@mcp-ts/sdk 2.5.2 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (73) hide show
  1. package/README.md +3 -574
  2. package/dist/adapters/agui-adapter.d.mts +4 -4
  3. package/dist/adapters/agui-adapter.d.ts +4 -4
  4. package/dist/adapters/agui-middleware.d.mts +4 -4
  5. package/dist/adapters/agui-middleware.d.ts +4 -4
  6. package/dist/adapters/ai-adapter.d.mts +4 -4
  7. package/dist/adapters/ai-adapter.d.ts +4 -4
  8. package/dist/adapters/langchain-adapter.d.mts +4 -4
  9. package/dist/adapters/langchain-adapter.d.ts +4 -4
  10. package/dist/adapters/mastra-adapter.d.mts +3 -3
  11. package/dist/adapters/mastra-adapter.d.ts +3 -3
  12. package/dist/client/index.d.mts +2 -2
  13. package/dist/client/index.d.ts +2 -2
  14. package/dist/client/index.js +3 -0
  15. package/dist/client/index.js.map +1 -1
  16. package/dist/client/index.mjs +3 -0
  17. package/dist/client/index.mjs.map +1 -1
  18. package/dist/client/react.d.mts +10 -18
  19. package/dist/client/react.d.ts +10 -18
  20. package/dist/client/react.js +17 -0
  21. package/dist/client/react.js.map +1 -1
  22. package/dist/client/react.mjs +17 -0
  23. package/dist/client/react.mjs.map +1 -1
  24. package/dist/client/vue.d.mts +4 -4
  25. package/dist/client/vue.d.ts +4 -4
  26. package/dist/client/vue.js +3 -0
  27. package/dist/client/vue.js.map +1 -1
  28. package/dist/client/vue.mjs +3 -0
  29. package/dist/client/vue.mjs.map +1 -1
  30. package/dist/{index-B3GPsPsi.d.mts → index-BrDkbut5.d.ts} +2 -1
  31. package/dist/{index-gNdSQTSz.d.ts → index-DHQvlx4K.d.mts} +2 -1
  32. package/dist/index.d.mts +5 -5
  33. package/dist/index.d.ts +5 -5
  34. package/dist/index.js +1056 -863
  35. package/dist/index.js.map +1 -1
  36. package/dist/index.mjs +1048 -858
  37. package/dist/index.mjs.map +1 -1
  38. package/dist/{multi-session-client-CB4oDrQX.d.ts → multi-session-client-CQzymvHl.d.ts} +183 -227
  39. package/dist/{multi-session-client-xj3iQIv6.d.mts → multi-session-client-C_Ja2TuV.d.mts} +183 -227
  40. package/dist/server/index.d.mts +338 -88
  41. package/dist/server/index.d.ts +338 -88
  42. package/dist/server/index.js +1054 -864
  43. package/dist/server/index.js.map +1 -1
  44. package/dist/server/index.mjs +1046 -859
  45. package/dist/server/index.mjs.map +1 -1
  46. package/dist/shared/index.d.mts +4 -4
  47. package/dist/shared/index.d.ts +4 -4
  48. package/dist/shared/index.js.map +1 -1
  49. package/dist/shared/index.mjs.map +1 -1
  50. package/dist/{tool-router-CsKVXbQB.d.mts → tool-router-C1n7OXbl.d.mts} +1 -1
  51. package/dist/{tool-router-C-Mw1_BQ.d.ts → tool-router-CBIawFnt.d.ts} +1 -1
  52. package/dist/{types-6SmXege4.d.mts → types-DX71u9gR.d.mts} +11 -3
  53. package/dist/{types-6SmXege4.d.ts → types-DX71u9gR.d.ts} +11 -3
  54. package/migrations/neon/20260513010000_install_mcp_sessions.sql +4 -34
  55. package/migrations/supabase/20260330195700_install_mcp_sessions.sql +5 -62
  56. package/package.json +2 -1
  57. package/src/client/core/sse-client.ts +5 -0
  58. package/src/client/react/use-mcp.ts +27 -28
  59. package/src/server/handlers/sse-handler.ts +671 -629
  60. package/src/server/index.ts +2 -1
  61. package/src/server/mcp/multi-session-client.ts +34 -10
  62. package/src/server/mcp/oauth-client.ts +197 -205
  63. package/src/server/mcp/storage-oauth-provider.ts +149 -29
  64. package/src/server/mcp/tool-policy-gateway.ts +11 -1
  65. package/src/server/storage/file-backend.ts +25 -21
  66. package/src/server/storage/index.ts +71 -0
  67. package/src/server/storage/memory-backend.ts +24 -12
  68. package/src/server/storage/neon-backend.ts +70 -72
  69. package/src/server/storage/redis-backend.ts +26 -36
  70. package/src/server/storage/sqlite-backend.ts +25 -39
  71. package/src/server/storage/supabase-backend.ts +45 -54
  72. package/src/server/storage/types.ts +22 -2
  73. package/src/shared/types.ts +13 -1
@@ -1,5 +1,5 @@
1
1
  import { Tool } from '@modelcontextprotocol/sdk/types.js';
2
- import { A as ToolClientProvider, T as ToolClient } from './types-6SmXege4.mjs';
2
+ import { A as ToolClientProvider, T as ToolClient } from './types-DX71u9gR.mjs';
3
3
 
4
4
  /**
5
5
  * ToolIndex — Lightweight in-memory search index for MCP tool discovery.
@@ -1,5 +1,5 @@
1
1
  import { Tool } from '@modelcontextprotocol/sdk/types.js';
2
- import { A as ToolClientProvider, T as ToolClient } from './types-6SmXege4.js';
2
+ import { A as ToolClientProvider, T as ToolClient } from './types-DX71u9gR.js';
3
3
 
4
4
  /**
5
5
  * ToolIndex — Lightweight in-memory search index for MCP tool discovery.
@@ -211,7 +211,7 @@ interface ToolPolicy {
211
211
  toolIds: string[];
212
212
  updatedAt: number;
213
213
  }
214
- type McpRpcMethod = 'connect' | 'disconnect' | 'reconnect' | 'listTools' | 'callTool' | 'listSessions' | 'getSession' | 'finishAuth' | 'listPrompts' | 'getPrompt' | 'listResources' | 'readResource' | 'setToolPolicy' | 'getToolPolicy';
214
+ type McpRpcMethod = 'connect' | 'disconnect' | 'reconnect' | 'listTools' | 'callTool' | 'listSessions' | 'getSession' | 'finishAuth' | 'listPrompts' | 'getPrompt' | 'listResources' | 'readResource' | 'setToolPolicy' | 'getToolPolicy' | 'updateSession';
215
215
  interface McpRpcRequest {
216
216
  id: string;
217
217
  method: McpRpcMethod;
@@ -268,7 +268,11 @@ interface SetToolPolicyParams {
268
268
  interface GetToolPolicyParams {
269
269
  sessionId: string;
270
270
  }
271
- type McpRpcParams = ConnectParams | DisconnectParams | ReconnectParams | SessionParams | CallToolParams | GetPromptParams | ReadResourceParams | FinishAuthParams | SetToolPolicyParams | GetToolPolicyParams | undefined;
271
+ interface UpdateSessionParams {
272
+ sessionId: string;
273
+ enabled?: boolean;
274
+ }
275
+ type McpRpcParams = ConnectParams | DisconnectParams | ReconnectParams | SessionParams | CallToolParams | GetPromptParams | ReadResourceParams | FinishAuthParams | SetToolPolicyParams | GetToolPolicyParams | UpdateSessionParams | undefined;
272
276
  interface SessionInfo {
273
277
  sessionId: string;
274
278
  serverId?: string;
@@ -283,6 +287,7 @@ interface SessionInfo {
283
287
  */
284
288
  status: SessionStatus;
285
289
  toolPolicy?: ToolPolicy;
290
+ enabled?: boolean;
286
291
  }
287
292
  interface SessionListResult {
288
293
  sessions: SessionInfo[];
@@ -311,6 +316,9 @@ interface SetToolPolicyResult {
311
316
  tools: Tool[];
312
317
  toolCount: number;
313
318
  }
319
+ interface UpdateSessionResult {
320
+ success: boolean;
321
+ }
314
322
  type ToolAccessInfo = Tool & {
315
323
  toolId: string;
316
324
  allowed: boolean;
@@ -341,4 +349,4 @@ interface ListResourcesResult {
341
349
  }>;
342
350
  }
343
351
 
344
- export { type ToolClientProvider as A, type ToolInfo as B, type CallToolParams as C, type DisconnectParams as D, Emitter as E, type FinishAuthParams as F, type GetPromptParams as G, type TransportType as H, isCallToolSuccess as I, isConnectAuthRequired as J, isConnectError as K, type ListPromptsResult as L, type McpConnectionEvent as M, isConnectSuccess as N, isListToolsSuccess as O, type ToolPolicy as P, type SetToolPolicyResult as Q, type ReadResourceParams as R, type SessionInfo as S, type ToolClient as T, type GetToolPolicyResult as U, type McpAppsUIEvent as V, type CallToolRequest as a, type CallToolResponse as b, type ConnectAuthRequiredResponse as c, type ConnectErrorResponse as d, type ConnectParams as e, type ConnectRequest as f, type ConnectResponse as g, type ConnectResult as h, type ConnectSuccessResponse as i, type DisconnectResult as j, type Disposable as k, DisposableStore as l, type Event as m, type FinishAuthResult as n, type GetSessionResult as o, type ListResourcesResult as p, type ListToolsResponse as q, type ListToolsRpcResult as r, type McpConnectionState as s, type McpObservabilityEvent as t, type McpRpcMethod as u, type McpRpcParams as v, type McpRpcRequest as w, type McpRpcResponse as x, type SessionListResult as y, type SessionParams as z };
352
+ export { type ToolClientProvider as A, type ToolInfo as B, type CallToolParams as C, type DisconnectParams as D, Emitter as E, type FinishAuthParams as F, type GetPromptParams as G, type TransportType as H, isCallToolSuccess as I, isConnectAuthRequired as J, isConnectError as K, type ListPromptsResult as L, type McpConnectionEvent as M, isConnectSuccess as N, isListToolsSuccess as O, type ToolPolicy as P, type SetToolPolicyResult as Q, type ReadResourceParams as R, type SessionInfo as S, type ToolClient as T, type GetToolPolicyResult as U, type McpAppsUIEvent as V, type UpdateSessionResult as W, type CallToolRequest as a, type CallToolResponse as b, type ConnectAuthRequiredResponse as c, type ConnectErrorResponse as d, type ConnectParams as e, type ConnectRequest as f, type ConnectResponse as g, type ConnectResult as h, type ConnectSuccessResponse as i, type DisconnectResult as j, type Disposable as k, DisposableStore as l, type Event as m, type FinishAuthResult as n, type GetSessionResult as o, type ListResourcesResult as p, type ListToolsResponse as q, type ListToolsRpcResult as r, type McpConnectionState as s, type McpObservabilityEvent as t, type McpRpcMethod as u, type McpRpcParams as v, type McpRpcRequest as w, type McpRpcResponse as x, type SessionListResult as y, type SessionParams as z };
@@ -211,7 +211,7 @@ interface ToolPolicy {
211
211
  toolIds: string[];
212
212
  updatedAt: number;
213
213
  }
214
- type McpRpcMethod = 'connect' | 'disconnect' | 'reconnect' | 'listTools' | 'callTool' | 'listSessions' | 'getSession' | 'finishAuth' | 'listPrompts' | 'getPrompt' | 'listResources' | 'readResource' | 'setToolPolicy' | 'getToolPolicy';
214
+ type McpRpcMethod = 'connect' | 'disconnect' | 'reconnect' | 'listTools' | 'callTool' | 'listSessions' | 'getSession' | 'finishAuth' | 'listPrompts' | 'getPrompt' | 'listResources' | 'readResource' | 'setToolPolicy' | 'getToolPolicy' | 'updateSession';
215
215
  interface McpRpcRequest {
216
216
  id: string;
217
217
  method: McpRpcMethod;
@@ -268,7 +268,11 @@ interface SetToolPolicyParams {
268
268
  interface GetToolPolicyParams {
269
269
  sessionId: string;
270
270
  }
271
- type McpRpcParams = ConnectParams | DisconnectParams | ReconnectParams | SessionParams | CallToolParams | GetPromptParams | ReadResourceParams | FinishAuthParams | SetToolPolicyParams | GetToolPolicyParams | undefined;
271
+ interface UpdateSessionParams {
272
+ sessionId: string;
273
+ enabled?: boolean;
274
+ }
275
+ type McpRpcParams = ConnectParams | DisconnectParams | ReconnectParams | SessionParams | CallToolParams | GetPromptParams | ReadResourceParams | FinishAuthParams | SetToolPolicyParams | GetToolPolicyParams | UpdateSessionParams | undefined;
272
276
  interface SessionInfo {
273
277
  sessionId: string;
274
278
  serverId?: string;
@@ -283,6 +287,7 @@ interface SessionInfo {
283
287
  */
284
288
  status: SessionStatus;
285
289
  toolPolicy?: ToolPolicy;
290
+ enabled?: boolean;
286
291
  }
287
292
  interface SessionListResult {
288
293
  sessions: SessionInfo[];
@@ -311,6 +316,9 @@ interface SetToolPolicyResult {
311
316
  tools: Tool[];
312
317
  toolCount: number;
313
318
  }
319
+ interface UpdateSessionResult {
320
+ success: boolean;
321
+ }
314
322
  type ToolAccessInfo = Tool & {
315
323
  toolId: string;
316
324
  allowed: boolean;
@@ -341,4 +349,4 @@ interface ListResourcesResult {
341
349
  }>;
342
350
  }
343
351
 
344
- export { type ToolClientProvider as A, type ToolInfo as B, type CallToolParams as C, type DisconnectParams as D, Emitter as E, type FinishAuthParams as F, type GetPromptParams as G, type TransportType as H, isCallToolSuccess as I, isConnectAuthRequired as J, isConnectError as K, type ListPromptsResult as L, type McpConnectionEvent as M, isConnectSuccess as N, isListToolsSuccess as O, type ToolPolicy as P, type SetToolPolicyResult as Q, type ReadResourceParams as R, type SessionInfo as S, type ToolClient as T, type GetToolPolicyResult as U, type McpAppsUIEvent as V, type CallToolRequest as a, type CallToolResponse as b, type ConnectAuthRequiredResponse as c, type ConnectErrorResponse as d, type ConnectParams as e, type ConnectRequest as f, type ConnectResponse as g, type ConnectResult as h, type ConnectSuccessResponse as i, type DisconnectResult as j, type Disposable as k, DisposableStore as l, type Event as m, type FinishAuthResult as n, type GetSessionResult as o, type ListResourcesResult as p, type ListToolsResponse as q, type ListToolsRpcResult as r, type McpConnectionState as s, type McpObservabilityEvent as t, type McpRpcMethod as u, type McpRpcParams as v, type McpRpcRequest as w, type McpRpcResponse as x, type SessionListResult as y, type SessionParams as z };
352
+ export { type ToolClientProvider as A, type ToolInfo as B, type CallToolParams as C, type DisconnectParams as D, Emitter as E, type FinishAuthParams as F, type GetPromptParams as G, type TransportType as H, isCallToolSuccess as I, isConnectAuthRequired as J, isConnectError as K, type ListPromptsResult as L, type McpConnectionEvent as M, isConnectSuccess as N, isListToolsSuccess as O, type ToolPolicy as P, type SetToolPolicyResult as Q, type ReadResourceParams as R, type SessionInfo as S, type ToolClient as T, type GetToolPolicyResult as U, type McpAppsUIEvent as V, type UpdateSessionResult as W, type CallToolRequest as a, type CallToolResponse as b, type ConnectAuthRequiredResponse as c, type ConnectErrorResponse as d, type ConnectParams as e, type ConnectRequest as f, type ConnectResponse as g, type ConnectResult as h, type ConnectSuccessResponse as i, type DisconnectResult as j, type Disposable as k, DisposableStore as l, type Event as m, type FinishAuthResult as n, type GetSessionResult as o, type ListResourcesResult as p, type ListToolsResponse as q, type ListToolsRpcResult as r, type McpConnectionState as s, type McpObservabilityEvent as t, type McpRpcMethod as u, type McpRpcParams as v, type McpRpcRequest as w, type McpRpcResponse as x, type SessionListResult as y, type SessionParams as z };
@@ -17,34 +17,20 @@ CREATE TABLE IF NOT EXISTS public.mcp_sessions (
17
17
  CHECK (status IN ('pending', 'active')),
18
18
  headers JSONB,
19
19
  auth_url TEXT,
20
- -- tool_policy JSONB -- optional, see docs/tool-policy
21
- CONSTRAINT mcp_sessions_user_session_unique
22
- UNIQUE (user_id, session_id)
23
- );
24
-
25
- CREATE TABLE IF NOT EXISTS public.mcp_credentials (
26
- id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
27
- session_id TEXT NOT NULL,
28
- user_id TEXT NOT NULL,
20
+ enabled BOOLEAN DEFAULT true,
21
+ tool_policy JSONB, -- optional, see docs/tool-policy
22
+ -- Runtime OAuth credentials (stored in-session, no separate credentials table)
29
23
  client_information JSONB,
30
24
  tokens JSONB,
31
25
  code_verifier TEXT,
32
26
  client_id TEXT,
33
27
  oauth_state JSONB,
34
- created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
35
- updated_at TIMESTAMPTZ NOT NULL DEFAULT now(),
36
- CONSTRAINT mcp_credentials_session_fk
37
- FOREIGN KEY (user_id, session_id)
38
- REFERENCES public.mcp_sessions(user_id, session_id)
39
- ON DELETE CASCADE,
40
- CONSTRAINT mcp_credentials_user_session_unique
28
+ CONSTRAINT mcp_sessions_user_session_unique
41
29
  UNIQUE (user_id, session_id)
42
30
  );
43
31
 
44
32
  CREATE INDEX IF NOT EXISTS idx_mcp_sessions_user_id ON public.mcp_sessions(user_id);
45
33
  CREATE INDEX IF NOT EXISTS idx_mcp_sessions_expires_at ON public.mcp_sessions(expires_at);
46
- CREATE INDEX IF NOT EXISTS idx_mcp_credentials_user_session
47
- ON public.mcp_credentials(user_id, session_id);
48
34
 
49
35
  CREATE OR REPLACE FUNCTION public.set_current_timestamp_updated_at()
50
36
  RETURNS TRIGGER AS $$
@@ -61,13 +47,6 @@ BEFORE UPDATE ON public.mcp_sessions
61
47
  FOR EACH ROW
62
48
  EXECUTE FUNCTION public.set_current_timestamp_updated_at();
63
49
 
64
- DROP TRIGGER IF EXISTS trg_mcp_credentials_updated_at ON public.mcp_credentials;
65
-
66
- CREATE TRIGGER trg_mcp_credentials_updated_at
67
- BEFORE UPDATE ON public.mcp_credentials
68
- FOR EACH ROW
69
- EXECUTE FUNCTION public.set_current_timestamp_updated_at();
70
-
71
50
  -- Optional production configuration:
72
51
  -- Create a dedicated app role and use its credentials in NEON_DATABASE_URL.
73
52
  -- Replace neondb and the password before running.
@@ -76,7 +55,6 @@ EXECUTE FUNCTION public.set_current_timestamp_updated_at();
76
55
  -- GRANT CONNECT ON DATABASE neondb TO mcp_service_role;
77
56
  -- GRANT USAGE ON SCHEMA public TO mcp_service_role;
78
57
  -- GRANT SELECT, INSERT, UPDATE, DELETE ON public.mcp_sessions TO mcp_service_role;
79
- -- GRANT SELECT, INSERT, UPDATE, DELETE ON public.mcp_credentials TO mcp_service_role;
80
58
  -- GRANT USAGE ON ALL SEQUENCES IN SCHEMA public TO mcp_service_role;
81
59
 
82
60
  -- Optional RLS configuration:
@@ -90,7 +68,6 @@ EXECUTE FUNCTION public.set_current_timestamp_updated_at();
90
68
  -- GRANT USAGE ON ALL SEQUENCES IN SCHEMA public TO mcp_service_role;
91
69
  --
92
70
  -- ALTER TABLE public.mcp_sessions ENABLE ROW LEVEL SECURITY;
93
- -- ALTER TABLE public.mcp_credentials ENABLE ROW LEVEL SECURITY;
94
71
  --
95
72
  -- CREATE POLICY mcp_service_role_full_access
96
73
  -- ON public.mcp_sessions
@@ -98,10 +75,3 @@ EXECUTE FUNCTION public.set_current_timestamp_updated_at();
98
75
  -- TO mcp_service_role
99
76
  -- USING (true)
100
77
  -- WITH CHECK (true);
101
- --
102
- -- CREATE POLICY mcp_service_role_oauth_full_access
103
- -- ON public.mcp_credentials
104
- -- FOR ALL
105
- -- TO mcp_service_role
106
- -- USING (true)
107
- -- WITH CHECK (true);
@@ -1,4 +1,4 @@
1
- -- Create the mcp_sessions table
1
+ -- Create the mcp_sessions table.
2
2
  CREATE TABLE IF NOT EXISTS public.mcp_sessions (
3
3
  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
4
4
  session_id TEXT NOT NULL UNIQUE,
@@ -15,28 +15,15 @@ CREATE TABLE IF NOT EXISTS public.mcp_sessions (
15
15
  CHECK (status IN ('pending', 'active')),
16
16
  headers JSONB,
17
17
  auth_url TEXT,
18
- -- tool_policy JSONB -- optional, see docs/tool-policy
19
- CONSTRAINT mcp_sessions_user_session_unique
20
- UNIQUE (user_id, session_id)
21
- );
22
-
23
- -- Runtime credentials are kept separate from connection metadata.
24
- CREATE TABLE IF NOT EXISTS public.mcp_credentials (
25
- id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
26
- session_id TEXT NOT NULL,
27
- user_id TEXT NOT NULL,
18
+ enabled BOOLEAN DEFAULT true,
19
+ tool_policy JSONB, -- optional, see docs/tool-policy
20
+ -- Runtime OAuth credentials (stored in-session, no separate credentials table)
28
21
  client_information JSONB,
29
22
  tokens JSONB,
30
23
  code_verifier TEXT,
31
24
  client_id TEXT,
32
25
  oauth_state JSONB,
33
- created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
34
- updated_at TIMESTAMPTZ NOT NULL DEFAULT now(),
35
- CONSTRAINT mcp_credentials_session_fk
36
- FOREIGN KEY (user_id, session_id)
37
- REFERENCES public.mcp_sessions(user_id, session_id)
38
- ON DELETE CASCADE,
39
- CONSTRAINT mcp_credentials_user_session_unique
26
+ CONSTRAINT mcp_sessions_user_session_unique
40
27
  UNIQUE (user_id, session_id)
41
28
  );
42
29
 
@@ -44,8 +31,6 @@ CREATE TABLE IF NOT EXISTS public.mcp_credentials (
44
31
  CREATE INDEX IF NOT EXISTS idx_mcp_sessions_user_id ON public.mcp_sessions(user_id);
45
32
  -- Add an index on expires_at to speed up the cleanup job
46
33
  CREATE INDEX IF NOT EXISTS idx_mcp_sessions_expires_at ON public.mcp_sessions(expires_at);
47
- CREATE INDEX IF NOT EXISTS idx_mcp_credentials_user_session
48
- ON public.mcp_credentials(user_id, session_id);
49
34
 
50
35
  -- Trigger to automatically update the 'updated_at' column
51
36
  CREATE OR REPLACE FUNCTION public.set_current_timestamp_updated_at()
@@ -62,15 +47,8 @@ BEFORE UPDATE ON public.mcp_sessions
62
47
  FOR EACH ROW
63
48
  EXECUTE FUNCTION public.set_current_timestamp_updated_at();
64
49
 
65
- DROP TRIGGER IF EXISTS trg_mcp_credentials_updated_at ON public.mcp_credentials;
66
- CREATE TRIGGER trg_mcp_credentials_updated_at
67
- BEFORE UPDATE ON public.mcp_credentials
68
- FOR EACH ROW
69
- EXECUTE FUNCTION public.set_current_timestamp_updated_at();
70
-
71
50
  -- Enable Row Level Security (RLS)
72
51
  ALTER TABLE public.mcp_sessions ENABLE ROW LEVEL SECURITY;
73
- ALTER TABLE public.mcp_credentials ENABLE ROW LEVEL SECURITY;
74
52
 
75
53
  -- Policy 1: Users can read their own sessions
76
54
  CREATE POLICY "Users can view their own sessions"
@@ -81,14 +59,6 @@ USING (
81
59
  auth.uid()::text = user_id
82
60
  );
83
61
 
84
- CREATE POLICY "Users can view their own credentials"
85
- ON public.mcp_credentials
86
- FOR SELECT
87
- TO authenticated
88
- USING (
89
- auth.uid()::text = user_id
90
- );
91
-
92
62
  -- Policy 2: Users can insert their own sessions
93
63
  CREATE POLICY "Users can insert their own sessions"
94
64
  ON public.mcp_sessions
@@ -98,14 +68,6 @@ WITH CHECK (
98
68
  auth.uid()::text = user_id
99
69
  );
100
70
 
101
- CREATE POLICY "Users can insert their own credentials"
102
- ON public.mcp_credentials
103
- FOR INSERT
104
- TO authenticated
105
- WITH CHECK (
106
- auth.uid()::text = user_id
107
- );
108
-
109
71
  -- Policy 3: Users can update their own sessions
110
72
  CREATE POLICY "Users can update their own sessions"
111
73
  ON public.mcp_sessions
@@ -118,17 +80,6 @@ WITH CHECK (
118
80
  auth.uid()::text = user_id
119
81
  );
120
82
 
121
- CREATE POLICY "Users can update their own credentials"
122
- ON public.mcp_credentials
123
- FOR UPDATE
124
- TO authenticated
125
- USING (
126
- auth.uid()::text = user_id
127
- )
128
- WITH CHECK (
129
- auth.uid()::text = user_id
130
- );
131
-
132
83
  -- Policy 4: Users can delete their own sessions
133
84
  CREATE POLICY "Users can delete their own sessions"
134
85
  ON public.mcp_sessions
@@ -137,11 +88,3 @@ TO authenticated
137
88
  USING (
138
89
  auth.uid()::text = user_id
139
90
  );
140
-
141
- CREATE POLICY "Users can delete their own credentials"
142
- ON public.mcp_credentials
143
- FOR DELETE
144
- TO authenticated
145
- USING (
146
- auth.uid()::text = user_id
147
- );
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@mcp-ts/sdk",
3
- "version": "2.5.2",
3
+ "version": "2.6.0",
4
4
  "publishConfig": {
5
5
  "access": "public"
6
6
  },
@@ -77,6 +77,7 @@
77
77
  ],
78
78
  "scripts": {
79
79
  "build": "tsup",
80
+ "postbuild": "node -e \"var f='../../../mcp-client/scripts/resolve-local-pkg.cjs';require('fs').existsSync(f)&&require('child_process').execSync('node '+f,{cwd:__dirname,stdio:'inherit'})\"",
80
81
  "dev": "tsup --watch",
81
82
  "type-check": "tsc --noEmit",
82
83
  "clean": "rimraf dist",
@@ -27,6 +27,7 @@ import type {
27
27
  ListResourcesResult,
28
28
  SetToolPolicyResult,
29
29
  GetToolPolicyResult,
30
+ UpdateSessionResult,
30
31
  ToolPolicy,
31
32
  } from '../../shared/types.js';
32
33
 
@@ -117,6 +118,10 @@ export class SSEClient {
117
118
  return this.sendRequest<GetToolPolicyResult>('getToolPolicy', { sessionId });
118
119
  }
119
120
 
121
+ async updateSession(sessionId: string, enabled: boolean): Promise<UpdateSessionResult> {
122
+ return this.sendRequest<UpdateSessionResult>('updateSession', { sessionId, enabled });
123
+ }
124
+
120
125
  async listTools(sessionId: string): Promise<ListToolsRpcResult> {
121
126
  return this.sendRequest<ListToolsRpcResult>('listTools', { sessionId });
122
127
  }
@@ -21,6 +21,7 @@ import type {
21
21
  ToolPolicy,
22
22
  SetToolPolicyResult,
23
23
  GetToolPolicyResult,
24
+ ConnectParams,
24
25
  } from '../../shared/types';
25
26
 
26
27
  export interface UseMcpOptions {
@@ -114,13 +115,7 @@ export interface McpClient {
114
115
  /**
115
116
  * Connect to an MCP server
116
117
  */
117
- connect: (params: {
118
- serverId: string;
119
- serverName: string;
120
- serverUrl: string;
121
- callbackUrl: string;
122
- transportType?: 'sse' | 'streamable-http';
123
- }) => Promise<string>;
118
+ connect: (params: ConnectParams) => Promise<string>;
124
119
 
125
120
  /**
126
121
  * Disconnect from an MCP server
@@ -130,13 +125,7 @@ export interface McpClient {
130
125
  /**
131
126
  * Reconnect to an MCP server (disconnects existing session first)
132
127
  */
133
- reconnect: (params: {
134
- serverId: string;
135
- serverName: string;
136
- serverUrl: string;
137
- callbackUrl: string;
138
- transportType?: 'sse' | 'streamable-http';
139
- }) => Promise<string>;
128
+ reconnect: (params: ConnectParams) => Promise<string>;
140
129
 
141
130
  /**
142
131
  * Get connection by session ID
@@ -210,6 +199,9 @@ export interface McpClient {
210
199
  */
211
200
  getToolAccess: (sessionId: string) => Promise<GetToolPolicyResult>;
212
201
 
202
+ /** Enable or disable a session for agent tool discovery. Tokens are preserved — no re-auth needed when re-enabling. */
203
+ updateSession: (sessionId: string, enabled: boolean) => Promise<{ success: boolean }>;
204
+
213
205
  /**
214
206
  * List available prompts for a session
215
207
  */
@@ -484,13 +476,7 @@ export function useMcp(options: UseMcpOptions): McpClient {
484
476
  * Connect to an MCP server
485
477
  */
486
478
  const connect = useCallback(
487
- async (params: {
488
- serverId: string;
489
- serverName: string;
490
- serverUrl: string;
491
- callbackUrl: string;
492
- transportType?: 'sse' | 'streamable-http';
493
- }): Promise<string> => {
479
+ async (params: ConnectParams): Promise<string> => {
494
480
  if (!clientRef.current) {
495
481
  throw new Error('SSE client not initialized');
496
482
  }
@@ -505,13 +491,7 @@ export function useMcp(options: UseMcpOptions): McpClient {
505
491
  * Reconnect to an MCP server (tears down existing session, then connects fresh)
506
492
  */
507
493
  const reconnect = useCallback(
508
- async (params: {
509
- serverId: string;
510
- serverName: string;
511
- serverUrl: string;
512
- callbackUrl: string;
513
- transportType?: 'sse' | 'streamable-http';
514
- }): Promise<string> => {
494
+ async (params: ConnectParams): Promise<string> => {
515
495
  if (!clientRef.current) {
516
496
  throw new Error('SSE client not initialized');
517
497
  }
@@ -642,6 +622,23 @@ export function useMcp(options: UseMcpOptions): McpClient {
642
622
  }
643
623
  return result;
644
624
  }, []);
625
+ const updateSession = useCallback(async (
626
+ sessionId: string,
627
+ enabled: boolean,
628
+ ): Promise<{ success: boolean }> => {
629
+ if (!clientRef.current) {
630
+ throw new Error('SSE client not initialized');
631
+ }
632
+ const result = await clientRef.current.updateSession(sessionId, enabled);
633
+ if (isMountedRef.current) {
634
+ setConnections((prev: McpConnection[]) => prev.map((connection) =>
635
+ connection.sessionId === sessionId
636
+ ? { ...connection, enabled, updatedAt: new Date() }
637
+ : connection
638
+ ));
639
+ }
640
+ return result;
641
+ }, []);
645
642
  /**
646
643
  * Get all tools with effective access state for a session
647
644
  */
@@ -747,6 +744,7 @@ export function useMcp(options: UseMcpOptions): McpClient {
747
744
  listTools,
748
745
  updateToolPolicy,
749
746
  getToolAccess,
747
+ updateSession,
750
748
  listPrompts,
751
749
  getPrompt,
752
750
  listResources,
@@ -773,6 +771,7 @@ export function useMcp(options: UseMcpOptions): McpClient {
773
771
  listTools,
774
772
  updateToolPolicy,
775
773
  getToolAccess,
774
+ updateSession,
776
775
  listPrompts,
777
776
  getPrompt,
778
777
  listResources,