@mcp-ts/sdk 1.3.3 → 1.3.5

package/dist/server/index.mjs

@@ -115,6 +115,14 @@ var init_redis = __esm({
 var SESSION_TTL_SECONDS = 43200;
 var STATE_EXPIRATION_MS = 10 * 60 * 1e3;
 var TOKEN_EXPIRY_BUFFER_MS = 5 * 60 * 1e3;
+var DEFAULT_CLIENT_NAME = "MCP Assistant";
+var DEFAULT_CLIENT_URI = "https://mcp-assistant.in";
+var DEFAULT_LOGO_URI = "https://mcp-assistant.in/logo.svg";
+var DEFAULT_POLICY_URI = "https://mcp-assistant.in/privacy";
+var SOFTWARE_ID = "@mcp-ts";
+var SOFTWARE_VERSION = "1.3.4";
+var MCP_CLIENT_NAME = "mcp-ts-oauth-client";
+var MCP_CLIENT_VERSION = "2.0";
 
 // src/server/storage/redis-backend.ts
 var firstChar = customAlphabet(
@@ -130,6 +138,8 @@ var RedisStorageBackend = class {
     this.redis = redis2;
     __publicField(this, "DEFAULT_TTL", SESSION_TTL_SECONDS);
     __publicField(this, "KEY_PREFIX", "mcp:session:");
+    __publicField(this, "IDENTITY_KEY_PREFIX", "mcp:identity:");
+    __publicField(this, "IDENTITY_KEY_SUFFIX", ":sessions");
   }
   /**
    * Generates Redis key for a specific session
@@ -143,7 +153,34 @@ var RedisStorageBackend = class {
    * @private
    */
   getIdentityKey(identity) {
-    return `mcp:identity:${identity}:sessions`;
+    return `${this.IDENTITY_KEY_PREFIX}${identity}${this.IDENTITY_KEY_SUFFIX}`;
+  }
+  parseIdentityFromKey(identityKey) {
+    return identityKey.slice(
+      this.IDENTITY_KEY_PREFIX.length,
+      identityKey.length - this.IDENTITY_KEY_SUFFIX.length
+    );
+  }
+  async scanKeys(pattern) {
+    const redis2 = this.redis;
+    if (typeof redis2.scan !== "function") {
+      return await this.redis.keys(pattern);
+    }
+    const keys = /* @__PURE__ */ new Set();
+    let cursor = "0";
+    try {
+      do {
+        const [nextCursor, batch] = await redis2.scan(cursor, "MATCH", pattern, "COUNT", 100);
+        cursor = nextCursor;
+        for (const key of batch) {
+          keys.add(key);
+        }
+      } while (cursor !== "0");
+    } catch (error) {
+      console.warn("[RedisStorage] SCAN failed, falling back to KEYS:", error);
+      return await this.redis.keys(pattern);
+    }
+    return Array.from(keys);
   }
   generateSessionId() {
     return firstChar() + rest();
@@ -211,17 +248,13 @@ var RedisStorageBackend = class {
     }
   }
   async getIdentityMcpSessions(identity) {
-    const identityKey = this.getIdentityKey(identity);
-    try {
-      return await this.redis.smembers(identityKey);
-    } catch (error) {
-      console.error(`[RedisStorage] Failed to get sessions for ${identity}:`, error);
-      return [];
-    }
+    const sessions = await this.getIdentitySessionsData(identity);
+    return sessions.map((session) => session.sessionId);
   }
   async getIdentitySessionsData(identity) {
     try {
-      const sessionIds = await this.redis.smembers(this.getIdentityKey(identity));
+      const identityKey = this.getIdentityKey(identity);
+      const sessionIds = await this.redis.smembers(identityKey);
       if (sessionIds.length === 0) return [];
       const results = await Promise.all(
         sessionIds.map(async (sessionId) => {
@@ -229,6 +262,10 @@ var RedisStorageBackend = class {
           return data ? JSON.parse(data) : null;
         })
       );
+      const staleSessionIds = sessionIds.filter((_, index) => results[index] === null);
+      if (staleSessionIds.length > 0) {
+        await this.redis.srem(identityKey, ...staleSessionIds);
+      }
       return results.filter((session) => session !== null);
     } catch (error) {
       console.error(`[RedisStorage] Failed to get session data for ${identity}:`, error);
@@ -247,9 +284,22 @@ var RedisStorageBackend = class {
   }
   async getAllSessionIds() {
     try {
-      const pattern = `${this.KEY_PREFIX}*`;
-      const keys = await this.redis.keys(pattern);
-      return keys.map((key) => key.replace(this.KEY_PREFIX, ""));
+      const keys = await this.scanKeys(`${this.KEY_PREFIX}*`);
+      const sessions = await Promise.all(
+        keys.map(async (key) => {
+          const data = await this.redis.get(key);
+          if (!data) {
+            return null;
+          }
+          try {
+            return JSON.parse(data).sessionId;
+          } catch (error) {
+            console.error("[RedisStorage] Failed to parse session while listing all session IDs:", error);
+            return null;
+          }
+        })
+      );
+      return sessions.filter((sessionId) => sessionId !== null);
     } catch (error) {
       console.error("[RedisStorage] Failed to get all sessions:", error);
       return [];
@@ -257,10 +307,11 @@ var RedisStorageBackend = class {
   }
   async clearAll() {
     try {
-      const pattern = `${this.KEY_PREFIX}*`;
-      const keys = await this.redis.keys(pattern);
-      if (keys.length > 0) {
-        await this.redis.del(...keys);
+      const keys = await this.scanKeys(`${this.KEY_PREFIX}*`);
+      const identityKeys = await this.scanKeys(`${this.IDENTITY_KEY_PREFIX}*${this.IDENTITY_KEY_SUFFIX}`);
+      const allKeys = [...keys, ...identityKeys];
+      if (allKeys.length > 0) {
+        await this.redis.del(...allKeys);
       }
     } catch (error) {
       console.error("[RedisStorage] Failed to clear sessions:", error);
@@ -268,12 +319,24 @@ var RedisStorageBackend = class {
   }
   async cleanupExpiredSessions() {
     try {
-      const pattern = `${this.KEY_PREFIX}*`;
-      const keys = await this.redis.keys(pattern);
-      for (const key of keys) {
-        const ttl = await this.redis.ttl(key);
-        if (ttl <= 0) {
-          await this.redis.del(key);
+      const identityKeys = await this.scanKeys(`${this.IDENTITY_KEY_PREFIX}*${this.IDENTITY_KEY_SUFFIX}`);
+      for (const identityKey of identityKeys) {
+        const identity = this.parseIdentityFromKey(identityKey);
+        const sessionIds = await this.redis.smembers(identityKey);
+        if (sessionIds.length === 0) {
+          await this.redis.del(identityKey);
+          continue;
+        }
+        const existenceChecks = await Promise.all(
+          sessionIds.map((sessionId) => this.redis.exists(this.getSessionKey(identity, sessionId)))
+        );
+        const staleSessionIds = sessionIds.filter((_, index) => existenceChecks[index] === 0);
+        if (staleSessionIds.length > 0) {
+          await this.redis.srem(identityKey, ...staleSessionIds);
+        }
+        const remainingCount = await this.redis.scard(identityKey);
+        if (remainingCount === 0) {
+          await this.redis.del(identityKey);
         }
       }
     } catch (error) {
@@ -644,6 +707,12 @@ var SqliteStorage = class {
 // src/server/storage/index.ts
 var storageInstance = null;
 var storagePromise = null;
+async function initializeStorage(store) {
+  if (typeof store.init === "function") {
+    await store.init();
+  }
+  return store;
+}
 async function createStorage() {
   const type = process.env.MCP_TS_STORAGE_TYPE?.toLowerCase();
   if (type === "redis") {
@@ -667,16 +736,12 @@ async function createStorage() {
       console.warn('[Storage] MCP_TS_STORAGE_TYPE is "file" but MCP_TS_STORAGE_FILE is missing');
     }
     console.log(`[Storage] Using File storage (${filePath}) (Explicit)`);
-    const store = new FileStorageBackend({ path: filePath });
-    store.init().catch((err) => console.error("[Storage] Failed to initialize file storage:", err));
-    return store;
+    return await initializeStorage(new FileStorageBackend({ path: filePath }));
   }
   if (type === "sqlite") {
     const dbPath = process.env.MCP_TS_STORAGE_SQLITE_PATH;
     console.log(`[Storage] Using SQLite storage (${dbPath || "default"}) (Explicit)`);
-    const store = new SqliteStorage({ path: dbPath });
-    store.init().catch((err) => console.error("[Storage] Failed to initialize SQLite storage:", err));
-    return store;
+    return await initializeStorage(new SqliteStorage({ path: dbPath }));
   }
   if (type === "memory") {
     console.log("[Storage] Using In-Memory storage (Explicit)");
@@ -696,15 +761,11 @@ async function createStorage() {
   }
   if (process.env.MCP_TS_STORAGE_FILE) {
     console.log(`[Storage] Auto-detected MCP_TS_STORAGE_FILE. Using File storage (${process.env.MCP_TS_STORAGE_FILE}).`);
-    const store = new FileStorageBackend({ path: process.env.MCP_TS_STORAGE_FILE });
-    store.init().catch((err) => console.error("[Storage] Failed to initialize file storage:", err));
-    return store;
+    return await initializeStorage(new FileStorageBackend({ path: process.env.MCP_TS_STORAGE_FILE }));
   }
   if (process.env.MCP_TS_STORAGE_SQLITE_PATH) {
     console.log(`[Storage] Auto-detected MCP_TS_STORAGE_SQLITE_PATH. Using SQLite storage (${process.env.MCP_TS_STORAGE_SQLITE_PATH}).`);
-    const store = new SqliteStorage({ path: process.env.MCP_TS_STORAGE_SQLITE_PATH });
-    store.init().catch((err) => console.error("[Storage] Failed to initialize SQLite storage:", err));
-    return store;
+    return await initializeStorage(new SqliteStorage({ path: process.env.MCP_TS_STORAGE_SQLITE_PATH }));
   }
   console.log("[Storage] No storage configured. Using In-Memory storage (Default).");
   return new MemoryStorageBackend();
@@ -714,7 +775,10 @@ async function getStorage() {
     return storageInstance;
   }
   if (!storagePromise) {
-    storagePromise = createStorage();
+    storagePromise = createStorage().catch((error) => {
+      storagePromise = null;
+      throw error;
+    });
   }
   storageInstance = await storagePromise;
   return storageInstance;
@@ -735,43 +799,49 @@ var storage = new Proxy({}, {
 // src/server/mcp/storage-oauth-provider.ts
 var StorageOAuthClientProvider = class {
   /**
-   * Creates a new Storage-backed OAuth provider
-   * @param identity - User/Client identifier
-   * @param serverId - Server identifier (for tracking which server this OAuth session belongs to)
-   * @param sessionId - Session identifier (used as OAuth state)
-   * @param clientName - OAuth client name
-   * @param baseRedirectUrl - OAuth callback URL
-   * @param onRedirect - Optional callback when redirect to authorization is needed
+   * Creates a new storage-backed OAuth provider
+   * @param options - Provider configuration
    */
-  constructor(identity, serverId, sessionId, clientName, baseRedirectUrl, onRedirect) {
-    this.identity = identity;
-    this.serverId = serverId;
-    this.sessionId = sessionId;
-    this.clientName = clientName;
-    this.baseRedirectUrl = baseRedirectUrl;
+  constructor(options) {
+    __publicField(this, "identity");
+    __publicField(this, "serverId");
+    __publicField(this, "sessionId");
+    __publicField(this, "redirectUrl");
+    __publicField(this, "clientName");
+    __publicField(this, "clientUri");
+    __publicField(this, "logoUri");
+    __publicField(this, "policyUri");
+    __publicField(this, "clientSecret");
     __publicField(this, "_authUrl");
     __publicField(this, "_clientId");
     __publicField(this, "onRedirectCallback");
     __publicField(this, "tokenExpiresAt");
-    this.onRedirectCallback = onRedirect;
+    this.identity = options.identity;
+    this.serverId = options.serverId;
+    this.sessionId = options.sessionId;
+    this.redirectUrl = options.redirectUrl;
+    this.clientName = options.clientName;
+    this.clientUri = options.clientUri;
+    this.logoUri = options.logoUri;
+    this.policyUri = options.policyUri;
+    this._clientId = options.clientId;
+    this.clientSecret = options.clientSecret;
+    this.onRedirectCallback = options.onRedirect;
   }
   get clientMetadata() {
     return {
-      client_name: this.clientName,
-      client_uri: this.clientUri,
+      client_name: this.clientName || DEFAULT_CLIENT_NAME,
+      client_uri: this.clientUri || DEFAULT_CLIENT_URI,
+      logo_uri: this.logoUri || DEFAULT_LOGO_URI,
+      policy_uri: this.policyUri || DEFAULT_POLICY_URI,
       grant_types: ["authorization_code", "refresh_token"],
       redirect_uris: [this.redirectUrl],
       response_types: ["code"],
-      token_endpoint_auth_method: "none",
-      ...this._clientId ? { client_id: this._clientId } : {}
+      token_endpoint_auth_method: this.clientSecret ? "client_secret_basic" : "none",
+      software_id: SOFTWARE_ID,
+      software_version: SOFTWARE_VERSION
     };
   }
-  get clientUri() {
-    return new URL(this.redirectUrl).origin;
-  }
-  get redirectUrl() {
-    return this.baseRedirectUrl;
-  }
   get clientId() {
     return this._clientId;
   }
@@ -806,7 +876,16 @@ var StorageOAuthClientProvider = class {
     if (data.clientId && !this._clientId) {
       this._clientId = data.clientId;
     }
-    return data.clientInformation;
+    if (data.clientInformation) {
+      return data.clientInformation;
+    }
+    if (!this._clientId) {
+      return void 0;
+    }
+    return {
+      client_id: this._clientId,
+      ...this.clientSecret ? { client_secret: this.clientSecret } : {}
+    };
   }
   /**
    * Stores OAuth client information
@@ -834,14 +913,14 @@ var StorageOAuthClientProvider = class {
   async state() {
     return this.sessionId;
   }
-  async checkState(state) {
+  async checkState(_state) {
     const data = await storage.getSession(this.identity, this.sessionId);
     if (!data) {
       return { valid: false, error: "Session not found" };
     }
     return { valid: true, serverId: this.serverId };
   }
-  async consumeState(state) {
+  async consumeState(_state) {
   }
   async redirectToAuthorization(authUrl) {
     this._authUrl = authUrl.toString();
@@ -853,7 +932,6 @@ var StorageOAuthClientProvider = class {
     if (scope === "all") {
       await storage.removeSession(this.identity, this.sessionId);
     } else {
-      await this.getSessionData();
       const updates = {};
       if (scope === "client") {
         updates.clientInformation = void 0;
@@ -1173,41 +1251,33 @@ var MCPClient = class _MCPClient {
     if (!this.serverUrl || !this.callbackUrl || !this.serverId) {
       throw new Error("Missing required connection metadata");
     }
-    const clientMetadata = {
-      client_name: this.clientName || "MCP Assistant",
-      redirect_uris: [this.callbackUrl],
-      token_endpoint_auth_method: this.clientSecret ? "client_secret_basic" : "none",
-      client_uri: this.clientUri || "https://mcp-assistant.in",
-      logo_uri: this.logoUri || "https://mcp-assistant.in/logo.png",
-      policy_uri: this.policyUri || "https://mcp-assistant.in/privacy",
-      ...this.clientId ? { client_id: this.clientId } : {},
-      ...this.clientSecret ? { client_secret: this.clientSecret } : {}
-    };
     if (!this.oauthProvider) {
       if (!this.serverId) {
         throw new Error("serverId required for OAuth provider initialization");
       }
-      this.oauthProvider = new StorageOAuthClientProvider(
-        this.identity,
-        this.serverId,
-        this.sessionId,
-        clientMetadata.client_name ?? "MCP Assistant",
-        this.callbackUrl,
-        (redirectUrl) => {
+      this.oauthProvider = new StorageOAuthClientProvider({
+        identity: this.identity,
+        serverId: this.serverId,
+        sessionId: this.sessionId,
+        redirectUrl: this.callbackUrl,
+        clientName: this.clientName,
+        clientUri: this.clientUri,
+        logoUri: this.logoUri,
+        policyUri: this.policyUri,
+        clientId: this.clientId,
+        clientSecret: this.clientSecret,
+        onRedirect: (redirectUrl) => {
           if (this.onRedirect) {
             this.onRedirect(redirectUrl);
           }
         }
-      );
-      if (this.clientId && this.oauthProvider) {
-        this.oauthProvider.clientId = this.clientId;
-      }
+      });
     }
     if (!this.client) {
       this.client = new Client(
         {
-          name: "mcp-ts-oauth-client",
-          version: "2.0"
+          name: MCP_CLIENT_NAME,
+          version: MCP_CLIENT_VERSION
         },
         {
           capabilities: {
@@ -1402,8 +1472,8 @@ var MCPClient = class _MCPClient {
         this.emitProgress("Creating authenticated client...");
         this.client = new Client(
           {
-            name: "mcp-ts-oauth-client",
-            version: "2.0"
+            name: MCP_CLIENT_NAME,
+            version: MCP_CLIENT_VERSION
           },
           {
             capabilities: {
@@ -1698,8 +1768,8 @@ var MCPClient = class _MCPClient {
     }
     this.client = new Client(
       {
-        name: "mcp-ts-oauth-client",
-        version: "2.0"
+        name: MCP_CLIENT_NAME,
+        version: MCP_CLIENT_VERSION
       },
       { capabilities: {} }
     );
@@ -1968,6 +2038,27 @@ var MultiSessionClient = class {
   }
 };
 
+// src/shared/event-routing.ts
+function isRpcResponseEvent(event) {
+  return "id" in event && ("result" in event || "error" in event);
+}
+function isConnectionEvent(event) {
+  if (!("type" in event)) {
+    return false;
+  }
+  switch (event.type) {
+    case "state_changed":
+    case "tools_discovered":
+    case "auth_required":
+    case "error":
+    case "disconnected":
+    case "progress":
+      return true;
+    default:
+      return false;
+  }
+}
+
 // src/server/handlers/sse-handler.ts
 var DEFAULT_HEARTBEAT_INTERVAL = 3e4;
 var SSEConnectionManager = class {
@@ -2110,16 +2201,6 @@ var SSEConnectionManager = class {
       throw new Error(`Connection already exists for server: ${duplicate.serverUrl || duplicate.serverId} (${duplicate.serverName})`);
     }
     const sessionId = await storage.generateSessionId();
-    this.emitConnectionEvent({
-      type: "state_changed",
-      sessionId,
-      serverId,
-      serverName,
-      serverUrl,
-      state: "CONNECTING",
-      previousState: "DISCONNECTED",
-      timestamp: Date.now()
-    });
     try {
       const clientMetadata = await this.getResolvedClientMetadata();
       const client = new MCPClient({
@@ -2130,17 +2211,8 @@ var SSEConnectionManager = class {
         serverUrl,
         callbackUrl,
         transportType,
-        ...clientMetadata,
+        ...clientMetadata
         // Spread client metadata (clientName, clientUri, logoUri, policyUri)
-        onRedirect: (authUrl) => {
-          this.emitConnectionEvent({
-            type: "auth_required",
-            sessionId,
-            serverId,
-            authUrl,
-            timestamp: Date.now()
-          });
-        }
       });
       this.clients.set(sessionId, client);
       client.onConnectionEvent((event) => {
@@ -2150,20 +2222,19 @@ var SSEConnectionManager = class {
         this.sendEvent(event);
       });
       await client.connect();
-      const tools = await client.listTools();
-      this.emitConnectionEvent({
-        type: "tools_discovered",
-        sessionId,
-        serverId,
-        toolCount: tools.tools.length,
-        tools: tools.tools,
-        timestamp: Date.now()
-      });
+      await client.listTools();
       return {
         sessionId,
         success: true
       };
     } catch (error) {
+      if (error instanceof UnauthorizedError) {
+        this.clients.delete(sessionId);
+        return {
+          sessionId,
+          success: true
+        };
+      }
       this.emitConnectionEvent({
         type: "error",
         sessionId,
@@ -2265,14 +2336,6 @@ var SSEConnectionManager = class {
       await client.connect();
       this.clients.set(sessionId, client);
       const tools = await client.listTools();
-      this.emitConnectionEvent({
-        type: "tools_discovered",
-        sessionId,
-        serverId: session.serverId ?? "unknown",
-        toolCount: tools.tools.length,
-        tools: tools.tools,
-        timestamp: Date.now()
-      });
       return { success: true, toolCount: tools.tools.length };
     } catch (error) {
       this.emitConnectionEvent({
@@ -2295,16 +2358,6 @@ var SSEConnectionManager = class {
     if (!session) {
       throw new Error("Session not found");
     }
-    this.emitConnectionEvent({
-      type: "state_changed",
-      sessionId,
-      serverId: session.serverId ?? "unknown",
-      serverName: session.serverName ?? "Unknown",
-      serverUrl: session.serverUrl,
-      state: "AUTHENTICATING",
-      previousState: "DISCONNECTED",
-      timestamp: Date.now()
-    });
     try {
       const client = new MCPClient({
         identity: this.identity,
@@ -2314,14 +2367,6 @@ var SSEConnectionManager = class {
       await client.finishAuth(code);
       this.clients.set(sessionId, client);
       const tools = await client.listTools();
-      this.emitConnectionEvent({
-        type: "tools_discovered",
-        sessionId,
-        serverId: session.serverId ?? "unknown",
-        toolCount: tools.tools.length,
-        tools: tools.tools,
-        timestamp: Date.now()
-      });
       return { success: true, toolCount: tools.tools.length };
     } catch (error) {
       this.emitConnectionEvent({
@@ -2399,9 +2444,9 @@ function createSSEHandler(options) {
     });
     writeSSEEvent(res, "connected", { timestamp: Date.now() });
     const manager = new SSEConnectionManager(options, (event) => {
-      if ("id" in event) {
+      if (isRpcResponseEvent(event)) {
         writeSSEEvent(res, "rpc-response", event);
-      } else if ("type" in event && "sessionId" in event) {
+      } else if (isConnectionEvent(event)) {
         writeSSEEvent(res, "connection", event);
       } else {
         writeSSEEvent(res, "observability", event);
@@ -2432,9 +2477,6 @@ function writeSSEEvent(res, event, data) {
 }
 
 // src/server/handlers/nextjs-handler.ts
-function isRpcResponseEvent(event) {
-  return "id" in event && ("result" in event || "error" in event);
-}
 function createNextMcpHandler(options = {}) {
   const {
     getIdentity = (request) => new URL(request.url).searchParams.get("identity"),
@@ -2525,7 +2567,7 @@ data: ${JSON.stringify(data)}
         (event) => {
           if (isRpcResponseEvent(event)) {
             sendSSE("rpc-response", event);
-          } else if ("type" in event && "sessionId" in event) {
+          } else if (isConnectionEvent(event)) {
             sendSSE("connection", event);
           } else {
             sendSSE("observability", event);