@mcp-ts/sdk 2.5.3 → 2.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -574
- package/dist/adapters/agui-adapter.d.mts +4 -4
- package/dist/adapters/agui-adapter.d.ts +4 -4
- package/dist/adapters/agui-middleware.d.mts +4 -4
- package/dist/adapters/agui-middleware.d.ts +4 -4
- package/dist/adapters/ai-adapter.d.mts +4 -4
- package/dist/adapters/ai-adapter.d.ts +4 -4
- package/dist/adapters/langchain-adapter.d.mts +4 -4
- package/dist/adapters/langchain-adapter.d.ts +4 -4
- package/dist/adapters/mastra-adapter.d.mts +3 -3
- package/dist/adapters/mastra-adapter.d.ts +3 -3
- package/dist/client/index.d.mts +2 -2
- package/dist/client/index.d.ts +2 -2
- package/dist/client/index.js +3 -0
- package/dist/client/index.js.map +1 -1
- package/dist/client/index.mjs +3 -0
- package/dist/client/index.mjs.map +1 -1
- package/dist/client/react.d.mts +10 -18
- package/dist/client/react.d.ts +10 -18
- package/dist/client/react.js +17 -0
- package/dist/client/react.js.map +1 -1
- package/dist/client/react.mjs +17 -0
- package/dist/client/react.mjs.map +1 -1
- package/dist/client/vue.d.mts +4 -4
- package/dist/client/vue.d.ts +4 -4
- package/dist/client/vue.js +3 -0
- package/dist/client/vue.js.map +1 -1
- package/dist/client/vue.mjs +3 -0
- package/dist/client/vue.mjs.map +1 -1
- package/dist/{index-BRZO_JyI.d.mts → index-BrDkbut5.d.ts} +2 -1
- package/dist/{index-C3YGagi2.d.ts → index-DHQvlx4K.d.mts} +2 -1
- package/dist/index.d.mts +5 -5
- package/dist/index.d.ts +5 -5
- package/dist/index.js +1056 -876
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +1048 -871
- package/dist/index.mjs.map +1 -1
- package/dist/{multi-session-client-CuacvZaQ.d.ts → multi-session-client-CQzymvHl.d.ts} +183 -227
- package/dist/{multi-session-client-DqzT8Oo7.d.mts → multi-session-client-C_Ja2TuV.d.mts} +183 -227
- package/dist/server/index.d.mts +338 -88
- package/dist/server/index.d.ts +338 -88
- package/dist/server/index.js +1053 -876
- package/dist/server/index.js.map +1 -1
- package/dist/server/index.mjs +1045 -871
- package/dist/server/index.mjs.map +1 -1
- package/dist/shared/index.d.mts +4 -4
- package/dist/shared/index.d.ts +4 -4
- package/dist/shared/index.js.map +1 -1
- package/dist/shared/index.mjs.map +1 -1
- package/dist/{tool-router-B0qpui-V.d.mts → tool-router-C1n7OXbl.d.mts} +1 -1
- package/dist/{tool-router-2qUyZ-cP.d.ts → tool-router-CBIawFnt.d.ts} +1 -1
- package/dist/{types-BkJ_rgzo.d.mts → types-DX71u9gR.d.mts} +11 -5
- package/dist/{types-BkJ_rgzo.d.ts → types-DX71u9gR.d.ts} +11 -5
- package/migrations/neon/20260513010000_install_mcp_sessions.sql +4 -34
- package/migrations/supabase/20260330195700_install_mcp_sessions.sql +5 -62
- package/package.json +2 -1
- package/src/client/core/sse-client.ts +5 -0
- package/src/client/react/use-mcp.ts +27 -28
- package/src/server/handlers/sse-handler.ts +671 -633
- package/src/server/index.ts +2 -1
- package/src/server/mcp/multi-session-client.ts +34 -10
- package/src/server/mcp/oauth-client.ts +197 -205
- package/src/server/mcp/storage-oauth-provider.ts +148 -41
- package/src/server/mcp/tool-policy-gateway.ts +11 -1
- package/src/server/storage/file-backend.ts +25 -21
- package/src/server/storage/index.ts +71 -0
- package/src/server/storage/memory-backend.ts +24 -12
- package/src/server/storage/neon-backend.ts +70 -72
- package/src/server/storage/redis-backend.ts +26 -36
- package/src/server/storage/sqlite-backend.ts +25 -39
- package/src/server/storage/supabase-backend.ts +45 -54
- package/src/server/storage/types.ts +22 -2
- package/src/shared/types.ts +13 -3
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Tool } from '@modelcontextprotocol/sdk/types.js';
|
|
2
|
-
import { A as ToolClientProvider, T as ToolClient } from './types-
|
|
2
|
+
import { A as ToolClientProvider, T as ToolClient } from './types-DX71u9gR.mjs';
|
|
3
3
|
|
|
4
4
|
/**
|
|
5
5
|
* ToolIndex — Lightweight in-memory search index for MCP tool discovery.
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Tool } from '@modelcontextprotocol/sdk/types.js';
|
|
2
|
-
import { A as ToolClientProvider, T as ToolClient } from './types-
|
|
2
|
+
import { A as ToolClientProvider, T as ToolClient } from './types-DX71u9gR.js';
|
|
3
3
|
|
|
4
4
|
/**
|
|
5
5
|
* ToolIndex — Lightweight in-memory search index for MCP tool discovery.
|
|
@@ -211,7 +211,7 @@ interface ToolPolicy {
|
|
|
211
211
|
toolIds: string[];
|
|
212
212
|
updatedAt: number;
|
|
213
213
|
}
|
|
214
|
-
type McpRpcMethod = 'connect' | 'disconnect' | 'reconnect' | 'listTools' | 'callTool' | 'listSessions' | 'getSession' | 'finishAuth' | 'listPrompts' | 'getPrompt' | 'listResources' | 'readResource' | 'setToolPolicy' | 'getToolPolicy';
|
|
214
|
+
type McpRpcMethod = 'connect' | 'disconnect' | 'reconnect' | 'listTools' | 'callTool' | 'listSessions' | 'getSession' | 'finishAuth' | 'listPrompts' | 'getPrompt' | 'listResources' | 'readResource' | 'setToolPolicy' | 'getToolPolicy' | 'updateSession';
|
|
215
215
|
interface McpRpcRequest {
|
|
216
216
|
id: string;
|
|
217
217
|
method: McpRpcMethod;
|
|
@@ -232,8 +232,6 @@ interface ConnectParams {
|
|
|
232
232
|
callbackUrl: string;
|
|
233
233
|
transportType?: TransportType;
|
|
234
234
|
headers?: Record<string, string>;
|
|
235
|
-
clientId?: string;
|
|
236
|
-
clientSecret?: string;
|
|
237
235
|
}
|
|
238
236
|
interface DisconnectParams {
|
|
239
237
|
sessionId: string;
|
|
@@ -270,7 +268,11 @@ interface SetToolPolicyParams {
|
|
|
270
268
|
interface GetToolPolicyParams {
|
|
271
269
|
sessionId: string;
|
|
272
270
|
}
|
|
273
|
-
|
|
271
|
+
interface UpdateSessionParams {
|
|
272
|
+
sessionId: string;
|
|
273
|
+
enabled?: boolean;
|
|
274
|
+
}
|
|
275
|
+
type McpRpcParams = ConnectParams | DisconnectParams | ReconnectParams | SessionParams | CallToolParams | GetPromptParams | ReadResourceParams | FinishAuthParams | SetToolPolicyParams | GetToolPolicyParams | UpdateSessionParams | undefined;
|
|
274
276
|
interface SessionInfo {
|
|
275
277
|
sessionId: string;
|
|
276
278
|
serverId?: string;
|
|
@@ -285,6 +287,7 @@ interface SessionInfo {
|
|
|
285
287
|
*/
|
|
286
288
|
status: SessionStatus;
|
|
287
289
|
toolPolicy?: ToolPolicy;
|
|
290
|
+
enabled?: boolean;
|
|
288
291
|
}
|
|
289
292
|
interface SessionListResult {
|
|
290
293
|
sessions: SessionInfo[];
|
|
@@ -313,6 +316,9 @@ interface SetToolPolicyResult {
|
|
|
313
316
|
tools: Tool[];
|
|
314
317
|
toolCount: number;
|
|
315
318
|
}
|
|
319
|
+
interface UpdateSessionResult {
|
|
320
|
+
success: boolean;
|
|
321
|
+
}
|
|
316
322
|
type ToolAccessInfo = Tool & {
|
|
317
323
|
toolId: string;
|
|
318
324
|
allowed: boolean;
|
|
@@ -343,4 +349,4 @@ interface ListResourcesResult {
|
|
|
343
349
|
}>;
|
|
344
350
|
}
|
|
345
351
|
|
|
346
|
-
export { type ToolClientProvider as A, type ToolInfo as B, type CallToolParams as C, type DisconnectParams as D, Emitter as E, type FinishAuthParams as F, type GetPromptParams as G, type TransportType as H, isCallToolSuccess as I, isConnectAuthRequired as J, isConnectError as K, type ListPromptsResult as L, type McpConnectionEvent as M, isConnectSuccess as N, isListToolsSuccess as O, type ToolPolicy as P, type SetToolPolicyResult as Q, type ReadResourceParams as R, type SessionInfo as S, type ToolClient as T, type GetToolPolicyResult as U, type McpAppsUIEvent as V, type CallToolRequest as a, type CallToolResponse as b, type ConnectAuthRequiredResponse as c, type ConnectErrorResponse as d, type ConnectParams as e, type ConnectRequest as f, type ConnectResponse as g, type ConnectResult as h, type ConnectSuccessResponse as i, type DisconnectResult as j, type Disposable as k, DisposableStore as l, type Event as m, type FinishAuthResult as n, type GetSessionResult as o, type ListResourcesResult as p, type ListToolsResponse as q, type ListToolsRpcResult as r, type McpConnectionState as s, type McpObservabilityEvent as t, type McpRpcMethod as u, type McpRpcParams as v, type McpRpcRequest as w, type McpRpcResponse as x, type SessionListResult as y, type SessionParams as z };
|
|
352
|
+
export { type ToolClientProvider as A, type ToolInfo as B, type CallToolParams as C, type DisconnectParams as D, Emitter as E, type FinishAuthParams as F, type GetPromptParams as G, type TransportType as H, isCallToolSuccess as I, isConnectAuthRequired as J, isConnectError as K, type ListPromptsResult as L, type McpConnectionEvent as M, isConnectSuccess as N, isListToolsSuccess as O, type ToolPolicy as P, type SetToolPolicyResult as Q, type ReadResourceParams as R, type SessionInfo as S, type ToolClient as T, type GetToolPolicyResult as U, type McpAppsUIEvent as V, type UpdateSessionResult as W, type CallToolRequest as a, type CallToolResponse as b, type ConnectAuthRequiredResponse as c, type ConnectErrorResponse as d, type ConnectParams as e, type ConnectRequest as f, type ConnectResponse as g, type ConnectResult as h, type ConnectSuccessResponse as i, type DisconnectResult as j, type Disposable as k, DisposableStore as l, type Event as m, type FinishAuthResult as n, type GetSessionResult as o, type ListResourcesResult as p, type ListToolsResponse as q, type ListToolsRpcResult as r, type McpConnectionState as s, type McpObservabilityEvent as t, type McpRpcMethod as u, type McpRpcParams as v, type McpRpcRequest as w, type McpRpcResponse as x, type SessionListResult as y, type SessionParams as z };
|
|
@@ -211,7 +211,7 @@ interface ToolPolicy {
|
|
|
211
211
|
toolIds: string[];
|
|
212
212
|
updatedAt: number;
|
|
213
213
|
}
|
|
214
|
-
type McpRpcMethod = 'connect' | 'disconnect' | 'reconnect' | 'listTools' | 'callTool' | 'listSessions' | 'getSession' | 'finishAuth' | 'listPrompts' | 'getPrompt' | 'listResources' | 'readResource' | 'setToolPolicy' | 'getToolPolicy';
|
|
214
|
+
type McpRpcMethod = 'connect' | 'disconnect' | 'reconnect' | 'listTools' | 'callTool' | 'listSessions' | 'getSession' | 'finishAuth' | 'listPrompts' | 'getPrompt' | 'listResources' | 'readResource' | 'setToolPolicy' | 'getToolPolicy' | 'updateSession';
|
|
215
215
|
interface McpRpcRequest {
|
|
216
216
|
id: string;
|
|
217
217
|
method: McpRpcMethod;
|
|
@@ -232,8 +232,6 @@ interface ConnectParams {
|
|
|
232
232
|
callbackUrl: string;
|
|
233
233
|
transportType?: TransportType;
|
|
234
234
|
headers?: Record<string, string>;
|
|
235
|
-
clientId?: string;
|
|
236
|
-
clientSecret?: string;
|
|
237
235
|
}
|
|
238
236
|
interface DisconnectParams {
|
|
239
237
|
sessionId: string;
|
|
@@ -270,7 +268,11 @@ interface SetToolPolicyParams {
|
|
|
270
268
|
interface GetToolPolicyParams {
|
|
271
269
|
sessionId: string;
|
|
272
270
|
}
|
|
273
|
-
|
|
271
|
+
interface UpdateSessionParams {
|
|
272
|
+
sessionId: string;
|
|
273
|
+
enabled?: boolean;
|
|
274
|
+
}
|
|
275
|
+
type McpRpcParams = ConnectParams | DisconnectParams | ReconnectParams | SessionParams | CallToolParams | GetPromptParams | ReadResourceParams | FinishAuthParams | SetToolPolicyParams | GetToolPolicyParams | UpdateSessionParams | undefined;
|
|
274
276
|
interface SessionInfo {
|
|
275
277
|
sessionId: string;
|
|
276
278
|
serverId?: string;
|
|
@@ -285,6 +287,7 @@ interface SessionInfo {
|
|
|
285
287
|
*/
|
|
286
288
|
status: SessionStatus;
|
|
287
289
|
toolPolicy?: ToolPolicy;
|
|
290
|
+
enabled?: boolean;
|
|
288
291
|
}
|
|
289
292
|
interface SessionListResult {
|
|
290
293
|
sessions: SessionInfo[];
|
|
@@ -313,6 +316,9 @@ interface SetToolPolicyResult {
|
|
|
313
316
|
tools: Tool[];
|
|
314
317
|
toolCount: number;
|
|
315
318
|
}
|
|
319
|
+
interface UpdateSessionResult {
|
|
320
|
+
success: boolean;
|
|
321
|
+
}
|
|
316
322
|
type ToolAccessInfo = Tool & {
|
|
317
323
|
toolId: string;
|
|
318
324
|
allowed: boolean;
|
|
@@ -343,4 +349,4 @@ interface ListResourcesResult {
|
|
|
343
349
|
}>;
|
|
344
350
|
}
|
|
345
351
|
|
|
346
|
-
export { type ToolClientProvider as A, type ToolInfo as B, type CallToolParams as C, type DisconnectParams as D, Emitter as E, type FinishAuthParams as F, type GetPromptParams as G, type TransportType as H, isCallToolSuccess as I, isConnectAuthRequired as J, isConnectError as K, type ListPromptsResult as L, type McpConnectionEvent as M, isConnectSuccess as N, isListToolsSuccess as O, type ToolPolicy as P, type SetToolPolicyResult as Q, type ReadResourceParams as R, type SessionInfo as S, type ToolClient as T, type GetToolPolicyResult as U, type McpAppsUIEvent as V, type CallToolRequest as a, type CallToolResponse as b, type ConnectAuthRequiredResponse as c, type ConnectErrorResponse as d, type ConnectParams as e, type ConnectRequest as f, type ConnectResponse as g, type ConnectResult as h, type ConnectSuccessResponse as i, type DisconnectResult as j, type Disposable as k, DisposableStore as l, type Event as m, type FinishAuthResult as n, type GetSessionResult as o, type ListResourcesResult as p, type ListToolsResponse as q, type ListToolsRpcResult as r, type McpConnectionState as s, type McpObservabilityEvent as t, type McpRpcMethod as u, type McpRpcParams as v, type McpRpcRequest as w, type McpRpcResponse as x, type SessionListResult as y, type SessionParams as z };
|
|
352
|
+
export { type ToolClientProvider as A, type ToolInfo as B, type CallToolParams as C, type DisconnectParams as D, Emitter as E, type FinishAuthParams as F, type GetPromptParams as G, type TransportType as H, isCallToolSuccess as I, isConnectAuthRequired as J, isConnectError as K, type ListPromptsResult as L, type McpConnectionEvent as M, isConnectSuccess as N, isListToolsSuccess as O, type ToolPolicy as P, type SetToolPolicyResult as Q, type ReadResourceParams as R, type SessionInfo as S, type ToolClient as T, type GetToolPolicyResult as U, type McpAppsUIEvent as V, type UpdateSessionResult as W, type CallToolRequest as a, type CallToolResponse as b, type ConnectAuthRequiredResponse as c, type ConnectErrorResponse as d, type ConnectParams as e, type ConnectRequest as f, type ConnectResponse as g, type ConnectResult as h, type ConnectSuccessResponse as i, type DisconnectResult as j, type Disposable as k, DisposableStore as l, type Event as m, type FinishAuthResult as n, type GetSessionResult as o, type ListResourcesResult as p, type ListToolsResponse as q, type ListToolsRpcResult as r, type McpConnectionState as s, type McpObservabilityEvent as t, type McpRpcMethod as u, type McpRpcParams as v, type McpRpcRequest as w, type McpRpcResponse as x, type SessionListResult as y, type SessionParams as z };
|
|
@@ -17,34 +17,20 @@ CREATE TABLE IF NOT EXISTS public.mcp_sessions (
|
|
|
17
17
|
CHECK (status IN ('pending', 'active')),
|
|
18
18
|
headers JSONB,
|
|
19
19
|
auth_url TEXT,
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
);
|
|
24
|
-
|
|
25
|
-
CREATE TABLE IF NOT EXISTS public.mcp_credentials (
|
|
26
|
-
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
27
|
-
session_id TEXT NOT NULL,
|
|
28
|
-
user_id TEXT NOT NULL,
|
|
20
|
+
enabled BOOLEAN DEFAULT true,
|
|
21
|
+
tool_policy JSONB, -- optional, see docs/tool-policy
|
|
22
|
+
-- Runtime OAuth credentials (stored in-session, no separate credentials table)
|
|
29
23
|
client_information JSONB,
|
|
30
24
|
tokens JSONB,
|
|
31
25
|
code_verifier TEXT,
|
|
32
26
|
client_id TEXT,
|
|
33
27
|
oauth_state JSONB,
|
|
34
|
-
|
|
35
|
-
updated_at TIMESTAMPTZ NOT NULL DEFAULT now(),
|
|
36
|
-
CONSTRAINT mcp_credentials_session_fk
|
|
37
|
-
FOREIGN KEY (user_id, session_id)
|
|
38
|
-
REFERENCES public.mcp_sessions(user_id, session_id)
|
|
39
|
-
ON DELETE CASCADE,
|
|
40
|
-
CONSTRAINT mcp_credentials_user_session_unique
|
|
28
|
+
CONSTRAINT mcp_sessions_user_session_unique
|
|
41
29
|
UNIQUE (user_id, session_id)
|
|
42
30
|
);
|
|
43
31
|
|
|
44
32
|
CREATE INDEX IF NOT EXISTS idx_mcp_sessions_user_id ON public.mcp_sessions(user_id);
|
|
45
33
|
CREATE INDEX IF NOT EXISTS idx_mcp_sessions_expires_at ON public.mcp_sessions(expires_at);
|
|
46
|
-
CREATE INDEX IF NOT EXISTS idx_mcp_credentials_user_session
|
|
47
|
-
ON public.mcp_credentials(user_id, session_id);
|
|
48
34
|
|
|
49
35
|
CREATE OR REPLACE FUNCTION public.set_current_timestamp_updated_at()
|
|
50
36
|
RETURNS TRIGGER AS $$
|
|
@@ -61,13 +47,6 @@ BEFORE UPDATE ON public.mcp_sessions
|
|
|
61
47
|
FOR EACH ROW
|
|
62
48
|
EXECUTE FUNCTION public.set_current_timestamp_updated_at();
|
|
63
49
|
|
|
64
|
-
DROP TRIGGER IF EXISTS trg_mcp_credentials_updated_at ON public.mcp_credentials;
|
|
65
|
-
|
|
66
|
-
CREATE TRIGGER trg_mcp_credentials_updated_at
|
|
67
|
-
BEFORE UPDATE ON public.mcp_credentials
|
|
68
|
-
FOR EACH ROW
|
|
69
|
-
EXECUTE FUNCTION public.set_current_timestamp_updated_at();
|
|
70
|
-
|
|
71
50
|
-- Optional production configuration:
|
|
72
51
|
-- Create a dedicated app role and use its credentials in NEON_DATABASE_URL.
|
|
73
52
|
-- Replace neondb and the password before running.
|
|
@@ -76,7 +55,6 @@ EXECUTE FUNCTION public.set_current_timestamp_updated_at();
|
|
|
76
55
|
-- GRANT CONNECT ON DATABASE neondb TO mcp_service_role;
|
|
77
56
|
-- GRANT USAGE ON SCHEMA public TO mcp_service_role;
|
|
78
57
|
-- GRANT SELECT, INSERT, UPDATE, DELETE ON public.mcp_sessions TO mcp_service_role;
|
|
79
|
-
-- GRANT SELECT, INSERT, UPDATE, DELETE ON public.mcp_credentials TO mcp_service_role;
|
|
80
58
|
-- GRANT USAGE ON ALL SEQUENCES IN SCHEMA public TO mcp_service_role;
|
|
81
59
|
|
|
82
60
|
-- Optional RLS configuration:
|
|
@@ -90,7 +68,6 @@ EXECUTE FUNCTION public.set_current_timestamp_updated_at();
|
|
|
90
68
|
-- GRANT USAGE ON ALL SEQUENCES IN SCHEMA public TO mcp_service_role;
|
|
91
69
|
--
|
|
92
70
|
-- ALTER TABLE public.mcp_sessions ENABLE ROW LEVEL SECURITY;
|
|
93
|
-
-- ALTER TABLE public.mcp_credentials ENABLE ROW LEVEL SECURITY;
|
|
94
71
|
--
|
|
95
72
|
-- CREATE POLICY mcp_service_role_full_access
|
|
96
73
|
-- ON public.mcp_sessions
|
|
@@ -98,10 +75,3 @@ EXECUTE FUNCTION public.set_current_timestamp_updated_at();
|
|
|
98
75
|
-- TO mcp_service_role
|
|
99
76
|
-- USING (true)
|
|
100
77
|
-- WITH CHECK (true);
|
|
101
|
-
--
|
|
102
|
-
-- CREATE POLICY mcp_service_role_oauth_full_access
|
|
103
|
-
-- ON public.mcp_credentials
|
|
104
|
-
-- FOR ALL
|
|
105
|
-
-- TO mcp_service_role
|
|
106
|
-
-- USING (true)
|
|
107
|
-
-- WITH CHECK (true);
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
-- Create the mcp_sessions table
|
|
1
|
+
-- Create the mcp_sessions table.
|
|
2
2
|
CREATE TABLE IF NOT EXISTS public.mcp_sessions (
|
|
3
3
|
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
4
4
|
session_id TEXT NOT NULL UNIQUE,
|
|
@@ -15,28 +15,15 @@ CREATE TABLE IF NOT EXISTS public.mcp_sessions (
|
|
|
15
15
|
CHECK (status IN ('pending', 'active')),
|
|
16
16
|
headers JSONB,
|
|
17
17
|
auth_url TEXT,
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
);
|
|
22
|
-
|
|
23
|
-
-- Runtime credentials are kept separate from connection metadata.
|
|
24
|
-
CREATE TABLE IF NOT EXISTS public.mcp_credentials (
|
|
25
|
-
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
26
|
-
session_id TEXT NOT NULL,
|
|
27
|
-
user_id TEXT NOT NULL,
|
|
18
|
+
enabled BOOLEAN DEFAULT true,
|
|
19
|
+
tool_policy JSONB, -- optional, see docs/tool-policy
|
|
20
|
+
-- Runtime OAuth credentials (stored in-session, no separate credentials table)
|
|
28
21
|
client_information JSONB,
|
|
29
22
|
tokens JSONB,
|
|
30
23
|
code_verifier TEXT,
|
|
31
24
|
client_id TEXT,
|
|
32
25
|
oauth_state JSONB,
|
|
33
|
-
|
|
34
|
-
updated_at TIMESTAMPTZ NOT NULL DEFAULT now(),
|
|
35
|
-
CONSTRAINT mcp_credentials_session_fk
|
|
36
|
-
FOREIGN KEY (user_id, session_id)
|
|
37
|
-
REFERENCES public.mcp_sessions(user_id, session_id)
|
|
38
|
-
ON DELETE CASCADE,
|
|
39
|
-
CONSTRAINT mcp_credentials_user_session_unique
|
|
26
|
+
CONSTRAINT mcp_sessions_user_session_unique
|
|
40
27
|
UNIQUE (user_id, session_id)
|
|
41
28
|
);
|
|
42
29
|
|
|
@@ -44,8 +31,6 @@ CREATE TABLE IF NOT EXISTS public.mcp_credentials (
|
|
|
44
31
|
CREATE INDEX IF NOT EXISTS idx_mcp_sessions_user_id ON public.mcp_sessions(user_id);
|
|
45
32
|
-- Add an index on expires_at to speed up the cleanup job
|
|
46
33
|
CREATE INDEX IF NOT EXISTS idx_mcp_sessions_expires_at ON public.mcp_sessions(expires_at);
|
|
47
|
-
CREATE INDEX IF NOT EXISTS idx_mcp_credentials_user_session
|
|
48
|
-
ON public.mcp_credentials(user_id, session_id);
|
|
49
34
|
|
|
50
35
|
-- Trigger to automatically update the 'updated_at' column
|
|
51
36
|
CREATE OR REPLACE FUNCTION public.set_current_timestamp_updated_at()
|
|
@@ -62,15 +47,8 @@ BEFORE UPDATE ON public.mcp_sessions
|
|
|
62
47
|
FOR EACH ROW
|
|
63
48
|
EXECUTE FUNCTION public.set_current_timestamp_updated_at();
|
|
64
49
|
|
|
65
|
-
DROP TRIGGER IF EXISTS trg_mcp_credentials_updated_at ON public.mcp_credentials;
|
|
66
|
-
CREATE TRIGGER trg_mcp_credentials_updated_at
|
|
67
|
-
BEFORE UPDATE ON public.mcp_credentials
|
|
68
|
-
FOR EACH ROW
|
|
69
|
-
EXECUTE FUNCTION public.set_current_timestamp_updated_at();
|
|
70
|
-
|
|
71
50
|
-- Enable Row Level Security (RLS)
|
|
72
51
|
ALTER TABLE public.mcp_sessions ENABLE ROW LEVEL SECURITY;
|
|
73
|
-
ALTER TABLE public.mcp_credentials ENABLE ROW LEVEL SECURITY;
|
|
74
52
|
|
|
75
53
|
-- Policy 1: Users can read their own sessions
|
|
76
54
|
CREATE POLICY "Users can view their own sessions"
|
|
@@ -81,14 +59,6 @@ USING (
|
|
|
81
59
|
auth.uid()::text = user_id
|
|
82
60
|
);
|
|
83
61
|
|
|
84
|
-
CREATE POLICY "Users can view their own credentials"
|
|
85
|
-
ON public.mcp_credentials
|
|
86
|
-
FOR SELECT
|
|
87
|
-
TO authenticated
|
|
88
|
-
USING (
|
|
89
|
-
auth.uid()::text = user_id
|
|
90
|
-
);
|
|
91
|
-
|
|
92
62
|
-- Policy 2: Users can insert their own sessions
|
|
93
63
|
CREATE POLICY "Users can insert their own sessions"
|
|
94
64
|
ON public.mcp_sessions
|
|
@@ -98,14 +68,6 @@ WITH CHECK (
|
|
|
98
68
|
auth.uid()::text = user_id
|
|
99
69
|
);
|
|
100
70
|
|
|
101
|
-
CREATE POLICY "Users can insert their own credentials"
|
|
102
|
-
ON public.mcp_credentials
|
|
103
|
-
FOR INSERT
|
|
104
|
-
TO authenticated
|
|
105
|
-
WITH CHECK (
|
|
106
|
-
auth.uid()::text = user_id
|
|
107
|
-
);
|
|
108
|
-
|
|
109
71
|
-- Policy 3: Users can update their own sessions
|
|
110
72
|
CREATE POLICY "Users can update their own sessions"
|
|
111
73
|
ON public.mcp_sessions
|
|
@@ -118,17 +80,6 @@ WITH CHECK (
|
|
|
118
80
|
auth.uid()::text = user_id
|
|
119
81
|
);
|
|
120
82
|
|
|
121
|
-
CREATE POLICY "Users can update their own credentials"
|
|
122
|
-
ON public.mcp_credentials
|
|
123
|
-
FOR UPDATE
|
|
124
|
-
TO authenticated
|
|
125
|
-
USING (
|
|
126
|
-
auth.uid()::text = user_id
|
|
127
|
-
)
|
|
128
|
-
WITH CHECK (
|
|
129
|
-
auth.uid()::text = user_id
|
|
130
|
-
);
|
|
131
|
-
|
|
132
83
|
-- Policy 4: Users can delete their own sessions
|
|
133
84
|
CREATE POLICY "Users can delete their own sessions"
|
|
134
85
|
ON public.mcp_sessions
|
|
@@ -137,11 +88,3 @@ TO authenticated
|
|
|
137
88
|
USING (
|
|
138
89
|
auth.uid()::text = user_id
|
|
139
90
|
);
|
|
140
|
-
|
|
141
|
-
CREATE POLICY "Users can delete their own credentials"
|
|
142
|
-
ON public.mcp_credentials
|
|
143
|
-
FOR DELETE
|
|
144
|
-
TO authenticated
|
|
145
|
-
USING (
|
|
146
|
-
auth.uid()::text = user_id
|
|
147
|
-
);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mcp-ts/sdk",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.6.0",
|
|
4
4
|
"publishConfig": {
|
|
5
5
|
"access": "public"
|
|
6
6
|
},
|
|
@@ -77,6 +77,7 @@
|
|
|
77
77
|
],
|
|
78
78
|
"scripts": {
|
|
79
79
|
"build": "tsup",
|
|
80
|
+
"postbuild": "node -e \"var f='../../../mcp-client/scripts/resolve-local-pkg.cjs';require('fs').existsSync(f)&&require('child_process').execSync('node '+f,{cwd:__dirname,stdio:'inherit'})\"",
|
|
80
81
|
"dev": "tsup --watch",
|
|
81
82
|
"type-check": "tsc --noEmit",
|
|
82
83
|
"clean": "rimraf dist",
|
|
@@ -27,6 +27,7 @@ import type {
|
|
|
27
27
|
ListResourcesResult,
|
|
28
28
|
SetToolPolicyResult,
|
|
29
29
|
GetToolPolicyResult,
|
|
30
|
+
UpdateSessionResult,
|
|
30
31
|
ToolPolicy,
|
|
31
32
|
} from '../../shared/types.js';
|
|
32
33
|
|
|
@@ -117,6 +118,10 @@ export class SSEClient {
|
|
|
117
118
|
return this.sendRequest<GetToolPolicyResult>('getToolPolicy', { sessionId });
|
|
118
119
|
}
|
|
119
120
|
|
|
121
|
+
async updateSession(sessionId: string, enabled: boolean): Promise<UpdateSessionResult> {
|
|
122
|
+
return this.sendRequest<UpdateSessionResult>('updateSession', { sessionId, enabled });
|
|
123
|
+
}
|
|
124
|
+
|
|
120
125
|
async listTools(sessionId: string): Promise<ListToolsRpcResult> {
|
|
121
126
|
return this.sendRequest<ListToolsRpcResult>('listTools', { sessionId });
|
|
122
127
|
}
|
|
@@ -21,6 +21,7 @@ import type {
|
|
|
21
21
|
ToolPolicy,
|
|
22
22
|
SetToolPolicyResult,
|
|
23
23
|
GetToolPolicyResult,
|
|
24
|
+
ConnectParams,
|
|
24
25
|
} from '../../shared/types';
|
|
25
26
|
|
|
26
27
|
export interface UseMcpOptions {
|
|
@@ -114,13 +115,7 @@ export interface McpClient {
|
|
|
114
115
|
/**
|
|
115
116
|
* Connect to an MCP server
|
|
116
117
|
*/
|
|
117
|
-
connect: (params:
|
|
118
|
-
serverId: string;
|
|
119
|
-
serverName: string;
|
|
120
|
-
serverUrl: string;
|
|
121
|
-
callbackUrl: string;
|
|
122
|
-
transportType?: 'sse' | 'streamable-http';
|
|
123
|
-
}) => Promise<string>;
|
|
118
|
+
connect: (params: ConnectParams) => Promise<string>;
|
|
124
119
|
|
|
125
120
|
/**
|
|
126
121
|
* Disconnect from an MCP server
|
|
@@ -130,13 +125,7 @@ export interface McpClient {
|
|
|
130
125
|
/**
|
|
131
126
|
* Reconnect to an MCP server (disconnects existing session first)
|
|
132
127
|
*/
|
|
133
|
-
reconnect: (params:
|
|
134
|
-
serverId: string;
|
|
135
|
-
serverName: string;
|
|
136
|
-
serverUrl: string;
|
|
137
|
-
callbackUrl: string;
|
|
138
|
-
transportType?: 'sse' | 'streamable-http';
|
|
139
|
-
}) => Promise<string>;
|
|
128
|
+
reconnect: (params: ConnectParams) => Promise<string>;
|
|
140
129
|
|
|
141
130
|
/**
|
|
142
131
|
* Get connection by session ID
|
|
@@ -210,6 +199,9 @@ export interface McpClient {
|
|
|
210
199
|
*/
|
|
211
200
|
getToolAccess: (sessionId: string) => Promise<GetToolPolicyResult>;
|
|
212
201
|
|
|
202
|
+
/** Enable or disable a session for agent tool discovery. Tokens are preserved — no re-auth needed when re-enabling. */
|
|
203
|
+
updateSession: (sessionId: string, enabled: boolean) => Promise<{ success: boolean }>;
|
|
204
|
+
|
|
213
205
|
/**
|
|
214
206
|
* List available prompts for a session
|
|
215
207
|
*/
|
|
@@ -484,13 +476,7 @@ export function useMcp(options: UseMcpOptions): McpClient {
|
|
|
484
476
|
* Connect to an MCP server
|
|
485
477
|
*/
|
|
486
478
|
const connect = useCallback(
|
|
487
|
-
async (params: {
|
|
488
|
-
serverId: string;
|
|
489
|
-
serverName: string;
|
|
490
|
-
serverUrl: string;
|
|
491
|
-
callbackUrl: string;
|
|
492
|
-
transportType?: 'sse' | 'streamable-http';
|
|
493
|
-
}): Promise<string> => {
|
|
479
|
+
async (params: ConnectParams): Promise<string> => {
|
|
494
480
|
if (!clientRef.current) {
|
|
495
481
|
throw new Error('SSE client not initialized');
|
|
496
482
|
}
|
|
@@ -505,13 +491,7 @@ export function useMcp(options: UseMcpOptions): McpClient {
|
|
|
505
491
|
* Reconnect to an MCP server (tears down existing session, then connects fresh)
|
|
506
492
|
*/
|
|
507
493
|
const reconnect = useCallback(
|
|
508
|
-
async (params: {
|
|
509
|
-
serverId: string;
|
|
510
|
-
serverName: string;
|
|
511
|
-
serverUrl: string;
|
|
512
|
-
callbackUrl: string;
|
|
513
|
-
transportType?: 'sse' | 'streamable-http';
|
|
514
|
-
}): Promise<string> => {
|
|
494
|
+
async (params: ConnectParams): Promise<string> => {
|
|
515
495
|
if (!clientRef.current) {
|
|
516
496
|
throw new Error('SSE client not initialized');
|
|
517
497
|
}
|
|
@@ -642,6 +622,23 @@ export function useMcp(options: UseMcpOptions): McpClient {
|
|
|
642
622
|
}
|
|
643
623
|
return result;
|
|
644
624
|
}, []);
|
|
625
|
+
const updateSession = useCallback(async (
|
|
626
|
+
sessionId: string,
|
|
627
|
+
enabled: boolean,
|
|
628
|
+
): Promise<{ success: boolean }> => {
|
|
629
|
+
if (!clientRef.current) {
|
|
630
|
+
throw new Error('SSE client not initialized');
|
|
631
|
+
}
|
|
632
|
+
const result = await clientRef.current.updateSession(sessionId, enabled);
|
|
633
|
+
if (isMountedRef.current) {
|
|
634
|
+
setConnections((prev: McpConnection[]) => prev.map((connection) =>
|
|
635
|
+
connection.sessionId === sessionId
|
|
636
|
+
? { ...connection, enabled, updatedAt: new Date() }
|
|
637
|
+
: connection
|
|
638
|
+
));
|
|
639
|
+
}
|
|
640
|
+
return result;
|
|
641
|
+
}, []);
|
|
645
642
|
/**
|
|
646
643
|
* Get all tools with effective access state for a session
|
|
647
644
|
*/
|
|
@@ -747,6 +744,7 @@ export function useMcp(options: UseMcpOptions): McpClient {
|
|
|
747
744
|
listTools,
|
|
748
745
|
updateToolPolicy,
|
|
749
746
|
getToolAccess,
|
|
747
|
+
updateSession,
|
|
750
748
|
listPrompts,
|
|
751
749
|
getPrompt,
|
|
752
750
|
listResources,
|
|
@@ -773,6 +771,7 @@ export function useMcp(options: UseMcpOptions): McpClient {
|
|
|
773
771
|
listTools,
|
|
774
772
|
updateToolPolicy,
|
|
775
773
|
getToolAccess,
|
|
774
|
+
updateSession,
|
|
776
775
|
listPrompts,
|
|
777
776
|
getPrompt,
|
|
778
777
|
listResources,
|