@inkeep/agents-core 0.41.2 → 0.43.0

package/dist/utils/service-token-auth.d.ts

@@ -1,6 +1,9 @@
+import { JwtVerifyResult } from "./jwt-helpers.js";
+
 //#region src/utils/service-token-auth.d.ts
+
 /**
- * Service Token JWT Claims
+ * Service Token JWT Claims (for agent-to-agent communication)
  */
 interface ServiceTokenPayload {
   /** Issuer - always 'inkeep-agents' */
@@ -30,48 +33,27 @@ interface GenerateServiceTokenParams {
 /**
  * Result of verifying a service token
  */
-interface VerifyServiceTokenResult {
-  valid: boolean;
-  payload?: ServiceTokenPayload;
-  error?: string;
-}
+type VerifyServiceTokenResult = JwtVerifyResult<ServiceTokenPayload>;
 /**
- * Generate a JWT token for team agent authentication
- * Token expires in 5 minutes
- *
- * @param params - Token generation parameters
- * @returns Signed JWT token string
+ * Generate a JWT token for agent-to-agent authentication.
+ * Token expires in 5 minutes.
  */
 declare function generateServiceToken(params: GenerateServiceTokenParams): Promise<string>;
 /**
  * Verify and decode a service JWT token
- *
- * @param token - JWT token string to verify
- * @returns Verification result with payload if valid
  */
 declare function verifyServiceToken(token: string): Promise<VerifyServiceTokenResult>;
 /**
- * Validate that the token's tenant ID matches the expected tenant
- * This prevents cross-tenant delegation attempts
- *
- * @param payload - Decoded token payload
- * @param expectedTenantId - The tenant ID to validate against
- * @returns true if tenant IDs match, false otherwise
+ * Validate that the token's tenant ID matches the expected tenant.
+ * This prevents cross-tenant delegation attempts.
  */
 declare function validateTenantId(payload: ServiceTokenPayload, expectedTenantId: string): boolean;
 /**
  * Validate that the token's target agent ID matches the expected agent
- *
- * @param payload - Decoded token payload
- * @param expectedTargetAgentId - The agent ID to validate against
- * @returns true if agent IDs match, false otherwise
  */
 declare function validateTargetAgent(payload: ServiceTokenPayload, expectedTargetAgentId: string): boolean;
 /**
  * Extract the Authorization header and verify the bearer token
- *
- * @param authHeader - The Authorization header value (e.g., "Bearer <token>")
- * @returns Verification result with payload if valid
  */
 declare function verifyAuthorizationHeader(authHeader: string | undefined): Promise<VerifyServiceTokenResult>;
 //#endregion

package/dist/utils/service-token-auth.js

@@ -1,40 +1,25 @@
-import { env } from "../env.js";
 import { getLogger } from "./logger.js";
-import { SignJWT, jwtVerify } from "jose";
+import { extractBearerToken, signJwt, verifyJwt } from "./jwt-helpers.js";
 
 //#region src/utils/service-token-auth.ts
 const logger = getLogger("service-token-auth");
+const ISSUER = "inkeep-agents";
 /**
-* Get the JWT secret from environment variables
-* Falls back to a default secret in non-production environments (with warning)
-*/
-function getJwtSecret() {
-	const secret = env.INKEEP_AGENTS_JWT_SIGNING_SECRET;
-	const dev_secret = "insecure-dev-secret-change-in-production-min-32-chars";
-	if (!secret) {
-		if (env.ENVIRONMENT === "production") throw new Error("INKEEP_AGENTS_JWT_SIGNING_SECRET environment variable is required in production");
-		logger.warn({}, "INKEEP_AGENTS_JWT_SIGNING_SECRET not set, using insecure default. DO NOT USE IN PRODUCTION!");
-		return new TextEncoder().encode(dev_secret);
-	}
-	return new TextEncoder().encode(secret);
-}
-/**
-* Generate a JWT token for team agent authentication
-* Token expires in 5 minutes
-*
-* @param params - Token generation parameters
-* @returns Signed JWT token string
+* Generate a JWT token for agent-to-agent authentication.
+* Token expires in 5 minutes.
 */
 async function generateServiceToken(params) {
-	const secret = getJwtSecret();
 	try {
-		const token = await new SignJWT({
-			tenantId: params.tenantId,
-			projectId: params.projectId
-		}).setProtectedHeader({
-			alg: "HS256",
-			typ: "JWT"
-		}).setIssuer("inkeep-agents").setSubject(params.originAgentId).setAudience(params.targetAgentId).setIssuedAt().setExpirationTime("5m").sign(secret);
+		const token = await signJwt({
+			issuer: ISSUER,
+			subject: params.originAgentId,
+			audience: params.targetAgentId,
+			expiresIn: "5m",
+			claims: {
+				tenantId: params.tenantId,
+				projectId: params.projectId
+			}
+		});
 		logger.debug({
 			originAgentId: params.originAgentId,
 			targetAgentId: params.targetAgentId,
@@ -48,64 +33,46 @@ async function generateServiceToken(params) {
 }
 /**
 * Verify and decode a service JWT token
-*
-* @param token - JWT token string to verify
-* @returns Verification result with payload if valid
 */
 async function verifyServiceToken(token) {
-	const secret = getJwtSecret();
-	try {
-		const { payload } = await jwtVerify(token, secret, {
-			issuer: "inkeep-agents",
-			algorithms: ["HS256"]
-		});
-		if (typeof payload.sub !== "string" || typeof payload.aud !== "string" || typeof payload.tenantId !== "string" || typeof payload.projectId !== "string") {
-			logger.warn({ payload }, "Invalid service token: missing required claims");
-			return {
-				valid: false,
-				error: "Invalid token: missing required claims"
-			};
-		}
-		const validPayload = {
-			iss: payload.iss,
-			aud: payload.aud,
-			sub: payload.sub,
-			tenantId: payload.tenantId,
-			projectId: payload.projectId,
-			iat: payload.iat,
-			exp: payload.exp
-		};
-		logger.debug({
-			originAgentId: validPayload.sub,
-			targetAgentId: validPayload.aud,
-			tenantId: validPayload.tenantId
-		}, "Successfully verified team agent token");
+	const result = await verifyJwt(token, { issuer: ISSUER });
+	if (!result.valid || !result.payload) {
+		logger.warn({ error: result.error }, "Team agent token verification failed");
 		return {
-			valid: true,
-			payload: validPayload
+			valid: false,
+			error: result.error
 		};
-	} catch (error) {
-		if (error instanceof Error) {
-			logger.warn({ error: error.message }, "Team agent token verification failed");
-			return {
-				valid: false,
-				error: error.message
-			};
-		}
-		logger.warn({ error }, "Team agent token verification failed with unknown error");
+	}
+	const payload = result.payload;
+	if (typeof payload.sub !== "string" || typeof payload.aud !== "string" || typeof payload.tenantId !== "string" || typeof payload.projectId !== "string") {
+		logger.warn({ payload }, "Invalid service token: missing required claims");
 		return {
 			valid: false,
-			error: "Token verification failed"
+			error: "Invalid token: missing required claims"
 		};
 	}
+	const validPayload = {
+		iss: payload.iss,
+		aud: payload.aud,
+		sub: payload.sub,
+		tenantId: payload.tenantId,
+		projectId: payload.projectId,
+		iat: payload.iat,
+		exp: payload.exp
+	};
+	logger.debug({
+		originAgentId: validPayload.sub,
+		targetAgentId: validPayload.aud,
+		tenantId: validPayload.tenantId
+	}, "Successfully verified team agent token");
+	return {
+		valid: true,
+		payload: validPayload
+	};
 }
 /**
-* Validate that the token's tenant ID matches the expected tenant
-* This prevents cross-tenant delegation attempts
-*
-* @param payload - Decoded token payload
-* @param expectedTenantId - The tenant ID to validate against
-* @returns true if tenant IDs match, false otherwise
+* Validate that the token's tenant ID matches the expected tenant.
+* This prevents cross-tenant delegation attempts.
 */
 function validateTenantId(payload, expectedTenantId) {
 	if (payload.tenantId !== expectedTenantId) {
@@ -121,10 +88,6 @@ function validateTenantId(payload, expectedTenantId) {
 }
 /**
 * Validate that the token's target agent ID matches the expected agent
-*
-* @param payload - Decoded token payload
-* @param expectedTargetAgentId - The agent ID to validate against
-* @returns true if agent IDs match, false otherwise
 */
 function validateTargetAgent(payload, expectedTargetAgentId) {
 	if (payload.aud !== expectedTargetAgentId) {
@@ -139,25 +102,14 @@ function validateTargetAgent(payload, expectedTargetAgentId) {
 }
 /**
 * Extract the Authorization header and verify the bearer token
-*
-* @param authHeader - The Authorization header value (e.g., "Bearer <token>")
-* @returns Verification result with payload if valid
 */
 async function verifyAuthorizationHeader(authHeader) {
-	if (!authHeader) return {
-		valid: false,
-		error: "Missing Authorization header"
-	};
-	if (!authHeader.startsWith("Bearer ")) return {
-		valid: false,
-		error: "Invalid Authorization header format. Expected: Bearer <token>"
-	};
-	const token = authHeader.substring(7);
-	if (!token) return {
+	const extracted = extractBearerToken(authHeader);
+	if (!extracted.token) return {
 		valid: false,
-		error: "Empty token in Authorization header"
+		error: extracted.error
 	};
-	return verifyServiceToken(token);
+	return verifyServiceToken(extracted.token);
 }
 
 //#endregion

package/dist/utils/signature-validation.d.ts

@@ -0,0 +1,2 @@
+import { ValidationResult, validateJMESPath, validateRegex } from "./jmespath-utils.js";
+export { type ValidationResult, validateJMESPath, validateRegex };

package/dist/utils/signature-validation.js

@@ -0,0 +1,3 @@
+import { validateJMESPath, validateRegex } from "./jmespath-utils.js";
+
+export { validateJMESPath, validateRegex };

package/dist/utils/template-interpolation.d.ts

@@ -0,0 +1,22 @@
+//#region src/utils/template-interpolation.d.ts
+/**
+ * Interpolates a message template with placeholders from a payload object.
+ * Supports {{path.to.value}} placeholder syntax with dot notation for nested paths.
+ * Missing values are replaced with empty strings.
+ *
+ * @param template - Message template with {{placeholder}} syntax
+ * @param payload - Object containing values to interpolate
+ * @returns Interpolated message with all placeholders resolved
+ *
+ * @example
+ * const template = "User {{user.name}} from {{user.profile.location}} submitted: {{message}}";
+ * const payload = {
+ *   user: { name: "Alice", profile: { location: "NYC" } },
+ *   message: "Hello World"
+ * };
+ * interpolateTemplate(template, payload);
+ * // => "User Alice from NYC submitted: Hello World"
+ */
+declare function interpolateTemplate(template: string, payload: Record<string, unknown>): string;
+//#endregion
+export { interpolateTemplate };

package/dist/utils/template-interpolation.js

@@ -0,0 +1,62 @@
+//#region src/utils/template-interpolation.ts
+/**
+* Resolves a nested path from an object using dot notation.
+* Example: getValue({ user: { profile: { name: 'John' } } }, 'user.profile.name') => 'John'
+*
+* @param obj - The object to traverse
+* @param path - Dot-separated path (e.g., 'user.profile.name')
+* @returns The value at the path, or undefined if not found
+*/
+function getValue(obj, path) {
+	if (!obj || typeof obj !== "object") return;
+	const keys = path.split(".");
+	let current = obj;
+	for (const key of keys) {
+		if (current === null || current === void 0 || typeof current !== "object") return;
+		current = current[key];
+	}
+	return current;
+}
+/**
+* Converts a value to string for template interpolation.
+* Handles primitives, null, undefined gracefully.
+*
+* @param value - The value to convert
+* @returns String representation or empty string if undefined/null
+*/
+function valueToString(value) {
+	if (value === null || value === void 0) return "";
+	if (typeof value === "string") return value;
+	if (typeof value === "number" || typeof value === "boolean") return String(value);
+	try {
+		return JSON.stringify(value);
+	} catch {
+		return "";
+	}
+}
+/**
+* Interpolates a message template with placeholders from a payload object.
+* Supports {{path.to.value}} placeholder syntax with dot notation for nested paths.
+* Missing values are replaced with empty strings.
+*
+* @param template - Message template with {{placeholder}} syntax
+* @param payload - Object containing values to interpolate
+* @returns Interpolated message with all placeholders resolved
+*
+* @example
+* const template = "User {{user.name}} from {{user.profile.location}} submitted: {{message}}";
+* const payload = {
+*   user: { name: "Alice", profile: { location: "NYC" } },
+*   message: "Hello World"
+* };
+* interpolateTemplate(template, payload);
+* // => "User Alice from NYC submitted: Hello World"
+*/
+function interpolateTemplate(template, payload) {
+	return template.replace(/\{\{([^}]+)\}\}/g, (_match, path) => {
+		return valueToString(getValue(payload, path.trim()));
+	});
+}
+
+//#endregion
+export { interpolateTemplate };

package/dist/utils/third-party-mcp-servers/composio-client.d.ts

@@ -14,6 +14,18 @@ type CredentialScope = 'project' | 'user';
  * - For user-scoped: uses the actual user ID (per-user credentials)
  */
 declare function getComposioUserId(tenantId: string, projectId: string, credentialScope: CredentialScope, userId?: string): string;
+/**
+ * Build a Composio MCP URL with the appropriate user_id parameter
+ * Consolidates user_id injection logic used across the codebase
+ *
+ * @param baseUrl - The base MCP server URL
+ * @param tenantId - The tenant ID
+ * @param projectId - The project ID
+ * @param credentialScope - Whether credentials are 'project' or 'user' scoped
+ * @param userId - Optional user ID (required for user-scoped credentials)
+ * @returns The URL with user_id parameter set, or original URL if not a Composio URL
+ */
+declare function buildComposioMCPUrl(baseUrl: string, tenantId: string, projectId: string, credentialScope: CredentialScope, userId?: string): string;
 /**
  * Extract server ID from a Composio MCP URL
  * Example: https://backend.composio.dev/v3/mcp/1234-1234-1234?user_id=... -> 1234-1234-1234
@@ -44,4 +56,4 @@ declare function fetchComposioServers(): Promise<PrebuiltMCPServer[]>;
  */
 declare function fetchSingleComposioServer(tenantId: string, projectId: string, mcpServerUrl: string, credentialScope?: CredentialScope, userId?: string): Promise<PrebuiltMCPServer | null>;
 //#endregion
-export { CredentialScope, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated };
+export { CredentialScope, buildComposioMCPUrl, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated };

package/dist/utils/third-party-mcp-servers/composio-client.js

@@ -7,7 +7,7 @@ import { Composio } from "@composio/core";
 * Composio MCP Server Client
 * Handles all Composio-specific operations for MCP server integration
 */
-const logger = getLogger("composio-client");
+const logger$1 = getLogger("composio-client");
 const TOOLKIT_TO_CATEGORY = {
 	github: "development",
 	gitlab: "development",
@@ -67,6 +67,25 @@ function getComposioUserId(tenantId, projectId, credentialScope, userId) {
 	return deriveComposioUserId(tenantId, projectId);
 }
 /**
+* Build a Composio MCP URL with the appropriate user_id parameter
+* Consolidates user_id injection logic used across the codebase
+*
+* @param baseUrl - The base MCP server URL
+* @param tenantId - The tenant ID
+* @param projectId - The project ID
+* @param credentialScope - Whether credentials are 'project' or 'user' scoped
+* @param userId - Optional user ID (required for user-scoped credentials)
+* @returns The URL with user_id parameter set, or original URL if not a Composio URL
+*/
+function buildComposioMCPUrl(baseUrl, tenantId, projectId, credentialScope, userId) {
+	if (!baseUrl.includes("composio.dev")) return baseUrl;
+	const urlObj = new URL(baseUrl);
+	if (urlObj.searchParams.has("user_id")) return baseUrl;
+	const composioUserId = getComposioUserId(tenantId, projectId, credentialScope, userId);
+	urlObj.searchParams.set("user_id", composioUserId);
+	return urlObj.toString();
+}
+/**
 * Extract server ID from a Composio MCP URL
 * Example: https://backend.composio.dev/v3/mcp/1234-1234-1234?user_id=... -> 1234-1234-1234
 */
@@ -88,14 +107,14 @@ function extractComposioServerId(mcpUrl) {
 async function deleteComposioConnectedAccount(accountId) {
 	const composioInstance = getComposioInstance();
 	if (!composioInstance) {
-		logger.info({}, "Composio not configured, skipping account deletion");
+		logger$1.info({}, "Composio not configured, skipping account deletion");
 		return false;
 	}
 	try {
 		await composioInstance.connectedAccounts.delete(accountId);
 		return true;
 	} catch (error) {
-		logger.warn({ error }, "Error deleting Composio connected account");
+		logger$1.warn({ error }, "Error deleting Composio connected account");
 		return false;
 	}
 }
@@ -106,7 +125,7 @@ async function deleteComposioConnectedAccount(accountId) {
 async function fetchComposioConnectedAccounts(derivedUserId) {
 	const composioInstance = getComposioInstance();
 	if (!composioInstance) {
-		logger.info({}, "Composio not configured, skipping connected accounts fetch");
+		logger$1.info({}, "Composio not configured, skipping connected accounts fetch");
 		return null;
 	}
 	try {
@@ -115,7 +134,7 @@ async function fetchComposioConnectedAccounts(derivedUserId) {
 			statuses: ["ACTIVE", "INITIATED"]
 		});
 	} catch (error) {
-		logger.error({ error }, "Error fetching Composio connected accounts");
+		logger$1.error({ error }, "Error fetching Composio connected accounts");
 		return null;
 	}
 }
@@ -127,29 +146,28 @@ async function fetchComposioConnectedAccounts(derivedUserId) {
 */
 async function isComposioMCPServerAuthenticated(tenantId, projectId, mcpServerUrl, credentialScope = "project", userId) {
 	if (!process.env.COMPOSIO_API_KEY) {
-		logger.info({}, "Composio API key not configured, skipping auth check");
+		logger$1.info({}, "Composio API key not configured, skipping auth check");
 		return false;
 	}
 	const serverId = extractComposioServerId(mcpServerUrl);
 	if (!serverId) {
-		logger.info({ mcpServerUrl }, "Could not extract Composio server ID from URL");
+		logger$1.info({ mcpServerUrl }, "Could not extract Composio server ID from URL");
 		return false;
 	}
 	const composioUserId = getComposioUserId(tenantId, projectId, credentialScope, userId);
 	const composioInstance = getComposioInstance();
 	if (!composioInstance) {
-		logger.info({}, "Composio not configured, skipping auth check");
+		logger$1.info({}, "Composio not configured, skipping auth check");
 		return false;
 	}
 	try {
-		const composioMcpServer = await composioInstance.mcp.get(serverId);
-		const firstAuthConfigId = composioMcpServer.authConfigIds.length > 0 ? composioMcpServer.authConfigIds[0] : null;
-		if (!firstAuthConfigId) return false;
-		const connectedAccounts = await fetchComposioConnectedAccounts(composioUserId);
+		const [composioMcpServer, connectedAccounts] = await Promise.all([composioInstance.mcp.get(serverId), fetchComposioConnectedAccounts(composioUserId)]);
+		if (!(composioMcpServer.authConfigIds.length > 0 ? composioMcpServer.authConfigIds[0] : null)) return false;
 		if (!connectedAccounts) return false;
-		return !!connectedAccounts.items.find((account) => account.authConfig.id === firstAuthConfigId && account.status === "ACTIVE");
+		const activeAuthConfigIds = new Set(connectedAccounts.items.filter((account) => account.status === "ACTIVE").map((account) => account.authConfig.id));
+		return composioMcpServer.authConfigIds.some((authConfigId) => activeAuthConfigIds.has(authConfigId));
 	} catch (error) {
-		logger.error({
+		logger$1.error({
 			error,
 			mcpServerUrl
 		}, "Error checking Composio authentication status");
@@ -184,7 +202,7 @@ function transformComposioServerData(composioMcpServer, isAuthenticated, url, th
 async function ensureComposioAccount(composioMcpServer, derivedUserId, initiatedAccounts) {
 	const firstAuthConfigId = composioMcpServer.authConfigIds[0];
 	if (!firstAuthConfigId) {
-		logger.error({ serverId: composioMcpServer.id }, "No auth config ID found for MCP server");
+		logger$1.error({ serverId: composioMcpServer.id }, "No auth config ID found for MCP server");
 		return null;
 	}
 	const existingInitiatedAccount = initiatedAccounts.find((account) => account.authConfig.id === firstAuthConfigId);
@@ -192,12 +210,12 @@ async function ensureComposioAccount(composioMcpServer, derivedUserId, initiated
 	try {
 		const composioInstance = getComposioInstance();
 		if (!composioInstance) {
-			logger.error({ serverId: composioMcpServer.id }, "Composio not configured");
+			logger$1.error({ serverId: composioMcpServer.id }, "Composio not configured");
 			return null;
 		}
 		return (await composioInstance.connectedAccounts.link(derivedUserId, firstAuthConfigId)).redirectUrl ?? null;
 	} catch (error) {
-		logger.error({
+		logger$1.error({
 			serverId: composioMcpServer.id,
 			error
 		}, "Error creating connected account for MCP server");
@@ -212,24 +230,24 @@ async function ensureComposioAccount(composioMcpServer, derivedUserId, initiated
 */
 async function getComposioOAuthRedirectUrl(tenantId, projectId, mcpServerUrl, credentialScope, userId) {
 	if (!process.env.COMPOSIO_API_KEY) {
-		logger.info({}, "Composio API key not configured");
+		logger$1.info({}, "Composio API key not configured");
 		return null;
 	}
 	const serverId = extractComposioServerId(mcpServerUrl);
 	if (!serverId) {
-		logger.info({ mcpServerUrl }, "Could not extract Composio server ID from URL");
+		logger$1.info({ mcpServerUrl }, "Could not extract Composio server ID from URL");
 		return null;
 	}
 	const composioInstance = getComposioInstance();
 	if (!composioInstance) {
-		logger.info({}, "Composio not configured");
+		logger$1.info({}, "Composio not configured");
 		return null;
 	}
 	const composioUserId = getComposioUserId(tenantId, projectId, credentialScope, userId);
 	try {
 		return await ensureComposioAccount(await composioInstance.mcp.get(serverId), composioUserId, (await fetchComposioConnectedAccounts(composioUserId))?.items.filter((account) => account.status === "INITIATED") ?? []);
 	} catch (error) {
-		logger.error({
+		logger$1.error({
 			error,
 			mcpServerUrl
 		}, "Failed to get Composio OAuth redirect URL");
@@ -256,12 +274,12 @@ async function transformComposioServer(composioMcpServer, authenticatedAuthConfi
 */
 async function fetchComposioServers() {
 	if (!process.env.COMPOSIO_API_KEY) {
-		logger.info({}, "COMPOSIO_API_KEY not configured, skipping Composio servers");
+		logger$1.info({}, "COMPOSIO_API_KEY not configured, skipping Composio servers");
 		return [];
 	}
 	const composioInstance = getComposioInstance();
 	if (!composioInstance) {
-		logger.info({}, "Composio not configured, returning empty list");
+		logger$1.info({}, "Composio not configured, returning empty list");
 		return [];
 	}
 	try {
@@ -272,7 +290,7 @@ async function fetchComposioServers() {
 			authConfigs: []
 		}))?.items.map((server) => transformComposioServerData(server, false, server.MCPUrl, void 0)) ?? [];
 	} catch (error) {
-		logger.error({ error }, "Failed to fetch Composio servers");
+		logger$1.error({ error }, "Failed to fetch Composio servers");
 		return [];
 	}
 }
@@ -283,19 +301,19 @@ async function fetchComposioServers() {
 */
 async function fetchSingleComposioServer(tenantId, projectId, mcpServerUrl, credentialScope = "project", userId) {
 	if (!process.env.COMPOSIO_API_KEY) {
-		logger.debug({}, "COMPOSIO_API_KEY not configured");
+		logger$1.debug({}, "COMPOSIO_API_KEY not configured");
 		return null;
 	}
 	const composioUserId = getComposioUserId(tenantId, projectId, credentialScope, userId);
 	const composioInstance = getComposioInstance();
 	if (!composioInstance) {
-		logger.info({}, "Composio not configured, returning null");
+		logger$1.info({}, "Composio not configured, returning null");
 		return null;
 	}
 	try {
 		const serverId = extractComposioServerId(mcpServerUrl);
 		if (!serverId) {
-			logger.error({ mcpServerUrl }, "Could not extract Composio server ID from URL");
+			logger$1.error({ mcpServerUrl }, "Could not extract Composio server ID from URL");
 			return null;
 		}
 		const composioMcpServer = await composioInstance.mcp.get(serverId);
@@ -307,7 +325,7 @@ async function fetchSingleComposioServer(tenantId, projectId, mcpServerUrl, cred
 		const initiatedAccounts = userConnectedAccounts?.items.filter((account) => account.status === "INITIATED");
 		return await transformComposioServer(composioMcpServer, new Set(activeAccounts?.map((account) => account.authConfig.id) ?? []), initiatedAccounts ?? [], composioUserId);
 	} catch (error) {
-		logger.error({
+		logger$1.error({
 			error,
 			mcpServerUrl
 		}, "Failed to fetch single Composio server");
@@ -316,4 +334,4 @@ async function fetchSingleComposioServer(tenantId, projectId, mcpServerUrl, cred
 }
 
 //#endregion
-export { extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated };
+export { buildComposioMCPUrl, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated };

package/dist/utils/third-party-mcp-servers/index.d.ts

@@ -1,3 +1,3 @@
-import { CredentialScope, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./composio-client.js";
+import { CredentialScope, buildComposioMCPUrl, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./composio-client.js";
 import { isThirdPartyMCPServerAuthenticated } from "./third-party-check.js";
-export { CredentialScope, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated };
+export { CredentialScope, buildComposioMCPUrl, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated };

package/dist/utils/third-party-mcp-servers/index.js

@@ -1,4 +1,4 @@
-import { extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./composio-client.js";
+import { buildComposioMCPUrl, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./composio-client.js";
 import { isThirdPartyMCPServerAuthenticated } from "./third-party-check.js";
 
-export { extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated };
+export { buildComposioMCPUrl, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated };