@kya-os/mcp-i 1.7.13 → 1.10.0

package/dist/runtime/utils/tools.js

@@ -8,8 +8,9 @@ const tool_protection_registry_1 = require("../tool-protection-registry");
 const auth_handshake_1 = require("../auth-handshake");
 const session_1 = require("../session");
 const request_context_1 = require("../request-context");
-const proof_batch_queue_1 = require("../proof-batch-queue");
 const mcp_i_core_1 = require("@kya-os/mcp-i-core");
+const proof_batch_queue_1 = require("../proof-batch-queue");
+const mcp_i_core_2 = require("@kya-os/mcp-i-core");
 /**
  * Format authorization info for error messages.
  * Safely handles discriminated union types by checking for property existence.
@@ -512,7 +513,7 @@ async function addToolsToServer(server, toolModules, identityConfig, clientMessa
                     // Format human-readable message using DelegationErrorFormatter
                     // Supports client-specific messages via clientMessagesConfig
                     // The formatter may modify the URL (e.g., adding extraParams from config)
-                    const formatter = new mcp_i_core_1.DelegationErrorFormatter(clientMessagesConfig);
+                    const formatter = new mcp_i_core_2.DelegationErrorFormatter(clientMessagesConfig);
                     const { message: displayMessage, consentUrl } = formatter.format({
                         toolName: name,
                         consentUrl: verifyResult.authError?.authorizationUrl,
@@ -583,7 +584,7 @@ async function addToolsToServer(server, toolModules, identityConfig, clientMessa
                         };
                     }
                     // Compare authorization types using the helper function
-                    if (!(0, mcp_i_core_1.authorizationMatches)(delegationAuth, toolAuth)) {
+                    if (!(0, mcp_i_core_2.authorizationMatches)(delegationAuth, toolAuth)) {
                         if (identityConfig?.debug) {
                             console.error(`[MCPI] Tool "${name}" blocked - authorization method mismatch`);
                         }
@@ -615,6 +616,19 @@ async function addToolsToServer(server, toolModules, identityConfig, clientMessa
                 if (identityConfig?.debug) {
                     console.error(`[MCPI] Tool "${name}" authorized - executing handler`);
                 }
+                // Populate delegation context in AsyncLocalStorage so outbound
+                // fetch calls made by the tool handler can inject delegation headers.
+                if (verifyResult.delegation) {
+                    const identity = identityManager
+                        ? await identityManager.ensureIdentity()
+                        : null;
+                    (0, request_context_1.setDelegationContextFromIdentity)({
+                        delegationId: verifyResult.delegation.id,
+                        delegationChain: (0, mcp_i_core_1.buildChainString)(verifyResult.delegation),
+                        delegationScopes: toolProtection.requiredScopes || [],
+                        identity: identity ?? null,
+                    });
+                }
             }
             try {
                 // Execute the tool handler

package/dist/runtime/verifier-middleware.js

@@ -338,7 +338,7 @@ async function parseProofFromHeaders(request) {
     // This would typically look for proof in headers or request body
     // Placeholder implementation
     // Handle both Fetch API Request and Node.js IncomingMessage
-    const proofHeader = getHeaderValue(request.headers, "X-XMCP-I-Proof");
+    const proofHeader = getHeaderValue(request.headers, "KYA-Proof");
     if (!proofHeader) {
         return null;
     }
@@ -362,7 +362,7 @@ async function parseReceiptFromHeaders(request) {
     // TODO: Implement actual receipt extraction from request
     // This would typically look for receipt reference in headers
     // Handle both Fetch API Request and Node.js IncomingMessage
-    const receiptRef = getHeaderValue(request.headers, "X-XMCP-I-Receipt-Ref");
+    const receiptRef = getHeaderValue(request.headers, "KYA-Receipt-Ref");
     if (!receiptRef) {
         return null;
     }
@@ -381,7 +381,7 @@ async function parseReceiptFromHeaders(request) {
 async function parseProofFromExpressHeaders(req) {
     // TODO: Implement actual proof extraction from Express request
     // This would typically look for proof in headers or request body
-    const proofHeader = req.headers["x-xmcp-i-proof"];
+    const proofHeader = req.headers["kya-proof"];
     if (!proofHeader) {
         return null;
     }
@@ -407,7 +407,7 @@ async function parseProofFromExpressHeaders(req) {
 async function parseReceiptFromExpressHeaders(req) {
     // TODO: Implement actual receipt extraction from Express request
     // This would typically look for receipt reference in headers
-    const receiptRef = req.headers["x-xmcp-i-receipt-ref"];
+    const receiptRef = req.headers["kya-receipt-ref"];
     if (!receiptRef) {
         return null;
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kya-os/mcp-i",
-  "version": "1.7.13",
+  "version": "1.10.0",
   "description": "The TypeScript MCP framework with identity features built-in",
   "type": "commonjs",
   "main": "dist/index.js",
@@ -63,14 +63,14 @@
     "model-context-protocol"
   ],
   "dependencies": {
-    "@kya-os/contracts": "^1.7.21",
-    "@kya-os/mcp-i-core": "^1.4.19",
+    "@kya-os/contracts": "^1.8.0",
+    "@kya-os/mcp-i-core": "^1.7.0",
     "@modelcontextprotocol/sdk": "^1.11.4",
-    "@swc/core": "^1.11.24",
-    "@types/express": "^5.0.1",
+    "@swc/core": "^1.15.11",
+    "@types/express": "^5.0.6",
     "@types/webpack-node-externals": "^3.0.4",
     "@vercel/mcp-adapter": "^0.11.1",
-    "axios": "^1.12.0",
+    "axios": "^1.15.0",
     "base-x": "^5.0.1",
     "chalk": "^5.2.0",
     "chokidar": "^3.6.0",
@@ -79,45 +79,45 @@
     "cross-env": "^7.0.3",
     "del": "^8.0.1",
     "dotenv": "^16.5.0",
-    "esbuild": "^0.25.0",
-    "execa": "^9.6.0",
+    "esbuild": "^0.27.3",
+    "execa": "^9.6.1",
     "express": "^4.18.0",
     "fork-ts-checker-webpack-plugin": "^8.0.0",
-    "fs-extra": "^11.3.0",
-    "glob": "^11.1.0",
-    "handlebars": "^4.7.7",
+    "fs-extra": "^11.3.3",
+    "glob": "^13.0.3",
+    "handlebars": "^4.7.9",
     "jose": "^5.2.0",
     "json-canonicalize": "^2.0.0",
     "json5": "^2.2.3",
-    "jsonwebtoken": "^9.0.2",
+    "jsonwebtoken": "^9.0.3",
     "memfs": "^4.17.2",
     "raw-body": "^3.0.0",
-    "swc-loader": "^0.2.6",
+    "swc-loader": "^0.2.7",
     "tsx": "^4.19.4",
     "webpack": "^5.99.7",
     "webpack-node-externals": "^3.0.0",
-    "webpack-virtual-modules": "^0.5.0"
+    "webpack-virtual-modules": "^0.6.2"
   },
   "optionalDependencies": {
-    "@modelcontextprotocol/inspector": "^0.16.6"
+    "@modelcontextprotocol/inspector": "^0.20.0"
   },
   "devDependencies": {
-    "@aws-sdk/client-dynamodb": "^3.0.0",
+    "@aws-sdk/client-dynamodb": "^3.992.0",
     "@types/content-type": "^1.1.9",
     "@types/fs-extra": "^11.0.4",
     "@types/jsonwebtoken": "^9.0.9",
     "@types/node": "^20.0.0",
     "@typescript-eslint/eslint-plugin": "^8.19.1",
     "@typescript-eslint/parser": "^8.19.1",
-    "@vitest/coverage-v8": "^4.0.5",
+    "@vitest/coverage-v8": "^4.0.18",
     "copy-webpack-plugin": "^12.0.2",
     "eslint": "^9.26.0",
     "node-loader": "^1.0.1",
     "redis": "^4.0.0",
     "ts-loader": "^9.4.2",
     "typescript": "^5.3.0",
-    "vitest": "^4.0.5",
-    "zod": "^3.25.76"
+    "vitest": "^4.0.18",
+    "zod": "^3.25.67"
   },
   "engines": {
     "node": ">=20.0.0"