@frontmcp/ui 1.3.0 → 1.4.0

package/esm/auth/index.mjs

@@ -0,0 +1,398 @@
+// libs/ui/src/auth/contract.ts
+var AUTH_FLOW_GLOBAL_KEY = "__FRONTMCP_AUTH__";
+var DEFAULT_SUBMIT_METHOD = "GET";
+var AUTH_WIRE_FIELDS = {
+  /** Pending authorization id. */
+  pendingAuthId: "pending_auth_id",
+  /** Anti-CSRF token. */
+  csrf: "csrf",
+  /** Marks a consent-form submission (distinguishes empty-select from first visit). */
+  consentSubmitted: "consent_submitted",
+  /** Repeated checkbox field carrying selected tool ids on the consent slot. */
+  tools: "tools",
+  /** Marks a federated submission. */
+  federated: "federated",
+  /** Repeated checkbox field carrying selected provider ids on the federated slot. */
+  providers: "providers",
+  /** Marks an incremental authorization. */
+  incremental: "incremental",
+  /** Target app id for incremental authorization. */
+  appId: "app_id",
+  /** Generic action discriminator (e.g. consent `authorize`/`skip`, or an extra name). */
+  action: "action"
+};
+var CONSENT_SUBMITTED_VALUE = "1";
+var WIRE_TRUE = "true";
+var AUTH_EXTRA_FIELD = AUTH_WIRE_FIELDS.action;
+var DEFAULT_AUTH_MOUNT_ID = "frontmcp-auth-root";
+
+// libs/ui/src/auth/vanilla/auth-flow.ts
+function getGlobalCarrier() {
+  if (typeof window !== "undefined") {
+    return window;
+  }
+  return globalThis;
+}
+function getAuthFlow() {
+  const state = tryGetAuthFlow();
+  if (!state) {
+    throw new Error(
+      `[auth-ui] No injected auth flow state found on window.${AUTH_FLOW_GLOBAL_KEY}. This page must be server-rendered by a FrontMCP @AuthUi slot.`
+    );
+  }
+  return state;
+}
+function tryGetAuthFlow() {
+  const carrier = getGlobalCarrier();
+  const state = carrier?.[AUTH_FLOW_GLOBAL_KEY];
+  if (!state || typeof state !== "object") {
+    return void 0;
+  }
+  return state;
+}
+function getAddedItems(name) {
+  const items = tryGetAuthFlow()?.addedItems?.[name];
+  return Array.isArray(items) ? items : [];
+}
+function toEntries(input) {
+  if (!input) {
+    return [];
+  }
+  if (isFormElement(input)) {
+    return formDataToEntries(new FormData(input));
+  }
+  if (typeof FormData !== "undefined" && input instanceof FormData) {
+    return formDataToEntries(input);
+  }
+  const entries = [];
+  for (const [key, value] of Object.entries(input)) {
+    if (value === void 0 || value === null) {
+      continue;
+    }
+    if (Array.isArray(value)) {
+      for (const v of value) {
+        if (v !== void 0 && v !== null) {
+          entries.push([key, String(v)]);
+        }
+      }
+    } else {
+      entries.push([key, String(value)]);
+    }
+  }
+  return entries;
+}
+function formDataToEntries(fd) {
+  const entries = [];
+  fd.forEach((value, key) => {
+    if (typeof value === "string") {
+      entries.push([key, value]);
+    }
+  });
+  return entries;
+}
+function isFormElement(input) {
+  return typeof input === "object" && // `nodeName` + a `FormData`-constructible shape is enough; avoids requiring
+  // a live `HTMLFormElement` global (jsdom provides one, node does not).
+  input.nodeName === "FORM";
+}
+function buildGetUrl(base, entries) {
+  const origin = typeof window !== "undefined" && window.location ? window.location.origin : void 0;
+  const url = origin ? new URL(base, origin) : new URL(base, "http://localhost");
+  for (const [key, value] of entries) {
+    url.searchParams.append(key, value);
+  }
+  if (!origin && !/^https?:\/\//i.test(base)) {
+    return `${url.pathname}${url.search}`;
+  }
+  return url.toString();
+}
+function buildUrlEncodedBody(entries) {
+  const params = new URLSearchParams();
+  for (const [key, value] of entries) {
+    params.append(key, value);
+  }
+  return params.toString();
+}
+function withControlFields(state, entries, markers) {
+  const present = new Set(entries.map(([k]) => k));
+  const merged = [...entries];
+  const ensure = (key, value) => {
+    if (value !== void 0 && !present.has(key)) {
+      merged.push([key, value]);
+      present.add(key);
+    }
+  };
+  ensure(AUTH_WIRE_FIELDS.pendingAuthId, state.pendingAuthId);
+  ensure(AUTH_WIRE_FIELDS.csrf, state.csrfToken);
+  for (const [key, value] of markers) {
+    ensure(key, value);
+  }
+  return merged;
+}
+function finishMarkers(state) {
+  switch (state.slot) {
+    case "consent":
+      return [[AUTH_WIRE_FIELDS.consentSubmitted, CONSENT_SUBMITTED_VALUE]];
+    default:
+      return [];
+  }
+}
+async function dispatch(method, url, entries) {
+  if (typeof fetch !== "function") {
+    throw new Error("[auth-ui] global fetch is unavailable in this environment");
+  }
+  if (method === "GET") {
+    return fetch(buildGetUrl(url, entries), {
+      method: "GET",
+      credentials: "same-origin",
+      headers: { Accept: "application/json, text/html" }
+    });
+  }
+  return fetch(url, {
+    method: "POST",
+    credentials: "same-origin",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json, text/html"
+    },
+    body: buildUrlEncodedBody(entries)
+  });
+}
+var defaultNavigator = (url) => {
+  if (typeof window !== "undefined" && window.location) {
+    window.location.assign(url);
+  }
+};
+var currentNavigator = defaultNavigator;
+function setAuthNavigator(navigator) {
+  currentNavigator = navigator ?? defaultNavigator;
+}
+async function submitFinish(formOrData, options = {}) {
+  const state = options.state ?? getAuthFlow();
+  if (!state.submitUrl) {
+    throw new Error("[auth-ui] submitFinish called but the injected flow state has no submitUrl");
+  }
+  const method = state.submitMethod ?? DEFAULT_SUBMIT_METHOD;
+  const entries = withControlFields(state, toEntries(formOrData), finishMarkers(state));
+  const response = await dispatch(method, state.submitUrl, entries);
+  const shouldNavigate = options.navigate ?? (typeof window !== "undefined" && !!window.location);
+  if (shouldNavigate && response.redirected && response.url) {
+    currentNavigator(response.url);
+  }
+  return response;
+}
+async function submitExtra(name, data, state) {
+  const flow = state ?? getAuthFlow();
+  const target = flow.extraUrl ?? flow.submitUrl;
+  if (!target) {
+    throw new Error("[auth-ui] submitExtra called but the injected flow state has no extraUrl/submitUrl");
+  }
+  const markers = flow.extraUrl ? [] : [[AUTH_EXTRA_FIELD, name]];
+  const entries = withControlFields(flow, toEntries(data), markers);
+  const response = await dispatch("POST", target, entries);
+  return parseExtraResponse(response);
+}
+async function parseExtraResponse(response) {
+  const contentType = response.headers.get("content-type") ?? "";
+  if (contentType.includes("application/json")) {
+    try {
+      const body = await response.json();
+      return {
+        ok: body.ok ?? response.ok,
+        error: typeof body.error === "string" ? body.error : void 0,
+        addedItems: body.addedItems && typeof body.addedItems === "object" ? body.addedItems : void 0,
+        sideEffects: body.sideEffects && typeof body.sideEffects === "object" ? body.sideEffects : void 0
+      };
+    } catch {
+    }
+  }
+  if (response.ok) {
+    return { ok: true };
+  }
+  return { ok: false, error: `Request failed with status ${response.status}` };
+}
+
+// libs/ui/src/auth/context.tsx
+import { createContext, useContext } from "react";
+var AuthFlowContext = createContext(null);
+function useAuthFlowContext() {
+  const ctx = useContext(AuthFlowContext);
+  if (!ctx) {
+    throw new Error("[auth-ui] useAuthFlow* hooks must be used inside <AuthPageWrapper> / <AuthFlowProvider>");
+  }
+  return ctx;
+}
+
+// libs/ui/src/auth/AuthPageWrapper.tsx
+import { useContext as useContext2, useMemo, useState } from "react";
+import { Fragment, jsx, jsxs } from "react/jsx-runtime";
+function AuthFlowProvider({
+  children,
+  state: stateOverride
+}) {
+  const injected = stateOverride ?? tryGetAuthFlow();
+  const [state, setState] = useState(
+    injected ?? { slot: "error", error: "No authorization flow state was provided." }
+  );
+  const value = useMemo(
+    () => ({
+      state,
+      update: (patch) => setState((prev) => ({ ...prev, ...patch }))
+    }),
+    [state]
+  );
+  return /* @__PURE__ */ jsx(AuthFlowContext.Provider, { value, children });
+}
+function ControlFields({ state }) {
+  return /* @__PURE__ */ jsxs(Fragment, { children: [
+    state.pendingAuthId !== void 0 && /* @__PURE__ */ jsx("input", { type: "hidden", name: AUTH_WIRE_FIELDS.pendingAuthId, value: state.pendingAuthId }),
+    state.csrfToken !== void 0 && /* @__PURE__ */ jsx("input", { type: "hidden", name: AUTH_WIRE_FIELDS.csrf, value: state.csrfToken }),
+    state.slot === "consent" && /* @__PURE__ */ jsx("input", { type: "hidden", name: AUTH_WIRE_FIELDS.consentSubmitted, value: CONSENT_SUBMITTED_VALUE })
+  ] });
+}
+function AuthPageWrapper({
+  children,
+  state: stateOverride,
+  renderForm = true,
+  className
+}) {
+  return /* @__PURE__ */ jsx(AuthFlowProvider, { state: stateOverride, children: /* @__PURE__ */ jsx(AuthPageWrapperInner, { renderForm, className, children }) });
+}
+function AuthPageWrapperInner({
+  children,
+  renderForm,
+  className
+}) {
+  const ctx = useAuthFlowContextSafe();
+  const state = ctx?.state;
+  if (!renderForm || !state?.submitUrl) {
+    return /* @__PURE__ */ jsx("div", { className: className ?? "frontmcp-auth-page", children });
+  }
+  const method = (state.submitMethod ?? DEFAULT_SUBMIT_METHOD).toLowerCase();
+  return /* @__PURE__ */ jsx("div", { className: className ?? "frontmcp-auth-page", children: /* @__PURE__ */ jsxs("form", { action: state.submitUrl, method, children: [
+    /* @__PURE__ */ jsx(ControlFields, { state }),
+    children
+  ] }) });
+}
+function useAuthFlowContextSafe() {
+  return useContext2(AuthFlowContext);
+}
+
+// libs/ui/src/auth/hooks.ts
+import { useCallback, useState as useState2 } from "react";
+function normalizeFormArg(arg) {
+  if (!arg) {
+    return void 0;
+  }
+  const maybeEvent = arg;
+  if (typeof maybeEvent.preventDefault === "function" && maybeEvent.currentTarget) {
+    maybeEvent.preventDefault();
+    return maybeEvent.currentTarget;
+  }
+  return arg;
+}
+function useAuthFlow() {
+  const { state } = useAuthFlowContext();
+  const submitFinish2 = useCallback(
+    (formOrEvent) => submitFinish(normalizeFormArg(formOrEvent), { state }),
+    [state]
+  );
+  return {
+    slot: state.slot,
+    pendingAuthId: state.pendingAuthId,
+    clientName: state.clientName,
+    clientId: state.clientId,
+    scopes: state.scopes ?? [],
+    redirectUri: state.redirectUri,
+    resource: state.resource,
+    error: state.error,
+    providers: state.providers ?? [],
+    tools: state.tools ?? [],
+    extras: state.extras ?? {},
+    state,
+    submitFinish: submitFinish2
+  };
+}
+function useAddedItems(name) {
+  const { state } = useAuthFlowContext();
+  const items = state.addedItems?.[name];
+  return Array.isArray(items) ? items : [];
+}
+function useExtraField(name) {
+  const { state, update } = useAuthFlowContext();
+  const [result, setResult] = useState2(void 0);
+  const [pending, setPending] = useState2(false);
+  const onSubmit = useCallback(
+    async (formOrEvent) => {
+      const data = normalizeFormArg(formOrEvent);
+      setPending(true);
+      try {
+        const res = await submitExtra(name, data, state);
+        setResult(res);
+        if (res.ok && res.addedItems) {
+          update({ addedItems: res.addedItems });
+        }
+        return res;
+      } catch (err) {
+        const failure = {
+          ok: false,
+          error: err instanceof Error ? err.message : "Failed to submit field"
+        };
+        setResult(failure);
+        return failure;
+      } finally {
+        setPending(false);
+      }
+    },
+    [name, state, update]
+  );
+  return { onSubmit, result, pending };
+}
+
+// libs/ui/src/auth/hydrate.tsx
+import { createRoot } from "react-dom/client";
+import { jsx as jsx2 } from "react/jsx-runtime";
+function resolveContainer(container) {
+  if (container && typeof container !== "string") {
+    return container;
+  }
+  if (typeof document === "undefined") {
+    throw new Error("[auth-ui] mountAuthPage requires a DOM (document is undefined)");
+  }
+  const selector = container ?? `#${DEFAULT_AUTH_MOUNT_ID}`;
+  const el = document.querySelector(selector);
+  if (!el) {
+    throw new Error(`[auth-ui] mountAuthPage could not find a container matching "${selector}"`);
+  }
+  return el;
+}
+function mountAuthPage(Component, options = {}) {
+  const container = resolveContainer(options.container);
+  const root = createRoot(container);
+  root.render(
+    /* @__PURE__ */ jsx2(AuthPageWrapper, { state: options.state, renderForm: options.renderForm, children: /* @__PURE__ */ jsx2(Component, {}) })
+  );
+  return root;
+}
+export {
+  AUTH_EXTRA_FIELD,
+  AUTH_FLOW_GLOBAL_KEY,
+  AUTH_WIRE_FIELDS,
+  AuthFlowContext,
+  AuthFlowProvider,
+  AuthPageWrapper,
+  CONSENT_SUBMITTED_VALUE,
+  DEFAULT_AUTH_MOUNT_ID,
+  DEFAULT_SUBMIT_METHOD,
+  WIRE_TRUE,
+  getAddedItems,
+  getAuthFlow,
+  mountAuthPage,
+  setAuthNavigator,
+  submitExtra,
+  submitFinish,
+  tryGetAuthFlow,
+  useAddedItems,
+  useAuthFlow,
+  useExtraField
+};

package/esm/auth/vanilla/index.mjs

@@ -0,0 +1,228 @@
+// libs/ui/src/auth/contract.ts
+var AUTH_FLOW_GLOBAL_KEY = "__FRONTMCP_AUTH__";
+var DEFAULT_SUBMIT_METHOD = "GET";
+var AUTH_WIRE_FIELDS = {
+  /** Pending authorization id. */
+  pendingAuthId: "pending_auth_id",
+  /** Anti-CSRF token. */
+  csrf: "csrf",
+  /** Marks a consent-form submission (distinguishes empty-select from first visit). */
+  consentSubmitted: "consent_submitted",
+  /** Repeated checkbox field carrying selected tool ids on the consent slot. */
+  tools: "tools",
+  /** Marks a federated submission. */
+  federated: "federated",
+  /** Repeated checkbox field carrying selected provider ids on the federated slot. */
+  providers: "providers",
+  /** Marks an incremental authorization. */
+  incremental: "incremental",
+  /** Target app id for incremental authorization. */
+  appId: "app_id",
+  /** Generic action discriminator (e.g. consent `authorize`/`skip`, or an extra name). */
+  action: "action"
+};
+var CONSENT_SUBMITTED_VALUE = "1";
+var WIRE_TRUE = "true";
+var AUTH_EXTRA_FIELD = AUTH_WIRE_FIELDS.action;
+var DEFAULT_AUTH_MOUNT_ID = "frontmcp-auth-root";
+
+// libs/ui/src/auth/vanilla/auth-flow.ts
+function getGlobalCarrier() {
+  if (typeof window !== "undefined") {
+    return window;
+  }
+  return globalThis;
+}
+function getAuthFlow() {
+  const state = tryGetAuthFlow();
+  if (!state) {
+    throw new Error(
+      `[auth-ui] No injected auth flow state found on window.${AUTH_FLOW_GLOBAL_KEY}. This page must be server-rendered by a FrontMCP @AuthUi slot.`
+    );
+  }
+  return state;
+}
+function tryGetAuthFlow() {
+  const carrier = getGlobalCarrier();
+  const state = carrier?.[AUTH_FLOW_GLOBAL_KEY];
+  if (!state || typeof state !== "object") {
+    return void 0;
+  }
+  return state;
+}
+function getAddedItems(name) {
+  const items = tryGetAuthFlow()?.addedItems?.[name];
+  return Array.isArray(items) ? items : [];
+}
+function toEntries(input) {
+  if (!input) {
+    return [];
+  }
+  if (isFormElement(input)) {
+    return formDataToEntries(new FormData(input));
+  }
+  if (typeof FormData !== "undefined" && input instanceof FormData) {
+    return formDataToEntries(input);
+  }
+  const entries = [];
+  for (const [key, value] of Object.entries(input)) {
+    if (value === void 0 || value === null) {
+      continue;
+    }
+    if (Array.isArray(value)) {
+      for (const v of value) {
+        if (v !== void 0 && v !== null) {
+          entries.push([key, String(v)]);
+        }
+      }
+    } else {
+      entries.push([key, String(value)]);
+    }
+  }
+  return entries;
+}
+function formDataToEntries(fd) {
+  const entries = [];
+  fd.forEach((value, key) => {
+    if (typeof value === "string") {
+      entries.push([key, value]);
+    }
+  });
+  return entries;
+}
+function isFormElement(input) {
+  return typeof input === "object" && // `nodeName` + a `FormData`-constructible shape is enough; avoids requiring
+  // a live `HTMLFormElement` global (jsdom provides one, node does not).
+  input.nodeName === "FORM";
+}
+function buildGetUrl(base, entries) {
+  const origin = typeof window !== "undefined" && window.location ? window.location.origin : void 0;
+  const url = origin ? new URL(base, origin) : new URL(base, "http://localhost");
+  for (const [key, value] of entries) {
+    url.searchParams.append(key, value);
+  }
+  if (!origin && !/^https?:\/\//i.test(base)) {
+    return `${url.pathname}${url.search}`;
+  }
+  return url.toString();
+}
+function buildUrlEncodedBody(entries) {
+  const params = new URLSearchParams();
+  for (const [key, value] of entries) {
+    params.append(key, value);
+  }
+  return params.toString();
+}
+function withControlFields(state, entries, markers) {
+  const present = new Set(entries.map(([k]) => k));
+  const merged = [...entries];
+  const ensure = (key, value) => {
+    if (value !== void 0 && !present.has(key)) {
+      merged.push([key, value]);
+      present.add(key);
+    }
+  };
+  ensure(AUTH_WIRE_FIELDS.pendingAuthId, state.pendingAuthId);
+  ensure(AUTH_WIRE_FIELDS.csrf, state.csrfToken);
+  for (const [key, value] of markers) {
+    ensure(key, value);
+  }
+  return merged;
+}
+function finishMarkers(state) {
+  switch (state.slot) {
+    case "consent":
+      return [[AUTH_WIRE_FIELDS.consentSubmitted, CONSENT_SUBMITTED_VALUE]];
+    default:
+      return [];
+  }
+}
+async function dispatch(method, url, entries) {
+  if (typeof fetch !== "function") {
+    throw new Error("[auth-ui] global fetch is unavailable in this environment");
+  }
+  if (method === "GET") {
+    return fetch(buildGetUrl(url, entries), {
+      method: "GET",
+      credentials: "same-origin",
+      headers: { Accept: "application/json, text/html" }
+    });
+  }
+  return fetch(url, {
+    method: "POST",
+    credentials: "same-origin",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json, text/html"
+    },
+    body: buildUrlEncodedBody(entries)
+  });
+}
+var defaultNavigator = (url) => {
+  if (typeof window !== "undefined" && window.location) {
+    window.location.assign(url);
+  }
+};
+var currentNavigator = defaultNavigator;
+function setAuthNavigator(navigator) {
+  currentNavigator = navigator ?? defaultNavigator;
+}
+async function submitFinish(formOrData, options = {}) {
+  const state = options.state ?? getAuthFlow();
+  if (!state.submitUrl) {
+    throw new Error("[auth-ui] submitFinish called but the injected flow state has no submitUrl");
+  }
+  const method = state.submitMethod ?? DEFAULT_SUBMIT_METHOD;
+  const entries = withControlFields(state, toEntries(formOrData), finishMarkers(state));
+  const response = await dispatch(method, state.submitUrl, entries);
+  const shouldNavigate = options.navigate ?? (typeof window !== "undefined" && !!window.location);
+  if (shouldNavigate && response.redirected && response.url) {
+    currentNavigator(response.url);
+  }
+  return response;
+}
+async function submitExtra(name, data, state) {
+  const flow = state ?? getAuthFlow();
+  const target = flow.extraUrl ?? flow.submitUrl;
+  if (!target) {
+    throw new Error("[auth-ui] submitExtra called but the injected flow state has no extraUrl/submitUrl");
+  }
+  const markers = flow.extraUrl ? [] : [[AUTH_EXTRA_FIELD, name]];
+  const entries = withControlFields(flow, toEntries(data), markers);
+  const response = await dispatch("POST", target, entries);
+  return parseExtraResponse(response);
+}
+async function parseExtraResponse(response) {
+  const contentType = response.headers.get("content-type") ?? "";
+  if (contentType.includes("application/json")) {
+    try {
+      const body = await response.json();
+      return {
+        ok: body.ok ?? response.ok,
+        error: typeof body.error === "string" ? body.error : void 0,
+        addedItems: body.addedItems && typeof body.addedItems === "object" ? body.addedItems : void 0,
+        sideEffects: body.sideEffects && typeof body.sideEffects === "object" ? body.sideEffects : void 0
+      };
+    } catch {
+    }
+  }
+  if (response.ok) {
+    return { ok: true };
+  }
+  return { ok: false, error: `Request failed with status ${response.status}` };
+}
+export {
+  AUTH_EXTRA_FIELD,
+  AUTH_FLOW_GLOBAL_KEY,
+  AUTH_WIRE_FIELDS,
+  CONSENT_SUBMITTED_VALUE,
+  DEFAULT_AUTH_MOUNT_ID,
+  DEFAULT_SUBMIT_METHOD,
+  WIRE_TRUE,
+  getAddedItems,
+  getAuthFlow,
+  setAuthNavigator,
+  submitExtra,
+  submitFinish,
+  tryGetAuthFlow
+};

package/esm/bridge/index.mjs

@@ -455,6 +455,14 @@ var FrontMcpBridge = class {
     const adapter = this._ensureInitialized();
     return adapter.requestDisplayMode(mode);
   }
+  /**
+   * Report a desired widget size to the host.
+   * @param size - Desired widget dimensions
+   */
+  async setSize(size) {
+    const adapter = this._ensureInitialized();
+    return adapter.setSize(size);
+  }
   /**
    * Request widget close.
    */
@@ -673,6 +681,8 @@ var BaseAdapter = class {
     }
     throw new Error("requestDisplayMode not implemented");
   }
+  async setSize(_size) {
+  }
   async requestClose() {
   }
   setWidgetState(state) {
@@ -951,6 +961,23 @@ var OpenAIAdapter = class extends BaseAdapter {
     await this._openai.canvas.setDisplayMode(mode);
     this._hostContext = { ...this._hostContext, displayMode: mode };
   }
+  /**
+   * Report a desired widget size to ChatGPT.
+   *
+   * The Apps SDK normally measures DOM height itself, so this forwards to the
+   * SDK's sizing API only when one is exposed (`setWidgetHeight`) and otherwise
+   * no-ops. A `displayMode` hint is forwarded to `setDisplayMode`.
+   */
+  async setSize(size) {
+    const canvas = this._openai?.canvas;
+    if (!canvas) return;
+    if (size.displayMode && canvas.setDisplayMode) {
+      await canvas.setDisplayMode(size.displayMode);
+    }
+    if (typeof size.height === "number" && canvas.setWidgetHeight) {
+      await canvas.setWidgetHeight(size.height);
+    }
+  }
   async requestClose() {
     if (this._openai?.canvas?.close) {
       await this._openai.canvas.close();
@@ -1103,6 +1130,17 @@ var ExtAppsAdapter = class extends BaseAdapter {
     await this._sendRequest("ui/setDisplayMode", { mode });
     this._hostContext = { ...this._hostContext, displayMode: mode };
   }
+  /**
+   * Report a desired widget size to the host via the FrontMCP `ui/setSize`
+   * request (parallels `ui/setDisplayMode`).
+   */
+  async setSize(size) {
+    await this._sendRequest("ui/setSize", {
+      height: size.height,
+      width: size.width,
+      aspectRatio: size.aspectRatio
+    });
+  }
   async requestClose() {
     await this._sendRequest("ui/close", {});
   }

package/esm/index.mjs

@@ -449,6 +449,14 @@ var FrontMcpBridge = class {
     const adapter = this._ensureInitialized();
     return adapter.requestDisplayMode(mode);
   }
+  /**
+   * Report a desired widget size to the host.
+   * @param size - Desired widget dimensions
+   */
+  async setSize(size) {
+    const adapter = this._ensureInitialized();
+    return adapter.setSize(size);
+  }
   /**
    * Request widget close.
    */