@mcp-ts/sdk 2.3.2 → 2.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/agui-adapter.d.mts +1 -1
- package/dist/adapters/agui-adapter.d.ts +1 -1
- package/dist/adapters/agui-middleware.d.mts +1 -1
- package/dist/adapters/agui-middleware.d.ts +1 -1
- package/dist/adapters/ai-adapter.d.mts +1 -1
- package/dist/adapters/ai-adapter.d.ts +1 -1
- package/dist/adapters/langchain-adapter.d.mts +1 -1
- package/dist/adapters/langchain-adapter.d.ts +1 -1
- package/dist/adapters/mastra-adapter.d.mts +1 -1
- package/dist/adapters/mastra-adapter.d.ts +1 -1
- package/dist/index.d.mts +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +11 -86
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +12 -87
- package/dist/index.mjs.map +1 -1
- package/dist/{multi-session-client-DYNe6az3.d.mts → multi-session-client-C7hGqzgM.d.mts} +7 -15
- package/dist/{multi-session-client-BYtguGJm.d.ts → multi-session-client-C_kPHpD5.d.ts} +7 -15
- package/dist/server/index.d.mts +1 -1
- package/dist/server/index.d.ts +1 -1
- package/dist/server/index.js +11 -86
- package/dist/server/index.js.map +1 -1
- package/dist/server/index.mjs +12 -87
- package/dist/server/index.mjs.map +1 -1
- package/package.json +1 -1
- package/src/server/mcp/oauth-client.ts +7 -104
- package/src/server/storage/neon-backend.ts +1 -1
- package/src/server/storage/supabase-backend.ts +1 -1
|
@@ -265,18 +265,6 @@ declare class MCPClient {
|
|
|
265
265
|
* @throws {Error} When client is not connected
|
|
266
266
|
*/
|
|
267
267
|
readResource(uri: string): Promise<ReadResourceResult>;
|
|
268
|
-
/**
|
|
269
|
-
* Refreshes the OAuth access token using the refresh token
|
|
270
|
-
* Discovers OAuth metadata from server and exchanges refresh token for new access token
|
|
271
|
-
* @returns True if refresh was successful, false otherwise
|
|
272
|
-
*/
|
|
273
|
-
refreshToken(): Promise<boolean>;
|
|
274
|
-
/**
|
|
275
|
-
* Ensures OAuth tokens are valid, refreshing them if expired
|
|
276
|
-
* Called automatically by connect() - rarely needs to be called manually
|
|
277
|
-
* @returns True if valid tokens are available, false otherwise
|
|
278
|
-
*/
|
|
279
|
-
getValidTokens(): Promise<boolean>;
|
|
280
268
|
/**
|
|
281
269
|
* Reconnects to MCP server using existing OAuth provider from Redis
|
|
282
270
|
* Used for session restoration in serverless environments
|
|
@@ -336,10 +324,14 @@ declare class MCPClient {
|
|
|
336
324
|
getSessionId(): string;
|
|
337
325
|
/**
|
|
338
326
|
* Gets MCP server configuration for all active user sessions
|
|
339
|
-
* Loads sessions from
|
|
340
|
-
*
|
|
327
|
+
* Loads sessions from storage and returns server connection metadata.
|
|
328
|
+
* OAuth refresh is handled by SDK transports through their authProvider.
|
|
329
|
+
* @deprecated This returns legacy connection metadata only and does not
|
|
330
|
+
* include OAuth tokens or generated Authorization headers. Prefer
|
|
331
|
+
* MultiSessionClient or explicit MCPClient instances so SDK transports can
|
|
332
|
+
* own OAuth refresh and reauthorization.
|
|
341
333
|
* @param userId - User ID to fetch sessions for
|
|
342
|
-
* @returns Object keyed by sanitized server labels containing transport
|
|
334
|
+
* @returns Object keyed by sanitized server labels containing transport and url.
|
|
343
335
|
* @static
|
|
344
336
|
*/
|
|
345
337
|
static getMcpServerConfig(userId: string): Promise<Record<string, any>>;
|
|
@@ -265,18 +265,6 @@ declare class MCPClient {
|
|
|
265
265
|
* @throws {Error} When client is not connected
|
|
266
266
|
*/
|
|
267
267
|
readResource(uri: string): Promise<ReadResourceResult>;
|
|
268
|
-
/**
|
|
269
|
-
* Refreshes the OAuth access token using the refresh token
|
|
270
|
-
* Discovers OAuth metadata from server and exchanges refresh token for new access token
|
|
271
|
-
* @returns True if refresh was successful, false otherwise
|
|
272
|
-
*/
|
|
273
|
-
refreshToken(): Promise<boolean>;
|
|
274
|
-
/**
|
|
275
|
-
* Ensures OAuth tokens are valid, refreshing them if expired
|
|
276
|
-
* Called automatically by connect() - rarely needs to be called manually
|
|
277
|
-
* @returns True if valid tokens are available, false otherwise
|
|
278
|
-
*/
|
|
279
|
-
getValidTokens(): Promise<boolean>;
|
|
280
268
|
/**
|
|
281
269
|
* Reconnects to MCP server using existing OAuth provider from Redis
|
|
282
270
|
* Used for session restoration in serverless environments
|
|
@@ -336,10 +324,14 @@ declare class MCPClient {
|
|
|
336
324
|
getSessionId(): string;
|
|
337
325
|
/**
|
|
338
326
|
* Gets MCP server configuration for all active user sessions
|
|
339
|
-
* Loads sessions from
|
|
340
|
-
*
|
|
327
|
+
* Loads sessions from storage and returns server connection metadata.
|
|
328
|
+
* OAuth refresh is handled by SDK transports through their authProvider.
|
|
329
|
+
* @deprecated This returns legacy connection metadata only and does not
|
|
330
|
+
* include OAuth tokens or generated Authorization headers. Prefer
|
|
331
|
+
* MultiSessionClient or explicit MCPClient instances so SDK transports can
|
|
332
|
+
* own OAuth refresh and reauthorization.
|
|
341
333
|
* @param userId - User ID to fetch sessions for
|
|
342
|
-
* @returns Object keyed by sanitized server labels containing transport
|
|
334
|
+
* @returns Object keyed by sanitized server labels containing transport and url.
|
|
343
335
|
* @static
|
|
344
336
|
*/
|
|
345
337
|
static getMcpServerConfig(userId: string): Promise<Record<string, any>>;
|
package/dist/server/index.d.mts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { M as MCPClient, a as MultiSessionClient, S as StorageOAuthClientProvider } from '../multi-session-client-
|
|
1
|
+
export { M as MCPClient, a as MultiSessionClient, S as StorageOAuthClientProvider } from '../multi-session-client-C7hGqzgM.mjs';
|
|
2
2
|
export { U as UnauthorizedError, s as sanitizeServerLabel } from '../utils-DELRKQPU.mjs';
|
|
3
3
|
import { OAuthClientInformationMixed, OAuthTokens } from '@modelcontextprotocol/sdk/shared/auth.js';
|
|
4
4
|
export { OAuthClientInformation, OAuthClientInformationFull, OAuthClientMetadata, OAuthTokens } from '@modelcontextprotocol/sdk/shared/auth.js';
|
package/dist/server/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { M as MCPClient, a as MultiSessionClient, S as StorageOAuthClientProvider } from '../multi-session-client-
|
|
1
|
+
export { M as MCPClient, a as MultiSessionClient, S as StorageOAuthClientProvider } from '../multi-session-client-C_kPHpD5.js';
|
|
2
2
|
export { U as UnauthorizedError, s as sanitizeServerLabel } from '../utils-DELRKQPU.js';
|
|
3
3
|
import { OAuthClientInformationMixed, OAuthTokens } from '@modelcontextprotocol/sdk/shared/auth.js';
|
|
4
4
|
export { OAuthClientInformation, OAuthClientInformationFull, OAuthClientMetadata, OAuthTokens } from '@modelcontextprotocol/sdk/shared/auth.js';
|
package/dist/server/index.js
CHANGED
|
@@ -920,7 +920,7 @@ var SupabaseStorageBackend = class {
|
|
|
920
920
|
if ("active" in data) updateData.active = data.active;
|
|
921
921
|
if ("headers" in data) updateData.headers = encryptObject(data.headers);
|
|
922
922
|
if ("clientInformation" in data) updateData.client_information = data.clientInformation;
|
|
923
|
-
if ("tokens" in data) updateData.tokens = encryptObject(data.tokens);
|
|
923
|
+
if ("tokens" in data) updateData.tokens = data.tokens === void 0 ? null : encryptObject(data.tokens);
|
|
924
924
|
if ("codeVerifier" in data) updateData.code_verifier = data.codeVerifier;
|
|
925
925
|
if ("clientId" in data) updateData.client_id = data.clientId;
|
|
926
926
|
const { data: updatedRows, error } = await this.supabase.from("mcp_sessions").update(updateData).eq("user_id", userId).eq("session_id", sessionId).select("id");
|
|
@@ -1123,7 +1123,7 @@ var NeonStorageBackend = class {
|
|
|
1123
1123
|
updatedSession.active ?? false,
|
|
1124
1124
|
encryptObject(updatedSession.headers),
|
|
1125
1125
|
updatedSession.clientInformation,
|
|
1126
|
-
encryptObject(updatedSession.tokens),
|
|
1126
|
+
updatedSession.tokens === void 0 ? null : encryptObject(updatedSession.tokens),
|
|
1127
1127
|
updatedSession.codeVerifier,
|
|
1128
1128
|
updatedSession.clientId,
|
|
1129
1129
|
expiresAt,
|
|
@@ -1709,7 +1709,7 @@ var RpcErrorCodes = {
|
|
|
1709
1709
|
EXECUTION_ERROR: "EXECUTION_ERROR"};
|
|
1710
1710
|
|
|
1711
1711
|
// src/server/mcp/oauth-client.ts
|
|
1712
|
-
var MCPClient = class
|
|
1712
|
+
var MCPClient = class {
|
|
1713
1713
|
/**
|
|
1714
1714
|
* Creates a new MCP client instance
|
|
1715
1715
|
* Can be initialized with minimal options (userId + sessionId) for session restoration
|
|
@@ -2043,8 +2043,6 @@ var MCPClient = class _MCPClient {
|
|
|
2043
2043
|
throw new Error(error);
|
|
2044
2044
|
}
|
|
2045
2045
|
try {
|
|
2046
|
-
this.emitProgress("Validating OAuth tokens...");
|
|
2047
|
-
await this.getValidTokens();
|
|
2048
2046
|
this.emitStateChange("CONNECTING");
|
|
2049
2047
|
const { transportType } = await this.tryConnect();
|
|
2050
2048
|
this.transportType = transportType;
|
|
@@ -2369,59 +2367,6 @@ var MCPClient = class _MCPClient {
|
|
|
2369
2367
|
};
|
|
2370
2368
|
return await this.client.request(request, types_js.ReadResourceResultSchema);
|
|
2371
2369
|
}
|
|
2372
|
-
/**
|
|
2373
|
-
* Refreshes the OAuth access token using the refresh token
|
|
2374
|
-
* Discovers OAuth metadata from server and exchanges refresh token for new access token
|
|
2375
|
-
* @returns True if refresh was successful, false otherwise
|
|
2376
|
-
*/
|
|
2377
|
-
async refreshToken() {
|
|
2378
|
-
await this.initialize();
|
|
2379
|
-
if (!this.oauthProvider) {
|
|
2380
|
-
return false;
|
|
2381
|
-
}
|
|
2382
|
-
const tokens = await this.oauthProvider.tokens();
|
|
2383
|
-
if (!tokens || !tokens.refresh_token) {
|
|
2384
|
-
return false;
|
|
2385
|
-
}
|
|
2386
|
-
const clientInformation = await this.oauthProvider.clientInformation();
|
|
2387
|
-
if (!clientInformation) {
|
|
2388
|
-
return false;
|
|
2389
|
-
}
|
|
2390
|
-
try {
|
|
2391
|
-
const resourceMetadata = await auth_js.discoverOAuthProtectedResourceMetadata(this.serverUrl);
|
|
2392
|
-
const authServerUrl = resourceMetadata?.authorization_servers?.[0] || this.serverUrl;
|
|
2393
|
-
const authMetadata = await auth_js.discoverAuthorizationServerMetadata(authServerUrl);
|
|
2394
|
-
const newTokens = await auth_js.refreshAuthorization(authServerUrl, {
|
|
2395
|
-
metadata: authMetadata,
|
|
2396
|
-
clientInformation,
|
|
2397
|
-
refreshToken: tokens.refresh_token
|
|
2398
|
-
});
|
|
2399
|
-
await this.oauthProvider.saveTokens(newTokens);
|
|
2400
|
-
return true;
|
|
2401
|
-
} catch (error) {
|
|
2402
|
-
console.error("[OAuth] Token refresh failed:", error);
|
|
2403
|
-
return false;
|
|
2404
|
-
}
|
|
2405
|
-
}
|
|
2406
|
-
/**
|
|
2407
|
-
* Ensures OAuth tokens are valid, refreshing them if expired
|
|
2408
|
-
* Called automatically by connect() - rarely needs to be called manually
|
|
2409
|
-
* @returns True if valid tokens are available, false otherwise
|
|
2410
|
-
*/
|
|
2411
|
-
async getValidTokens() {
|
|
2412
|
-
await this.initialize();
|
|
2413
|
-
if (!this.oauthProvider) {
|
|
2414
|
-
return false;
|
|
2415
|
-
}
|
|
2416
|
-
const tokens = await this.oauthProvider.tokens();
|
|
2417
|
-
if (!tokens) {
|
|
2418
|
-
return false;
|
|
2419
|
-
}
|
|
2420
|
-
if (this.oauthProvider.isTokenExpired()) {
|
|
2421
|
-
return await this.refreshToken();
|
|
2422
|
-
}
|
|
2423
|
-
return true;
|
|
2424
|
-
}
|
|
2425
2370
|
/**
|
|
2426
2371
|
* Reconnects to MCP server using existing OAuth provider from Redis
|
|
2427
2372
|
* Used for session restoration in serverless environments
|
|
@@ -2553,10 +2498,14 @@ var MCPClient = class _MCPClient {
|
|
|
2553
2498
|
}
|
|
2554
2499
|
/**
|
|
2555
2500
|
* Gets MCP server configuration for all active user sessions
|
|
2556
|
-
* Loads sessions from
|
|
2557
|
-
*
|
|
2501
|
+
* Loads sessions from storage and returns server connection metadata.
|
|
2502
|
+
* OAuth refresh is handled by SDK transports through their authProvider.
|
|
2503
|
+
* @deprecated This returns legacy connection metadata only and does not
|
|
2504
|
+
* include OAuth tokens or generated Authorization headers. Prefer
|
|
2505
|
+
* MultiSessionClient or explicit MCPClient instances so SDK transports can
|
|
2506
|
+
* own OAuth refresh and reauthorization.
|
|
2558
2507
|
* @param userId - User ID to fetch sessions for
|
|
2559
|
-
* @returns Object keyed by sanitized server labels containing transport
|
|
2508
|
+
* @returns Object keyed by sanitized server labels containing transport and url.
|
|
2560
2509
|
* @static
|
|
2561
2510
|
*/
|
|
2562
2511
|
static async getMcpServerConfig(userId) {
|
|
@@ -2570,29 +2519,6 @@ var MCPClient = class _MCPClient {
|
|
|
2570
2519
|
await sessions.delete(userId, sessionId);
|
|
2571
2520
|
return;
|
|
2572
2521
|
}
|
|
2573
|
-
let headers;
|
|
2574
|
-
try {
|
|
2575
|
-
const client = new _MCPClient({
|
|
2576
|
-
userId,
|
|
2577
|
-
sessionId,
|
|
2578
|
-
serverId: sessionData.serverId,
|
|
2579
|
-
serverUrl: sessionData.serverUrl,
|
|
2580
|
-
callbackUrl: sessionData.callbackUrl,
|
|
2581
|
-
serverName: sessionData.serverName,
|
|
2582
|
-
transportType: sessionData.transportType,
|
|
2583
|
-
headers: sessionData.headers
|
|
2584
|
-
});
|
|
2585
|
-
await client.initialize();
|
|
2586
|
-
const hasValidTokens = await client.getValidTokens();
|
|
2587
|
-
if (hasValidTokens && client.oauthProvider) {
|
|
2588
|
-
const tokens = await client.oauthProvider.tokens();
|
|
2589
|
-
if (tokens?.access_token) {
|
|
2590
|
-
headers = { Authorization: `Bearer ${tokens.access_token}` };
|
|
2591
|
-
}
|
|
2592
|
-
}
|
|
2593
|
-
} catch (error) {
|
|
2594
|
-
console.warn(`[MCP] Failed to get OAuth tokens for ${sessionId}:`, error);
|
|
2595
|
-
}
|
|
2596
2522
|
const label = sanitizeServerLabel(
|
|
2597
2523
|
sessionData.serverName || sessionData.serverId || "server"
|
|
2598
2524
|
);
|
|
@@ -2602,8 +2528,7 @@ var MCPClient = class _MCPClient {
|
|
|
2602
2528
|
...sessionData.serverName && {
|
|
2603
2529
|
serverName: sessionData.serverName,
|
|
2604
2530
|
serverLabel: label
|
|
2605
|
-
}
|
|
2606
|
-
...headers && { headers }
|
|
2531
|
+
}
|
|
2607
2532
|
};
|
|
2608
2533
|
} catch (error) {
|
|
2609
2534
|
await sessions.delete(userId, sessionId);
|