@gavdi/cap-mcp 0.9.9-alpha.3 → 0.10.0

package/lib/mcp/customResourceTemplate.js

@@ -1,156 +0,0 @@
-"use strict";
-/**
- * Custom URI template implementation that fixes the MCP SDK's broken
- * URI template matching for grouped query parameters.
- *
- * This is duck typing implementation of the ResourceTemplate class.
- * See @modelcontextprotocol/sdk/server/mcp.js
- *
- * This is only a temporary solution, as we should use the official implementation from the SDK
- * Upon the SDK being fixed, we should switch over to that implementation.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.CustomResourceTemplate = exports.CustomUriTemplate = void 0;
-// TODO: Get rid of 'any' typing
-/**
- * Custom URI template class that properly handles grouped query parameters
- * in the format {?param1,param2,param3}
- */
-class CustomUriTemplate {
-    template;
-    baseUri = "";
-    queryParams = [];
-    constructor(template) {
-        this.template = template;
-        this.parseTemplate();
-    }
-    toString() {
-        return this.template;
-    }
-    parseTemplate() {
-        // Extract base URI and query parameters from template
-        // Template format: odata://CatalogService/books{?filter,orderby,select,skip,top}
-        const queryTemplateMatch = this.template.match(/^([^{]+)\{\?([^}]+)\}$/);
-        if (!queryTemplateMatch) {
-            // No query parameters, treat as static URI
-            this.baseUri = this.template;
-            this.queryParams = [];
-            return;
-        }
-        this.baseUri = queryTemplateMatch[1];
-        this.queryParams = queryTemplateMatch[2]
-            .split(",")
-            .map((param) => param.trim())
-            .filter((param) => param.length > 0);
-    }
-    /**
-     * Matches a URI against this template and extracts variables
-     * @param uri The URI to match
-     * @returns Object with extracted variables or null if no match
-     */
-    match(uri) {
-        // Check if base URI matches
-        if (!uri.startsWith(this.baseUri)) {
-            return null;
-        }
-        // Extract query string
-        const queryStart = uri.indexOf("?");
-        if (queryStart === -1) {
-            // No query parameters in URI
-            if (this.queryParams.length === 0) {
-                return {}; // Static URI match
-            }
-            // Template expects query params but URI has none - still valid for optional params
-            return {};
-        }
-        const queryString = uri.substring(queryStart + 1);
-        const queryPairs = queryString.split("&");
-        const extractedVars = {};
-        // Parse query parameters with strict validation
-        for (const pair of queryPairs) {
-            const equalIndex = pair.indexOf("=");
-            if (equalIndex > 0) {
-                const key = pair.substring(0, equalIndex);
-                const value = pair.substring(equalIndex + 1);
-                if (key && value !== undefined) {
-                    const decodedKey = decodeURIComponent(key);
-                    const decodedValue = decodeURIComponent(value);
-                    // SECURITY: Reject entire URI if ANY unauthorized parameter is present
-                    if (!this.queryParams.includes(decodedKey)) {
-                        return null; // Unauthorized parameter found - reject entire URI
-                    }
-                    extractedVars[decodedKey] = decodedValue;
-                }
-            }
-            else if (pair.trim().length > 0) {
-                // Handle malformed parameters (missing = or empty key)
-                // SECURITY: Reject malformed query parameters
-                return null;
-            }
-        }
-        // For static templates (no parameters allowed), reject any query string
-        if (this.queryParams.length === 0 && queryString.trim().length > 0) {
-            return null;
-        }
-        return extractedVars;
-    }
-    /**
-     * Expands the template with given variables
-     * @param variables Object containing variable values
-     * @returns Expanded URI string
-     */
-    expand(variables) {
-        if (this.queryParams.length === 0) {
-            return this.baseUri;
-        }
-        const queryPairs = [];
-        for (const param of this.queryParams) {
-            const value = variables[param];
-            if (value !== undefined && value !== null && value !== "") {
-                queryPairs.push(`${encodeURIComponent(param)}=${encodeURIComponent(value)}`);
-            }
-        }
-        if (queryPairs.length === 0) {
-            return this.baseUri;
-        }
-        return `${this.baseUri}?${queryPairs.join("&")}`;
-    }
-    /**
-     * Gets the variable names from the template
-     */
-    get variableNames() {
-        return [...this.queryParams];
-    }
-}
-exports.CustomUriTemplate = CustomUriTemplate;
-/**
- * Custom ResourceTemplate that uses our CustomUriTemplate for proper URI matching
- * Duck-types the MCP SDK's ResourceTemplate interface for compatibility
- */
-class CustomResourceTemplate {
-    _uriTemplate;
-    _callbacks;
-    constructor(uriTemplate, callbacks) {
-        this._callbacks = callbacks;
-        this._uriTemplate = new CustomUriTemplate(uriTemplate);
-    }
-    /**
-     * Gets the URI template pattern - must match MCP SDK interface
-     */
-    get uriTemplate() {
-        return this._uriTemplate;
-    }
-    /**
-     * Gets the list callback, if one was provided
-     */
-    get listCallback() {
-        return this._callbacks.list;
-    }
-    /**
-     * Gets the callback for completing a specific URI template variable
-     */
-    completeCallback(variable) {
-        return this._callbacks.complete?.[variable];
-    }
-}
-exports.CustomResourceTemplate = CustomResourceTemplate;

package/lib/types.js

@@ -1,2 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });

package/lib/utils.js

@@ -1,136 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.MCP_SESSION_HEADER = exports.LOGGER = void 0;
-exports.createMcpServer = createMcpServer;
-exports.handleMcpSessionRequest = handleMcpSessionRequest;
-exports.parseEntityElements = parseEntityElements;
-const mcp_js_1 = require("@modelcontextprotocol/sdk/server/mcp.js");
-const zod_1 = require("zod");
-const structures_1 = require("./annotations/structures");
-/* @ts-ignore */
-const cds = global.cds || require("@sap/cds"); // This is a work around for missing cds context
-exports.LOGGER = cds.log("cds-mcp");
-exports.MCP_SESSION_HEADER = "mcp-session-id";
-function createMcpServer(annotations) {
-    const packageInfo = require("../package.json");
-    const server = new mcp_js_1.McpServer({
-        name: packageInfo.name,
-        version: packageInfo.version,
-        capabilities: {
-            tools: { listChanged: true },
-            resources: { listChanged: true },
-            prompts: { listChanged: true },
-        },
-    });
-    exports.LOGGER.debug("Annotations found for server = ", annotations);
-    if (!annotations)
-        return server;
-    // TODO: Handle the parsed annotations
-    // TODO: Error handling
-    // TODO: This should only be mapped once, not per each server instance. Maybe this should be pre-packaged on load?
-    for (const [_, v] of annotations.entries()) {
-        switch (v.constructor) {
-            case structures_1.McpToolAnnotation:
-                const model = v;
-                const parameters = buildParameters(model.parameters);
-                exports.LOGGER.debug("Adding tool", model);
-                if (model.entityKey) {
-                    const keys = buildParameters(model.keyTypeMap);
-                    server.tool(model.name, { ...keys, ...parameters }, async (data) => {
-                        const service = cds.services[model.serviceName];
-                        const received = data;
-                        const receivedKeys = {};
-                        const receivedParams = {};
-                        for (const [k, v] of Object.entries(received)) {
-                            if (model.keyTypeMap?.has(k)) {
-                                receivedKeys[k] = v;
-                            }
-                            if (!model.parameters?.has(k))
-                                continue;
-                            receivedParams[k] = v;
-                        }
-                        const response = await service.send({
-                            event: model.target,
-                            entity: model.entityKey,
-                            data: receivedParams,
-                            params: [receivedKeys],
-                        });
-                        return {
-                            content: Array.isArray(response)
-                                ? response.map((el) => ({ type: "text", text: String(el) }))
-                                : [{ type: "text", text: String(response) }], // TODO: This should be dynamic based on the return type
-                        };
-                    });
-                    continue;
-                }
-                server.tool(model.name, parameters, async (data) => {
-                    exports.LOGGER.debug("Tool call received, targeting service: ", model.serviceName, model.target);
-                    const service = cds.services[model.serviceName];
-                    const response = await service.send(model.target, data);
-                    exports.LOGGER.debug("MCP Tool response received and being packaged");
-                    return {
-                        content: Array.isArray(response)
-                            ? response.map((el) => ({ type: "text", text: String(el) }))
-                            : [{ type: "text", text: String(response) }], // TODO: This should be dynamic based on the return type
-                    };
-                });
-                continue;
-            case structures_1.McpResourceAnnotation:
-                exports.LOGGER.debug("This is a resource");
-                continue;
-            case structures_1.McpPromptAnnotation:
-                exports.LOGGER.debug("This is a prompt");
-                continue;
-            default:
-                exports.LOGGER.error("Invalid annotation data type");
-                throw new Error("Invalid annotation");
-        }
-    }
-    return server;
-}
-async function handleMcpSessionRequest(req, res, sessions) {
-    const sessionIdHeader = req.headers[exports.MCP_SESSION_HEADER];
-    if (!sessionIdHeader || !sessions.has(sessionIdHeader)) {
-        res.status(400).send("Invalid or missing session ID");
-        return;
-    }
-    const session = sessions.get(sessionIdHeader);
-    if (!session) {
-        res.status(400).send("Invalid session");
-        return;
-    }
-    await session.transport.handleRequest(req, res);
-}
-function parseEntityElements(entity) {
-    const elements = entity.elements;
-    if (!elements) {
-        exports.LOGGER.error("Invalid object - cannot be parsed", entity);
-        throw new Error("Failed to parse entity object");
-    }
-    const result = new Map();
-    for (const el of elements) {
-        if (!el.type)
-            continue;
-        result.set(el.name, el.type?.replace("cds.", ""));
-    }
-    return result;
-}
-function buildParameters(params) {
-    if (!params || params.size <= 0)
-        return {};
-    const result = {};
-    for (const [k, v] of params.entries()) {
-        result[k] = determineParameterType(v);
-    }
-    return result;
-}
-function determineParameterType(paramType) {
-    switch (paramType) {
-        case "String":
-            return zod_1.z.string();
-        case "Integer":
-            return zod_1.z.number();
-        default:
-            return zod_1.z.number();
-    }
-}