@frontmcp/testing 0.6.1 → 0.6.3

package/fixtures/index.js

@@ -0,0 +1,2418 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// libs/testing/src/fixtures/index.ts
+var fixtures_exports = {};
+__export(fixtures_exports, {
+  cleanupSharedResources: () => cleanupSharedResources,
+  cleanupTestFixtures: () => cleanupTestFixtures,
+  createTestFixtures: () => createTestFixtures,
+  initializeSharedResources: () => initializeSharedResources,
+  test: () => test
+});
+module.exports = __toCommonJS(fixtures_exports);
+
+// libs/testing/src/platform/platform-client-info.ts
+var MCP_APPS_EXTENSION_KEY = "io.modelcontextprotocol/ui";
+function getPlatformClientInfo(platform) {
+  switch (platform) {
+    case "openai":
+      return {
+        name: "ChatGPT",
+        version: "1.0"
+      };
+    case "ext-apps":
+      return {
+        name: "mcp-ext-apps",
+        version: "1.0"
+      };
+    case "claude":
+      return {
+        name: "claude-desktop",
+        version: "1.0"
+      };
+    case "cursor":
+      return {
+        name: "cursor",
+        version: "1.0"
+      };
+    case "continue":
+      return {
+        name: "continue",
+        version: "1.0"
+      };
+    case "cody":
+      return {
+        name: "cody",
+        version: "1.0"
+      };
+    case "gemini":
+      return {
+        name: "gemini",
+        version: "1.0"
+      };
+    case "generic-mcp":
+      return {
+        name: "generic-mcp-client",
+        version: "1.0"
+      };
+    case "unknown":
+    default:
+      return {
+        name: "mcp-test-client",
+        version: "1.0"
+      };
+  }
+}
+function getPlatformCapabilities(platform) {
+  const baseCapabilities = {
+    sampling: {}
+  };
+  if (platform === "ext-apps") {
+    return {
+      ...baseCapabilities,
+      experimental: {
+        [MCP_APPS_EXTENSION_KEY]: {
+          mimeTypes: ["text/html+mcp"]
+        }
+      }
+    };
+  }
+  return baseCapabilities;
+}
+
+// libs/testing/src/client/mcp-test-client.builder.ts
+var McpTestClientBuilder = class {
+  config;
+  constructor(config) {
+    this.config = { ...config };
+  }
+  /**
+   * Set the authentication configuration
+   */
+  withAuth(auth) {
+    this.config.auth = { ...this.config.auth, ...auth };
+    return this;
+  }
+  /**
+   * Set the bearer token for authentication
+   */
+  withToken(token) {
+    this.config.auth = { ...this.config.auth, token };
+    return this;
+  }
+  /**
+   * Add custom headers to all requests
+   */
+  withHeaders(headers) {
+    this.config.auth = {
+      ...this.config.auth,
+      headers: { ...this.config.auth?.headers, ...headers }
+    };
+    return this;
+  }
+  /**
+   * Set the transport type
+   */
+  withTransport(transport) {
+    this.config.transport = transport;
+    return this;
+  }
+  /**
+   * Set the request timeout in milliseconds
+   */
+  withTimeout(timeoutMs) {
+    this.config.timeout = timeoutMs;
+    return this;
+  }
+  /**
+   * Enable debug logging
+   */
+  withDebug(enabled = true) {
+    this.config.debug = enabled;
+    return this;
+  }
+  /**
+   * Enable public mode - skip authentication entirely.
+   * When true, no Authorization header is sent and anonymous token is not requested.
+   * Use this for testing public/unauthenticated endpoints in CI/CD pipelines.
+   */
+  withPublicMode(enabled = true) {
+    this.config.publicMode = enabled;
+    return this;
+  }
+  /**
+   * Set the MCP protocol version to request
+   */
+  withProtocolVersion(version) {
+    this.config.protocolVersion = version;
+    return this;
+  }
+  /**
+   * Set the client info sent during initialization
+   */
+  withClientInfo(info) {
+    this.config.clientInfo = info;
+    return this;
+  }
+  /**
+   * Set the platform type for testing platform-specific meta keys.
+   * Automatically configures clientInfo and capabilities for platform detection.
+   *
+   * Platform-specific behavior:
+   * - `openai`: Uses openai/* meta keys, sets User-Agent to "ChatGPT/1.0"
+   * - `ext-apps`: Uses ui/* meta keys per SEP-1865, sets io.modelcontextprotocol/ui capability
+   * - `claude`: Uses frontmcp/* + ui/* keys, sets User-Agent to "claude-desktop/1.0"
+   * - `cursor`: Uses frontmcp/* + ui/* keys, sets User-Agent to "cursor/1.0"
+   * - Other platforms follow similar patterns
+   *
+   * @example
+   * ```typescript
+   * const client = await McpTestClient.create({ baseUrl })
+   *   .withPlatform('openai')
+   *   .buildAndConnect();
+   *
+   * // ext-apps automatically sets the io.modelcontextprotocol/ui capability
+   * const extAppsClient = await McpTestClient.create({ baseUrl })
+   *   .withPlatform('ext-apps')
+   *   .buildAndConnect();
+   * ```
+   */
+  withPlatform(platform) {
+    this.config.platform = platform;
+    this.config.clientInfo = getPlatformClientInfo(platform);
+    this.config.capabilities = getPlatformCapabilities(platform);
+    return this;
+  }
+  /**
+   * Set custom client capabilities for MCP initialization.
+   * Use this for fine-grained control over capabilities sent during initialization.
+   *
+   * @example
+   * ```typescript
+   * const client = await McpTestClient.create({ baseUrl })
+   *   .withCapabilities({
+   *     sampling: {},
+   *     experimental: {
+   *       'io.modelcontextprotocol/ui': { mimeTypes: ['text/html+mcp'] }
+   *     }
+   *   })
+   *   .buildAndConnect();
+   * ```
+   */
+  withCapabilities(capabilities) {
+    this.config.capabilities = capabilities;
+    return this;
+  }
+  /**
+   * Build the McpTestClient instance (does not connect)
+   */
+  build() {
+    return new McpTestClient(this.config);
+  }
+  /**
+   * Build the McpTestClient and connect to the server
+   */
+  async buildAndConnect() {
+    const client = this.build();
+    await client.connect();
+    return client;
+  }
+};
+
+// libs/testing/src/transport/streamable-http.transport.ts
+var DEFAULT_TIMEOUT = 3e4;
+var StreamableHttpTransport = class {
+  config;
+  state = "disconnected";
+  sessionId;
+  authToken;
+  connectionCount = 0;
+  reconnectCount = 0;
+  lastRequestHeaders = {};
+  interceptors;
+  publicMode;
+  constructor(config) {
+    this.config = {
+      baseUrl: config.baseUrl.replace(/\/$/, ""),
+      // Remove trailing slash
+      timeout: config.timeout ?? DEFAULT_TIMEOUT,
+      auth: config.auth ?? {},
+      publicMode: config.publicMode ?? false,
+      debug: config.debug ?? false,
+      interceptors: config.interceptors,
+      clientInfo: config.clientInfo
+    };
+    this.authToken = config.auth?.token;
+    this.interceptors = config.interceptors;
+    this.publicMode = config.publicMode ?? false;
+  }
+  async connect() {
+    this.state = "connecting";
+    this.connectionCount++;
+    try {
+      if (this.publicMode) {
+        this.log("Public mode: connecting without authentication");
+        this.state = "connected";
+        return;
+      }
+      if (!this.authToken) {
+        await this.requestAnonymousToken();
+      }
+      this.state = "connected";
+      this.log("Connected to StreamableHTTP transport");
+    } catch (error) {
+      this.state = "error";
+      throw error;
+    }
+  }
+  /**
+   * Request an anonymous token from the FrontMCP OAuth endpoint
+   * This allows the test client to authenticate without user interaction
+   */
+  async requestAnonymousToken() {
+    const clientId = crypto.randomUUID();
+    const tokenUrl = `${this.config.baseUrl}/oauth/token`;
+    this.log(`Requesting anonymous token from ${tokenUrl}`);
+    try {
+      const response = await fetch(tokenUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify({
+          grant_type: "anonymous",
+          client_id: clientId,
+          resource: this.config.baseUrl
+        })
+      });
+      if (!response.ok) {
+        const errorText = await response.text();
+        this.log(`Failed to get anonymous token: ${response.status} ${errorText}`);
+        return;
+      }
+      const tokenResponse = await response.json();
+      if (tokenResponse.access_token) {
+        this.authToken = tokenResponse.access_token;
+        this.log("Anonymous token acquired successfully");
+      }
+    } catch (error) {
+      this.log(`Error requesting anonymous token: ${error}`);
+    }
+  }
+  async request(message) {
+    this.ensureConnected();
+    const startTime = Date.now();
+    if (this.interceptors) {
+      const interceptResult = await this.interceptors.processRequest(message, {
+        timestamp: /* @__PURE__ */ new Date(),
+        transport: "streamable-http",
+        sessionId: this.sessionId
+      });
+      switch (interceptResult.type) {
+        case "mock": {
+          const mockResponse2 = await this.interceptors.processResponse(
+            message,
+            interceptResult.response,
+            Date.now() - startTime
+          );
+          return mockResponse2;
+        }
+        case "error":
+          throw interceptResult.error;
+        case "continue":
+          message = interceptResult.request;
+          break;
+      }
+    }
+    const headers = this.buildHeaders();
+    this.lastRequestHeaders = headers;
+    const url = `${this.config.baseUrl}/`;
+    this.log(`POST ${url}`, message);
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
+    try {
+      const response = await fetch(url, {
+        method: "POST",
+        headers,
+        body: JSON.stringify(message),
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
+      const newSessionId = response.headers.get("mcp-session-id");
+      if (newSessionId) {
+        this.sessionId = newSessionId;
+      }
+      let jsonResponse;
+      if (!response.ok) {
+        const errorText = await response.text();
+        this.log(`HTTP Error ${response.status}: ${errorText}`);
+        jsonResponse = {
+          jsonrpc: "2.0",
+          id: message.id ?? null,
+          error: {
+            code: -32e3,
+            message: `HTTP ${response.status}: ${response.statusText}`,
+            data: errorText
+          }
+        };
+      } else {
+        const contentType = response.headers.get("content-type") ?? "";
+        const text = await response.text();
+        this.log("Response:", text);
+        if (!text.trim()) {
+          jsonResponse = {
+            jsonrpc: "2.0",
+            id: message.id ?? null,
+            result: void 0
+          };
+        } else if (contentType.includes("text/event-stream")) {
+          const { response: sseResponse, sseSessionId } = this.parseSSEResponseWithSession(text, message.id);
+          jsonResponse = sseResponse;
+          if (sseSessionId && !this.sessionId) {
+            this.sessionId = sseSessionId;
+            this.log("Session ID from SSE:", this.sessionId);
+          }
+        } else {
+          jsonResponse = JSON.parse(text);
+        }
+      }
+      if (this.interceptors) {
+        jsonResponse = await this.interceptors.processResponse(message, jsonResponse, Date.now() - startTime);
+      }
+      return jsonResponse;
+    } catch (error) {
+      clearTimeout(timeoutId);
+      if (error instanceof Error && error.name === "AbortError") {
+        return {
+          jsonrpc: "2.0",
+          id: message.id ?? null,
+          error: {
+            code: -32e3,
+            message: `Request timeout after ${this.config.timeout}ms`
+          }
+        };
+      }
+      throw error;
+    }
+  }
+  async notify(message) {
+    this.ensureConnected();
+    const headers = this.buildHeaders();
+    this.lastRequestHeaders = headers;
+    const url = `${this.config.baseUrl}/`;
+    this.log(`POST ${url} (notification)`, message);
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
+    try {
+      const response = await fetch(url, {
+        method: "POST",
+        headers,
+        body: JSON.stringify(message),
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
+      const newSessionId = response.headers.get("mcp-session-id");
+      if (newSessionId) {
+        this.sessionId = newSessionId;
+      }
+      if (!response.ok) {
+        const errorText = await response.text();
+        this.log(`HTTP Error ${response.status} on notification: ${errorText}`);
+      }
+    } catch (error) {
+      clearTimeout(timeoutId);
+      if (error instanceof Error && error.name !== "AbortError") {
+        throw error;
+      }
+    }
+  }
+  async sendRaw(data) {
+    this.ensureConnected();
+    const headers = this.buildHeaders();
+    this.lastRequestHeaders = headers;
+    const url = `${this.config.baseUrl}/`;
+    this.log(`POST ${url} (raw)`, data);
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
+    try {
+      const response = await fetch(url, {
+        method: "POST",
+        headers,
+        body: data,
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
+      const text = await response.text();
+      if (!text.trim()) {
+        return {
+          jsonrpc: "2.0",
+          id: null,
+          error: {
+            code: -32700,
+            message: "Parse error"
+          }
+        };
+      }
+      return JSON.parse(text);
+    } catch (error) {
+      clearTimeout(timeoutId);
+      return {
+        jsonrpc: "2.0",
+        id: null,
+        error: {
+          code: -32700,
+          message: "Parse error",
+          data: error instanceof Error ? error.message : "Unknown error"
+        }
+      };
+    }
+  }
+  async close() {
+    this.state = "disconnected";
+    this.sessionId = void 0;
+    this.log("StreamableHTTP transport closed");
+  }
+  isConnected() {
+    return this.state === "connected";
+  }
+  getState() {
+    return this.state;
+  }
+  getSessionId() {
+    return this.sessionId;
+  }
+  setAuthToken(token) {
+    this.authToken = token;
+  }
+  setTimeout(ms) {
+    this.config.timeout = ms;
+  }
+  setInterceptors(interceptors2) {
+    this.interceptors = interceptors2;
+  }
+  getInterceptors() {
+    return this.interceptors;
+  }
+  getConnectionCount() {
+    return this.connectionCount;
+  }
+  getReconnectCount() {
+    return this.reconnectCount;
+  }
+  getLastRequestHeaders() {
+    return { ...this.lastRequestHeaders };
+  }
+  async simulateDisconnect() {
+    this.state = "disconnected";
+    this.sessionId = void 0;
+  }
+  async waitForReconnect(timeoutMs) {
+    const deadline = Date.now() + timeoutMs;
+    this.reconnectCount++;
+    await this.connect();
+    while (Date.now() < deadline) {
+      if (this.state === "connected") {
+        return;
+      }
+      await new Promise((r) => setTimeout(r, 50));
+    }
+    throw new Error("Timeout waiting for reconnection");
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // PRIVATE HELPERS
+  // ═══════════════════════════════════════════════════════════════════
+  buildHeaders() {
+    const headers = {
+      "Content-Type": "application/json",
+      Accept: "application/json, text/event-stream"
+    };
+    if (this.config.clientInfo) {
+      headers["User-Agent"] = `${this.config.clientInfo.name}/${this.config.clientInfo.version}`;
+    }
+    if (this.authToken && !this.publicMode) {
+      headers["Authorization"] = `Bearer ${this.authToken}`;
+    }
+    if (this.sessionId) {
+      headers["mcp-session-id"] = this.sessionId;
+    }
+    if (this.config.auth.headers) {
+      Object.assign(headers, this.config.auth.headers);
+    }
+    return headers;
+  }
+  ensureConnected() {
+    if (this.state !== "connected") {
+      throw new Error("Transport not connected. Call connect() first.");
+    }
+  }
+  log(message, data) {
+    if (this.config.debug) {
+      console.log(`[StreamableHTTP] ${message}`, data ?? "");
+    }
+  }
+  /**
+   * Parse SSE (Server-Sent Events) response format with session ID extraction
+   * SSE format is:
+   * event: message
+   * id: sessionId:messageId
+   * data: {"jsonrpc":"2.0",...}
+   *
+   * The id field contains the session ID followed by a colon and the message ID.
+   *
+   * @param text - The raw SSE response text
+   * @param requestId - The original request ID
+   * @returns Object with parsed JSON-RPC response and session ID (if found)
+   */
+  parseSSEResponseWithSession(text, requestId) {
+    const lines = text.split("\n");
+    const dataLines = [];
+    let sseSessionId;
+    for (const line of lines) {
+      if (line.startsWith("data: ")) {
+        dataLines.push(line.slice(6));
+      } else if (line === "data:") {
+        dataLines.push("");
+      } else if (line.startsWith("id: ")) {
+        const idValue = line.slice(4);
+        const colonIndex = idValue.lastIndexOf(":");
+        if (colonIndex > 0) {
+          sseSessionId = idValue.substring(0, colonIndex);
+        } else {
+          sseSessionId = idValue;
+        }
+      }
+    }
+    if (dataLines.length > 0) {
+      const jsonData = dataLines.join("\n");
+      try {
+        return {
+          response: JSON.parse(jsonData),
+          sseSessionId
+        };
+      } catch {
+        this.log("Failed to parse SSE data as JSON:", jsonData);
+      }
+    }
+    return {
+      response: {
+        jsonrpc: "2.0",
+        id: requestId ?? null,
+        error: {
+          code: -32700,
+          message: "Failed to parse SSE response",
+          data: text
+        }
+      },
+      sseSessionId
+    };
+  }
+};
+
+// libs/testing/src/interceptor/mock-registry.ts
+var DefaultMockRegistry = class {
+  mocks = [];
+  add(mock) {
+    const entry = {
+      definition: mock,
+      callCount: 0,
+      calls: [],
+      remainingUses: mock.times ?? Infinity
+    };
+    this.mocks.push(entry);
+    return {
+      remove: () => {
+        const index = this.mocks.indexOf(entry);
+        if (index !== -1) {
+          this.mocks.splice(index, 1);
+        }
+      },
+      callCount: () => entry.callCount,
+      calls: () => [...entry.calls]
+    };
+  }
+  clear() {
+    this.mocks = [];
+  }
+  getAll() {
+    return this.mocks.map((e) => e.definition);
+  }
+  match(request) {
+    for (const entry of this.mocks) {
+      if (entry.remainingUses <= 0) continue;
+      const { definition } = entry;
+      if (definition.method !== request.method) continue;
+      if (definition.params !== void 0) {
+        const params = request.params ?? {};
+        if (typeof definition.params === "function") {
+          if (!definition.params(params)) continue;
+        } else {
+          if (!this.paramsMatch(definition.params, params)) continue;
+        }
+      }
+      entry.callCount++;
+      entry.calls.push(request);
+      entry.remainingUses--;
+      return definition;
+    }
+    return void 0;
+  }
+  /**
+   * Check if request params match the mock params definition
+   */
+  paramsMatch(expected, actual) {
+    for (const [key, value] of Object.entries(expected)) {
+      if (!(key in actual)) return false;
+      const actualValue = actual[key];
+      if (Array.isArray(value)) {
+        if (!Array.isArray(actualValue)) return false;
+        if (value.length !== actualValue.length) return false;
+        for (let i = 0; i < value.length; i++) {
+          const expectedItem = value[i];
+          const actualItem = actualValue[i];
+          if (typeof expectedItem === "object" && expectedItem !== null) {
+            if (typeof actualItem !== "object" || actualItem === null) return false;
+            if (!this.paramsMatch(expectedItem, actualItem)) {
+              return false;
+            }
+          } else if (actualItem !== expectedItem) {
+            return false;
+          }
+        }
+      } else if (typeof value === "object" && value !== null) {
+        if (typeof actualValue !== "object" || actualValue === null) return false;
+        if (!this.paramsMatch(value, actualValue)) {
+          return false;
+        }
+      } else if (actualValue !== value) {
+        return false;
+      }
+    }
+    return true;
+  }
+};
+var mockResponse = {
+  /**
+   * Create a successful JSON-RPC response
+   */
+  success(result, id = 1) {
+    return {
+      jsonrpc: "2.0",
+      id,
+      result
+    };
+  },
+  /**
+   * Create an error JSON-RPC response
+   */
+  error(code, message, data, id = 1) {
+    return {
+      jsonrpc: "2.0",
+      id,
+      error: { code, message, data }
+    };
+  },
+  /**
+   * Create a tool result response
+   */
+  toolResult(content, id = 1) {
+    return {
+      jsonrpc: "2.0",
+      id,
+      result: { content }
+    };
+  },
+  /**
+   * Create a tools/list response
+   */
+  toolsList(tools, id = 1) {
+    return {
+      jsonrpc: "2.0",
+      id,
+      result: { tools }
+    };
+  },
+  /**
+   * Create a resources/list response
+   */
+  resourcesList(resources, id = 1) {
+    return {
+      jsonrpc: "2.0",
+      id,
+      result: { resources }
+    };
+  },
+  /**
+   * Create a resources/read response
+   */
+  resourceRead(contents, id = 1) {
+    return {
+      jsonrpc: "2.0",
+      id,
+      result: { contents }
+    };
+  },
+  /**
+   * Common MCP errors
+   */
+  errors: {
+    methodNotFound: (method, id = 1) => mockResponse.error(-32601, `Method not found: ${method}`, void 0, id),
+    invalidParams: (message, id = 1) => mockResponse.error(-32602, message, void 0, id),
+    internalError: (message, id = 1) => mockResponse.error(-32603, message, void 0, id),
+    resourceNotFound: (uri, id = 1) => mockResponse.error(-32002, `Resource not found: ${uri}`, { uri }, id),
+    toolNotFound: (name, id = 1) => mockResponse.error(-32601, `Tool not found: ${name}`, { name }, id),
+    unauthorized: (id = 1) => mockResponse.error(-32001, "Unauthorized", void 0, id),
+    forbidden: (id = 1) => mockResponse.error(-32003, "Forbidden", void 0, id)
+  }
+};
+
+// libs/testing/src/interceptor/interceptor-chain.ts
+var DefaultInterceptorChain = class {
+  request = [];
+  response = [];
+  mocks;
+  constructor() {
+    this.mocks = new DefaultMockRegistry();
+  }
+  /**
+   * Add a request interceptor
+   */
+  addRequestInterceptor(interceptor) {
+    this.request.push(interceptor);
+    return () => {
+      const index = this.request.indexOf(interceptor);
+      if (index !== -1) {
+        this.request.splice(index, 1);
+      }
+    };
+  }
+  /**
+   * Add a response interceptor
+   */
+  addResponseInterceptor(interceptor) {
+    this.response.push(interceptor);
+    return () => {
+      const index = this.response.indexOf(interceptor);
+      if (index !== -1) {
+        this.response.splice(index, 1);
+      }
+    };
+  }
+  /**
+   * Process a request through the interceptor chain
+   * Returns either:
+   * - { type: 'continue', request } - continue with (possibly modified) request
+   * - { type: 'mock', response } - return mock response immediately
+   * - { type: 'error', error } - throw error
+   */
+  async processRequest(request, meta) {
+    let currentRequest = request;
+    const mockDef = this.mocks.match(request);
+    if (mockDef) {
+      if (mockDef.delay && mockDef.delay > 0) {
+        await sleep(mockDef.delay);
+      }
+      let mockResponse2;
+      if (typeof mockDef.response === "function") {
+        mockResponse2 = await mockDef.response(request);
+      } else {
+        mockResponse2 = mockDef.response;
+      }
+      return {
+        type: "mock",
+        response: { ...mockResponse2, id: request.id ?? mockResponse2.id }
+      };
+    }
+    for (const interceptor of this.request) {
+      const ctx = {
+        request: currentRequest,
+        meta
+      };
+      const result = await interceptor(ctx);
+      switch (result.action) {
+        case "passthrough":
+          break;
+        case "modify":
+          currentRequest = result.request;
+          break;
+        case "mock":
+          return {
+            type: "mock",
+            response: { ...result.response, id: request.id ?? result.response.id }
+          };
+        case "error":
+          return { type: "error", error: result.error };
+      }
+    }
+    return { type: "continue", request: currentRequest };
+  }
+  /**
+   * Process a response through the interceptor chain
+   */
+  async processResponse(request, response, durationMs) {
+    let currentResponse = response;
+    for (const interceptor of this.response) {
+      const ctx = {
+        request,
+        response: currentResponse,
+        durationMs
+      };
+      const result = await interceptor(ctx);
+      switch (result.action) {
+        case "passthrough":
+          break;
+        case "modify":
+          currentResponse = result.response;
+          break;
+      }
+    }
+    return currentResponse;
+  }
+  /**
+   * Clear all interceptors and mocks
+   */
+  clear() {
+    this.request = [];
+    this.response = [];
+    this.mocks.clear();
+  }
+};
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+// libs/testing/src/client/mcp-test-client.ts
+var DEFAULT_TIMEOUT2 = 3e4;
+var DEFAULT_PROTOCOL_VERSION = "2025-06-18";
+var DEFAULT_CLIENT_INFO = {
+  name: "@frontmcp/testing",
+  version: "0.4.0"
+};
+var McpTestClient = class {
+  // Platform and capabilities are optional - only set when testing platform-specific behavior
+  config;
+  transport = null;
+  initResult = null;
+  requestIdCounter = 0;
+  _lastRequestId = 0;
+  _sessionId;
+  _sessionInfo = null;
+  _authState = { isAnonymous: true, scopes: [] };
+  // Logging and tracing
+  _logs = [];
+  _traces = [];
+  _notifications = [];
+  _progressUpdates = [];
+  // Interceptor chain
+  _interceptors;
+  // ═══════════════════════════════════════════════════════════════════
+  // CONSTRUCTOR & FACTORY
+  // ═══════════════════════════════════════════════════════════════════
+  constructor(config) {
+    this.config = {
+      baseUrl: config.baseUrl,
+      transport: config.transport ?? "streamable-http",
+      auth: config.auth ?? {},
+      publicMode: config.publicMode ?? false,
+      timeout: config.timeout ?? DEFAULT_TIMEOUT2,
+      debug: config.debug ?? false,
+      protocolVersion: config.protocolVersion ?? DEFAULT_PROTOCOL_VERSION,
+      clientInfo: config.clientInfo ?? DEFAULT_CLIENT_INFO,
+      platform: config.platform,
+      capabilities: config.capabilities
+    };
+    if (config.auth?.token) {
+      this._authState = {
+        isAnonymous: false,
+        token: config.auth.token,
+        scopes: this.parseScopesFromToken(config.auth.token),
+        user: this.parseUserFromToken(config.auth.token)
+      };
+    }
+    this._interceptors = new DefaultInterceptorChain();
+  }
+  /**
+   * Create a new McpTestClientBuilder for fluent configuration
+   */
+  static create(config) {
+    return new McpTestClientBuilder(config);
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // CONNECTION & LIFECYCLE
+  // ═══════════════════════════════════════════════════════════════════
+  /**
+   * Connect to the MCP server and perform initialization
+   */
+  async connect() {
+    this.log("debug", `Connecting to ${this.config.baseUrl}...`);
+    this.transport = this.createTransport();
+    await this.transport.connect();
+    const initResponse = await this.initialize();
+    if (!initResponse.success || !initResponse.data) {
+      throw new Error(`Failed to initialize MCP connection: ${initResponse.error?.message ?? "Unknown error"}`);
+    }
+    this.initResult = initResponse.data;
+    this._sessionId = this.transport.getSessionId();
+    this._sessionInfo = {
+      id: this._sessionId ?? `session-${Date.now()}`,
+      createdAt: /* @__PURE__ */ new Date(),
+      lastActivityAt: /* @__PURE__ */ new Date(),
+      requestCount: 1
+    };
+    await this.transport.notify({
+      jsonrpc: "2.0",
+      method: "notifications/initialized"
+    });
+    this.log("info", `Connected to ${this.initResult.serverInfo?.name ?? "MCP Server"}`);
+    return this.initResult;
+  }
+  /**
+   * Disconnect from the MCP server
+   */
+  async disconnect() {
+    if (this.transport) {
+      await this.transport.close();
+      this.transport = null;
+    }
+    this.initResult = null;
+    this.log("info", "Disconnected from MCP server");
+  }
+  /**
+   * Reconnect to the server, optionally with an existing session ID
+   */
+  async reconnect(options) {
+    await this.disconnect();
+    if (options?.sessionId && this.transport) {
+      this._sessionId = options.sessionId;
+    }
+    await this.connect();
+  }
+  /**
+   * Check if the client is currently connected
+   */
+  isConnected() {
+    return this.transport?.isConnected() ?? false;
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // SESSION & AUTH PROPERTIES
+  // ═══════════════════════════════════════════════════════════════════
+  get sessionId() {
+    return this._sessionId ?? "";
+  }
+  get session() {
+    const info = this._sessionInfo ?? {
+      id: "",
+      createdAt: /* @__PURE__ */ new Date(),
+      lastActivityAt: /* @__PURE__ */ new Date(),
+      requestCount: 0
+    };
+    return {
+      ...info,
+      expire: async () => {
+        this._sessionId = void 0;
+        this._sessionInfo = null;
+      }
+    };
+  }
+  get auth() {
+    return this._authState;
+  }
+  /**
+   * Authenticate with a token
+   */
+  async authenticate(token) {
+    this._authState = {
+      isAnonymous: false,
+      token,
+      scopes: this.parseScopesFromToken(token),
+      user: this.parseUserFromToken(token)
+    };
+    if (this.transport) {
+      this.transport.setAuthToken(token);
+    }
+    this.log("debug", "Authentication updated");
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // SERVER INFO & CAPABILITIES
+  // ═══════════════════════════════════════════════════════════════════
+  get serverInfo() {
+    return {
+      name: this.initResult?.serverInfo?.name ?? "",
+      version: this.initResult?.serverInfo?.version ?? ""
+    };
+  }
+  get protocolVersion() {
+    return this.initResult?.protocolVersion ?? "";
+  }
+  get instructions() {
+    return this.initResult?.instructions ?? "";
+  }
+  get capabilities() {
+    return this.initResult?.capabilities ?? {};
+  }
+  /**
+   * Check if server has a specific capability
+   */
+  hasCapability(name) {
+    return !!this.capabilities[name];
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // TOOLS API
+  // ═══════════════════════════════════════════════════════════════════
+  tools = {
+    /**
+     * List all available tools
+     */
+    list: async () => {
+      const response = await this.listTools();
+      if (!response.success || !response.data) {
+        throw new Error(`Failed to list tools: ${response.error?.message}`);
+      }
+      return response.data.tools;
+    },
+    /**
+     * Call a tool by name with arguments
+     */
+    call: async (name, args) => {
+      const response = await this.callTool(name, args);
+      return this.wrapToolResult(response);
+    }
+  };
+  // ═══════════════════════════════════════════════════════════════════
+  // RESOURCES API
+  // ═══════════════════════════════════════════════════════════════════
+  resources = {
+    /**
+     * List all static resources
+     */
+    list: async () => {
+      const response = await this.listResources();
+      if (!response.success || !response.data) {
+        throw new Error(`Failed to list resources: ${response.error?.message}`);
+      }
+      return response.data.resources;
+    },
+    /**
+     * List all resource templates
+     */
+    listTemplates: async () => {
+      const response = await this.listResourceTemplates();
+      if (!response.success || !response.data) {
+        throw new Error(`Failed to list resource templates: ${response.error?.message}`);
+      }
+      return response.data.resourceTemplates;
+    },
+    /**
+     * Read a resource by URI
+     */
+    read: async (uri) => {
+      const response = await this.readResource(uri);
+      return this.wrapResourceContent(response);
+    },
+    /**
+     * Subscribe to resource changes (placeholder for future implementation)
+     */
+    subscribe: async (_uri) => {
+      this.log("warn", "Resource subscription not yet implemented");
+    },
+    /**
+     * Unsubscribe from resource changes (placeholder for future implementation)
+     */
+    unsubscribe: async (_uri) => {
+      this.log("warn", "Resource unsubscription not yet implemented");
+    }
+  };
+  // ═══════════════════════════════════════════════════════════════════
+  // PROMPTS API
+  // ═══════════════════════════════════════════════════════════════════
+  prompts = {
+    /**
+     * List all available prompts
+     */
+    list: async () => {
+      const response = await this.listPrompts();
+      if (!response.success || !response.data) {
+        throw new Error(`Failed to list prompts: ${response.error?.message}`);
+      }
+      return response.data.prompts;
+    },
+    /**
+     * Get a prompt with arguments
+     */
+    get: async (name, args) => {
+      const response = await this.getPrompt(name, args);
+      return this.wrapPromptResult(response);
+    }
+  };
+  // ═══════════════════════════════════════════════════════════════════
+  // RAW PROTOCOL ACCESS
+  // ═══════════════════════════════════════════════════════════════════
+  raw = {
+    /**
+     * Send any JSON-RPC request
+     */
+    request: async (message) => {
+      this.ensureConnected();
+      const start = Date.now();
+      const response = await this.transport.request(message);
+      this.traceRequest(message.method, message.params, message.id, response, Date.now() - start);
+      return response;
+    },
+    /**
+     * Send a notification (no response expected)
+     */
+    notify: async (message) => {
+      this.ensureConnected();
+      await this.transport.notify(message);
+    },
+    /**
+     * Send raw string data (for error testing)
+     */
+    sendRaw: async (data) => {
+      this.ensureConnected();
+      return this.transport.sendRaw(data);
+    }
+  };
+  get lastRequestId() {
+    return this._lastRequestId;
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // TRANSPORT INFO
+  // ═══════════════════════════════════════════════════════════════════
+  /**
+   * Get transport information and utilities
+   */
+  get transport_info() {
+    return {
+      type: this.config.transport,
+      isConnected: () => this.transport?.isConnected() ?? false,
+      messageEndpoint: this.transport?.getMessageEndpoint?.(),
+      connectionCount: this.transport?.getConnectionCount?.() ?? 0,
+      reconnectCount: this.transport?.getReconnectCount?.() ?? 0,
+      lastRequestHeaders: this.transport?.getLastRequestHeaders?.() ?? {},
+      simulateDisconnect: async () => {
+        await this.transport?.simulateDisconnect?.();
+      },
+      waitForReconnect: async (timeoutMs) => {
+        await this.transport?.waitForReconnect?.(timeoutMs);
+      }
+    };
+  }
+  // Alias for transport info
+  get transport_() {
+    return this.transport_info;
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // NOTIFICATIONS
+  // ═══════════════════════════════════════════════════════════════════
+  notifications = {
+    /**
+     * Start collecting server notifications
+     */
+    collect: () => {
+      return new NotificationCollector(this._notifications);
+    },
+    /**
+     * Collect progress notifications specifically
+     */
+    collectProgress: () => {
+      return new ProgressCollector(this._progressUpdates);
+    },
+    /**
+     * Send a notification to the server
+     */
+    send: async (method, params) => {
+      await this.raw.notify({ jsonrpc: "2.0", method, params });
+    }
+  };
+  // ═══════════════════════════════════════════════════════════════════
+  // LOGGING & DEBUGGING
+  // ═══════════════════════════════════════════════════════════════════
+  logs = {
+    all: () => [...this._logs],
+    filter: (level) => this._logs.filter((l) => l.level === level),
+    search: (text) => this._logs.filter((l) => l.message.includes(text)),
+    last: () => this._logs[this._logs.length - 1],
+    clear: () => {
+      this._logs = [];
+    }
+  };
+  trace = {
+    all: () => [...this._traces],
+    last: () => this._traces[this._traces.length - 1],
+    clear: () => {
+      this._traces = [];
+    }
+  };
+  // ═══════════════════════════════════════════════════════════════════
+  // MOCKING & INTERCEPTION
+  // ═══════════════════════════════════════════════════════════════════
+  /**
+   * API for mocking MCP requests
+   *
+   * @example
+   * ```typescript
+   * // Mock a specific tool call
+   * const handle = mcp.mock.tool('my-tool', { result: 'mocked!' });
+   *
+   * // Mock with params matching
+   * mcp.mock.add({
+   *   method: 'tools/call',
+   *   params: { name: 'my-tool' },
+   *   response: mockResponse.toolResult([{ type: 'text', text: 'mocked' }]),
+   * });
+   *
+   * // Clear all mocks after test
+   * mcp.mock.clear();
+   * ```
+   */
+  mock = {
+    /**
+     * Add a mock definition
+     */
+    add: (mock) => {
+      return this._interceptors.mocks.add(mock);
+    },
+    /**
+     * Mock a tools/call request for a specific tool
+     */
+    tool: (name, result, options) => {
+      return this._interceptors.mocks.add({
+        method: "tools/call",
+        params: { name },
+        response: mockResponse.toolResult([
+          { type: "text", text: typeof result === "string" ? result : JSON.stringify(result) }
+        ]),
+        times: options?.times,
+        delay: options?.delay
+      });
+    },
+    /**
+     * Mock a tools/call request to return an error
+     */
+    toolError: (name, code, message, options) => {
+      return this._interceptors.mocks.add({
+        method: "tools/call",
+        params: { name },
+        response: mockResponse.error(code, message),
+        times: options?.times
+      });
+    },
+    /**
+     * Mock a resources/read request
+     */
+    resource: (uri, content, options) => {
+      const contentObj = typeof content === "string" ? { uri, text: content } : { uri, ...content };
+      return this._interceptors.mocks.add({
+        method: "resources/read",
+        params: { uri },
+        response: mockResponse.resourceRead([contentObj]),
+        times: options?.times,
+        delay: options?.delay
+      });
+    },
+    /**
+     * Mock a resources/read request to return an error
+     */
+    resourceError: (uri, options) => {
+      return this._interceptors.mocks.add({
+        method: "resources/read",
+        params: { uri },
+        response: mockResponse.errors.resourceNotFound(uri),
+        times: options?.times
+      });
+    },
+    /**
+     * Mock the tools/list response
+     */
+    toolsList: (tools, options) => {
+      return this._interceptors.mocks.add({
+        method: "tools/list",
+        response: mockResponse.toolsList(tools),
+        times: options?.times
+      });
+    },
+    /**
+     * Mock the resources/list response
+     */
+    resourcesList: (resources, options) => {
+      return this._interceptors.mocks.add({
+        method: "resources/list",
+        response: mockResponse.resourcesList(resources),
+        times: options?.times
+      });
+    },
+    /**
+     * Clear all mocks
+     */
+    clear: () => {
+      this._interceptors.mocks.clear();
+    },
+    /**
+     * Get all active mocks
+     */
+    all: () => {
+      return this._interceptors.mocks.getAll();
+    }
+  };
+  /**
+   * API for intercepting requests and responses
+   *
+   * @example
+   * ```typescript
+   * // Log all requests
+   * const remove = mcp.intercept.request((ctx) => {
+   *   console.log('Request:', ctx.request.method);
+   *   return { action: 'passthrough' };
+   * });
+   *
+   * // Modify requests
+   * mcp.intercept.request((ctx) => {
+   *   if (ctx.request.method === 'tools/call') {
+   *     return {
+   *       action: 'modify',
+   *       request: { ...ctx.request, params: { ...ctx.request.params, extra: true } },
+   *     };
+   *   }
+   *   return { action: 'passthrough' };
+   * });
+   *
+   * // Add latency to all requests
+   * mcp.intercept.delay(100);
+   *
+   * // Clean up
+   * remove();
+   * mcp.intercept.clear();
+   * ```
+   */
+  intercept = {
+    /**
+     * Add a request interceptor
+     * @returns Function to remove the interceptor
+     */
+    request: (interceptor) => {
+      return this._interceptors.addRequestInterceptor(interceptor);
+    },
+    /**
+     * Add a response interceptor
+     * @returns Function to remove the interceptor
+     */
+    response: (interceptor) => {
+      return this._interceptors.addResponseInterceptor(interceptor);
+    },
+    /**
+     * Add latency to all requests
+     * @returns Function to remove the interceptor
+     */
+    delay: (ms) => {
+      return this._interceptors.addRequestInterceptor(async () => {
+        await new Promise((r) => setTimeout(r, ms));
+        return { action: "passthrough" };
+      });
+    },
+    /**
+     * Fail requests matching a method
+     * @returns Function to remove the interceptor
+     */
+    failMethod: (method, error) => {
+      return this._interceptors.addRequestInterceptor((ctx) => {
+        if (ctx.request.method === method) {
+          return { action: "error", error: new Error(error ?? `Intercepted: ${method}`) };
+        }
+        return { action: "passthrough" };
+      });
+    },
+    /**
+     * Clear all interceptors (but not mocks)
+     */
+    clear: () => {
+      this._interceptors.request = [];
+      this._interceptors.response = [];
+    },
+    /**
+     * Clear everything (interceptors and mocks)
+     */
+    clearAll: () => {
+      this._interceptors.clear();
+    }
+  };
+  // ═══════════════════════════════════════════════════════════════════
+  // TIMEOUT
+  // ═══════════════════════════════════════════════════════════════════
+  setTimeout(ms) {
+    this.config.timeout = ms;
+    if (this.transport) {
+      this.transport.setTimeout(ms);
+    }
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // PRIVATE: MCP OPERATIONS
+  // ═══════════════════════════════════════════════════════════════════
+  async initialize() {
+    const capabilities = this.config.capabilities ?? {
+      sampling: {}
+    };
+    return this.request("initialize", {
+      protocolVersion: this.config.protocolVersion,
+      capabilities,
+      clientInfo: this.config.clientInfo
+    });
+  }
+  async listTools() {
+    return this.request("tools/list", {});
+  }
+  async callTool(name, args) {
+    return this.request("tools/call", {
+      name,
+      arguments: args ?? {}
+    });
+  }
+  async listResources() {
+    return this.request("resources/list", {});
+  }
+  async listResourceTemplates() {
+    return this.request("resources/templates/list", {});
+  }
+  async readResource(uri) {
+    return this.request("resources/read", { uri });
+  }
+  async listPrompts() {
+    return this.request("prompts/list", {});
+  }
+  async getPrompt(name, args) {
+    return this.request("prompts/get", {
+      name,
+      arguments: args ?? {}
+    });
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // PRIVATE: TRANSPORT & REQUEST HELPERS
+  // ═══════════════════════════════════════════════════════════════════
+  createTransport() {
+    switch (this.config.transport) {
+      case "streamable-http":
+        return new StreamableHttpTransport({
+          baseUrl: this.config.baseUrl,
+          timeout: this.config.timeout,
+          auth: this.config.auth,
+          publicMode: this.config.publicMode,
+          debug: this.config.debug,
+          interceptors: this._interceptors,
+          clientInfo: this.config.clientInfo
+        });
+      case "sse":
+        throw new Error("SSE transport not yet implemented");
+      default:
+        throw new Error(`Unknown transport type: ${this.config.transport}`);
+    }
+  }
+  async request(method, params) {
+    this.ensureConnected();
+    const id = ++this.requestIdCounter;
+    this._lastRequestId = id;
+    const start = Date.now();
+    try {
+      const response = await this.transport.request({
+        jsonrpc: "2.0",
+        id,
+        method,
+        params
+      });
+      const durationMs = Date.now() - start;
+      this.updateSessionActivity();
+      if ("error" in response && response.error) {
+        const error = response.error;
+        this.traceRequest(method, params, id, response, durationMs);
+        return {
+          success: false,
+          error,
+          durationMs,
+          requestId: id
+        };
+      }
+      this.traceRequest(method, params, id, response, durationMs);
+      return {
+        success: true,
+        data: response.result,
+        durationMs,
+        requestId: id
+      };
+    } catch (err) {
+      const durationMs = Date.now() - start;
+      const error = {
+        code: -32603,
+        message: err instanceof Error ? err.message : "Unknown error"
+      };
+      return {
+        success: false,
+        error,
+        durationMs,
+        requestId: id
+      };
+    }
+  }
+  ensureConnected() {
+    if (!this.transport?.isConnected()) {
+      throw new Error("Not connected to MCP server. Call connect() first.");
+    }
+  }
+  updateSessionActivity() {
+    if (this._sessionInfo) {
+      this._sessionInfo.lastActivityAt = /* @__PURE__ */ new Date();
+      this._sessionInfo.requestCount++;
+    }
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // PRIVATE: RESULT WRAPPERS
+  // ═══════════════════════════════════════════════════════════════════
+  wrapToolResult(response) {
+    const raw = response.data ?? { content: [] };
+    const isError = !response.success || raw.isError === true;
+    const meta = raw._meta;
+    const hasUI = meta?.["ui/html"] !== void 0 || meta?.["ui/component"] !== void 0 || meta?.["openai/html"] !== void 0 || meta?.["frontmcp/html"] !== void 0;
+    const structuredContent = raw["structuredContent"];
+    return {
+      raw,
+      isSuccess: !isError,
+      isError,
+      error: response.error,
+      durationMs: response.durationMs,
+      json() {
+        if (hasUI && structuredContent !== void 0) {
+          return structuredContent;
+        }
+        const textContent = raw.content?.find((c) => c.type === "text");
+        if (textContent && "text" in textContent) {
+          return JSON.parse(textContent.text);
+        }
+        throw new Error("No text content to parse as JSON");
+      },
+      text() {
+        const textContent = raw.content?.find((c) => c.type === "text");
+        if (textContent && "text" in textContent) {
+          return textContent.text;
+        }
+        return void 0;
+      },
+      hasTextContent() {
+        return raw.content?.some((c) => c.type === "text") ?? false;
+      },
+      hasImageContent() {
+        return raw.content?.some((c) => c.type === "image") ?? false;
+      },
+      hasResourceContent() {
+        return raw.content?.some((c) => c.type === "resource") ?? false;
+      },
+      hasToolUI() {
+        return hasUI;
+      }
+    };
+  }
+  wrapResourceContent(response) {
+    const raw = response.data ?? { contents: [] };
+    const isError = !response.success;
+    const firstContent = raw.contents?.[0];
+    return {
+      raw,
+      isSuccess: !isError,
+      isError,
+      error: response.error,
+      durationMs: response.durationMs,
+      json() {
+        if (firstContent && "text" in firstContent) {
+          return JSON.parse(firstContent.text);
+        }
+        throw new Error("No text content to parse as JSON");
+      },
+      text() {
+        if (firstContent && "text" in firstContent) {
+          return firstContent.text;
+        }
+        return void 0;
+      },
+      mimeType() {
+        return firstContent?.mimeType;
+      },
+      hasMimeType(type) {
+        return firstContent?.mimeType === type;
+      }
+    };
+  }
+  wrapPromptResult(response) {
+    const raw = response.data ?? { messages: [] };
+    const isError = !response.success;
+    return {
+      raw,
+      isSuccess: !isError,
+      isError,
+      error: response.error,
+      durationMs: response.durationMs,
+      messages: raw.messages ?? [],
+      description: raw.description
+    };
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // PRIVATE: LOGGING & TRACING
+  // ═══════════════════════════════════════════════════════════════════
+  log(level, message, data) {
+    const entry = {
+      level,
+      message,
+      timestamp: /* @__PURE__ */ new Date(),
+      data
+    };
+    this._logs.push(entry);
+    if (this.config.debug) {
+      console.log(`[${level.toUpperCase()}] ${message}`, data ?? "");
+    }
+  }
+  traceRequest(method, params, id, response, durationMs) {
+    this._traces.push({
+      request: { method, params, id },
+      response: {
+        result: "result" in response ? response.result : void 0,
+        error: "error" in response ? response.error : void 0
+      },
+      durationMs,
+      timestamp: /* @__PURE__ */ new Date()
+    });
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // PRIVATE: TOKEN PARSING
+  // ═══════════════════════════════════════════════════════════════════
+  parseScopesFromToken(token) {
+    try {
+      const payload = this.decodeJwtPayload(token);
+      if (!payload) return [];
+      const scope = payload["scope"];
+      const scopes = payload["scopes"];
+      if (typeof scope === "string") {
+        return scope.split(" ");
+      }
+      if (Array.isArray(scopes)) {
+        return scopes;
+      }
+      return [];
+    } catch {
+      return [];
+    }
+  }
+  parseUserFromToken(token) {
+    try {
+      const payload = this.decodeJwtPayload(token);
+      const sub = payload?.["sub"];
+      if (!sub || typeof sub !== "string") return void 0;
+      return {
+        sub,
+        email: payload["email"],
+        name: payload["name"]
+      };
+    } catch {
+      return void 0;
+    }
+  }
+  decodeJwtPayload(token) {
+    try {
+      const parts = token.split(".");
+      if (parts.length !== 3) return null;
+      const payload = Buffer.from(parts[1], "base64url").toString("utf-8");
+      return JSON.parse(payload);
+    } catch {
+      return null;
+    }
+  }
+};
+var NotificationCollector = class {
+  constructor(notifications) {
+    this.notifications = notifications;
+  }
+  get received() {
+    return [...this.notifications];
+  }
+  has(method) {
+    return this.notifications.some((n) => n.method === method);
+  }
+  async waitFor(method, timeoutMs) {
+    const deadline = Date.now() + timeoutMs;
+    while (Date.now() < deadline) {
+      const found = this.notifications.find((n) => n.method === method);
+      if (found) return found;
+      await new Promise((r) => setTimeout(r, 50));
+    }
+    throw new Error(`Timeout waiting for notification: ${method}`);
+  }
+};
+var ProgressCollector = class {
+  constructor(updates) {
+    this.updates = updates;
+  }
+  get all() {
+    return [...this.updates];
+  }
+  async waitForComplete(timeoutMs) {
+    const deadline = Date.now() + timeoutMs;
+    while (Date.now() < deadline) {
+      const last = this.updates[this.updates.length - 1];
+      if (last && last.total !== void 0 && last.progress >= last.total) {
+        return;
+      }
+      await new Promise((r) => setTimeout(r, 50));
+    }
+    throw new Error("Timeout waiting for progress to complete");
+  }
+};
+
+// libs/testing/src/auth/token-factory.ts
+var import_jose = require("jose");
+var TestTokenFactory = class {
+  issuer;
+  audience;
+  privateKey = null;
+  publicKey = null;
+  jwk = null;
+  keyId;
+  constructor(options = {}) {
+    this.issuer = options.issuer ?? "https://test.frontmcp.local";
+    this.audience = options.audience ?? "frontmcp-test";
+    this.keyId = `test-key-${Date.now()}`;
+  }
+  /**
+   * Initialize the key pair (called automatically on first use)
+   */
+  async ensureKeys() {
+    if (this.privateKey && this.publicKey) return;
+    const { publicKey, privateKey } = await (0, import_jose.generateKeyPair)("RS256", {
+      extractable: true
+    });
+    this.privateKey = privateKey;
+    this.publicKey = publicKey;
+    this.jwk = await (0, import_jose.exportJWK)(publicKey);
+    this.jwk.kid = this.keyId;
+    this.jwk.use = "sig";
+    this.jwk.alg = "RS256";
+  }
+  /**
+   * Create a JWT token with the specified claims
+   */
+  async createTestToken(options) {
+    await this.ensureKeys();
+    const now = Math.floor(Date.now() / 1e3);
+    const exp = options.exp ?? 3600;
+    const payload = {
+      iss: options.iss ?? this.issuer,
+      sub: options.sub,
+      aud: options.aud ?? this.audience,
+      iat: now,
+      exp: now + exp,
+      scope: options.scopes?.join(" "),
+      ...options.claims
+    };
+    const token = await new import_jose.SignJWT(payload).setProtectedHeader({ alg: "RS256", kid: this.keyId }).sign(this.privateKey);
+    return token;
+  }
+  /**
+   * Create an admin token with full access
+   */
+  async createAdminToken(sub = "admin-001") {
+    return this.createTestToken({
+      sub,
+      scopes: ["admin:*", "read", "write", "delete"],
+      claims: {
+        email: "admin@test.local",
+        name: "Test Admin",
+        role: "admin"
+      }
+    });
+  }
+  /**
+   * Create a regular user token
+   */
+  async createUserToken(sub = "user-001", scopes = ["read", "write"]) {
+    return this.createTestToken({
+      sub,
+      scopes,
+      claims: {
+        email: "user@test.local",
+        name: "Test User",
+        role: "user"
+      }
+    });
+  }
+  /**
+   * Create an anonymous user token
+   */
+  async createAnonymousToken() {
+    return this.createTestToken({
+      sub: `anon:${Date.now()}`,
+      scopes: ["anonymous"],
+      claims: {
+        name: "Anonymous",
+        role: "anonymous"
+      }
+    });
+  }
+  /**
+   * Create an expired token (for testing token expiration)
+   */
+  async createExpiredToken(options) {
+    await this.ensureKeys();
+    const now = Math.floor(Date.now() / 1e3);
+    const payload = {
+      iss: this.issuer,
+      sub: options.sub,
+      aud: this.audience,
+      iat: now - 7200,
+      // 2 hours ago
+      exp: now - 3600
+      // Expired 1 hour ago
+    };
+    const token = await new import_jose.SignJWT(payload).setProtectedHeader({ alg: "RS256", kid: this.keyId }).sign(this.privateKey);
+    return token;
+  }
+  /**
+   * Create a token with an invalid signature (for testing signature validation)
+   */
+  createTokenWithInvalidSignature(options) {
+    const now = Math.floor(Date.now() / 1e3);
+    const header = Buffer.from(JSON.stringify({ alg: "RS256", kid: this.keyId })).toString("base64url");
+    const payload = Buffer.from(
+      JSON.stringify({
+        iss: this.issuer,
+        sub: options.sub,
+        aud: this.audience,
+        iat: now,
+        exp: now + 3600
+      })
+    ).toString("base64url");
+    const signature = Buffer.from("invalid-signature-" + Date.now()).toString("base64url");
+    return `${header}.${payload}.${signature}`;
+  }
+  /**
+   * Get the public JWKS for verifying tokens
+   */
+  async getPublicJwks() {
+    await this.ensureKeys();
+    return {
+      keys: [this.jwk]
+    };
+  }
+  /**
+   * Get the issuer URL
+   */
+  getIssuer() {
+    return this.issuer;
+  }
+  /**
+   * Get the audience
+   */
+  getAudience() {
+    return this.audience;
+  }
+};
+
+// libs/testing/src/server/test-server.ts
+var import_child_process = require("child_process");
+var TestServer = class _TestServer {
+  process = null;
+  options;
+  _info;
+  logs = [];
+  constructor(options, port) {
+    this.options = {
+      port,
+      command: options.command ?? "",
+      cwd: options.cwd ?? process.cwd(),
+      env: options.env ?? {},
+      startupTimeout: options.startupTimeout ?? 3e4,
+      healthCheckPath: options.healthCheckPath ?? "/health",
+      debug: options.debug ?? false
+    };
+    this._info = {
+      baseUrl: `http://localhost:${port}`,
+      port
+    };
+  }
+  /**
+   * Start a test server with custom command
+   */
+  static async start(options) {
+    const port = options.port ?? await findAvailablePort();
+    const server = new _TestServer(options, port);
+    try {
+      await server.startProcess();
+    } catch (error) {
+      await server.stop();
+      throw error;
+    }
+    return server;
+  }
+  /**
+   * Start an Nx project as test server
+   */
+  static async startNx(project, options = {}) {
+    if (!/^[\w-]+$/.test(project)) {
+      throw new Error(
+        `Invalid project name: ${project}. Must contain only alphanumeric, underscore, and hyphen characters.`
+      );
+    }
+    const port = options.port ?? await findAvailablePort();
+    const serverOptions = {
+      ...options,
+      port,
+      command: `npx nx serve ${project} --port ${port}`,
+      cwd: options.cwd ?? process.cwd()
+    };
+    const server = new _TestServer(serverOptions, port);
+    try {
+      await server.startProcess();
+    } catch (error) {
+      await server.stop();
+      throw error;
+    }
+    return server;
+  }
+  /**
+   * Create a test server connected to an already running server
+   */
+  static connect(baseUrl) {
+    const url = new URL(baseUrl);
+    const port = parseInt(url.port, 10) || (url.protocol === "https:" ? 443 : 80);
+    const server = new _TestServer(
+      {
+        command: "",
+        port
+      },
+      port
+    );
+    server._info = {
+      baseUrl: baseUrl.replace(/\/$/, ""),
+      port
+    };
+    return server;
+  }
+  /**
+   * Get server information
+   */
+  get info() {
+    return { ...this._info };
+  }
+  /**
+   * Stop the test server
+   */
+  async stop() {
+    if (this.process) {
+      this.log("Stopping server...");
+      this.process.kill("SIGTERM");
+      const exitPromise = new Promise((resolve) => {
+        if (this.process) {
+          this.process.once("exit", () => resolve());
+        } else {
+          resolve();
+        }
+      });
+      const killTimeout = setTimeout(() => {
+        if (this.process) {
+          this.log("Force killing server after timeout...");
+          this.process.kill("SIGKILL");
+        }
+      }, 5e3);
+      await exitPromise;
+      clearTimeout(killTimeout);
+      this.process = null;
+      this.log("Server stopped");
+    }
+  }
+  /**
+   * Wait for server to be ready
+   */
+  async waitForReady(timeout) {
+    const timeoutMs = timeout ?? this.options.startupTimeout;
+    const deadline = Date.now() + timeoutMs;
+    const checkInterval = 100;
+    while (Date.now() < deadline) {
+      try {
+        const response = await fetch(`${this._info.baseUrl}${this.options.healthCheckPath}`, {
+          method: "GET",
+          signal: AbortSignal.timeout(1e3)
+        });
+        if (response.ok || response.status === 404) {
+          this.log("Server is ready");
+          return;
+        }
+      } catch {
+      }
+      await sleep2(checkInterval);
+    }
+    throw new Error(`Server did not become ready within ${timeoutMs}ms`);
+  }
+  /**
+   * Restart the server
+   */
+  async restart() {
+    await this.stop();
+    await this.startProcess();
+  }
+  /**
+   * Get captured server logs
+   */
+  getLogs() {
+    return [...this.logs];
+  }
+  /**
+   * Clear captured logs
+   */
+  clearLogs() {
+    this.logs = [];
+  }
+  // ═══════════════════════════════════════════════════════════════════
+  // PRIVATE METHODS
+  // ═══════════════════════════════════════════════════════════════════
+  async startProcess() {
+    if (!this.options.command) {
+      await this.waitForReady();
+      return;
+    }
+    this.log(`Starting server: ${this.options.command}`);
+    const env = {
+      ...process.env,
+      ...this.options.env,
+      PORT: String(this.options.port)
+    };
+    this.process = (0, import_child_process.spawn)(this.options.command, [], {
+      cwd: this.options.cwd,
+      env,
+      shell: true,
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    if (this.process.pid !== void 0) {
+      this._info.pid = this.process.pid;
+    }
+    let processExited = false;
+    let exitCode = null;
+    let exitError = null;
+    this.process.stdout?.on("data", (data) => {
+      const text = data.toString();
+      this.logs.push(text);
+      if (this.options.debug) {
+        console.log("[SERVER]", text);
+      }
+    });
+    this.process.stderr?.on("data", (data) => {
+      const text = data.toString();
+      this.logs.push(`[ERROR] ${text}`);
+      if (this.options.debug) {
+        console.error("[SERVER ERROR]", text);
+      }
+    });
+    this.process.on("error", (err) => {
+      this.logs.push(`[SPAWN ERROR] ${err.message}`);
+      exitError = err;
+      if (this.options.debug) {
+        console.error("[SERVER SPAWN ERROR]", err);
+      }
+    });
+    this.process.once("exit", (code) => {
+      processExited = true;
+      exitCode = code;
+      this.log(`Server process exited with code ${code}`);
+    });
+    await this.waitForReadyWithExitDetection(() => {
+      if (exitError) {
+        return { exited: true, error: exitError };
+      }
+      if (processExited) {
+        const recentLogs = this.logs.slice(-10).join("\n");
+        return {
+          exited: true,
+          error: new Error(`Server process exited unexpectedly with code ${exitCode}.
+
+Recent logs:
+${recentLogs}`)
+        };
+      }
+      return { exited: false };
+    });
+  }
+  /**
+   * Wait for server to be ready, but also detect early process exit
+   */
+  async waitForReadyWithExitDetection(checkExit) {
+    const timeoutMs = this.options.startupTimeout;
+    const deadline = Date.now() + timeoutMs;
+    const checkInterval = 100;
+    while (Date.now() < deadline) {
+      const exitStatus = checkExit();
+      if (exitStatus.exited) {
+        throw exitStatus.error ?? new Error("Server process exited unexpectedly");
+      }
+      try {
+        const response = await fetch(`${this._info.baseUrl}${this.options.healthCheckPath}`, {
+          method: "GET",
+          signal: AbortSignal.timeout(1e3)
+        });
+        if (response.ok || response.status === 404) {
+          this.log("Server is ready");
+          return;
+        }
+      } catch {
+      }
+      await sleep2(checkInterval);
+    }
+    const finalExitStatus = checkExit();
+    if (finalExitStatus.exited) {
+      throw finalExitStatus.error ?? new Error("Server process exited unexpectedly");
+    }
+    throw new Error(`Server did not become ready within ${timeoutMs}ms`);
+  }
+  log(message) {
+    if (this.options.debug) {
+      console.log(`[TestServer] ${message}`);
+    }
+  }
+};
+async function findAvailablePort() {
+  const { createServer } = await import("net");
+  return new Promise((resolve, reject) => {
+    const server = createServer();
+    server.listen(0, () => {
+      const address = server.address();
+      if (address && typeof address !== "string") {
+        const port = address.port;
+        server.close(() => resolve(port));
+      } else {
+        reject(new Error("Could not get port"));
+      }
+    });
+    server.on("error", reject);
+  });
+}
+function sleep2(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+// libs/testing/src/fixtures/test-fixture.ts
+var currentConfig = {};
+var serverInstance = null;
+var tokenFactory = null;
+var serverStartedByUs = false;
+async function initializeSharedResources() {
+  if (!tokenFactory) {
+    tokenFactory = new TestTokenFactory();
+  }
+  if (!serverInstance) {
+    if (currentConfig.baseUrl) {
+      serverInstance = TestServer.connect(currentConfig.baseUrl);
+      serverStartedByUs = false;
+    } else if (currentConfig.server) {
+      serverInstance = await TestServer.start({
+        port: currentConfig.port,
+        command: resolveServerCommand(currentConfig.server),
+        env: currentConfig.env,
+        startupTimeout: currentConfig.startupTimeout ?? 3e4,
+        debug: currentConfig.logLevel === "debug"
+      });
+      serverStartedByUs = true;
+    } else {
+      throw new Error(
+        'test.use() requires either "server" (entry file path) or "baseUrl" (for external server) option'
+      );
+    }
+  }
+}
+async function createTestFixtures() {
+  await initializeSharedResources();
+  const clientInstance = await McpTestClient.create({
+    baseUrl: serverInstance.info.baseUrl,
+    transport: currentConfig.transport ?? "streamable-http",
+    publicMode: currentConfig.publicMode
+  }).buildAndConnect();
+  const auth = createAuthFixture(tokenFactory);
+  const server = createServerFixture(serverInstance);
+  return {
+    mcp: clientInstance,
+    auth,
+    server
+  };
+}
+async function cleanupTestFixtures(fixtures, _testFailed = false) {
+  if (fixtures.mcp.isConnected()) {
+    await fixtures.mcp.disconnect();
+  }
+}
+async function cleanupSharedResources() {
+  if (serverInstance && serverStartedByUs) {
+    await serverInstance.stop();
+  }
+  serverInstance = null;
+  tokenFactory = null;
+  serverStartedByUs = false;
+}
+function createAuthFixture(factory) {
+  const users = {
+    admin: {
+      sub: "admin-001",
+      scopes: ["admin:*", "read", "write", "delete"],
+      email: "admin@test.local",
+      name: "Test Admin"
+    },
+    user: {
+      sub: "user-001",
+      scopes: ["read", "write"],
+      email: "user@test.local",
+      name: "Test User"
+    },
+    readOnly: {
+      sub: "readonly-001",
+      scopes: ["read"],
+      email: "readonly@test.local",
+      name: "Read Only User"
+    }
+  };
+  return {
+    createToken: (opts) => factory.createTestToken({
+      sub: opts.sub,
+      scopes: opts.scopes,
+      claims: {
+        email: opts.email,
+        name: opts.name,
+        ...opts.claims
+      },
+      exp: opts.expiresIn
+    }),
+    createExpiredToken: (opts) => factory.createExpiredToken(opts),
+    createInvalidToken: (opts) => factory.createTokenWithInvalidSignature(opts),
+    users: {
+      admin: users["admin"],
+      user: users["user"],
+      readOnly: users["readOnly"]
+    },
+    getJwks: () => factory.getPublicJwks(),
+    getIssuer: () => factory.getIssuer(),
+    getAudience: () => factory.getAudience()
+  };
+}
+function createServerFixture(server) {
+  return {
+    info: server.info,
+    createClient: async (opts) => {
+      return McpTestClient.create({
+        baseUrl: server.info.baseUrl,
+        transport: opts?.transport ?? "streamable-http",
+        auth: opts?.token ? { token: opts.token } : void 0,
+        clientInfo: opts?.clientInfo,
+        publicMode: currentConfig.publicMode
+      }).buildAndConnect();
+    },
+    createClientBuilder: () => {
+      const builder = new McpTestClientBuilder({
+        baseUrl: server.info.baseUrl,
+        publicMode: currentConfig.publicMode
+      });
+      return builder;
+    },
+    restart: () => server.restart(),
+    getLogs: () => server.getLogs(),
+    clearLogs: () => server.clearLogs()
+  };
+}
+function resolveServerCommand(server) {
+  if (server.includes(" ")) {
+    return server;
+  }
+  return `npx tsx ${server}`;
+}
+function testWithFixtures(name, fn) {
+  it(name, async () => {
+    const fixtures = await createTestFixtures();
+    let testFailed = false;
+    try {
+      await fn(fixtures);
+    } catch (error) {
+      testFailed = true;
+      throw error;
+    } finally {
+      await cleanupTestFixtures(fixtures, testFailed);
+    }
+  });
+}
+function use(config) {
+  currentConfig = { ...currentConfig, ...config };
+  afterAll(async () => {
+    await cleanupSharedResources();
+  });
+}
+function skip(name, fn) {
+  it.skip(name, async () => {
+    const fixtures = await createTestFixtures();
+    let testFailed = false;
+    try {
+      await fn(fixtures);
+    } catch (error) {
+      testFailed = true;
+      throw error;
+    } finally {
+      await cleanupTestFixtures(fixtures, testFailed);
+    }
+  });
+}
+function only(name, fn) {
+  it.only(name, async () => {
+    const fixtures = await createTestFixtures();
+    let testFailed = false;
+    try {
+      await fn(fixtures);
+    } catch (error) {
+      testFailed = true;
+      throw error;
+    } finally {
+      await cleanupTestFixtures(fixtures, testFailed);
+    }
+  });
+}
+function todo(name) {
+  it.todo(name);
+}
+var test = testWithFixtures;
+test.use = use;
+test.describe = describe;
+test.beforeAll = beforeAll;
+test.beforeEach = beforeEach;
+test.afterEach = afterEach;
+test.afterAll = afterAll;
+test.skip = skip;
+test.only = only;
+test.todo = todo;
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  cleanupSharedResources,
+  cleanupTestFixtures,
+  createTestFixtures,
+  initializeSharedResources,
+  test
+});