common}/interfaces/internal/registry.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/logger.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/plugin.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/prompt.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/provider.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/resource.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/scope.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/server.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/session-hook.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/tool-hook.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/tool.interface.d.ts +0 -0
- package/{src/common → common}/metadata/adapter.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/app.metadata.d.ts +42 -42
- /package/{src/common → common}/metadata/auth-provider.metadata.d.ts +0 -0
- /package/{src/common → common}/metadata/flow.metadata.d.ts +0 -0
- /package/{src/common → common}/metadata/hook.metadata.d.ts +0 -0
- /package/{src/common → common}/metadata/index.d.ts +0 -0
- /package/{src/common → common}/metadata/logger.metadata.d.ts +0 -0
- /package/{src/common → common}/metadata/plugin.metadata.d.ts +0 -0
- /package/{src/common → common}/metadata/provider.metadata.d.ts +0 -0
- /package/{src/common → common}/migrate/auth-transport.migrate.d.ts +0 -0
- /package/{src/common → common}/migrate/index.d.ts +0 -0
- /package/{src/common → common}/providers/base-config.provider.d.ts +0 -0
- /package/{src/common → common}/records/adapter.record.d.ts +0 -0
- /package/{src/common → common}/records/app.record.d.ts +0 -0
- /package/{src/common → common}/records/auth-provider.record.d.ts +0 -0
- /package/{src/common → common}/records/flow.record.d.ts +0 -0
- /package/{src/common → common}/records/hook.record.d.ts +0 -0
- /package/{src/common → common}/records/index.d.ts +0 -0
- /package/{src/common → common}/records/logger.record.d.ts +0 -0
- /package/{src/common → common}/records/plugin.record.d.ts +0 -0
- /package/{src/common → common}/records/prompt.record.d.ts +0 -0
- /package/{src/common → common}/records/provider.record.d.ts +0 -0
- /package/{src/common → common}/records/resource.record.d.ts +0 -0
- /package/{src/common → common}/records/scope.record.d.ts +0 -0
- /package/{src/common → common}/records/tool.record.d.ts +0 -0
- /package/{src/common → common}/schemas/annotated-class.schema.d.ts +0 -0
- /package/{src/common → common}/schemas/http-input.schema.d.ts +0 -0
- /package/{src/common → common}/schemas/index.d.ts +0 -0
- /package/{src/common → common}/schemas/session-header.schema.d.ts +0 -0
- /package/{src/common → common}/tokens/adapter.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/app.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/auth-provider.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/base.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/flow-hook.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/flow.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/front-mcp.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/index.d.ts +0 -0
- /package/{src/common → common}/tokens/logger.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/plugin.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/prompt.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/provider.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/resource.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/server.tokens.d.ts +0 -0
- /package/{src/common → common}/tokens/tool.tokens.d.ts +0 -0
- /package/{src/common → common}/types/auth/index.d.ts +0 -0
- /package/{src/common → common}/types/auth/jwt.types.d.ts +0 -0
- /package/{src/common → common}/types/auth/session.types.d.ts +0 -0
- /package/{src/common → common}/types/common.types.d.ts +0 -0
- /package/{src/common → common}/types/index.d.ts +0 -0
- /package/{src/logger/logger.tokens.d.ts → common/types/options/auth/auth.typecheck.d.ts} +0 -0
- /package/{src/common → common}/types/options/http.options.d.ts +0 -0
- /package/{src/common → common}/types/options/logging.options.d.ts +0 -0
- /package/{src/common → common}/types/options/session.options.d.ts +0 -0
- /package/{src/common → common}/utils/path.utils.d.ts +0 -0
- /package/{src/context → context}/frontmcp-context-storage.d.ts +0 -0
- /package/{src/context → context}/frontmcp-context.d.ts +0 -0
- /package/{src/context → context}/frontmcp-context.provider.d.ts +0 -0
- /package/{src/context → context}/index.d.ts +0 -0
- /package/{src/context → context}/request-context-storage.d.ts +0 -0
- /package/{src/context → context}/request-context.d.ts +0 -0
- /package/{src/context → context}/request-context.provider.d.ts +0 -0
- /package/{src/context → context}/session-key.provider.d.ts +0 -0
- /package/{src/context → context}/trace-context.d.ts +0 -0
- /package/{src/errors → errors}/authorization-required.error.d.ts +0 -0
- /package/{src/errors → errors}/error-handler.d.ts +0 -0
- /package/{src/exceptions → exceptions}/mcp-exceptions/session-missing.exception.d.ts +0 -0
- /package/{src/exceptions → exceptions}/mcp-exceptions/unsupported-client-version.exception.d.ts +0 -0
- /package/{src/flows → flows}/flow.instance.d.ts +0 -0
- /package/{src/flows → flows}/flow.registry.d.ts +0 -0
- /package/{src/flows → flows}/flow.stages.d.ts +0 -0
- /package/{src/flows → flows}/flow.utils.d.ts +0 -0
- /package/{src/front-mcp → front-mcp}/front-mcp.d.ts +0 -0
- /package/{src/front-mcp → front-mcp}/front-mcp.tokens.d.ts +0 -0
- /package/{src/front-mcp → front-mcp}/serverless-handler.d.ts +0 -0
- /package/{src/hooks → hooks}/hook.instance.d.ts +0 -0
- /package/{src/hooks → hooks}/hook.registry.d.ts +0 -0
- /package/{src/hooks → hooks}/hooks.utils.d.ts +0 -0
- /package/{src/logger → logger}/instances/instance.console-logger.d.ts +0 -0
- /package/{src/logger → logger}/instances/instance.logger.d.ts +0 -0
- /package/{src/logger → logger}/logger.registry.d.ts +0 -0
- /package/{src/logger → logger}/logger.types.d.ts +0 -0
- /package/{src/logger → logger}/logger.utils.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/csp.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/index.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/schemas.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/template.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/types.d.ts +0 -0
- /package/{src/notification → notification}/index.d.ts +0 -0
- /package/{src/notification → notification}/notification.service.d.ts +0 -0
- /package/{src/plugin → plugin}/plugin.registry.d.ts +0 -0
- /package/{src/plugin → plugin}/plugin.utils.d.ts +0 -0
- /package/{src/prompt → prompt}/index.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.events.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.instance.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.registry.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.types.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.utils.d.ts +0 -0
- /package/{src/provider → provider}/provider.registry.d.ts +0 -0
- /package/{src/provider → provider}/provider.types.d.ts +0 -0
- /package/{src/provider → provider}/provider.utils.d.ts +0 -0
- /package/{src/regsitry → regsitry}/index.d.ts +0 -0
- /package/{src/regsitry → regsitry}/registry.base.d.ts +0 -0
- /package/{src/resource → resource}/index.d.ts +0 -0
- /package/{src/resource → resource}/resource.events.d.ts +0 -0
- /package/{src/resource → resource}/resource.instance.d.ts +0 -0
- /package/{src/resource → resource}/resource.registry.d.ts +0 -0
- /package/{src/resource → resource}/resource.types.d.ts +0 -0
- /package/{src/resource → resource}/resource.utils.d.ts +0 -0
- /package/{src/scope → scope}/flows/http.request.flow.d.ts +0 -0
- /package/{src/scope → scope}/index.d.ts +0 -0
- /package/{src/scope → scope}/scope.instance.d.ts +0 -0
- /package/{src/scope → scope}/scope.registry.d.ts +0 -0
- /package/{src/scope → scope}/scope.utils.d.ts +0 -0
- /package/{src/server → server}/adapters/base.host.adapter.d.ts +0 -0
- /package/{src/server → server}/adapters/express.host.adapter.d.ts +0 -0
- /package/{src/server → server}/server.instance.d.ts +0 -0
- /package/{src/server → server}/server.types.d.ts +0 -0
- /package/{src/server → server}/server.validation.d.ts +0 -0
- /package/{src/store → store}/adapters/store.base.adapter.d.ts +0 -0
- /package/{src/store → store}/adapters/store.memory.adapter.d.ts +0 -0
- /package/{src/store → store}/adapters/store.redis.adapter.d.ts +0 -0
- /package/{src/store → store}/store.helpers.d.ts +0 -0
- /package/{src/store → store}/store.registry.d.ts +0 -0
- /package/{src/store → store}/store.tokens.d.ts +0 -0
- /package/{src/store → store}/store.types.d.ts +0 -0
- /package/{src/store → store}/store.utils.d.ts +0 -0
- /package/{src/tool → tool}/tool.events.d.ts +0 -0
- /package/{src/tool → tool}/tool.instance.d.ts +0 -0
- /package/{src/tool → tool}/tool.registry.d.ts +0 -0
- /package/{src/tool → tool}/tool.types.d.ts +0 -0
- /package/{src/tool → tool}/tool.utils.d.ts +0 -0
- /package/{src/tool → tool}/ui/ui-resource-template.d.ts +0 -0
- /package/{src/transport → transport}/adapters/transport.local.adapter.d.ts +0 -0
- /package/{src/transport → transport}/adapters/transport.sse.adapter.d.ts +0 -0
- /package/{src/transport → transport}/adapters/transport.streamable-http.adapter.d.ts +0 -0
- /package/{src/transport → transport}/flows/handle.sse.flow.d.ts +0 -0
- /package/{src/transport → transport}/flows/handle.stateless-http.flow.d.ts +0 -0
- /package/{src/transport → transport}/flows/handle.streamable-http.flow.d.ts +0 -0
- /package/{src/transport → transport}/legacy/legacy.sse.tranporter.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/Initialized-notification.hanlder.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/call-tool-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/initialize-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/mcp-handlers.types.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/roots-list-changed-notification.handler.d.ts +0 -0
- /package/{src/transport → transport}/transport.error.d.ts +0 -0
- /package/{src/transport → transport}/transport.event-store.d.ts +0 -0
- /package/{src/transport → transport}/transport.local.d.ts +0 -0
- /package/{src/transport → transport}/transport.remote.d.ts +0 -0
- /package/{src/transport → transport}/transport.types.d.ts +0 -0
- /package/{src/types → types}/drinen-hooks.types.d.ts +0 -0
- /package/{src/types → types}/invoke.type.d.ts +0 -0
- /package/{src/types → types}/token.types.d.ts +0 -0
- /package/{src/utils → utils}/content.utils.d.ts +0 -0
- /package/{src/utils → utils}/index.d.ts +0 -0
- /package/{src/utils → utils}/lineage.utils.d.ts +0 -0
- /package/{src/utils → utils}/metadata.utils.d.ts +0 -0
- /package/{src/utils → utils}/naming.utils.d.ts +0 -0
- /package/{src/utils → utils}/server.utils.d.ts +0 -0
- /package/{src/utils → utils}/string.utils.d.ts +0 -0
- /package/{src/utils → utils}/token.utils.d.ts +0 -0
- /package/{src/utils → utils}/types.utils.d.ts +0 -0
- /package/{src/utils → utils}/uri-template.utils.d.ts +0 -0
- /package/{src/utils → utils}/uri-validation.utils.d.ts +0 -0
|
@@ -1,197 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.stateSchema = exports.plan = void 0;
|
|
4
|
-
const tslib_1 = require("tslib");
|
|
5
|
-
const common_1 = require("../../common");
|
|
6
|
-
const zod_1 = require("zod");
|
|
7
|
-
const session_id_utils_1 = require("../../auth/session/utils/session-id.utils");
|
|
8
|
-
exports.plan = {
|
|
9
|
-
pre: ['parseInput', 'router'],
|
|
10
|
-
execute: ['onInitialize', 'onMessage', 'onElicitResult'],
|
|
11
|
-
post: [],
|
|
12
|
-
finalize: ['cleanup'],
|
|
13
|
-
};
|
|
14
|
-
// Relaxed session schema for state - payload is optional when using mcp-session-id header directly
|
|
15
|
-
const stateSessionSchema = zod_1.z.object({
|
|
16
|
-
id: zod_1.z.string(),
|
|
17
|
-
payload: zod_1.z
|
|
18
|
-
.object({
|
|
19
|
-
nodeId: zod_1.z.string(),
|
|
20
|
-
authSig: zod_1.z.string(),
|
|
21
|
-
uuid: zod_1.z.string().uuid(),
|
|
22
|
-
iat: zod_1.z.number(),
|
|
23
|
-
protocol: zod_1.z.enum(['legacy-sse', 'sse', 'streamable-http', 'stateful-http', 'stateless-http']).optional(),
|
|
24
|
-
isPublic: zod_1.z.boolean().optional(),
|
|
25
|
-
platformType: zod_1.z
|
|
26
|
-
.enum(['openai', 'claude', 'gemini', 'cursor', 'continue', 'cody', 'generic-mcp', 'ext-apps', 'unknown'])
|
|
27
|
-
.optional(),
|
|
28
|
-
})
|
|
29
|
-
.optional(),
|
|
30
|
-
});
|
|
31
|
-
exports.stateSchema = zod_1.z.object({
|
|
32
|
-
token: zod_1.z.string(),
|
|
33
|
-
session: stateSessionSchema,
|
|
34
|
-
requestType: zod_1.z.enum(['initialize', 'message', 'elicitResult']).optional(),
|
|
35
|
-
});
|
|
36
|
-
const name = 'handle:legacy-sse';
|
|
37
|
-
const { Stage } = (0, common_1.FlowHooksOf)(name);
|
|
38
|
-
let HandleSseFlow = class HandleSseFlow extends common_1.FlowBase {
|
|
39
|
-
async parseInput() {
|
|
40
|
-
const { request } = this.rawInput;
|
|
41
|
-
const authorization = request[common_1.ServerRequestTokens.auth];
|
|
42
|
-
const { token } = authorization;
|
|
43
|
-
// CRITICAL: The mcp-session-id header is the client's reference to their session.
|
|
44
|
-
// We MUST use this exact ID for transport registry lookup.
|
|
45
|
-
//
|
|
46
|
-
// Priority 1: Use mcp-session-id header if present (client's session ID for lookup)
|
|
47
|
-
// This is the ID the client received from initialize and is referencing.
|
|
48
|
-
// Priority 2: Use session from authorization if header matches or is absent
|
|
49
|
-
// Priority 3: Create new session (first request - no header, no authorization.session)
|
|
50
|
-
const raw = request.headers?.['mcp-session-id'];
|
|
51
|
-
const rawMcpSessionHeader = typeof raw === 'string' ? raw : undefined;
|
|
52
|
-
const mcpSessionHeader = (0, common_1.validateMcpSessionHeader)(rawMcpSessionHeader);
|
|
53
|
-
// If client sent a header but validation failed, return 404
|
|
54
|
-
if (raw !== undefined && !mcpSessionHeader) {
|
|
55
|
-
this.respond(common_1.httpRespond.sessionNotFound('invalid session id'));
|
|
56
|
-
return;
|
|
57
|
-
}
|
|
58
|
-
let session;
|
|
59
|
-
if (mcpSessionHeader) {
|
|
60
|
-
// Client sent session ID - ALWAYS use it for transport lookup
|
|
61
|
-
// If authorization.session exists and matches, use its payload for protocol detection
|
|
62
|
-
// If authorization.session differs or is missing, still use header ID (payload may be undefined)
|
|
63
|
-
if (authorization.session?.id === mcpSessionHeader) {
|
|
64
|
-
session = authorization.session;
|
|
65
|
-
}
|
|
66
|
-
else {
|
|
67
|
-
session = { id: mcpSessionHeader };
|
|
68
|
-
}
|
|
69
|
-
}
|
|
70
|
-
else if (authorization.session) {
|
|
71
|
-
// No header but authorization has session - use it (shouldn't happen in normal flow)
|
|
72
|
-
session = authorization.session;
|
|
73
|
-
}
|
|
74
|
-
else {
|
|
75
|
-
// No session - create new one (initialize request)
|
|
76
|
-
session = (0, session_id_utils_1.createSessionId)('legacy-sse', token, {
|
|
77
|
-
userAgent: request.headers?.['user-agent'],
|
|
78
|
-
platformDetectionConfig: this.scope.metadata.transport?.platformDetection,
|
|
79
|
-
});
|
|
80
|
-
}
|
|
81
|
-
this.state.set(exports.stateSchema.parse({ token, session }));
|
|
82
|
-
}
|
|
83
|
-
async router() {
|
|
84
|
-
const { request } = this.rawInput;
|
|
85
|
-
const scope = this.scope;
|
|
86
|
-
const requestPath = (0, common_1.normalizeEntryPrefix)(request.path);
|
|
87
|
-
const prefix = (0, common_1.normalizeEntryPrefix)(scope.entryPath);
|
|
88
|
-
const scopePath = (0, common_1.normalizeScopeBase)(scope.routeBase);
|
|
89
|
-
const basePath = `${prefix}${scopePath}`;
|
|
90
|
-
if (requestPath === `${basePath}/sse`) {
|
|
91
|
-
this.state.set('requestType', 'initialize');
|
|
92
|
-
}
|
|
93
|
-
else if (requestPath === `${basePath}/message`) {
|
|
94
|
-
this.state.set('requestType', 'message');
|
|
95
|
-
}
|
|
96
|
-
}
|
|
97
|
-
async onInitialize() {
|
|
98
|
-
const transportService = this.scope.transportService;
|
|
99
|
-
const { request, response } = this.rawInput;
|
|
100
|
-
const { token, session } = this.state.required;
|
|
101
|
-
const transport = await transportService.createTransporter('sse', token, session.id, response);
|
|
102
|
-
await transport.initialize(request, response);
|
|
103
|
-
this.handled();
|
|
104
|
-
}
|
|
105
|
-
async onElicitResult() {
|
|
106
|
-
// const transport = await transportService.getTransporter('sse', token, session.id);
|
|
107
|
-
// if (!transport) {
|
|
108
|
-
// this.respond(httpRespond.rpcError('session not initialized'));
|
|
109
|
-
// return;
|
|
110
|
-
// }
|
|
111
|
-
// await transport.handleRequest(request, response);
|
|
112
|
-
this.fail(new Error('Not implemented'));
|
|
113
|
-
}
|
|
114
|
-
async onMessage() {
|
|
115
|
-
const transportService = this.scope.transportService;
|
|
116
|
-
const logger = this.scopeLogger.child('handle:legacy-sse:onMessage');
|
|
117
|
-
const { request, response } = this.rawInput;
|
|
118
|
-
const { token, session } = this.state.required;
|
|
119
|
-
const transport = await transportService.getTransporter('sse', token, session.id);
|
|
120
|
-
if (!transport) {
|
|
121
|
-
// Check if session was ever created to differentiate error types per MCP Spec 2025-11-25
|
|
122
|
-
const wasCreated = transportService.wasSessionCreated('sse', token, session.id);
|
|
123
|
-
const body = request.body;
|
|
124
|
-
if (wasCreated) {
|
|
125
|
-
// Session existed but was terminated/evicted → HTTP 404 (client should re-initialize)
|
|
126
|
-
logger.info('Session expired - client should re-initialize', {
|
|
127
|
-
sessionId: session.id?.slice(0, 20),
|
|
128
|
-
tokenHash: token.slice(0, 8),
|
|
129
|
-
method: body?.['method'],
|
|
130
|
-
requestId: body?.['id'],
|
|
131
|
-
});
|
|
132
|
-
this.respond(common_1.httpRespond.sessionExpired('session expired'));
|
|
133
|
-
}
|
|
134
|
-
else {
|
|
135
|
-
// Session was never created → HTTP 404 (per user requirement: invalid/missing session = 404)
|
|
136
|
-
logger.warn('Session not initialized - client attempted request without initializing', {
|
|
137
|
-
sessionId: session.id?.slice(0, 20),
|
|
138
|
-
tokenHash: token.slice(0, 8),
|
|
139
|
-
method: body?.['method'],
|
|
140
|
-
requestId: body?.['id'],
|
|
141
|
-
userAgent: request.headers?.['user-agent']?.slice(0, 50),
|
|
142
|
-
});
|
|
143
|
-
this.respond(common_1.httpRespond.sessionNotFound('session not initialized'));
|
|
144
|
-
}
|
|
145
|
-
return;
|
|
146
|
-
}
|
|
147
|
-
await transport.handleRequest(request, response);
|
|
148
|
-
this.handled();
|
|
149
|
-
}
|
|
150
|
-
};
|
|
151
|
-
tslib_1.__decorate([
|
|
152
|
-
Stage('parseInput'),
|
|
153
|
-
tslib_1.__metadata("design:type", Function),
|
|
154
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
155
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
156
|
-
], HandleSseFlow.prototype, "parseInput", null);
|
|
157
|
-
tslib_1.__decorate([
|
|
158
|
-
Stage('router'),
|
|
159
|
-
tslib_1.__metadata("design:type", Function),
|
|
160
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
161
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
162
|
-
], HandleSseFlow.prototype, "router", null);
|
|
163
|
-
tslib_1.__decorate([
|
|
164
|
-
Stage('onInitialize', {
|
|
165
|
-
filter: ({ state: { requestType } }) => requestType === 'initialize',
|
|
166
|
-
}),
|
|
167
|
-
tslib_1.__metadata("design:type", Function),
|
|
168
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
169
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
170
|
-
], HandleSseFlow.prototype, "onInitialize", null);
|
|
171
|
-
tslib_1.__decorate([
|
|
172
|
-
Stage('onElicitResult', {
|
|
173
|
-
filter: ({ state: { requestType } }) => requestType === 'elicitResult',
|
|
174
|
-
}),
|
|
175
|
-
tslib_1.__metadata("design:type", Function),
|
|
176
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
177
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
178
|
-
], HandleSseFlow.prototype, "onElicitResult", null);
|
|
179
|
-
tslib_1.__decorate([
|
|
180
|
-
Stage('onMessage', {
|
|
181
|
-
filter: ({ state: { requestType } }) => requestType === 'message',
|
|
182
|
-
}),
|
|
183
|
-
tslib_1.__metadata("design:type", Function),
|
|
184
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
185
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
186
|
-
], HandleSseFlow.prototype, "onMessage", null);
|
|
187
|
-
HandleSseFlow = tslib_1.__decorate([
|
|
188
|
-
(0, common_1.Flow)({
|
|
189
|
-
name,
|
|
190
|
-
access: 'authorized',
|
|
191
|
-
inputSchema: common_1.httpInputSchema,
|
|
192
|
-
outputSchema: common_1.httpOutputSchema,
|
|
193
|
-
plan: exports.plan,
|
|
194
|
-
})
|
|
195
|
-
], HandleSseFlow);
|
|
196
|
-
exports.default = HandleSseFlow;
|
|
197
|
-
//# sourceMappingURL=handle.sse.flow.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"handle.sse.flow.js","sourceRoot":"","sources":["../../../../src/transport/flows/handle.sse.flow.ts"],"names":[],"mappings":";;;;AAAA,yCAesB;AACtB,6BAAwB;AAExB,gFAA4E;AAE/D,QAAA,IAAI,GAAG;IAClB,GAAG,EAAE,CAAC,YAAY,EAAE,QAAQ,CAAC;IAC7B,OAAO,EAAE,CAAC,cAAc,EAAE,WAAW,EAAE,gBAAgB,CAAC;IACxD,IAAI,EAAE,EAAE;IACR,QAAQ,EAAE,CAAC,SAAS,CAAC;CACc,CAAC;AAEtC,mGAAmG;AACnG,MAAM,kBAAkB,GAAG,OAAC,CAAC,MAAM,CAAC;IAClC,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE;IACd,OAAO,EAAE,OAAC;SACP,MAAM,CAAC;QACN,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE;QAClB,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE;QACnB,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE;QACvB,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;QACf,QAAQ,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,KAAK,EAAE,iBAAiB,EAAE,eAAe,EAAE,gBAAgB,CAAC,CAAC,CAAC,QAAQ,EAAE;QACxG,QAAQ,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;QAChC,YAAY,EAAE,OAAC;aACZ,IAAI,CAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;aACxG,QAAQ,EAAE;KACd,CAAC;SACD,QAAQ,EAAE;CACd,CAAC,CAAC;AAEU,QAAA,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAClC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE;IACjB,OAAO,EAAE,kBAAkB;IAC3B,WAAW,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC,CAAC,QAAQ,EAAE;CAC1E,CAAC,CAAC;AAEH,MAAM,IAAI,GAAG,mBAA4B,CAAC;AAC1C,MAAM,EAAE,KAAK,EAAE,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AAqBrB,IAAM,aAAa,GAAnB,MAAM,aAAc,SAAQ,iBAAqB;IAExD,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAElC,MAAM,aAAa,GAAG,OAAO,CAAC,4BAAmB,CAAC,IAAI,CAAkB,CAAC;QACzE,MAAM,EAAE,KAAK,EAAE,GAAG,aAAa,CAAC;QAEhC,kFAAkF;QAClF,2DAA2D;QAC3D,EAAE;QACF,oFAAoF;QACpF,qFAAqF;QACrF,4EAA4E;QAC5E,uFAAuF;QACvF,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,gBAAgB,CAAC,CAAC;QAChD,MAAM,mBAAmB,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;QACtE,MAAM,gBAAgB,GAAG,IAAA,iCAAwB,EAAC,mBAAmB,CAAC,CAAC;QAEvE,4DAA4D;QAC5D,IAAI,GAAG,KAAK,SAAS,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3C,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,eAAe,CAAC,oBAAoB,CAAC,CAAC,CAAC;YAChE,OAAO;QACT,CAAC;QAED,IAAI,OAAoF,CAAC;QAEzF,IAAI,gBAAgB,EAAE,CAAC;YACrB,8DAA8D;YAC9D,sFAAsF;YACtF,iGAAiG;YACjG,IAAI,aAAa,CAAC,OAAO,EAAE,EAAE,KAAK,gBAAgB,EAAE,CAAC;gBACnD,OAAO,GAAG,aAAa,CAAC,OAAO,CAAC;YAClC,CAAC;iBAAM,CAAC;gBACN,OAAO,GAAG,EAAE,EAAE,EAAE,gBAAgB,EAAE,CAAC;YACrC,CAAC;QACH,CAAC;aAAM,IAAI,aAAa,CAAC,OAAO,EAAE,CAAC;YACjC,qFAAqF;YACrF,OAAO,GAAG,aAAa,CAAC,OAAO,CAAC;QAClC,CAAC;aAAM,CAAC;YACN,mDAAmD;YACnD,OAAO,GAAG,IAAA,kCAAe,EAAC,YAAY,EAAE,KAAK,EAAE;gBAC7C,SAAS,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC,YAAY,CAAuB;gBAChE,uBAAuB,EAAG,IAAI,CAAC,KAAe,CAAC,QAAQ,CAAC,SAAS,EAAE,iBAAiB;aACrF,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,mBAAW,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC;IACxD,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM;QACV,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAClC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAc,CAAC;QAClC,MAAM,WAAW,GAAG,IAAA,6BAAoB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,MAAM,GAAG,IAAA,6BAAoB,EAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACrD,MAAM,SAAS,GAAG,IAAA,2BAAkB,EAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,GAAG,MAAM,GAAG,SAAS,EAAE,CAAC;QAEzC,IAAI,WAAW,KAAK,GAAG,QAAQ,MAAM,EAAE,CAAC;YACtC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QAC9C,CAAC;aAAM,IAAI,WAAW,KAAK,GAAG,QAAQ,UAAU,EAAE,CAAC;YACjD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAKK,AAAN,KAAK,CAAC,YAAY;QAChB,MAAM,gBAAgB,GAAI,IAAI,CAAC,KAAe,CAAC,gBAAgB,CAAC;QAEhE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5C,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAC/C,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC/F,MAAM,SAAS,CAAC,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;IAKK,AAAN,KAAK,CAAC,cAAc;QAClB,qFAAqF;QACrF,oBAAoB;QACpB,mEAAmE;QACnE,YAAY;QACZ,IAAI;QACJ,oDAAoD;QACpD,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC1C,CAAC;IAKK,AAAN,KAAK,CAAC,SAAS;QACb,MAAM,gBAAgB,GAAI,IAAI,CAAC,KAAe,CAAC,gBAAgB,CAAC;QAChE,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAErE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5C,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAC/C,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,cAAc,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,yFAAyF;YACzF,MAAM,UAAU,GAAG,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;YAChF,MAAM,IAAI,GAAG,OAAO,CAAC,IAA2C,CAAC;YAEjE,IAAI,UAAU,EAAE,CAAC;gBACf,sFAAsF;gBACtF,MAAM,CAAC,IAAI,CAAC,+CAA+C,EAAE;oBAC3D,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;oBACnC,SAAS,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;oBAC5B,MAAM,EAAE,IAAI,EAAE,CAAC,QAAQ,CAAC;oBACxB,SAAS,EAAE,IAAI,EAAE,CAAC,IAAI,CAAC;iBACxB,CAAC,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,CAAC;YAC9D,CAAC;iBAAM,CAAC;gBACN,6FAA6F;gBAC7F,MAAM,CAAC,IAAI,CAAC,yEAAyE,EAAE;oBACrF,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;oBACnC,SAAS,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;oBAC5B,MAAM,EAAE,IAAI,EAAE,CAAC,QAAQ,CAAC;oBACxB,SAAS,EAAE,IAAI,EAAE,CAAC,IAAI,CAAC;oBACvB,SAAS,EAAG,OAAO,CAAC,OAAO,EAAE,CAAC,YAAY,CAAwB,EAAE,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;iBACjF,CAAC,CAAC;gBACH,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,eAAe,CAAC,yBAAyB,CAAC,CAAC,CAAC;YACvE,CAAC;YACD,OAAO;QACT,CAAC;QACD,MAAM,SAAS,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACjD,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;CACF,CAAA;AAlIO;IADL,KAAK,CAAC,YAAY,CAAC;;;;+CA+CnB;AAGK;IADL,KAAK,CAAC,QAAQ,CAAC;;;;2CAcf;AAKK;IAHL,KAAK,CAAC,cAAc,EAAE;QACrB,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,EAAE,CAAC,WAAW,KAAK,YAAY;KACrE,CAAC;;;;iDASD;AAKK;IAHL,KAAK,CAAC,gBAAgB,EAAE;QACvB,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,EAAE,CAAC,WAAW,KAAK,cAAc;KACvE,CAAC;;;;mDASD;AAKK;IAHL,KAAK,CAAC,WAAW,EAAE;QAClB,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,EAAE,CAAC,WAAW,KAAK,SAAS;KAClE,CAAC;;;;8CAqCD;AAnIkB,aAAa;IAPjC,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,MAAM,EAAE,YAAY;QACpB,WAAW,EAAE,wBAAe;QAC5B,YAAY,EAAE,yBAAgB;QAC9B,IAAI,EAAJ,YAAI;KACL,CAAC;GACmB,aAAa,CAoIjC;kBApIoB,aAAa","sourcesContent":["import {\n Flow,\n httpInputSchema,\n FlowRunOptions,\n httpOutputSchema,\n FlowPlan,\n FlowBase,\n FlowHooksOf,\n sessionIdSchema,\n httpRespond,\n ServerRequestTokens,\n Authorization,\n normalizeEntryPrefix,\n normalizeScopeBase,\n validateMcpSessionHeader,\n} from '../../common';\nimport { z } from 'zod';\nimport { Scope } from '../../scope';\nimport { createSessionId } from '../../auth/session/utils/session-id.utils';\n\nexport const plan = {\n pre: ['parseInput', 'router'],\n execute: ['onInitialize', 'onMessage', 'onElicitResult'],\n post: [],\n finalize: ['cleanup'],\n} as const satisfies FlowPlan<string>;\n\n// Relaxed session schema for state - payload is optional when using mcp-session-id header directly\nconst stateSessionSchema = z.object({\n id: z.string(),\n payload: z\n .object({\n nodeId: z.string(),\n authSig: z.string(),\n uuid: z.string().uuid(),\n iat: z.number(),\n protocol: z.enum(['legacy-sse', 'sse', 'streamable-http', 'stateful-http', 'stateless-http']).optional(),\n isPublic: z.boolean().optional(),\n platformType: z\n .enum(['openai', 'claude', 'gemini', 'cursor', 'continue', 'cody', 'generic-mcp', 'ext-apps', 'unknown'])\n .optional(),\n })\n .optional(),\n});\n\nexport const stateSchema = z.object({\n token: z.string(),\n session: stateSessionSchema,\n requestType: z.enum(['initialize', 'message', 'elicitResult']).optional(),\n});\n\nconst name = 'handle:legacy-sse' as const;\nconst { Stage } = FlowHooksOf(name);\n\ndeclare global {\n interface ExtendFlows {\n 'handle:legacy-sse': FlowRunOptions<\n HandleSseFlow,\n typeof plan,\n typeof httpInputSchema,\n typeof httpOutputSchema,\n typeof stateSchema\n >;\n }\n}\n\n@Flow({\n name,\n access: 'authorized',\n inputSchema: httpInputSchema,\n outputSchema: httpOutputSchema,\n plan,\n})\nexport default class HandleSseFlow extends FlowBase<typeof name> {\n @Stage('parseInput')\n async parseInput() {\n const { request } = this.rawInput;\n\n const authorization = request[ServerRequestTokens.auth] as Authorization;\n const { token } = authorization;\n\n // CRITICAL: The mcp-session-id header is the client's reference to their session.\n // We MUST use this exact ID for transport registry lookup.\n //\n // Priority 1: Use mcp-session-id header if present (client's session ID for lookup)\n // This is the ID the client received from initialize and is referencing.\n // Priority 2: Use session from authorization if header matches or is absent\n // Priority 3: Create new session (first request - no header, no authorization.session)\n const raw = request.headers?.['mcp-session-id'];\n const rawMcpSessionHeader = typeof raw === 'string' ? raw : undefined;\n const mcpSessionHeader = validateMcpSessionHeader(rawMcpSessionHeader);\n\n // If client sent a header but validation failed, return 404\n if (raw !== undefined && !mcpSessionHeader) {\n this.respond(httpRespond.sessionNotFound('invalid session id'));\n return;\n }\n\n let session: { id: string; payload?: z.infer<typeof stateSchema>['session']['payload'] };\n\n if (mcpSessionHeader) {\n // Client sent session ID - ALWAYS use it for transport lookup\n // If authorization.session exists and matches, use its payload for protocol detection\n // If authorization.session differs or is missing, still use header ID (payload may be undefined)\n if (authorization.session?.id === mcpSessionHeader) {\n session = authorization.session;\n } else {\n session = { id: mcpSessionHeader };\n }\n } else if (authorization.session) {\n // No header but authorization has session - use it (shouldn't happen in normal flow)\n session = authorization.session;\n } else {\n // No session - create new one (initialize request)\n session = createSessionId('legacy-sse', token, {\n userAgent: request.headers?.['user-agent'] as string | undefined,\n platformDetectionConfig: (this.scope as Scope).metadata.transport?.platformDetection,\n });\n }\n\n this.state.set(stateSchema.parse({ token, session }));\n }\n\n @Stage('router')\n async router() {\n const { request } = this.rawInput;\n const scope = this.scope as Scope;\n const requestPath = normalizeEntryPrefix(request.path);\n const prefix = normalizeEntryPrefix(scope.entryPath);\n const scopePath = normalizeScopeBase(scope.routeBase);\n const basePath = `${prefix}${scopePath}`;\n\n if (requestPath === `${basePath}/sse`) {\n this.state.set('requestType', 'initialize');\n } else if (requestPath === `${basePath}/message`) {\n this.state.set('requestType', 'message');\n }\n }\n\n @Stage('onInitialize', {\n filter: ({ state: { requestType } }) => requestType === 'initialize',\n })\n async onInitialize() {\n const transportService = (this.scope as Scope).transportService;\n\n const { request, response } = this.rawInput;\n const { token, session } = this.state.required;\n const transport = await transportService.createTransporter('sse', token, session.id, response);\n await transport.initialize(request, response);\n this.handled();\n }\n\n @Stage('onElicitResult', {\n filter: ({ state: { requestType } }) => requestType === 'elicitResult',\n })\n async onElicitResult() {\n // const transport = await transportService.getTransporter('sse', token, session.id);\n // if (!transport) {\n // this.respond(httpRespond.rpcError('session not initialized'));\n // return;\n // }\n // await transport.handleRequest(request, response);\n this.fail(new Error('Not implemented'));\n }\n\n @Stage('onMessage', {\n filter: ({ state: { requestType } }) => requestType === 'message',\n })\n async onMessage() {\n const transportService = (this.scope as Scope).transportService;\n const logger = this.scopeLogger.child('handle:legacy-sse:onMessage');\n\n const { request, response } = this.rawInput;\n const { token, session } = this.state.required;\n const transport = await transportService.getTransporter('sse', token, session.id);\n if (!transport) {\n // Check if session was ever created to differentiate error types per MCP Spec 2025-11-25\n const wasCreated = transportService.wasSessionCreated('sse', token, session.id);\n const body = request.body as Record<string, unknown> | undefined;\n\n if (wasCreated) {\n // Session existed but was terminated/evicted → HTTP 404 (client should re-initialize)\n logger.info('Session expired - client should re-initialize', {\n sessionId: session.id?.slice(0, 20),\n tokenHash: token.slice(0, 8),\n method: body?.['method'],\n requestId: body?.['id'],\n });\n this.respond(httpRespond.sessionExpired('session expired'));\n } else {\n // Session was never created → HTTP 404 (per user requirement: invalid/missing session = 404)\n logger.warn('Session not initialized - client attempted request without initializing', {\n sessionId: session.id?.slice(0, 20),\n tokenHash: token.slice(0, 8),\n method: body?.['method'],\n requestId: body?.['id'],\n userAgent: (request.headers?.['user-agent'] as string | undefined)?.slice(0, 50),\n });\n this.respond(httpRespond.sessionNotFound('session not initialized'));\n }\n return;\n }\n await transport.handleRequest(request, response);\n this.handled();\n }\n}\n"]}
|
|
@@ -1,102 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.stateSchema = exports.plan = void 0;
|
|
4
|
-
const tslib_1 = require("tslib");
|
|
5
|
-
const common_1 = require("../../common");
|
|
6
|
-
const zod_1 = require("zod");
|
|
7
|
-
const types_js_1 = require("@modelcontextprotocol/sdk/types.js");
|
|
8
|
-
exports.plan = {
|
|
9
|
-
pre: ['parseInput', 'router'],
|
|
10
|
-
execute: ['handleRequest'],
|
|
11
|
-
post: [],
|
|
12
|
-
finalize: ['cleanup'],
|
|
13
|
-
};
|
|
14
|
-
exports.stateSchema = zod_1.z.object({
|
|
15
|
-
token: zod_1.z.string().optional(),
|
|
16
|
-
isAuthenticated: zod_1.z.boolean(),
|
|
17
|
-
requestType: zod_1.z.enum(['initialize', 'message']).optional(),
|
|
18
|
-
});
|
|
19
|
-
const name = 'handle:stateless-http';
|
|
20
|
-
const { Stage } = (0, common_1.FlowHooksOf)(name);
|
|
21
|
-
let HandleStatelessHttpFlow = class HandleStatelessHttpFlow extends common_1.FlowBase {
|
|
22
|
-
name = name;
|
|
23
|
-
async parseInput() {
|
|
24
|
-
const { request } = this.rawInput;
|
|
25
|
-
// Check if we have auth info
|
|
26
|
-
const auth = request[common_1.ServerRequestTokens.auth];
|
|
27
|
-
const token = auth?.token;
|
|
28
|
-
const isAuthenticated = !!token && token.length > 0;
|
|
29
|
-
this.state.set(exports.stateSchema.parse({
|
|
30
|
-
token: token || undefined,
|
|
31
|
-
isAuthenticated,
|
|
32
|
-
}));
|
|
33
|
-
}
|
|
34
|
-
async router() {
|
|
35
|
-
const { request } = this.rawInput;
|
|
36
|
-
const body = request.body;
|
|
37
|
-
const method = body?.method;
|
|
38
|
-
// Use method-based detection for routing (more permissive than strict schema)
|
|
39
|
-
// The actual schema validation happens in the MCP SDK's transport layer
|
|
40
|
-
if (method === 'initialize') {
|
|
41
|
-
this.state.set('requestType', 'initialize');
|
|
42
|
-
}
|
|
43
|
-
else if (method && types_js_1.RequestSchema.safeParse(request.body).success) {
|
|
44
|
-
this.state.set('requestType', 'message');
|
|
45
|
-
}
|
|
46
|
-
else {
|
|
47
|
-
this.respond(common_1.httpRespond.rpcError('Invalid Request'));
|
|
48
|
-
}
|
|
49
|
-
}
|
|
50
|
-
async handleRequest() {
|
|
51
|
-
const transportService = this.scope.transportService;
|
|
52
|
-
const { request, response } = this.rawInput;
|
|
53
|
-
const { token, isAuthenticated, requestType } = this.state;
|
|
54
|
-
// Get or create the stateless transport
|
|
55
|
-
// For anonymous: shared singleton transport
|
|
56
|
-
// For authenticated: singleton per token
|
|
57
|
-
const transport = isAuthenticated && token
|
|
58
|
-
? await transportService.getOrCreateAuthenticatedStatelessTransport('stateless-http', token, response)
|
|
59
|
-
: await transportService.getOrCreateAnonymousStatelessTransport('stateless-http', response);
|
|
60
|
-
// For stateless mode, inject the well-known session ID
|
|
61
|
-
// This satisfies the MCP SDK's session header requirement while keeping requests stateless
|
|
62
|
-
if (!request.headers['mcp-session-id']) {
|
|
63
|
-
request.headers['mcp-session-id'] = '__stateless__';
|
|
64
|
-
}
|
|
65
|
-
if (requestType === 'initialize') {
|
|
66
|
-
await transport.initialize(request, response);
|
|
67
|
-
}
|
|
68
|
-
else {
|
|
69
|
-
await transport.handleRequest(request, response);
|
|
70
|
-
}
|
|
71
|
-
this.handled();
|
|
72
|
-
}
|
|
73
|
-
};
|
|
74
|
-
tslib_1.__decorate([
|
|
75
|
-
Stage('parseInput'),
|
|
76
|
-
tslib_1.__metadata("design:type", Function),
|
|
77
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
78
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
79
|
-
], HandleStatelessHttpFlow.prototype, "parseInput", null);
|
|
80
|
-
tslib_1.__decorate([
|
|
81
|
-
Stage('router'),
|
|
82
|
-
tslib_1.__metadata("design:type", Function),
|
|
83
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
84
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
85
|
-
], HandleStatelessHttpFlow.prototype, "router", null);
|
|
86
|
-
tslib_1.__decorate([
|
|
87
|
-
Stage('handleRequest'),
|
|
88
|
-
tslib_1.__metadata("design:type", Function),
|
|
89
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
90
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
91
|
-
], HandleStatelessHttpFlow.prototype, "handleRequest", null);
|
|
92
|
-
HandleStatelessHttpFlow = tslib_1.__decorate([
|
|
93
|
-
(0, common_1.Flow)({
|
|
94
|
-
name,
|
|
95
|
-
plan: exports.plan,
|
|
96
|
-
access: 'public', // Can be accessed without full auth
|
|
97
|
-
inputSchema: common_1.httpInputSchema,
|
|
98
|
-
outputSchema: common_1.httpOutputSchema,
|
|
99
|
-
})
|
|
100
|
-
], HandleStatelessHttpFlow);
|
|
101
|
-
exports.default = HandleStatelessHttpFlow;
|
|
102
|
-
//# sourceMappingURL=handle.stateless-http.flow.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"handle.stateless-http.flow.js","sourceRoot":"","sources":["../../../../src/transport/flows/handle.stateless-http.flow.ts"],"names":[],"mappings":";;;;AAAA,yCAWsB;AACtB,6BAAwB;AACxB,iEAAmE;AAGtD,QAAA,IAAI,GAAG;IAClB,GAAG,EAAE,CAAC,YAAY,EAAE,QAAQ,CAAC;IAC7B,OAAO,EAAE,CAAC,eAAe,CAAC;IAC1B,IAAI,EAAE,EAAE;IACR,QAAQ,EAAE,CAAC,SAAS,CAAC;CACc,CAAC;AAEzB,QAAA,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAClC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,eAAe,EAAE,OAAC,CAAC,OAAO,EAAE;IAC5B,WAAW,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;CAC1D,CAAC,CAAC;AAEH,MAAM,IAAI,GAAG,uBAAgC,CAAC;AAC9C,MAAM,EAAE,KAAK,EAAE,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AAqBrB,IAAM,uBAAuB,GAA7B,MAAM,uBAAwB,SAAQ,iBAAqB;IACxE,IAAI,GAAG,IAAI,CAAC;IAGN,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAElC,6BAA6B;QAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,4BAAmB,CAAC,IAAI,CAA8B,CAAC;QAC5E,MAAM,KAAK,GAAG,IAAI,EAAE,KAAK,CAAC;QAC1B,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;QAEpD,IAAI,CAAC,KAAK,CAAC,GAAG,CACZ,mBAAW,CAAC,KAAK,CAAC;YAChB,KAAK,EAAE,KAAK,IAAI,SAAS;YACzB,eAAe;SAChB,CAAC,CACH,CAAC;IACJ,CAAC;IAGK,AAAN,KAAK,CAAC,MAAM;QACV,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAClC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAuC,CAAC;QAC7D,MAAM,MAAM,GAAG,IAAI,EAAE,MAAM,CAAC;QAE5B,8EAA8E;QAC9E,wEAAwE;QACxE,IAAI,MAAM,KAAK,YAAY,EAAE,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QAC9C,CAAC;aAAM,IAAI,MAAM,IAAI,wBAAa,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;YACnE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAGK,AAAN,KAAK,CAAC,aAAa;QACjB,MAAM,gBAAgB,GAAI,IAAI,CAAC,KAAe,CAAC,gBAAgB,CAAC;QAChE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC5C,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QAE3D,wCAAwC;QACxC,4CAA4C;QAC5C,yCAAyC;QACzC,MAAM,SAAS,GACb,eAAe,IAAI,KAAK;YACtB,CAAC,CAAC,MAAM,gBAAgB,CAAC,0CAA0C,CAAC,gBAAgB,EAAE,KAAK,EAAE,QAAQ,CAAC;YACtG,CAAC,CAAC,MAAM,gBAAgB,CAAC,sCAAsC,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC;QAEhG,uDAAuD;QACvD,2FAA2F;QAC3F,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACvC,OAAO,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,eAAe,CAAC;QACtD,CAAC;QAED,IAAI,WAAW,KAAK,YAAY,EAAE,CAAC;YACjC,MAAM,SAAS,CAAC,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,MAAM,SAAS,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;CACF,CAAA;AA7DO;IADL,KAAK,CAAC,YAAY,CAAC;;;;yDAenB;AAGK;IADL,KAAK,CAAC,QAAQ,CAAC;;;;qDAef;AAGK;IADL,KAAK,CAAC,eAAe,CAAC;;;;4DA2BtB;AAhEkB,uBAAuB;IAP3C,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,IAAI,EAAJ,YAAI;QACJ,MAAM,EAAE,QAAQ,EAAE,oCAAoC;QACtD,WAAW,EAAE,wBAAe;QAC5B,YAAY,EAAE,yBAAgB;KAC/B,CAAC;GACmB,uBAAuB,CAiE3C;kBAjEoB,uBAAuB","sourcesContent":["import {\n Flow,\n httpInputSchema,\n FlowRunOptions,\n httpOutputSchema,\n FlowPlan,\n FlowBase,\n FlowHooksOf,\n httpRespond,\n ServerRequestTokens,\n Authorization,\n} from '../../common';\nimport { z } from 'zod';\nimport { RequestSchema } from '@modelcontextprotocol/sdk/types.js';\nimport { Scope } from '../../scope';\n\nexport const plan = {\n pre: ['parseInput', 'router'],\n execute: ['handleRequest'],\n post: [],\n finalize: ['cleanup'],\n} as const satisfies FlowPlan<string>;\n\nexport const stateSchema = z.object({\n token: z.string().optional(),\n isAuthenticated: z.boolean(),\n requestType: z.enum(['initialize', 'message']).optional(),\n});\n\nconst name = 'handle:stateless-http' as const;\nconst { Stage } = FlowHooksOf(name);\n\ndeclare global {\n interface ExtendFlows {\n 'handle:stateless-http': FlowRunOptions<\n HandleStatelessHttpFlow,\n typeof plan,\n typeof httpInputSchema,\n typeof httpOutputSchema,\n typeof stateSchema\n >;\n }\n}\n\n@Flow({\n name,\n plan,\n access: 'public', // Can be accessed without full auth\n inputSchema: httpInputSchema,\n outputSchema: httpOutputSchema,\n})\nexport default class HandleStatelessHttpFlow extends FlowBase<typeof name> {\n name = name;\n\n @Stage('parseInput')\n async parseInput() {\n const { request } = this.rawInput;\n\n // Check if we have auth info\n const auth = request[ServerRequestTokens.auth] as Authorization | undefined;\n const token = auth?.token;\n const isAuthenticated = !!token && token.length > 0;\n\n this.state.set(\n stateSchema.parse({\n token: token || undefined,\n isAuthenticated,\n }),\n );\n }\n\n @Stage('router')\n async router() {\n const { request } = this.rawInput;\n const body = request.body as { method?: string } | undefined;\n const method = body?.method;\n\n // Use method-based detection for routing (more permissive than strict schema)\n // The actual schema validation happens in the MCP SDK's transport layer\n if (method === 'initialize') {\n this.state.set('requestType', 'initialize');\n } else if (method && RequestSchema.safeParse(request.body).success) {\n this.state.set('requestType', 'message');\n } else {\n this.respond(httpRespond.rpcError('Invalid Request'));\n }\n }\n\n @Stage('handleRequest')\n async handleRequest() {\n const transportService = (this.scope as Scope).transportService;\n const { request, response } = this.rawInput;\n const { token, isAuthenticated, requestType } = this.state;\n\n // Get or create the stateless transport\n // For anonymous: shared singleton transport\n // For authenticated: singleton per token\n const transport =\n isAuthenticated && token\n ? await transportService.getOrCreateAuthenticatedStatelessTransport('stateless-http', token, response)\n : await transportService.getOrCreateAnonymousStatelessTransport('stateless-http', response);\n\n // For stateless mode, inject the well-known session ID\n // This satisfies the MCP SDK's session header requirement while keeping requests stateless\n if (!request.headers['mcp-session-id']) {\n request.headers['mcp-session-id'] = '__stateless__';\n }\n\n if (requestType === 'initialize') {\n await transport.initialize(request, response);\n } else {\n await transport.handleRequest(request, response);\n }\n\n this.handled();\n }\n}\n"]}
|
|
@@ -1,315 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.stateSchema = exports.plan = void 0;
|
|
4
|
-
const tslib_1 = require("tslib");
|
|
5
|
-
const common_1 = require("../../common");
|
|
6
|
-
const zod_1 = require("zod");
|
|
7
|
-
const types_js_1 = require("@modelcontextprotocol/sdk/types.js");
|
|
8
|
-
const session_id_utils_1 = require("../../auth/session/utils/session-id.utils");
|
|
9
|
-
exports.plan = {
|
|
10
|
-
pre: ['parseInput', 'router'],
|
|
11
|
-
execute: ['onInitialize', 'onMessage', 'onElicitResult', 'onSseListener'],
|
|
12
|
-
post: [],
|
|
13
|
-
finalize: ['cleanup'],
|
|
14
|
-
};
|
|
15
|
-
// Relaxed session schema for state - payload is optional when using mcp-session-id header directly
|
|
16
|
-
const stateSessionSchema = zod_1.z.object({
|
|
17
|
-
id: zod_1.z.string(),
|
|
18
|
-
payload: zod_1.z
|
|
19
|
-
.object({
|
|
20
|
-
nodeId: zod_1.z.string(),
|
|
21
|
-
authSig: zod_1.z.string(),
|
|
22
|
-
uuid: zod_1.z.string().uuid(),
|
|
23
|
-
iat: zod_1.z.number(),
|
|
24
|
-
protocol: zod_1.z.enum(['legacy-sse', 'sse', 'streamable-http', 'stateful-http', 'stateless-http']).optional(),
|
|
25
|
-
isPublic: zod_1.z.boolean().optional(),
|
|
26
|
-
platformType: zod_1.z
|
|
27
|
-
.enum(['openai', 'claude', 'gemini', 'cursor', 'continue', 'cody', 'generic-mcp', 'ext-apps', 'unknown'])
|
|
28
|
-
.optional(),
|
|
29
|
-
})
|
|
30
|
-
.optional(),
|
|
31
|
-
});
|
|
32
|
-
exports.stateSchema = zod_1.z.object({
|
|
33
|
-
token: zod_1.z.string(),
|
|
34
|
-
session: stateSessionSchema,
|
|
35
|
-
requestType: zod_1.z.enum(['initialize', 'message', 'elicitResult', 'sseListener']).optional(),
|
|
36
|
-
});
|
|
37
|
-
const name = 'handle:streamable-http';
|
|
38
|
-
const { Stage } = (0, common_1.FlowHooksOf)(name);
|
|
39
|
-
let HandleStreamableHttpFlow = class HandleStreamableHttpFlow extends common_1.FlowBase {
|
|
40
|
-
name = name;
|
|
41
|
-
async parseInput() {
|
|
42
|
-
const { request } = this.rawInput;
|
|
43
|
-
console.log('[DEBUG] parseInput: starting');
|
|
44
|
-
const authorization = request[common_1.ServerRequestTokens.auth];
|
|
45
|
-
console.log('[DEBUG] parseInput: authorization =', authorization
|
|
46
|
-
? {
|
|
47
|
-
hasToken: !!authorization.token,
|
|
48
|
-
hasSession: !!authorization.session,
|
|
49
|
-
sessionId: authorization.session?.id?.slice(0, 30),
|
|
50
|
-
}
|
|
51
|
-
: 'undefined');
|
|
52
|
-
const { token } = authorization;
|
|
53
|
-
// CRITICAL: The mcp-session-id header is the client's reference to their session.
|
|
54
|
-
// We MUST use this exact ID for transport registry lookup.
|
|
55
|
-
//
|
|
56
|
-
// Priority 1: Use mcp-session-id header if present (client's session ID for lookup)
|
|
57
|
-
// This is the ID the client received from initialize and is referencing.
|
|
58
|
-
// Priority 2: Use session from authorization if header matches or is absent
|
|
59
|
-
// Priority 3: Create new session (first request - no header, no authorization.session)
|
|
60
|
-
const raw = request.headers?.['mcp-session-id'];
|
|
61
|
-
const rawMcpSessionHeader = typeof raw === 'string' ? raw : undefined;
|
|
62
|
-
const mcpSessionHeader = (0, common_1.validateMcpSessionHeader)(rawMcpSessionHeader);
|
|
63
|
-
// If client sent a header but validation failed, return 404
|
|
64
|
-
if (raw !== undefined && !mcpSessionHeader) {
|
|
65
|
-
this.respond(common_1.httpRespond.sessionNotFound('invalid session id'));
|
|
66
|
-
return;
|
|
67
|
-
}
|
|
68
|
-
let session;
|
|
69
|
-
if (mcpSessionHeader) {
|
|
70
|
-
// Client sent session ID - ALWAYS use it for transport lookup
|
|
71
|
-
// If authorization.session exists and matches, use its payload for protocol detection
|
|
72
|
-
// If authorization.session differs or is missing, still use header ID (payload may be undefined)
|
|
73
|
-
if (authorization.session?.id === mcpSessionHeader) {
|
|
74
|
-
session = authorization.session;
|
|
75
|
-
}
|
|
76
|
-
else {
|
|
77
|
-
session = { id: mcpSessionHeader };
|
|
78
|
-
}
|
|
79
|
-
}
|
|
80
|
-
else if (authorization.session) {
|
|
81
|
-
// No header but authorization has session - use it (shouldn't happen in normal flow)
|
|
82
|
-
session = authorization.session;
|
|
83
|
-
}
|
|
84
|
-
else {
|
|
85
|
-
// No session - create new one (initialize request)
|
|
86
|
-
session = (0, session_id_utils_1.createSessionId)('streamable-http', token, {
|
|
87
|
-
userAgent: request.headers?.['user-agent'],
|
|
88
|
-
platformDetectionConfig: this.scope.metadata.transport?.platformDetection,
|
|
89
|
-
});
|
|
90
|
-
}
|
|
91
|
-
this.state.set(exports.stateSchema.parse({ token, session }));
|
|
92
|
-
}
|
|
93
|
-
async router() {
|
|
94
|
-
const { request } = this.rawInput;
|
|
95
|
-
// GET requests are SSE listener streams - no body expected
|
|
96
|
-
// Per MCP spec, clients can open SSE stream with GET + Accept: text/event-stream
|
|
97
|
-
if (request.method.toUpperCase() === 'GET') {
|
|
98
|
-
this.state.set('requestType', 'sseListener');
|
|
99
|
-
return;
|
|
100
|
-
}
|
|
101
|
-
// POST requests have MCP JSON-RPC body
|
|
102
|
-
const body = request.body;
|
|
103
|
-
const method = body?.method;
|
|
104
|
-
// Use method-based detection for routing (more permissive than strict schema)
|
|
105
|
-
// The actual schema validation happens in the MCP SDK's transport layer
|
|
106
|
-
if (method === 'initialize') {
|
|
107
|
-
this.state.set('requestType', 'initialize');
|
|
108
|
-
}
|
|
109
|
-
else if (types_js_1.ElicitResultSchema.safeParse(request.body).success) {
|
|
110
|
-
this.state.set('requestType', 'elicitResult');
|
|
111
|
-
}
|
|
112
|
-
else if (method && types_js_1.RequestSchema.safeParse(request.body).success) {
|
|
113
|
-
this.state.set('requestType', 'message');
|
|
114
|
-
}
|
|
115
|
-
else {
|
|
116
|
-
this.respond(common_1.httpRespond.rpcError('Invalid Request'));
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
|
-
async onInitialize() {
|
|
120
|
-
const transportService = this.scope.transportService;
|
|
121
|
-
const logger = this.scope.logger.child('handle:streamable-http:onInitialize');
|
|
122
|
-
const { request, response } = this.rawInput;
|
|
123
|
-
const { token, session } = this.state.required;
|
|
124
|
-
logger.info('onInitialize: creating transport', {
|
|
125
|
-
sessionId: session.id.slice(0, 30),
|
|
126
|
-
hasToken: !!token,
|
|
127
|
-
tokenPrefix: token?.slice(0, 10),
|
|
128
|
-
});
|
|
129
|
-
try {
|
|
130
|
-
const transport = await transportService.createTransporter('streamable-http', token, session.id, response);
|
|
131
|
-
logger.info('onInitialize: transport created, calling initialize');
|
|
132
|
-
await transport.initialize(request, response);
|
|
133
|
-
logger.info('onInitialize: completed successfully');
|
|
134
|
-
this.handled();
|
|
135
|
-
}
|
|
136
|
-
catch (error) {
|
|
137
|
-
// FlowControl is expected control flow (from this.handled()), not an error
|
|
138
|
-
if (error instanceof common_1.FlowControl) {
|
|
139
|
-
throw error;
|
|
140
|
-
}
|
|
141
|
-
logger.error('onInitialize: failed', {
|
|
142
|
-
error: error instanceof Error ? error.message : String(error),
|
|
143
|
-
stack: error instanceof Error ? error.stack : undefined,
|
|
144
|
-
});
|
|
145
|
-
throw error;
|
|
146
|
-
}
|
|
147
|
-
}
|
|
148
|
-
async onElicitResult() {
|
|
149
|
-
this.fail(new Error('Not implemented'));
|
|
150
|
-
}
|
|
151
|
-
async onMessage() {
|
|
152
|
-
const transportService = this.scope.transportService;
|
|
153
|
-
const logger = this.scopeLogger.child('handle:streamable-http:onMessage');
|
|
154
|
-
const { request, response } = this.rawInput;
|
|
155
|
-
const { token, session } = this.state.required;
|
|
156
|
-
// 1. Try to get existing transport from memory
|
|
157
|
-
let transport = await transportService.getTransporter('streamable-http', token, session.id);
|
|
158
|
-
// 2. If not in memory, check if session exists in Redis and recreate
|
|
159
|
-
if (!transport) {
|
|
160
|
-
try {
|
|
161
|
-
const storedSession = await transportService.getStoredSession('streamable-http', token, session.id);
|
|
162
|
-
if (storedSession) {
|
|
163
|
-
logger.info('Recreating transport from Redis session', {
|
|
164
|
-
sessionId: session.id?.slice(0, 20),
|
|
165
|
-
createdAt: storedSession.createdAt,
|
|
166
|
-
});
|
|
167
|
-
transport = await transportService.recreateTransporter('streamable-http', token, session.id, storedSession, response);
|
|
168
|
-
}
|
|
169
|
-
}
|
|
170
|
-
catch (error) {
|
|
171
|
-
// Log and fall through to 404 logic - transport remains undefined
|
|
172
|
-
logger.warn('Failed to recreate transport from stored session', {
|
|
173
|
-
sessionId: session.id?.slice(0, 20),
|
|
174
|
-
error: error instanceof Error ? error.message : String(error),
|
|
175
|
-
});
|
|
176
|
-
}
|
|
177
|
-
}
|
|
178
|
-
if (!transport) {
|
|
179
|
-
// Check if session was ever created to differentiate error types per MCP Spec 2025-11-25
|
|
180
|
-
const wasCreated = await transportService.wasSessionCreatedAsync('streamable-http', token, session.id);
|
|
181
|
-
const body = request.body;
|
|
182
|
-
if (wasCreated) {
|
|
183
|
-
// Session existed but was terminated/evicted → HTTP 404 (client should re-initialize)
|
|
184
|
-
logger.info('Session expired - client should re-initialize', {
|
|
185
|
-
sessionId: session.id?.slice(0, 20),
|
|
186
|
-
tokenHash: token.slice(0, 8),
|
|
187
|
-
method: body?.['method'],
|
|
188
|
-
requestId: body?.['id'],
|
|
189
|
-
mcpSessionId: request.headers?.['mcp-session-id'],
|
|
190
|
-
});
|
|
191
|
-
this.respond(common_1.httpRespond.sessionExpired('session expired'));
|
|
192
|
-
}
|
|
193
|
-
else {
|
|
194
|
-
// Session was never created → HTTP 404 (per user requirement: invalid/missing session = 404)
|
|
195
|
-
logger.warn('Session not initialized - client attempted request without initializing', {
|
|
196
|
-
sessionId: session.id?.slice(0, 20),
|
|
197
|
-
tokenHash: token.slice(0, 8),
|
|
198
|
-
method: body?.['method'],
|
|
199
|
-
requestId: body?.['id'],
|
|
200
|
-
mcpSessionId: request.headers?.['mcp-session-id'],
|
|
201
|
-
userAgent: request.headers?.['user-agent']?.slice(0, 50),
|
|
202
|
-
});
|
|
203
|
-
this.respond(common_1.httpRespond.sessionNotFound('session not initialized'));
|
|
204
|
-
}
|
|
205
|
-
return;
|
|
206
|
-
}
|
|
207
|
-
try {
|
|
208
|
-
await transport.handleRequest(request, response);
|
|
209
|
-
this.handled();
|
|
210
|
-
}
|
|
211
|
-
catch (error) {
|
|
212
|
-
// FlowControl is expected control flow, not an error
|
|
213
|
-
if (!(error instanceof common_1.FlowControl)) {
|
|
214
|
-
const body = request.body;
|
|
215
|
-
logger.error('handleRequest failed', {
|
|
216
|
-
error: error instanceof Error ? { name: error.name, message: error.message, stack: error.stack } : error,
|
|
217
|
-
method: body?.['method'],
|
|
218
|
-
id: body?.['id'],
|
|
219
|
-
sessionId: session.id?.slice(0, 20),
|
|
220
|
-
});
|
|
221
|
-
}
|
|
222
|
-
throw error;
|
|
223
|
-
}
|
|
224
|
-
}
|
|
225
|
-
async onSseListener() {
|
|
226
|
-
const transportService = this.scope.transportService;
|
|
227
|
-
const logger = this.scopeLogger.child('handle:streamable-http:onSseListener');
|
|
228
|
-
const { request, response } = this.rawInput;
|
|
229
|
-
const { token, session } = this.state.required;
|
|
230
|
-
// 1. Try to get existing transport from memory
|
|
231
|
-
let transport = await transportService.getTransporter('streamable-http', token, session.id);
|
|
232
|
-
// 2. If not in memory, check if session exists in Redis and recreate
|
|
233
|
-
if (!transport) {
|
|
234
|
-
try {
|
|
235
|
-
const storedSession = await transportService.getStoredSession('streamable-http', token, session.id);
|
|
236
|
-
if (storedSession) {
|
|
237
|
-
logger.info('Recreating transport from Redis session for SSE listener', {
|
|
238
|
-
sessionId: session.id?.slice(0, 20),
|
|
239
|
-
createdAt: storedSession.createdAt,
|
|
240
|
-
});
|
|
241
|
-
transport = await transportService.recreateTransporter('streamable-http', token, session.id, storedSession, response);
|
|
242
|
-
}
|
|
243
|
-
}
|
|
244
|
-
catch (error) {
|
|
245
|
-
// Log and fall through to 404 logic - transport remains undefined
|
|
246
|
-
logger.warn('Failed to recreate transport from stored session for SSE listener', {
|
|
247
|
-
sessionId: session.id?.slice(0, 20),
|
|
248
|
-
error: error instanceof Error ? error.message : String(error),
|
|
249
|
-
});
|
|
250
|
-
}
|
|
251
|
-
}
|
|
252
|
-
if (!transport) {
|
|
253
|
-
this.respond(common_1.httpRespond.notFound('Session not found'));
|
|
254
|
-
return;
|
|
255
|
-
}
|
|
256
|
-
// Forward GET request to transport (opens SSE stream for server→client notifications)
|
|
257
|
-
await transport.handleRequest(request, response);
|
|
258
|
-
this.handled();
|
|
259
|
-
}
|
|
260
|
-
};
|
|
261
|
-
tslib_1.__decorate([
|
|
262
|
-
Stage('parseInput'),
|
|
263
|
-
tslib_1.__metadata("design:type", Function),
|
|
264
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
265
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
266
|
-
], HandleStreamableHttpFlow.prototype, "parseInput", null);
|
|
267
|
-
tslib_1.__decorate([
|
|
268
|
-
Stage('router'),
|
|
269
|
-
tslib_1.__metadata("design:type", Function),
|
|
270
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
271
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
272
|
-
], HandleStreamableHttpFlow.prototype, "router", null);
|
|
273
|
-
tslib_1.__decorate([
|
|
274
|
-
Stage('onInitialize', {
|
|
275
|
-
filter: ({ state: { requestType } }) => requestType === 'initialize',
|
|
276
|
-
}),
|
|
277
|
-
tslib_1.__metadata("design:type", Function),
|
|
278
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
279
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
280
|
-
], HandleStreamableHttpFlow.prototype, "onInitialize", null);
|
|
281
|
-
tslib_1.__decorate([
|
|
282
|
-
Stage('onElicitResult', {
|
|
283
|
-
filter: ({ state: { requestType } }) => requestType === 'elicitResult',
|
|
284
|
-
}),
|
|
285
|
-
tslib_1.__metadata("design:type", Function),
|
|
286
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
287
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
288
|
-
], HandleStreamableHttpFlow.prototype, "onElicitResult", null);
|
|
289
|
-
tslib_1.__decorate([
|
|
290
|
-
Stage('onMessage', {
|
|
291
|
-
filter: ({ state: { requestType } }) => requestType === 'message',
|
|
292
|
-
}),
|
|
293
|
-
tslib_1.__metadata("design:type", Function),
|
|
294
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
295
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
296
|
-
], HandleStreamableHttpFlow.prototype, "onMessage", null);
|
|
297
|
-
tslib_1.__decorate([
|
|
298
|
-
Stage('onSseListener', {
|
|
299
|
-
filter: ({ state: { requestType } }) => requestType === 'sseListener',
|
|
300
|
-
}),
|
|
301
|
-
tslib_1.__metadata("design:type", Function),
|
|
302
|
-
tslib_1.__metadata("design:paramtypes", []),
|
|
303
|
-
tslib_1.__metadata("design:returntype", Promise)
|
|
304
|
-
], HandleStreamableHttpFlow.prototype, "onSseListener", null);
|
|
305
|
-
HandleStreamableHttpFlow = tslib_1.__decorate([
|
|
306
|
-
(0, common_1.Flow)({
|
|
307
|
-
name,
|
|
308
|
-
plan: exports.plan,
|
|
309
|
-
access: 'authorized',
|
|
310
|
-
inputSchema: common_1.httpInputSchema,
|
|
311
|
-
outputSchema: common_1.httpOutputSchema,
|
|
312
|
-
})
|
|
313
|
-
], HandleStreamableHttpFlow);
|
|
314
|
-
exports.default = HandleStreamableHttpFlow;
|
|
315
|
-
//# sourceMappingURL=handle.streamable-http.flow.js.map
|