@mcp-ts/sdk 1.3.9 → 1.4.0

package/dist/index.mjs

@@ -7,6 +7,7 @@ import { ListToolsResultSchema, CallToolResultSchema, ListPromptsResultSchema, G
 import * as fs2 from 'fs';
 import { promises } from 'fs';
 import * as path from 'path';
+import { createDecipheriv, randomBytes, createCipheriv } from 'crypto';
 import { AppBridge, PostMessageTransport } from '@modelcontextprotocol/ext-apps/app-bridge';
 
 var __defProp = Object.defineProperty;
@@ -710,6 +711,72 @@ var SqliteStorage = class {
     }
   }
 };
+var ALGORITHM = "aes-256-gcm";
+var IV_LENGTH = 12;
+var ENCRYPTION_PREFIX = "enc:1:";
+var warningLogged = false;
+function getKey() {
+  const keyString = process.env.STORAGE_ENCRYPTION_KEY;
+  if (!keyString) return null;
+  if (keyString.length === 64) {
+    return Buffer.from(keyString, "hex");
+  } else {
+    const keyBuffer = Buffer.alloc(32);
+    keyBuffer.write(keyString, 0, 32, "utf-8");
+    return keyBuffer;
+  }
+}
+function encryptObject(data) {
+  if (data === void 0 || data === null) return data;
+  const key = getKey();
+  if (!key) {
+    if (!warningLogged) {
+      console.warn("[mcp-ts][Storage] WARNING: STORAGE_ENCRYPTION_KEY is not set. Saving sensitive data in plain-text.");
+      warningLogged = true;
+    }
+    return data;
+  }
+  try {
+    const text = JSON.stringify(data);
+    const iv = randomBytes(IV_LENGTH);
+    const cipher = createCipheriv(ALGORITHM, key, iv);
+    let encrypted = cipher.update(text, "utf-8", "hex");
+    encrypted += cipher.final("hex");
+    const authTag = cipher.getAuthTag().toString("hex");
+    return `${ENCRYPTION_PREFIX}${iv.toString("hex")}:${authTag}:${encrypted}`;
+  } catch (e) {
+    console.error("[mcp-ts][Storage] Encryption failed, falling back to plain-text.", e);
+    return data;
+  }
+}
+function decryptObject(data) {
+  if (data === void 0 || data === null) return data;
+  if (typeof data !== "string" || !data.startsWith(ENCRYPTION_PREFIX)) {
+    return data;
+  }
+  const key = getKey();
+  if (!key) {
+    console.warn("[mcp-ts][Storage] WARNING: Found encrypted data but STORAGE_ENCRYPTION_KEY is missing. Returning raw encrypted string.");
+    return data;
+  }
+  try {
+    const parts = data.split(":");
+    if (parts.length !== 5) {
+      return data;
+    }
+    const iv = Buffer.from(parts[2], "hex");
+    const authTag = Buffer.from(parts[3], "hex");
+    const encryptedText = parts[4];
+    const decipher = createDecipheriv(ALGORITHM, key, iv);
+    decipher.setAuthTag(authTag);
+    let decrypted = decipher.update(encryptedText, "hex", "utf-8");
+    decrypted += decipher.final("utf-8");
+    return JSON.parse(decrypted);
+  } catch (e) {
+    console.error("[mcp-ts][Storage] Decryption failed.", e);
+    return data;
+  }
+}
 
 // src/server/storage/supabase-backend.ts
 var SupabaseStorageBackend = class {
@@ -742,10 +809,10 @@ var SupabaseStorageBackend = class {
       callbackUrl: row.callback_url,
       createdAt: new Date(row.created_at).getTime(),
       identity: row.identity,
-      headers: row.headers,
+      headers: decryptObject(row.headers),
       active: row.active,
       clientInformation: row.client_information,
-      tokens: row.tokens,
+      tokens: decryptObject(row.tokens),
       codeVerifier: row.code_verifier,
       clientId: row.client_id
     };
@@ -766,10 +833,10 @@ var SupabaseStorageBackend = class {
       callback_url: session.callbackUrl,
       created_at: new Date(session.createdAt || Date.now()).toISOString(),
       identity,
-      headers: session.headers,
+      headers: encryptObject(session.headers),
       active: session.active ?? false,
       client_information: session.clientInformation,
-      tokens: session.tokens,
+      tokens: encryptObject(session.tokens),
       code_verifier: session.codeVerifier,
       client_id: session.clientId,
       expires_at: expiresAt
@@ -794,9 +861,9 @@ var SupabaseStorageBackend = class {
     if ("transportType" in data) updateData.transport_type = data.transportType;
     if ("callbackUrl" in data) updateData.callback_url = data.callbackUrl;
     if ("active" in data) updateData.active = data.active;
-    if ("headers" in data) updateData.headers = data.headers;
+    if ("headers" in data) updateData.headers = encryptObject(data.headers);
     if ("clientInformation" in data) updateData.client_information = data.clientInformation;
-    if ("tokens" in data) updateData.tokens = data.tokens;
+    if ("tokens" in data) updateData.tokens = encryptObject(data.tokens);
     if ("codeVerifier" in data) updateData.code_verifier = data.codeVerifier;
     if ("clientId" in data) updateData.client_id = data.clientId;
     const { data: updatedRows, error } = await this.supabase.from("mcp_sessions").update(updateData).eq("identity", identity).eq("session_id", sessionId).select("id");
@@ -1658,13 +1725,24 @@ var MCPClient = class _MCPClient {
       }
     } catch (error) {
       if (error instanceof UnauthorizedError$1 || error instanceof Error && error.message.toLowerCase().includes("unauthorized")) {
-        this.emitStateChange("AUTHENTICATING");
-        console.log(`[MCPClient] Saving session ${this.sessionId} with 10min TTL (OAuth pending)`);
-        await this.saveSession(Math.floor(STATE_EXPIRATION_MS / 1e3), false);
         let authUrl = "";
         if (this.oauthProvider) {
-          authUrl = this.oauthProvider.authUrl || "";
+          authUrl = (this.oauthProvider.authUrl || "").trim();
+        }
+        if (!authUrl) {
+          const detail = error instanceof Error && error.message.trim().length > 0 ? error.message.trim() : "Unauthorized";
+          const message = detail.toLowerCase() === "unauthorized" ? "OAuth authorization URL not available" : `OAuth authorization URL not available: ${detail}`;
+          this.emitError(message, "auth");
+          this.emitStateChange("FAILED");
+          try {
+            await storage.removeSession(this.identity, this.sessionId);
+          } catch {
+          }
+          throw new Error(message);
         }
+        this.emitStateChange("AUTHENTICATING");
+        console.log(`[MCPClient] Saving session ${this.sessionId} with 10min TTL (OAuth pending)`);
+        await this.saveSession(Math.floor(STATE_EXPIRATION_MS / 1e3), false);
         if (this.serverId) {
           this._onConnectionEvent.fire({
             type: "auth_required",
@@ -3202,22 +3280,88 @@ var SSEClient = class {
     }
   }
 };
-var HOST_INFO = { name: "mcp-ts-host", version: "1.0.0" };
-var SANDBOX_PERMISSIONS = [
-  "allow-scripts",
-  // Required for app JavaScript execution
-  "allow-forms",
-  // Required for form submissions
-  "allow-same-origin",
-  // Required for Blob URL correctness
-  "allow-modals",
-  // Required for dialogs/alerts
-  "allow-popups",
-  // Required for opening links
-  "allow-downloads"
-  // Required for file downloads
-].join(" ");
-var MCP_URI_SCHEMES = ["ui://", "mcp-app://"];
+
+// src/client/core/constants.ts
+var SANDBOX_PROXY_READY_METHOD = "ui/notifications/sandbox-proxy-ready";
+var SANDBOX_RESOURCE_READY_METHOD = "ui/notifications/sandbox-resource-ready";
+var APP_HOST_DEFAULTS = {
+  /** Default timeout for waiting for the sandbox proxy to be ready (ms). */
+  SANDBOX_TIMEOUT_MS: 1e4,
+  /** Default host info reported to guest apps. */
+  HOST_INFO: { name: "mcp-ts-host", version: "1.0.0" },
+  /** Supported MCP App URI schemes. */
+  URI_SCHEMES: ["ui://", "mcp-app://"],
+  /** Default theme for the host context. */
+  THEME: "dark",
+  /** Default platform for the host context. */
+  PLATFORM: "web",
+  /** Default max height for the iframe container (px). */
+  MAX_HEIGHT: 6e3
+};
+
+// src/client/utils/app-host-utils.ts
+var DEFAULT_SANDBOX_TIMEOUT_MS = APP_HOST_DEFAULTS.SANDBOX_TIMEOUT_MS;
+async function setupSandboxProxyIframe(iframe, sandboxProxyUrl) {
+  iframe.style.width = "100%";
+  iframe.style.height = "100%";
+  iframe.style.border = "none";
+  iframe.style.backgroundColor = "transparent";
+  iframe.setAttribute("sandbox", "allow-scripts allow-same-origin allow-forms allow-modals allow-popups allow-downloads");
+  const onReady = new Promise((resolve, reject) => {
+    let settled = false;
+    const cleanup = () => {
+      window.removeEventListener("message", messageListener);
+      iframe.removeEventListener("error", errorListener);
+    };
+    const timeoutId = setTimeout(() => {
+      if (!settled) {
+        settled = true;
+        cleanup();
+        reject(new Error("Timed out waiting for sandbox proxy iframe to be ready"));
+      }
+    }, DEFAULT_SANDBOX_TIMEOUT_MS);
+    const messageListener = (event) => {
+      if (event.source === iframe.contentWindow) {
+        if (event.data?.method === SANDBOX_PROXY_READY_METHOD) {
+          if (!settled) {
+            settled = true;
+            clearTimeout(timeoutId);
+            cleanup();
+            resolve();
+          }
+        }
+      }
+    };
+    const errorListener = () => {
+      if (!settled) {
+        settled = true;
+        clearTimeout(timeoutId);
+        cleanup();
+        reject(new Error("Failed to load sandbox proxy iframe"));
+      }
+    };
+    window.addEventListener("message", messageListener);
+    iframe.addEventListener("error", errorListener);
+  });
+  iframe.src = sandboxProxyUrl.href;
+  return { onReady };
+}
+
+// src/client/core/app-host.ts
+var DEFAULT_MCP_APP_CSP = {
+  "default-src": "'self'",
+  "script-src": "'self' 'unsafe-inline' 'unsafe-eval' https: blob:",
+  "style-src": "'self' 'unsafe-inline' https:",
+  "connect-src": "'self' https: wss:",
+  "img-src": "'self' data: https: blob:",
+  "font-src": "'self' data: https:",
+  "media-src": "'self' https: blob:",
+  "frame-src": "'none'",
+  "object-src": "'none'",
+  "base-uri": "'self'"
+};
+var HOST_INFO = APP_HOST_DEFAULTS.HOST_INFO;
+var MCP_URI_SCHEMES = APP_HOST_DEFAULTS.URI_SCHEMES;
 var AppHost = class {
   constructor(client, iframe, options) {
     this.client = client;
@@ -3226,10 +3370,12 @@ var AppHost = class {
     __publicField(this, "sessionId");
     __publicField(this, "resourceCache", /* @__PURE__ */ new Map());
     __publicField(this, "debug");
-    /** Callback for app messages (e.g., chat messages from the app) */
+    __publicField(this, "sandboxConfig");
+    __publicField(this, "options");
     __publicField(this, "onAppMessage");
-    this.debug = options?.debug ?? false;
-    this.configureSandbox();
+    this.options = options || {};
+    this.debug = this.options.debug ?? false;
+    this.sandboxConfig = this.options.sandbox;
     this.bridge = this.initializeBridge();
   }
   // ============================================
@@ -3256,19 +3402,35 @@ var AppHost = class {
     }
   }
   /**
-   * Launch an MCP App from a URL or MCP resource URI.
+   * Launch an MCP App from a URL, MCP resource URI, or RAW HTML.
    * Loads the HTML first, then establishes bridge connection.
    */
-  async launch(url, sessionId) {
+  async launch(source, sessionId) {
     if (sessionId) this.sessionId = sessionId;
     const initializedPromise = this.onAppReady();
-    if (this.isMcpUri(url)) {
-      await this.launchMcpApp(url);
-    } else {
-      this.iframe.src = url;
+    let htmlToRender = source.html;
+    if (!htmlToRender && source.uri) {
+      if (this.isMcpUri(source.uri)) {
+        htmlToRender = await this.readMcpAppHtml(source.uri);
+      }
+    }
+    if (!htmlToRender && source.uri && !this.isMcpUri(source.uri)) {
+      this.iframe.setAttribute("sandbox", "allow-scripts allow-same-origin allow-forms allow-modals allow-popups allow-downloads");
+      this.iframe.src = source.uri;
+      await this.onIframeReady();
+      await this.connectBridge();
+    } else if (htmlToRender) {
+      if (!this.sandboxConfig) {
+        throw new Error("Sandbox configuration requires a proxy URL to render HTML safely.");
+      }
+      await this.launchSandboxedHtml(htmlToRender, this.sandboxConfig);
+      await this.connectBridge();
+      this.log("Sending HTML resource to sandbox proxy (MCP Apps notification)");
+      await this.bridge.sendSandboxResourceReady({
+        html: htmlToRender,
+        csp: this.sandboxConfig.csp
+      });
     }
-    await this.onIframeReady();
-    await this.connectBridge();
     this.log("Waiting for app initialization");
     await Promise.race([
       initializedPromise,
@@ -3279,6 +3441,19 @@ var AppHost = class {
     ]);
     this.log("App launched and ready");
   }
+  // Set host context manually
+  setHostContext(context) {
+    this.options.hostContext = context;
+    if (this.bridge) {
+      this.bridge.setHostContext(context);
+    }
+  }
+  // Send streaming inputs manually
+  sendToolInputPartial(params) {
+    if (this.bridge) {
+      this.bridge.sendToolInputPartial(params);
+    }
+  }
   /**
    * Wait for app to signal initialization complete
    */
@@ -3329,14 +3504,17 @@ var AppHost = class {
     this.log("Sending tool cancellation to app");
     this.bridge.sendToolCancelled({ reason });
   }
+  /**
+   * Tell the guest UI the resource is being torn down (unload / cleanup).
+   * Forwards to {@link AppBridge.teardownResource} on `@modelcontextprotocol/ext-apps/app-bridge`.
+   */
+  teardownResource(params = {}) {
+    this.log("Sending resource teardown to app");
+    this.bridge.teardownResource(params);
+  }
   // ============================================
   // Private: Initialization
   // ============================================
-  configureSandbox() {
-    if (this.iframe.sandbox.value !== SANDBOX_PERMISSIONS) {
-      this.iframe.sandbox.value = SANDBOX_PERMISSIONS;
-    }
-  }
   initializeBridge() {
     const bridge = new AppBridge(
       null,
@@ -3345,12 +3523,10 @@ var AppHost = class {
         openLinks: {},
         serverTools: {},
         logging: {},
-        // Declare support for model context updates
         updateModelContext: { text: {} }
       },
       {
-        // Initial host context
-        hostContext: {
+        hostContext: this.options.hostContext || {
           theme: "dark",
           platform: "web",
           containerDimensions: { maxHeight: 6e3 },
@@ -3359,19 +3535,56 @@ var AppHost = class {
         }
       }
     );
+    bridge.fallbackRequestHandler = this.options.onFallbackRequest;
     bridge.oncalltool = (params) => this.handleToolCall(params);
-    bridge.onopenlink = this.handleOpenLink.bind(this);
-    bridge.onmessage = this.handleMessage.bind(this);
-    bridge.onloggingmessage = (params) => this.log(`App log [${params.level}]: ${params.data}`);
+    if (this.options.onReadResource) {
+      bridge.onreadresource = async (params) => {
+        const resp = await this.options.onReadResource(params.uri);
+        return {
+          contents: resp.contents.map((c) => ({
+            uri: params.uri,
+            text: c.text,
+            blob: c.blob
+          }))
+        };
+      };
+    }
+    bridge.onopenlink = async (params, extra) => {
+      if (this.options.onOpenLink) {
+        return await this.options.onOpenLink(params, extra);
+      }
+      return this.handleOpenLink(params);
+    };
+    bridge.onmessage = async (params, extra) => {
+      if (this.options.onMessage) {
+        return await this.options.onMessage(params, extra);
+      }
+      return this.handleMessage(params);
+    };
+    bridge.onloggingmessage = (params) => {
+      this.log(`App log [${params.level}]: ${params.data}`);
+      if (this.options.onLoggingMessage) {
+        this.options.onLoggingMessage(params);
+      }
+    };
     bridge.onupdatemodelcontext = async () => ({});
-    bridge.onsizechange = async ({ width, height }) => {
-      if (height !== void 0) this.iframe.style.height = `${height}px`;
-      if (width !== void 0) this.iframe.style.minWidth = `min(${width}px, 100%)`;
+    bridge.onsizechange = async (params) => {
+      const { width, height } = params;
+      if (height !== void 0 && height > 0) {
+        this.iframe.style.height = `${height}px`;
+      }
+      if (width !== void 0 && width > 0) this.iframe.style.minWidth = `min(${width}px, 100%)`;
+      if (this.options.onSizeChanged) {
+        this.options.onSizeChanged(params);
+      }
       return {};
     };
-    bridge.onrequestdisplaymode = async (params) => ({
-      mode: params.mode === "fullscreen" ? "fullscreen" : "inline"
-    });
+    bridge.onrequestdisplaymode = async (params, extra) => {
+      if (this.options.onRequestDisplayMode) {
+        return await this.options.onRequestDisplayMode(params, extra);
+      }
+      return { mode: params.mode === "fullscreen" ? "fullscreen" : "inline" };
+    };
     return bridge;
   }
   async connectBridge() {
@@ -3385,6 +3598,9 @@ var AppHost = class {
       this.log("Bridge connected successfully");
     } catch (error) {
       this.log("Bridge connection failed", "error");
+      if (this.options.onError) {
+        this.options.onError(error instanceof Error ? error : new Error(String(error)));
+      }
       throw error;
     }
   }
@@ -3392,8 +3608,11 @@ var AppHost = class {
   // Private: Bridge Event Handlers
   // ============================================
   async handleToolCall(params) {
-    if (!this.client.isConnected()) {
-      throw new Error("Client disconnected");
+    if (this.options.onCallTool) {
+      return await this.options.onCallTool(params);
+    }
+    if (!this.client || !this.client.isConnected()) {
+      throw new Error("Client disconnected or not provided");
     }
     const sessionId = await this.getSessionId();
     if (!sessionId) {
@@ -3417,13 +3636,19 @@ var AppHost = class {
   // ============================================
   // Private: Resource Loading
   // ============================================
-  async launchMcpApp(uri) {
-    if (!this.client.isConnected()) {
-      throw new Error("Client must be connected");
+  async launchSandboxedHtml(html, config) {
+    const sandboxUrlString = config.url instanceof URL ? config.url.href : config.url;
+    const url = new URL(sandboxUrlString, globalThis.location?.href);
+    if (config.csp && Object.keys(config.csp).length > 0) {
+      url.searchParams.set("csp", JSON.stringify(config.csp));
     }
+    const { onReady } = await setupSandboxProxyIframe(this.iframe, url);
+    await onReady;
+  }
+  async readMcpAppHtml(uri) {
     const sessionId = await this.getSessionId();
-    if (!sessionId) {
-      throw new Error("No active session");
+    if (!sessionId && !this.options.onReadResource) {
+      throw new Error("No active session.");
     }
     const response = await this.fetchResourceWithCache(sessionId, uri);
     if (!response?.contents?.length) {
@@ -3434,10 +3659,18 @@ var AppHost = class {
     if (!html) {
       throw new Error(`Invalid content in resource: ${uri}`);
     }
-    const blob = new Blob([html], { type: "text/html" });
-    this.iframe.src = URL.createObjectURL(blob);
+    return html;
   }
   async fetchResourceWithCache(sessionId, uri) {
+    if (this.options.onReadResource) {
+      return await this.options.onReadResource(uri);
+    }
+    if (!sessionId) {
+      throw new Error("No active session");
+    }
+    if (!this.client) {
+      throw new Error("No client to read resource from");
+    }
     if (this.hasClientCache()) {
       return this.client.getOrFetchResource(sessionId, uri);
     }
@@ -3450,8 +3683,11 @@ var AppHost = class {
   }
   async preloadResource(uri) {
     try {
+      if (this.options.onReadResource) {
+        return await this.options.onReadResource(uri);
+      }
       const sessionId = await this.getSessionId();
-      if (!sessionId) return null;
+      if (!sessionId || !this.client) return null;
       return await this.client.readResource(sessionId, uri);
     } catch (error) {
       this.log(`Preload failed for ${uri}`, "warn");
@@ -3463,6 +3699,7 @@ var AppHost = class {
   // ============================================
   async getSessionId() {
     if (this.sessionId) return this.sessionId;
+    if (!this.client) return void 0;
     const result = await this.client.getSessions();
     return result.sessions?.[0]?.sessionId;
   }
@@ -3470,6 +3707,7 @@ var AppHost = class {
     return MCP_URI_SCHEMES.some((scheme) => url.startsWith(scheme));
   }
   hasClientCache() {
+    if (!this.client) return false;
     return "getOrFetchResource" in this.client && typeof this.client.getOrFetchResource === "function";
   }
   extractUiResourceUri(tool) {
@@ -3533,6 +3771,6 @@ function findToolByName(connections, toolName) {
   return void 0;
 }
 
-export { AppHost, AuthenticationError, ConfigurationError, ConnectionError, DEFAULT_CLIENT_NAME, DEFAULT_CLIENT_URI, DEFAULT_HEARTBEAT_INTERVAL_MS, DEFAULT_LOGO_URI, DEFAULT_POLICY_URI, DisposableStore, Emitter, InvalidStateError, MCPClient, MCP_CLIENT_NAME, MCP_CLIENT_VERSION, McpError, MultiSessionClient, NotConnectedError, REDIS_KEY_PREFIX, RpcErrorCodes, SESSION_TTL_SECONDS, SOFTWARE_ID, SOFTWARE_VERSION, SSEClient, SSEConnectionManager, STATE_EXPIRATION_MS, SessionNotFoundError, SessionValidationError, StorageOAuthClientProvider, TOKEN_EXPIRY_BUFFER_MS, ToolExecutionError, UnauthorizedError, createNextMcpHandler, createSSEHandler, findToolByName, getToolUiResourceUri, isCallToolSuccess, isConnectAuthRequired, isConnectError, isConnectSuccess, isListToolsSuccess, sanitizeServerLabel, storage };
+export { APP_HOST_DEFAULTS, AppHost, AuthenticationError, ConfigurationError, ConnectionError, DEFAULT_CLIENT_NAME, DEFAULT_CLIENT_URI, DEFAULT_HEARTBEAT_INTERVAL_MS, DEFAULT_LOGO_URI, DEFAULT_MCP_APP_CSP, DEFAULT_POLICY_URI, DisposableStore, Emitter, InvalidStateError, MCPClient, MCP_CLIENT_NAME, MCP_CLIENT_VERSION, McpError, MultiSessionClient, NotConnectedError, REDIS_KEY_PREFIX, RpcErrorCodes, SANDBOX_PROXY_READY_METHOD, SANDBOX_RESOURCE_READY_METHOD, SESSION_TTL_SECONDS, SOFTWARE_ID, SOFTWARE_VERSION, SSEClient, SSEConnectionManager, STATE_EXPIRATION_MS, SessionNotFoundError, SessionValidationError, StorageOAuthClientProvider, TOKEN_EXPIRY_BUFFER_MS, ToolExecutionError, UnauthorizedError, createNextMcpHandler, createSSEHandler, findToolByName, getToolUiResourceUri, isCallToolSuccess, isConnectAuthRequired, isConnectError, isConnectSuccess, isListToolsSuccess, sanitizeServerLabel, storage };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map