@gavdi/cap-mcp 0.9.9-alpha.3 → 0.10.0

package/README.md

@@ -120,6 +120,7 @@ This plugin transforms your annotated CAP services into a fully functional MCP s
 - **🔧 Tools**: Convert CAP functions and actions into executable MCP tools
 - **🧩 Entity Wrappers (optional)**: Expose CAP entities as tools (`query`, `get`, and optionally `create`, `update`) for LLM tool use while keeping resources intact
 - **💡 Prompts**: Define reusable prompt templates for AI interactions
+- **⚡ Elicitation**: Request user confirmation or input parameters before tool execution
 - **🔄 Auto-generation**: Automatically creates MCP server endpoints based on annotations
 - **⚙️ Flexible Configuration**: Support for custom parameter sets and descriptions
 
@@ -231,6 +232,52 @@ extend projection Books with actions {
 }
 ```
 
+#### Tool Elicitation
+
+Request user confirmation or input before tool execution using the `elicit` property:
+
+```cds
+// Request user confirmation before execution
+@mcp: {
+  name       : 'book-recommendation',
+  description: 'Get a random book recommendation',
+  tool       : true,
+  elicit     : ['confirm']
+}
+function getBookRecommendation() returns String;
+
+// Request user input for parameters
+@mcp: {
+  name       : 'get-author',
+  description: 'Gets the desired author',
+  tool       : true,
+  elicit     : ['input']
+}
+function getAuthor(id: String) returns String;
+
+// Request both input and confirmation
+@mcp: {
+  name       : 'books-by-author',
+  description: 'Gets a list of books made by the author',
+  tool       : true,
+  elicit     : ['input', 'confirm']
+}
+function getBooksByAuthor(authorName: String) returns array of String;
+```
+
+> NOTE: Elicitation is only available for direct tools at this moment. Wrapped entities are not covered by this.
+
+**Elicit Types:**
+- **`confirm`**: Requests user confirmation before executing the tool with a yes/no prompt
+- **`input`**: Prompts the user to provide values for the tool's parameters
+- **Combined**: Use both `['input', 'confirm']` to first collect parameters, then ask for confirmation
+
+**User Experience:**
+- **Confirmation**: "Please confirm that you want to perform action 'Get a random book recommendation'"
+- **Input**: "Please fill out the required parameters" with a form for each parameter
+- **User Actions**: Accept, decline, or cancel the elicitation request
+- **Early Exit**: Tools return appropriate messages if declined or cancelled
+
 ### Prompt Templates
 
 Define reusable AI prompt templates:
@@ -550,24 +597,7 @@ npm test -- --testPathPattern=integration
 ## 🚨 Performance & Limitations
 
 ### Known Limitations
-
-#### No Interactive Authentication Support
-**The plugin currently does NOT support interactive OAuth flows** that allow end-users to log in through MCP clients like Claude Desktop, Cursor, or other consumer MCP applications.
-
-**What this means:**
-- ✅ Works with custom MCP clients that can inject pre-obtained bearer tokens
-- ✅ Works in development with `dummy` authentication  
-- ❌ **Does NOT work with Claude Desktop, Cursor, or similar clients expecting OAuth login flows**
-- ❌ End-users cannot authenticate interactively when connecting
-
-**Technical Context:** This limitation exists due to architectural constraints in the current Model Context Protocol SDK. The MCP community is actively working on a solution that would enable proper interactive authentication flows, but no timeline has been announced. This is expected to be resolved in the second half of 2025.
-
-**Workarounds:**
-- **For Development**: Use `"auth": { "kind": "dummy" }` in your CAP configuration
-- **For Production**: Custom MCP clients must obtain valid bearer tokens through your CAP application's existing authentication flow and include them in requests as `Authorization: Bearer <token>`
-
-#### SDK Bug
-- **Dynamic Resource Queries**: Require all query parameters due to `@modelcontextprotocol/sdk` RFC template string issue
+- **SDK Bug**: Dynamic resource queries require all query parameters due to `@modelcontextprotocol/sdk` RFC template string issue
 
 ### Performance Considerations
 - **Large Datasets**: Use `resource: ['top']` or similar constraints for entities with many records

package/lib/annotations/constants.js

@@ -27,6 +27,8 @@ exports.MCP_ANNOTATION_PROPS = {
     MCP_PROMPT: "@mcp.prompts",
     /** Wrapper configuration for exposing entities as tools */
     MCP_WRAP: "@mcp.wrap",
+    /** Elicited user input annotation for tools in CAP services */
+    MCP_ELICIT: "@mcp.elicit",
 };
 /**
  * Set of annotations used for CDS auth annotations

package/lib/annotations/parser.js

@@ -26,6 +26,13 @@ function parseDefinitions(model) {
         if (!parsedAnnotations || !(0, utils_1.containsRequiredAnnotations)(parsedAnnotations)) {
             continue; // This check must occur here, since we do want the bound operations even if the parent is not annotated
         }
+        // Set the target in annotations for error reporting
+        if (parsedAnnotations) {
+            parsedAnnotations.target = key;
+        }
+        if (!(0, utils_1.containsRequiredElicitedParams)(parsedAnnotations)) {
+            continue; // Really doesn't do anything as the method will throw if the implementation is invalid
+        }
         const verifiedAnnotations = parsedAnnotations;
         switch (def.kind) {
             case "entity":
@@ -97,6 +104,9 @@ function parseAnnotations(definition) {
                 // Wrapper container to expose resources as tools
                 annotations.wrap = v;
                 continue;
+            case constants_1.MCP_ANNOTATION_PROPS.MCP_ELICIT:
+                annotations.elicit = v;
+                continue;
             case constants_1.CDS_AUTH_ANNOTATIONS.REQUIRES:
                 annotations.requires = v;
                 continue;
@@ -139,7 +149,7 @@ function constructToolAnnotation(serviceName, target, annotations, entityKey, ke
         return undefined;
     const { parameters, operationKind } = (0, utils_1.parseOperationElements)(annotations);
     const restrictions = (0, utils_1.parseCdsRestrictions)(annotations.restrict, annotations.requires);
-    return new structures_1.McpToolAnnotation(annotations.name, annotations.description, target, serviceName, parameters, entityKey, operationKind, keyParams, restrictions);
+    return new structures_1.McpToolAnnotation(annotations.name, annotations.description, target, serviceName, parameters, entityKey, operationKind, keyParams, restrictions, annotations.elicit);
 }
 /**
  * Constructs a prompt annotation from parsed annotation data
@@ -172,7 +182,13 @@ function parseBoundOperations(serviceName, entityKey, definition, resultRef) {
         if (v.kind !== "function" && v.kind !== "action")
             continue;
         const parsedAnnotations = parseAnnotations(v);
-        if (!parsedAnnotations || !(0, utils_1.containsRequiredAnnotations)(parsedAnnotations)) {
+        // Set the target in annotations for error reporting
+        if (parsedAnnotations) {
+            parsedAnnotations.target = k;
+        }
+        if (!parsedAnnotations ||
+            !(0, utils_1.containsRequiredAnnotations)(parsedAnnotations) ||
+            !(0, utils_1.containsRequiredElicitedParams)(parsedAnnotations)) {
             continue;
         }
         const verifiedAnnotations = parsedAnnotations;

package/lib/annotations/structures.js

@@ -142,6 +142,8 @@ class McpToolAnnotation extends McpAnnotation {
     _operationKind;
     /** Map of key field names to their types for bound operations */
     _keyTypeMap;
+    /** Elicited user input object */
+    _elicits;
     /**
      * Creates a new MCP tool annotation
      * @param name - Unique identifier for this tool
@@ -153,13 +155,15 @@ class McpToolAnnotation extends McpAnnotation {
      * @param operationKind - Optional operation type ('function' or 'action')
      * @param keyTypeMap - Optional map of key fields to types for bound operations
      * @param restrictions - Optional restrictions based on CDS roles
+     * @param elicits - Optional elicited input requirement
      */
-    constructor(name, description, operation, serviceName, parameters, entityKey, operationKind, keyTypeMap, restrictions) {
+    constructor(name, description, operation, serviceName, parameters, entityKey, operationKind, keyTypeMap, restrictions, elicits) {
         super(name, description, operation, serviceName, restrictions ?? []);
         this._parameters = parameters;
         this._entityKey = entityKey;
         this._operationKind = operationKind;
         this._keyTypeMap = keyTypeMap;
+        this._elicits = elicits;
     }
     /**
      * Gets the map of function parameters to their CDS types
@@ -189,6 +193,13 @@ class McpToolAnnotation extends McpAnnotation {
     get keyTypeMap() {
         return this._keyTypeMap;
     }
+    /**
+     * Gets the elicited user input if any is required for the tool
+     * @returns Elicited user input object
+     */
+    get elicits() {
+        return this._elicits;
+    }
 }
 exports.McpToolAnnotation = McpToolAnnotation;
 /**

package/lib/annotations/utils.js

@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.splitDefinitionName = splitDefinitionName;
 exports.containsMcpAnnotation = containsMcpAnnotation;
 exports.containsRequiredAnnotations = containsRequiredAnnotations;
+exports.containsRequiredElicitedParams = containsRequiredElicitedParams;
 exports.isValidResourceAnnotation = isValidResourceAnnotation;
 exports.isValidToolAnnotation = isValidToolAnnotation;
 exports.isValidPromptsAnnotation = isValidPromptsAnnotation;
@@ -55,6 +56,21 @@ function containsRequiredAnnotations(annotations) {
     }
     return true;
 }
+/**
+ * Validates that the required params for MCP elicited user input annotations are valid
+ * @param annotations - The annotation structure to validate
+ * @returns True if valid, throw error if invalid
+ * @throws Error if required annotations are missing
+ */
+function containsRequiredElicitedParams(annotations) {
+    if (!annotations.elicit)
+        return true;
+    const param = annotations.elicit;
+    if (!param || param?.length <= 0) {
+        throw new Error(`Invalid annotation '${annotations.target}' - Incomplete elicited user input`);
+    }
+    return true;
+}
 /**
  * Validates a resource annotation structure
  * @param annotations - The annotation structure to validate

package/lib/auth/handler.js

@@ -2,11 +2,8 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.authHandlerFactory = authHandlerFactory;
 exports.errorHandlerFactory = errorHandlerFactory;
-const logger_1 = require("../logger");
 /** JSON-RPC 2.0 error code for unauthorized requests */
 const RPC_UNAUTHORIZED = 10;
-/** HTTP Authenticate header **/
-const WWW_AUTHENTICATE = "WWW-Authenticate";
 /* @ts-ignore */
 const cds = global.cds || require("@sap/cds"); // This is a work around for missing cds context
 /**
@@ -34,15 +31,9 @@ const cds = global.cds || require("@sap/cds"); // This is a work around for miss
  * @throws {500} When CAP context is not properly loaded
  */
 function authHandlerFactory() {
+    const authKind = cds.env.requires.auth.kind;
     return (req, res, next) => {
-        const auth = cds.env.requires.auth;
-        const authKind = auth.kind;
-        const credentials = auth.credentials;
         if (!req.headers.authorization && authKind !== "dummy") {
-            logger_1.LOGGER.warn("No valid authorization header provided");
-            // We need to return a WWW-Authenticate response header here with .well-known metadata
-            // Otherwise the MCP client will not be able to figure out the auth flow
-            res.setHeader(WWW_AUTHENTICATE, `Bearer error='"invalid_token", resource_metadata="${credentials?.url}/.well-known/oauth-protected-resource"`);
             res.status(401).json({
                 jsonrpc: "2.0",
                 error: {
@@ -67,9 +58,6 @@ function authHandlerFactory() {
         }
         const user = ctx.user;
         if (!user || user === cds.User.anonymous) {
-            // We need to return a WWW-Authenticate response header here with .well-known metadata
-            // Otherwise the MCP client will not be able to figure out the auth flow
-            res.setHeader(WWW_AUTHENTICATE, `Bearer error='"invalid_token", resource_metadata="${credentials?.url}/.well-known/oauth-protected-resource"`);
             res.status(401).json({
                 jsonrpc: "2.0",
                 error: {

package/lib/auth/utils.js

@@ -6,10 +6,30 @@ exports.registerAuthMiddleware = registerAuthMiddleware;
 exports.hasToolOperationAccess = hasToolOperationAccess;
 exports.getWrapAccesses = getWrapAccesses;
 const handler_1 = require("./handler");
+const proxyProvider_js_1 = require("@modelcontextprotocol/sdk/server/auth/providers/proxyProvider.js");
 const router_js_1 = require("@modelcontextprotocol/sdk/server/auth/router.js");
-const logger_1 = require("../logger");
+/**
+ * @fileoverview Authentication utilities for MCP-CAP integration.
+ *
+ * This module provides utilities for integrating CAP authentication with MCP servers.
+ * It supports all standard CAP authentication types and provides functions for:
+ * - Determining authentication status
+ * - Managing user access rights
+ * - Registering authentication middleware
+ *
+ * Supported CAP authentication types:
+ * - 'dummy': No authentication (privileged access)
+ * - 'mocked': Mock users with predefined credentials
+ * - 'basic': HTTP Basic Authentication
+ * - 'jwt': Generic JWT token validation
+ * - 'xsuaa': SAP BTP XSUAA OAuth2/JWT authentication
+ * - 'ias': SAP Identity Authentication Service
+ * - Custom string types for user-defined authentication strategies
+ *
+ * Access CAP auth configuration via: cds.env.requires.auth.kind
+ */
 /* @ts-ignore */
-const cds = global.cds || require("@sap/cds"); // Use hosting app's CDS instance exclusively
+const cds = global.cds || require("@sap/cds"); // This is a work around for missing cds context
 /**
  * Determines whether authentication is enabled for the MCP plugin.
  *
@@ -97,8 +117,7 @@ function getAccessRights(authEnabled) {
  * @since 1.0.0
  */
 function registerAuthMiddleware(expressApp) {
-    logger_1.LOGGER.debug("Configuring auth middleware");
-    const middlewares = cds.middlewares?.before || []; // Handle missing middlewares gracefully
+    const middlewares = cds.middlewares.before; // No types exists for this part of the CDS library
     // Build array of auth middleware to apply
     const authMiddleware = [];
     // Add CAP middleware
@@ -113,10 +132,8 @@ function registerAuthMiddleware(expressApp) {
     authMiddleware.push((0, handler_1.authHandlerFactory)());
     // Apply auth middleware to all /mcp routes EXCEPT health
     expressApp?.use(/^\/mcp(?!\/health).*/, ...authMiddleware);
-    // Note: .well-known/oauth-authorization-server endpoint is automatically created by mcpAuthRouter
-    // Configure OAuth proxy for enterprise authentication scenarios
+    // Then finally we add the oauth proxy to the xsuaa instance
     configureOAuthProxy(expressApp);
-    logger_1.LOGGER.debug("Auth middleware configured");
 }
 /**
  * Configures OAuth proxy middleware for enterprise authentication scenarios.
@@ -129,7 +146,6 @@ function registerAuthMiddleware(expressApp) {
  * - Access token verification and validation
  * - Client credential management
  * - Integration with CAP authentication configuration
- * - Dynamic client registration for MCP clients
  *
  * The OAuth proxy is only configured for enterprise authentication types
  * (jwt, xsuaa, ias) and skips configuration for basic auth types.
@@ -159,86 +175,42 @@ function configureOAuthProxy(expressApp) {
     const config = cds.env.requires.auth;
     const kind = config.kind;
     const credentials = config.credentials;
-    logger_1.LOGGER.debug("Running auth with configuration kind", kind);
     // Safety guard - skip OAuth proxy for basic auth types
-    if (kind === "dummy" || kind === "mocked" || kind === "basic") {
-        logger_1.LOGGER.debug("Skipping OAuth proxy for auth type:", kind);
+    if (kind === "dummy" || kind === "mocked" || kind === "basic")
         return;
-    }
-    if (!credentials ||
+    else if (!credentials ||
         !credentials.clientid ||
         !credentials.clientsecret ||
         !credentials.url) {
-        logger_1.LOGGER.warn("OAuth proxy skipped - missing required XSUAA credentials");
-        return; // Don't throw error, just skip OAuth proxy
+        throw new Error("Invalid security credentials");
     }
-    logger_1.LOGGER.debug("Configuring OAuth proxy with XSUAA endpoints");
-    const baseUrl = process.env.MCP_BASE_URL ||
-        process.env.MCP_SERVER_URL ||
-        "http://localhost:4004";
-    // const proxyProvider = new ProxyOAuthServerProvider({
-    //   endpoints: {
-    //     authorizationUrl: `${credentials.url}/oauth/authorize`,
-    //     tokenUrl: `${credentials.url}/oauth/token`,
-    //     revocationUrl: `${credentials.url}/oauth/revoke`,
-    //   },
-    //   verifyAccessToken: async (token: string) => {
-    //     try {
-    //       LOGGER.debug("OAuth proxy: verifyAccessToken called");
-    //
-    //       // Use CAP's built-in JWT verification for XSUAA
-    //       const decoded = await cds.auth.jwt.verify(token);
-    //       LOGGER.debug(
-    //         "Token decoded successfully for client:",
-    //         decoded.client_id || decoded.azp,
-    //       );
-    //
-    //       return {
-    //         token,
-    //         clientId: decoded.client_id || decoded.azp,
-    //         scopes: decoded.scope?.split(" ") || [],
-    //         userId: decoded.sub,
-    //         expiresAt: decoded.exp, // Unix timestamp, not Date object
-    //       };
-    //     } catch (error) {
-    //       LOGGER.error("Token verification failed:", error);
-    //       throw new Error("Invalid access token");
-    //     }
-    //   },
-    //   getClient: async (client_id: string) => {
-    //     LOGGER.debug("OAuth proxy: Dynamic client registration requested");
-    //
-    //     return {
-    //       client_secret: credentials.clientsecret as string,
-    //       client_id,
-    //       redirect_uris: [
-    //         `${baseUrl}/oauth/callback`,
-    //         `${baseUrl}/mcp/oauth/callback`,
-    //         "http://localhost:3000/callback", // Claude Desktop default
-    //         "http://localhost:3000/auth/callback", // Alternative format
-    //       ],
-    //     };
-    //   },
-    // });
-    expressApp.use((0, router_js_1.mcpAuthMetadataRouter)({
-        oauthMetadata: {
-            issuer: credentials.url,
-            authorization_endpoint: `${credentials.url}/oauth/authorize`,
-            token_endpoint: `${credentials.url}/oauth/token`,
-            response_types_supported: ["code", "token"],
-            grant_types_supported: [
-                "authorization_code",
-                "client_credentials",
-                "urn:ietf:params:oauth:grant-type:jwt-bearer",
-                "refresh_token"
-            ],
-            token_endpoint_auth_methods_supported: ["client_secret_post", "client_secret_basic"],
-            code_challenge_methods_supported: ["S256"]
+    const proxyProvider = new proxyProvider_js_1.ProxyOAuthServerProvider({
+        endpoints: {
+            authorizationUrl: `${credentials.url}/oauth/authorize`,
+            tokenUrl: `${credentials.url}/oauth/token`,
+            revocationUrl: `${credentials.url}/oauth/revoke`,
+        },
+        verifyAccessToken: async (token) => {
+            return {
+                token,
+                clientId: credentials.clientid,
+                scopes: ["uaa.resource"],
+            };
         },
+        getClient: async (client_id) => {
+            return {
+                client_secret: credentials.clientsecret,
+                client_id,
+                redirect_uris: ["http://localhost:3000/callback"], // Temporary value for now
+            };
+        },
+    });
+    expressApp.use((0, router_js_1.mcpAuthRouter)({
+        provider: proxyProvider,
+        issuerUrl: new URL(credentials.url),
+        //baseUrl: new URL(""), // I have left this out for the time being due to the defaulting to issuer
         serviceDocumentationUrl: new URL("https://docs.cloudfoundry.org/api/uaa/version/77.34.0/index.html#authorization"),
-        resourceServerUrl: new URL(baseUrl),
     }));
-    logger_1.LOGGER.info("OAuth proxy configured successfully for XSUAA integration");
 }
 /**
  * Checks whether the requesting user's access matches that of the roles required

package/lib/mcp/describe-model.js

@@ -61,7 +61,11 @@ function registerDescribeModelTool(server) {
             }));
             const keys = elements.filter((e) => e.key).map((e) => e.name);
             const sampleTop = 5;
-            const shortFields = elements.slice(0, 5).map((e) => e.name);
+            // Prefer scalar fields for sample selects; exclude associations
+            const scalarFields = elements
+                .filter((e) => String(e.type).toLowerCase() !== "cds.association")
+                .map((e) => e.name);
+            const shortFields = scalarFields.slice(0, 5);
             // Match wrapper tool naming: Service_Entity_mode
             const entName = String(ent?.name || "entity");
             const svcPart = service || entName.split(".")[0] || "Service";
@@ -75,7 +79,7 @@ function registerDescribeModelTool(server) {
                 fields: elements,
                 usage: {
                     rationale: "Entity wrapper tools expose CRUD-like operations for LLMs. Prefer query/get globally; create/update must be explicitly enabled by the developer.",
-                    guidance: "Use the *_query tool for retrieval with filters and projections; use *_get with keys for a single record; use *_create/*_update only if enabled and necessary.",
+                    guidance: "Use the *_query tool for retrieval with filters and projections. All fields in select/where are consistent. For associations, use foreign key fields (e.g., author_ID not author). Use *_get with keys for a single record; use *_create/*_update only if enabled and necessary.",
                 },
                 examples: {
                     list_tool: listName,

package/lib/mcp/elicited-input.js

@@ -0,0 +1,162 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isElicitInput = isElicitInput;
+exports.constructElicitationFunctions = constructElicitationFunctions;
+exports.handleElicitationRequests = handleElicitationRequests;
+const zod_1 = require("zod");
+/**
+ * Message displayed to users when requesting input parameters
+ */
+const INPUT_MSG = "Please fill out the required parameters";
+/**
+ * Checks if the elicited input array contains an 'input' requirement
+ * @param elicits - Array of elicit types or undefined
+ * @returns True if 'input' elicitation is required, false otherwise
+ */
+function isElicitInput(elicits) {
+    return elicits ? elicits.includes("input") : false;
+}
+/**
+ * Constructs elicitation request parameters based on the tool annotation's elicit requirements
+ * @param model - MCP tool annotation containing elicit configuration
+ * @param params - Parameter definitions for the tool
+ * @returns Array of elicit request parameters for MCP server
+ * @throws Error if invalid elicitation type is encountered
+ */
+function constructElicitationFunctions(model, params) {
+    const result = [];
+    for (const el of model.elicits ?? []) {
+        switch (el) {
+            case "input":
+                result.push(constructElicitInput(params));
+                continue;
+            case "confirm":
+                result.push(contructElicitConfirm(model));
+                continue;
+            default:
+                throw new Error("Invalid elicitation type");
+        }
+    }
+    return result;
+}
+/**
+ * Processes multiple elicitation requests sequentially and handles user responses
+ * @param requests - Array of elicit request parameters or undefined
+ * @param server - MCP server instance for making elicit calls
+ * @returns Promise resolving to elicitation response with early exit or data
+ */
+async function handleElicitationRequests(requests, server) {
+    if (!requests || requests.length <= 0) {
+        return { earlyResponse: undefined };
+    }
+    let data = undefined;
+    for (const req of requests) {
+        const res = await server.server.elicitInput(req);
+        const earlyResponse = handleElicitResponse(res);
+        if (earlyResponse) {
+            return { earlyResponse };
+        }
+        if (req.message === INPUT_MSG) {
+            data = res.content;
+        }
+    }
+    return {
+        earlyResponse: undefined,
+        data,
+    };
+}
+/**
+ * Converts elicit response action into appropriate MCP result
+ * @param elicitResponse - Result from MCP server elicit input call
+ * @returns MCP result for decline/cancel actions, undefined for accept
+ * @throws Error if invalid response action is received
+ */
+function handleElicitResponse(elicitResponse) {
+    switch (elicitResponse.action) {
+        case "accept":
+            return undefined;
+        case "decline":
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: "Action was declined.",
+                    },
+                ],
+            };
+        case "cancel":
+            return {
+                content: [
+                    {
+                        type: "text",
+                        text: "Action was cancelled",
+                    },
+                ],
+            };
+        default:
+            throw new Error("Invalid elicit response received");
+    }
+}
+/**
+ * Determines the schema type for elicit input based on Zod parameter type
+ * @param param - Zod schema parameter to analyze
+ * @returns Corresponding elicit schema type string
+ * @throws Error if parameter type is not supported for elicitation
+ */
+function determineSchemaType(param) {
+    if (param instanceof zod_1.z.ZodBoolean) {
+        return "boolean";
+    }
+    else if (param instanceof zod_1.z.ZodString) {
+        return "string";
+    }
+    else if (param instanceof zod_1.z.ZodNumber) {
+        return "number";
+    }
+    throw new Error("Unsupported elicitation input type");
+}
+/**
+ * Constructs confirmation elicit request for tool execution
+ * @param model - MCP annotation model containing tool description
+ * @returns Elicit request parameters for user confirmation
+ */
+function contructElicitConfirm(model) {
+    return {
+        message: `Please confirm that you want to perform action '${model.description}'`,
+        requestedSchema: {
+            type: "object",
+            properties: {
+                confirm: {
+                    type: "boolean",
+                    title: "Confirmation",
+                    description: "Please confirm the action",
+                },
+            },
+            required: ["confirm"],
+        },
+    };
+}
+/**
+ * Constructs input elicit request for tool parameters
+ * @param params - Tool parameters definition with Zod schemas
+ * @returns Elicit request parameters for user input collection
+ */
+function constructElicitInput(params) {
+    const elicitSpec = {
+        message: INPUT_MSG,
+        requestedSchema: {
+            type: "object",
+            properties: {},
+            required: [],
+        },
+    };
+    for (const [key, zodType] of Object.entries(params)) {
+        elicitSpec.requestedSchema.required?.push(key);
+        elicitSpec.requestedSchema.properties[key] = {
+            type: determineSchemaType(zodType),
+            title: key,
+            description: key,
+        };
+    }
+    return elicitSpec;
+}