@mcp-ts/sdk 1.0.1 → 1.2.0

package/dist/server/index.js

@@ -6,7 +6,7 @@ var streamableHttp_js = require('@modelcontextprotocol/sdk/client/streamableHttp
 var sse_js = require('@modelcontextprotocol/sdk/client/sse.js');
 var auth_js = require('@modelcontextprotocol/sdk/client/auth.js');
 var types_js = require('@modelcontextprotocol/sdk/types.js');
-var fs = require('fs');
+var fs2 = require('fs');
 var path = require('path');
 
 function _interopNamespace(e) {
@@ -27,6 +27,7 @@ function _interopNamespace(e) {
   return Object.freeze(n);
 }
 
+var fs2__namespace = /*#__PURE__*/_interopNamespace(fs2);
 var path__namespace = /*#__PURE__*/_interopNamespace(path);
 
 var __defProp = Object.defineProperty;
@@ -424,8 +425,8 @@ var FileStorageBackend = class {
     if (this.initialized) return;
     try {
       const dir = path__namespace.dirname(this.filePath);
-      await fs.promises.mkdir(dir, { recursive: true });
-      const data = await fs.promises.readFile(this.filePath, "utf-8");
+      await fs2.promises.mkdir(dir, { recursive: true });
+      const data = await fs2.promises.readFile(this.filePath, "utf-8");
       const json = JSON.parse(data);
       this.memoryCache = /* @__PURE__ */ new Map();
       if (Array.isArray(json)) {
@@ -450,7 +451,7 @@ var FileStorageBackend = class {
   async flush() {
     if (!this.memoryCache) return;
     const sessions = Array.from(this.memoryCache.values());
-    await fs.promises.writeFile(this.filePath, JSON.stringify(sessions, null, 2), "utf-8");
+    await fs2.promises.writeFile(this.filePath, JSON.stringify(sessions, null, 2), "utf-8");
   }
   getSessionKey(identity, sessionId) {
     return `${identity}:${sessionId}`;
@@ -519,6 +520,148 @@ var FileStorageBackend = class {
   async disconnect() {
   }
 };
+var SqliteStorage = class {
+  constructor(options = {}) {
+    __publicField(this, "db", null);
+    __publicField(this, "table");
+    __publicField(this, "initialized", false);
+    __publicField(this, "dbPath");
+    this.dbPath = options.path || "./sessions.db";
+    this.table = options.table || "mcp_sessions";
+  }
+  async init() {
+    if (this.initialized) return;
+    try {
+      const DatabaseConstructor = (await import('better-sqlite3')).default;
+      const dir = path__namespace.dirname(this.dbPath);
+      if (!fs2__namespace.existsSync(dir)) {
+        fs2__namespace.mkdirSync(dir, { recursive: true });
+      }
+      this.db = new DatabaseConstructor(this.dbPath);
+      this.db.exec(`
+                CREATE TABLE IF NOT EXISTS ${this.table} (
+                    sessionId TEXT PRIMARY KEY,
+                    identity TEXT NOT NULL,
+                    data TEXT NOT NULL,
+                    expiresAt INTEGER
+                );
+                CREATE INDEX IF NOT EXISTS idx_${this.table}_identity ON ${this.table}(identity);
+            `);
+      this.initialized = true;
+    } catch (error) {
+      if (error.code === "MODULE_NOT_FOUND" || error.message?.includes("better-sqlite3")) {
+        throw new Error(
+          "better-sqlite3 is not installed. Please install it with: npm install better-sqlite3"
+        );
+      }
+      throw error;
+    }
+  }
+  ensureInitialized() {
+    if (!this.initialized) {
+      throw new Error("SqliteStorage not initialized. Call init() first.");
+    }
+  }
+  generateSessionId() {
+    const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+    let result = "";
+    for (let i = 0; i < 32; i++) {
+      result += chars.charAt(Math.floor(Math.random() * chars.length));
+    }
+    return result;
+  }
+  async createSession(session, ttl) {
+    this.ensureInitialized();
+    const { sessionId, identity } = session;
+    if (!sessionId || !identity) {
+      throw new Error("identity and sessionId required");
+    }
+    const expiresAt = ttl ? Date.now() + ttl * 1e3 : null;
+    try {
+      const stmt = this.db.prepare(
+        `INSERT INTO ${this.table} (sessionId, identity, data, expiresAt) VALUES (?, ?, ?, ?)`
+      );
+      stmt.run(sessionId, identity, JSON.stringify(session), expiresAt);
+    } catch (error) {
+      if (error.code === "SQLITE_CONSTRAINT_PRIMARYKEY") {
+        throw new Error(`Session ${sessionId} already exists`);
+      }
+      throw error;
+    }
+  }
+  async updateSession(identity, sessionId, data, ttl) {
+    this.ensureInitialized();
+    if (!sessionId || !identity) {
+      throw new Error("identity and sessionId required");
+    }
+    const currentSession = await this.getSession(identity, sessionId);
+    if (!currentSession) {
+      throw new Error(`Session ${sessionId} not found for identity ${identity}`);
+    }
+    const updatedSession = { ...currentSession, ...data };
+    const expiresAt = ttl ? Date.now() + ttl * 1e3 : null;
+    const stmt = this.db.prepare(
+      `UPDATE ${this.table} SET data = ?, expiresAt = ? WHERE sessionId = ? AND identity = ?`
+    );
+    stmt.run(JSON.stringify(updatedSession), expiresAt, sessionId, identity);
+  }
+  async getSession(identity, sessionId) {
+    this.ensureInitialized();
+    const stmt = this.db.prepare(
+      `SELECT data FROM ${this.table} WHERE sessionId = ? AND identity = ?`
+    );
+    const row = stmt.get(sessionId, identity);
+    if (!row) return null;
+    return JSON.parse(row.data);
+  }
+  async getIdentitySessionsData(identity) {
+    this.ensureInitialized();
+    const stmt = this.db.prepare(
+      `SELECT data FROM ${this.table} WHERE identity = ?`
+    );
+    const rows = stmt.all(identity);
+    return rows.map((row) => JSON.parse(row.data));
+  }
+  async getIdentityMcpSessions(identity) {
+    this.ensureInitialized();
+    const stmt = this.db.prepare(
+      `SELECT sessionId FROM ${this.table} WHERE identity = ?`
+    );
+    const rows = stmt.all(identity);
+    return rows.map((row) => row.sessionId);
+  }
+  async removeSession(identity, sessionId) {
+    this.ensureInitialized();
+    const stmt = this.db.prepare(
+      `DELETE FROM ${this.table} WHERE sessionId = ? AND identity = ?`
+    );
+    stmt.run(sessionId, identity);
+  }
+  async getAllSessionIds() {
+    this.ensureInitialized();
+    const stmt = this.db.prepare(`SELECT sessionId FROM ${this.table}`);
+    const rows = stmt.all();
+    return rows.map((row) => row.sessionId);
+  }
+  async clearAll() {
+    this.ensureInitialized();
+    const stmt = this.db.prepare(`DELETE FROM ${this.table}`);
+    stmt.run();
+  }
+  async cleanupExpiredSessions() {
+    this.ensureInitialized();
+    const now = Date.now();
+    const stmt = this.db.prepare(
+      `DELETE FROM ${this.table} WHERE expiresAt IS NOT NULL AND expiresAt < ?`
+    );
+    stmt.run(now);
+  }
+  async disconnect() {
+    if (this.db) {
+      this.db.close();
+    }
+  }
+};
 
 // src/server/storage/index.ts
 var storageInstance = null;
@@ -550,6 +693,13 @@ async function createStorage() {
     store.init().catch((err) => console.error("[Storage] Failed to initialize file storage:", err));
     return store;
   }
+  if (type === "sqlite") {
+    const dbPath = process.env.MCP_TS_STORAGE_SQLITE_PATH;
+    console.log(`[Storage] Using SQLite storage (${dbPath || "default"}) (Explicit)`);
+    const store = new SqliteStorage({ path: dbPath });
+    store.init().catch((err) => console.error("[Storage] Failed to initialize SQLite storage:", err));
+    return store;
+  }
   if (type === "memory") {
     console.log("[Storage] Using In-Memory storage (Explicit)");
     return new MemoryStorageBackend();
@@ -572,6 +722,12 @@ async function createStorage() {
     store.init().catch((err) => console.error("[Storage] Failed to initialize file storage:", err));
     return store;
   }
+  if (process.env.MCP_TS_STORAGE_SQLITE_PATH) {
+    console.log(`[Storage] Auto-detected MCP_TS_STORAGE_SQLITE_PATH. Using SQLite storage (${process.env.MCP_TS_STORAGE_SQLITE_PATH}).`);
+    const store = new SqliteStorage({ path: process.env.MCP_TS_STORAGE_SQLITE_PATH });
+    store.init().catch((err) => console.error("[Storage] Failed to initialize SQLite storage:", err));
+    return store;
+  }
   console.log("[Storage] No storage configured. Using In-Memory storage (Default).");
   return new MemoryStorageBackend();
 }
@@ -1079,7 +1235,15 @@ var MCPClient = class _MCPClient {
           name: "mcp-ts-oauth-client",
           version: "2.0"
         },
-        { capabilities: {} }
+        {
+          capabilities: {
+            extensions: {
+              "io.modelcontextprotocol/ui": {
+                mimeTypes: ["text/html+mcp"]
+              }
+            }
+          }
+        }
       );
     }
     const existingSession = await storage.getSession(this.identity, this.sessionId);
@@ -1261,7 +1425,15 @@ var MCPClient = class _MCPClient {
             name: "mcp-ts-oauth-client",
             version: "2.0"
           },
-          { capabilities: {} }
+          {
+            capabilities: {
+              extensions: {
+                "io.modelcontextprotocol/ui": {
+                  mimeTypes: ["text/html+mcp"]
+                }
+              }
+            }
+          }
         );
         this.emitStateChange("CONNECTING");
         await this.client.connect(this.transport);
@@ -1817,6 +1989,7 @@ var MultiSessionClient = class {
 };
 
 // src/server/handlers/sse-handler.ts
+var DEFAULT_HEARTBEAT_INTERVAL = 3e4;
 var SSEConnectionManager = class {
   constructor(options, sendEvent) {
     this.options = options;
@@ -1846,7 +2019,7 @@ var SSEConnectionManager = class {
    * Start heartbeat to keep connection alive
    */
   startHeartbeat() {
-    const interval = this.options.heartbeatInterval || 3e4;
+    const interval = this.options.heartbeatInterval ?? DEFAULT_HEARTBEAT_INTERVAL;
     this.heartbeatTimer = setInterval(() => {
       if (this.isActive) {
         this.sendEvent({
@@ -1859,6 +2032,7 @@ var SSEConnectionManager = class {
   }
   /**
    * Handle incoming RPC requests
+   * Returns the RPC response directly for immediate HTTP response (bypassing SSE latency)
    */
   async handleRequest(request) {
     try {
@@ -1900,39 +2074,29 @@ var SSEConnectionManager = class {
         default:
           throw new Error(`Unknown method: ${request.method}`);
       }
-      this.sendEvent({
+      const response = {
         id: request.id,
         result
-      });
+      };
+      this.sendEvent(response);
+      return response;
     } catch (error) {
-      this.sendEvent({
+      const errorResponse = {
         id: request.id,
         error: {
           code: RpcErrorCodes.EXECUTION_ERROR,
           message: error instanceof Error ? error.message : "Unknown error"
         }
-      });
+      };
+      this.sendEvent(errorResponse);
+      return errorResponse;
     }
   }
   /**
-   * Get all user sessions
+   * Get all sessions for the current identity
    */
   async getSessions() {
     const sessions = await storage.getIdentitySessionsData(this.identity);
-    this.sendEvent({
-      level: "debug",
-      message: `Retrieved ${sessions.length} sessions for identity ${this.identity}`,
-      timestamp: Date.now(),
-      metadata: {
-        identity: this.identity,
-        sessionCount: sessions.length,
-        sessions: sessions.map((s) => ({
-          sessionId: s.sessionId,
-          serverId: s.serverId,
-          serverName: s.serverName
-        }))
-      }
-    });
     return {
       sessions: sessions.map((s) => ({
         sessionId: s.sessionId,
@@ -1948,7 +2112,7 @@ var SSEConnectionManager = class {
    */
   async connect(params) {
     const { serverName, serverUrl, callbackUrl, transportType } = params;
-    const serverId = params.serverId || await storage.generateSessionId();
+    const serverId = params.serverId && params.serverId.length <= 12 ? params.serverId : await storage.generateSessionId();
     const existingSessions = await storage.getIdentitySessionsData(this.identity);
     const duplicate = existingSessions.find(
       (s) => s.serverId === serverId || s.serverUrl === serverUrl
@@ -1997,10 +2161,6 @@ var SSEConnectionManager = class {
       });
       await client.connect();
       const tools = await client.listTools();
-      const sessionAfterConnect = await storage.getSession(this.identity, sessionId);
-      console.log(`[SSE Handler] After connect() - Session ${sessionId}:`, {
-        serverId: sessionAfterConnect?.serverId
-      });
       this.emitConnectionEvent({
         type: "tools_discovered",
         sessionId,
@@ -2042,24 +2202,21 @@ var SSEConnectionManager = class {
     return { success: true };
   }
   /**
-   * Helper to get or restore a client
+   * Get an existing client or create and connect a new one for the session.
    */
   async getOrCreateClient(sessionId) {
-    let client = this.clients.get(sessionId);
-    if (!client) {
-      client = new MCPClient({
-        identity: this.identity,
-        sessionId
-      });
-      client.onConnectionEvent((event) => {
-        this.emitConnectionEvent(event);
-      });
-      client.onObservabilityEvent((event) => {
-        this.sendEvent(event);
-      });
-      await client.connect();
-      this.clients.set(sessionId, client);
+    const existing = this.clients.get(sessionId);
+    if (existing) {
+      return existing;
     }
+    const client = new MCPClient({
+      identity: this.identity,
+      sessionId
+    });
+    client.onConnectionEvent((event) => this.emitConnectionEvent(event));
+    client.onObservabilityEvent((event) => this.sendEvent(event));
+    await client.connect();
+    this.clients.set(sessionId, client);
     return client;
   }
   /**
@@ -2072,51 +2229,35 @@ var SSEConnectionManager = class {
     return { tools: result.tools };
   }
   /**
-   * Call a tool
+   * Call a tool on the MCP server
    */
   async callTool(params) {
     const { sessionId, toolName, toolArgs } = params;
     const client = await this.getOrCreateClient(sessionId);
-    return await client.callTool(toolName, toolArgs);
+    const result = await client.callTool(toolName, toolArgs);
+    const meta = result._meta || {};
+    return {
+      ...result,
+      _meta: {
+        ...meta,
+        sessionId
+      }
+    };
   }
   /**
-   * Refresh/validate a session
+   * Restore and validate an existing session
    */
   async restoreSession(params) {
     const { sessionId } = params;
-    this.sendEvent({
-      level: "debug",
-      message: `Starting session refresh for ${sessionId}`,
-      timestamp: Date.now(),
-      metadata: { sessionId, identity: this.identity }
-    });
     const session = await storage.getSession(this.identity, sessionId);
     if (!session) {
-      this.sendEvent({
-        level: "error",
-        message: `Session not found: ${sessionId}`,
-        timestamp: Date.now(),
-        metadata: { sessionId, identity: this.identity }
-      });
       throw new Error("Session not found");
     }
-    this.sendEvent({
-      level: "debug",
-      message: `Session found in Redis`,
-      timestamp: Date.now(),
-      metadata: {
-        sessionId,
-        serverId: session.serverId,
-        serverName: session.serverName,
-        serverUrl: session.serverUrl,
-        transportType: session.transportType
-      }
-    });
     this.emitConnectionEvent({
       type: "state_changed",
       sessionId,
-      serverId: session.serverId || "unknown",
-      serverName: session.serverName || "Unknown",
+      serverId: session.serverId ?? "unknown",
+      serverName: session.serverName ?? "Unknown",
       state: "VALIDATING",
       previousState: "DISCONNECTED",
       timestamp: Date.now()
@@ -2127,21 +2268,16 @@ var SSEConnectionManager = class {
         identity: this.identity,
         sessionId,
         ...clientMetadata
-        // Include metadata for consistency
-      });
-      client.onConnectionEvent((event) => {
-        this.emitConnectionEvent(event);
-      });
-      client.onObservabilityEvent((event) => {
-        this.sendEvent(event);
       });
+      client.onConnectionEvent((event) => this.emitConnectionEvent(event));
+      client.onObservabilityEvent((event) => this.sendEvent(event));
       await client.connect();
       this.clients.set(sessionId, client);
       const tools = await client.listTools();
       this.emitConnectionEvent({
         type: "tools_discovered",
         sessionId,
-        serverId: session.serverId || "unknown",
+        serverId: session.serverId ?? "unknown",
         toolCount: tools.tools.length,
         tools: tools.tools,
         timestamp: Date.now()
@@ -2151,7 +2287,7 @@ var SSEConnectionManager = class {
       this.emitConnectionEvent({
         type: "error",
         sessionId,
-        serverId: session.serverId || "unknown",
+        serverId: session.serverId ?? "unknown",
         error: error instanceof Error ? error.message : "Validation failed",
         errorType: "validation",
         timestamp: Date.now()
@@ -2160,16 +2296,10 @@ var SSEConnectionManager = class {
     }
   }
   /**
-   * Complete OAuth authorization
+   * Complete OAuth authorization flow
    */
   async finishAuth(params) {
     const { sessionId, code } = params;
-    this.sendEvent({
-      level: "debug",
-      message: `Completing OAuth for session ${sessionId}`,
-      timestamp: Date.now(),
-      metadata: { sessionId, identity: this.identity }
-    });
     const session = await storage.getSession(this.identity, sessionId);
     if (!session) {
       throw new Error("Session not found");
@@ -2177,8 +2307,8 @@ var SSEConnectionManager = class {
     this.emitConnectionEvent({
       type: "state_changed",
       sessionId,
-      serverId: session.serverId || "unknown",
-      serverName: session.serverName || "Unknown",
+      serverId: session.serverId ?? "unknown",
+      serverName: session.serverName ?? "Unknown",
       state: "AUTHENTICATING",
       previousState: "DISCONNECTED",
       timestamp: Date.now()
@@ -2188,16 +2318,14 @@ var SSEConnectionManager = class {
         identity: this.identity,
         sessionId
       });
-      client.onConnectionEvent((event) => {
-        this.emitConnectionEvent(event);
-      });
+      client.onConnectionEvent((event) => this.emitConnectionEvent(event));
       await client.finishAuth(code);
       this.clients.set(sessionId, client);
       const tools = await client.listTools();
       this.emitConnectionEvent({
         type: "tools_discovered",
         sessionId,
-        serverId: session.serverId || "unknown",
+        serverId: session.serverId ?? "unknown",
         toolCount: tools.tools.length,
         tools: tools.tools,
         timestamp: Date.now()
@@ -2207,7 +2335,7 @@ var SSEConnectionManager = class {
       this.emitConnectionEvent({
         type: "error",
         sessionId,
-        serverId: session.serverId || "unknown",
+        serverId: session.serverId ?? "unknown",
         error: error instanceof Error ? error.message : "OAuth completion failed",
         errorType: "auth",
         timestamp: Date.now()
@@ -2247,7 +2375,7 @@ var SSEConnectionManager = class {
   async readResource(params) {
     const { sessionId, uri } = params;
     const client = await this.getOrCreateClient(sessionId);
-    return await client.readResource(uri);
+    return client.readResource(uri);
   }
   /**
    * Emit connection event
@@ -2277,19 +2405,17 @@ function createSSEHandler(options) {
       "Connection": "keep-alive",
       "Access-Control-Allow-Origin": "*"
     });
-    sendSSE(res, "connected", { timestamp: Date.now() });
+    writeSSEEvent(res, "connected", { timestamp: Date.now() });
     const manager = new SSEConnectionManager(options, (event) => {
       if ("id" in event) {
-        sendSSE(res, "rpc-response", event);
+        writeSSEEvent(res, "rpc-response", event);
       } else if ("type" in event && "sessionId" in event) {
-        sendSSE(res, "connection", event);
+        writeSSEEvent(res, "connection", event);
       } else {
-        sendSSE(res, "observability", event);
+        writeSSEEvent(res, "observability", event);
       }
     });
-    req.on("close", () => {
-      manager.dispose();
-    });
+    req.on("close", () => manager.dispose());
     if (req.method === "POST") {
       let body = "";
       req.on("data", (chunk) => {
@@ -2299,14 +2425,13 @@ function createSSEHandler(options) {
         try {
           const request = JSON.parse(body);
           await manager.handleRequest(request);
-        } catch (error) {
-          console.error("[SSE] Error handling request:", error);
+        } catch {
         }
       });
     }
   };
 }
-function sendSSE(res, event, data) {
+function writeSSEEvent(res, event, data) {
   res.write(`event: ${event}
 `);
   res.write(`data: ${JSON.stringify(data)}
@@ -2341,7 +2466,7 @@ function createNextMcpHandler(options = {}) {
     const stream = new TransformStream();
     const writer = stream.writable.getWriter();
     const encoder = new TextEncoder();
-    const sendSSE2 = (event, data) => {
+    const sendSSE = (event, data) => {
       const message = `event: ${event}
 data: ${JSON.stringify(data)}
 
@@ -2349,7 +2474,6 @@ data: ${JSON.stringify(data)}
       writer.write(encoder.encode(message)).catch(() => {
       });
     };
-    sendSSE2("connected", { timestamp: Date.now() });
     const previousManager = managers.get(identity);
     if (previousManager) {
       previousManager.dispose();
@@ -2364,15 +2488,16 @@ data: ${JSON.stringify(data)}
       },
       (event) => {
         if ("id" in event) {
-          sendSSE2("rpc-response", event);
+          sendSSE("rpc-response", event);
         } else if ("type" in event && "sessionId" in event) {
-          sendSSE2("connection", event);
+          sendSSE("connection", event);
         } else {
-          sendSSE2("observability", event);
+          sendSSE("observability", event);
         }
       }
     );
     managers.set(identity, manager);
+    sendSSE("connected", { timestamp: Date.now() });
     const abortController = new AbortController();
     request.signal?.addEventListener("abort", () => {
       manager.dispose();
@@ -2415,8 +2540,8 @@ data: ${JSON.stringify(data)}
           { status: 400 }
         );
       }
-      await manager.handleRequest(body);
-      return Response.json({ acknowledged: true });
+      const response = await manager.handleRequest(body);
+      return Response.json(response);
     } catch (error) {
       return Response.json(
         {