@modelcontextprotocol/server 2.0.0-alpha.4 → 2.0.0-beta.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/dist/ajvProvider-D2kRT_qB.d.cts +1030 -0
- package/dist/ajvProvider-D2kRT_qB.d.cts.map +1 -0
- package/dist/ajvProvider-DhTNkgm1.cjs +7059 -0
- package/dist/ajvProvider-DhTNkgm1.cjs.map +1 -0
- package/dist/cfWorkerProvider-Djgwc46-.cjs +976 -0
- package/dist/cfWorkerProvider-Djgwc46-.cjs.map +1 -0
- package/dist/cfWorkerProvider-RncldJmy.d.cts +59 -0
- package/dist/cfWorkerProvider-RncldJmy.d.cts.map +1 -0
- package/dist/chunk-Bnu9O96Y.cjs +60 -0
- package/dist/createMcpHandler-Du3hjXvf.d.mts.map +1 -1
- package/dist/createMcpHandler-DyxapqGO.d.cts +11190 -0
- package/dist/createMcpHandler-DyxapqGO.d.cts.map +1 -0
- package/dist/index.cjs +1657 -0
- package/dist/index.cjs.map +1 -0
- package/dist/index.d.cts +1745 -0
- package/dist/index.d.cts.map +1 -0
- package/dist/index.mjs +3 -2
- package/dist/index.mjs.map +1 -1
- package/dist/{mcp-JttQJlI9.mjs → mcp-C2tFGfLG.mjs} +18 -5
- package/dist/mcp-C2tFGfLG.mjs.map +1 -0
- package/dist/mcp-DVEehpM2.cjs +10545 -0
- package/dist/mcp-DVEehpM2.cjs.map +1 -0
- package/dist/shimsNode.cjs +12 -0
- package/dist/shimsNode.d.cts +3 -0
- package/dist/shimsWorkerd.cjs +23 -0
- package/dist/shimsWorkerd.cjs.map +1 -0
- package/dist/shimsWorkerd.d.cts +11 -0
- package/dist/shimsWorkerd.d.cts.map +1 -0
- package/dist/stdio.cjs +563 -0
- package/dist/stdio.cjs.map +1 -0
- package/dist/stdio.d.cts +107 -0
- package/dist/stdio.d.cts.map +1 -0
- package/dist/stdio.mjs +1 -1
- package/dist/types-Pc2fJzyM.d.cts +1099 -0
- package/dist/types-Pc2fJzyM.d.cts.map +1 -0
- package/dist/validators/ajv.cjs +10 -0
- package/dist/validators/ajv.d.cts +2 -0
- package/dist/validators/cfWorker.cjs +3 -0
- package/dist/validators/cfWorker.d.cts +2 -0
- package/package.json +69 -20
- package/dist/mcp-JttQJlI9.mjs.map +0 -1
package/dist/index.d.cts
ADDED
|
@@ -0,0 +1,1745 @@
|
|
|
1
|
+
import { $ as StandardSchemaV1, $i as SdkErrorCode, $n as NotificationMethod, $r as SingleSelectEnumSchema, $t as HandlerResultTypeMap, A as ResourceMetadata, Ai as UnsupportedProtocolVersionErrorData, An as ListPromptsResult, Ar as Resource, At as CreateMessageResult, B as ClientContext, Bi as INVALID_REQUEST, Bn as ListToolsResult, Br as ResultTypeMap, Bt as ElicitResult, C as PromptCallback, Ci as ToolChoice, Cn as JSONRPCResultResponse, Cr as RequestId, Ct as CompleteRequestResourceTemplate, D as RegisteredResource, Di as ToolUseContent, Dn as ListChangedHandlers, Dr as RequestMethod, Dt as CreateMessageRequestParams, E as RegisteredPrompt, Ei as ToolResultContent, En as ListChangedCallback, Er as RequestMetaObject, Et as CreateMessageRequest, F as UriTemplate, Fi as CLIENT_CAPABILITIES_META_KEY, Fn as ListRootsRequest, Fr as ResourceTemplateReference, Ft as DiscoverResult, G as RequestHandlerSchemas, Gi as PARSE_ERROR, Gn as MessageExtraInfo, Gr as SamplingMessage, Gt as EnumSchema, H as NotificationOptions, Hi as LATEST_PROTOCOL_VERSION, Hn as LoggingMessageNotification, Hr as Root, Ht as ElicitationCompleteNotificationParams, I as Variables, Ii as CLIENT_INFO_META_KEY, In as ListRootsResult, Ir as ResourceTemplateType, It as ElicitRequest, J as ServerContext, Ji as SUBSCRIPTION_ID_META_KEY, Jn as MissingRequiredClientCapabilityErrorData, Jr as ServerNotification, Jt as GetPromptResult, K as RequestOptions, Ki as PROTOCOL_VERSION_META_KEY, Kn as MetaObject, Kr as SamplingMessageContentBlock, Kt as GetPromptRequest, L as CacheHint, Li as DEFAULT_NEGOTIATED_PROTOCOL_VERSION, Ln as ListTasksRequest, Lr as ResourceUpdatedNotification, Lt as ElicitRequestFormParams, M as ToolCallback, Mi as UntitledSingleSelectEnumSchema, Mn as ListResourceTemplatesResult, Mr as ResourceLink, Mt as CreateTaskResult, N as Server, Ni as schemas_d_exports, Nn as ListResourcesRequest, Nr as ResourceListChangedNotification, Nt as Cursor, O as RegisteredResourceTemplate, Oi as UnsubscribeRequest, On as ListChangedOptions, Or as RequestParams, Ot as CreateMessageRequestParamsBase, P as ServerOptions, Pi as BAGGAGE_META_KEY, Pn as ListResourcesResult, Pr as ResourceRequestParams, Pt as DiscoverRequest, Q as createFetchWithInit, Qi as SdkError, Qn as Notification, Qr as SetLevelRequestParams, Qt as GetTaskResult, R as CacheScope, Ri as INTERNAL_ERROR, Rn as ListTasksResult, Rr as ResourceUpdatedNotificationParams, Rt as ElicitRequestParams, S as McpServer, Si as ToolAnnotations, Sn as JSONRPCResponse, Sr as Request$1, St as CompleteRequestPrompt, T as ReadResourceTemplateCallback, Ti as ToolListChangedNotification, Tn as LegacyTitledEnumSchema, Tr as RequestMetaEnvelope, Tt as ContentBlock, U as ProgressCallback, Ui as LOG_LEVEL_META_KEY, Un as LoggingMessageNotificationParams, Ur as RootsListChangedNotification, Ut as EmbeddedResource, V as DEFAULT_REQUEST_TIMEOUT_MSEC, Vi as JSONRPC_VERSION, Vn as LoggingLevel, Vr as Role, Vt as ElicitationCompleteNotification, W as ProtocolOptions, Wi as METHOD_NOT_FOUND, Wn as MessageClassification, Wr as SamplingContent, Wt as EmptyResult, X as Transport, Xi as TRACEPARENT_META_KEY, Xn as ModelPreferences, Xr as ServerResult, Xt as GetTaskPayloadResult, Y as FetchLike, Yi as SUPPORTED_PROTOCOL_VERSIONS, Yn as ModelHint, Yr as ServerRequest, Yt as GetTaskPayloadRequest, Z as TransportSendOptions, Zi as TRACESTATE_META_KEY, Zn as MultiSelectEnumSchema, Zr as SetLevelRequest, Zt as GetTaskRequest, _ as PerRequestResponseMode, _i as TextContent, _n as JSONObject, _r as PromptReference, _t as ClientRequest, a as McpRequestContext, ai as SubscriptionsAcknowledgedNotificationParams, an as InitializeRequestParams, ar as PaginatedResult, at as BaseMetadata, b as CompleteResourceTemplateCallback, bi as TitledSingleSelectEnumSchema, bn as JSONRPCNotification, br as ReadResourceResult, bt as CompleteRequest, c as isLegacyRequest, ci as SubscriptionsListenResult, cn as InputRequest, cr as PrimitiveSchemaDefinition, ct as CallToolRequest, d as ServerEvent, di as TaskAugmentedRequestParams, dn as InputResponse, dr as ProgressNotificationParams, dt as CancelTaskRequest, ea as SdkHttpError, ei as StringSchema, en as Icon, er as NotificationParams, et as StandardSchemaV1Sync, f as ServerEventBus, fi as TaskCreationParams, fn as InputResponses, fr as ProgressToken, ft as CancelTaskResult, g as PerRequestMessageExtra, gi as TaskStatusNotificationParams, gn as JSONArray, gr as PromptMessage, gt as ClientNotification, h as PerRequestHTTPServerTransportOptions, hi as TaskStatusNotification, hn as InvalidRequestError, hr as PromptListChangedNotification, ht as ClientCapabilities, i as McpHttpHandler, ii as SubscriptionsAcknowledgedNotification, in as InitializeRequest, ir as PaginatedRequestParams, it as AuthInfo, j as ResourceTemplate, ji as UntitledMultiSelectEnumSchema, jn as ListResourceTemplatesRequest, jr as ResourceContents, jt as CreateMessageResultWithTools, k as RegisteredTool, ki as UnsubscribeRequestParams, kn as ListPromptsRequest, kr as RequestTypeMap, kt as CreateMessageRequestParamsWithTools, l as legacyStatelessFallback, li as SubscriptionsListenResultMeta, ln as InputRequests, lr as Progress, lt as CallToolRequestParams, m as PerRequestHTTPServerTransport, mi as TaskStatus, mn as InvalidParamsError, mr as PromptArgument, mt as CancelledNotificationParams, n as LegacyHttpHandler, ni as SubscribeRequestParams, nn as ImageContent, nr as NumberSchema, nt as Annotations, o as McpServerFactory, oi as SubscriptionsListenRequest, on as InitializeResult, or as ParseError, ot as BlobResourceContents, p as ServerNotifier, pi as TaskMetadata, pn as InternalError, pr as Prompt, pt as CancelledNotification, q as RequestStateAccessor, qi as RELATED_TASK_META_KEY, qn as MethodNotFoundError, qr as ServerCapabilities, qt as GetPromptRequestParams, r as McpHandlerRequestOptions, ri as SubscriptionFilter, rn as Implementation, rr as PaginatedRequest, rt as AudioContent, s as createMcpHandler, si as SubscriptionsListenRequestParams, sn as InitializedNotification, sr as PingRequest, st as BooleanSchema, t as CreateMcpHandlerOptions, ta as SdkHttpErrorData, ti as SubscribeRequest, tn as Icons, tr as NotificationTypeMap, tt as StandardSchemaWithJSON, u as InMemoryServerEventBus, ui as Task, un as InputRequiredResult, ur as ProgressNotification, ut as CallToolResult, v as AnyToolHandler, vi as TextResourceContents, vn as JSONRPCErrorResponse, vr as ReadResourceRequest, vt as ClientResult, w as ReadResourceCallback, wi as ToolExecution, wn as JSONValue, wr as RequestMeta, wt as CompleteResult, x as ListResourcesCallback, xi as Tool, xn as JSONRPCRequest, xr as RelatedTaskMetadata, xt as CompleteRequestParams, y as BaseToolCallback, yi as TitledMultiSelectEnumSchema, yn as JSONRPCMessage, yr as ReadResourceRequestParams, yt as CompatibilityCallToolResult, z as BaseContext, zi as INVALID_PARAMS, zn as ListToolsRequest, zr as Result, zt as ElicitRequestURLParams } from "./createMcpHandler-DyxapqGO.cjs";
|
|
2
|
+
import { t as AjvJsonSchemaValidator } from "./ajvProvider-D2kRT_qB.cjs";
|
|
3
|
+
import { i as jsonSchemaValidator, n as JsonSchemaValidator, r as JsonSchemaValidatorResult, t as JsonSchemaType } from "./types-Pc2fJzyM.cjs";
|
|
4
|
+
import { n as CfWorkerSchemaDraft, t as CfWorkerJsonSchemaValidator } from "./cfWorkerProvider-RncldJmy.cjs";
|
|
5
|
+
import * as z from "zod/v4";
|
|
6
|
+
|
|
7
|
+
//#region ../core-internal/src/shared/auth.d.ts
|
|
8
|
+
|
|
9
|
+
/**
|
|
10
|
+
* RFC 9728 OAuth Protected Resource Metadata
|
|
11
|
+
*/
|
|
12
|
+
declare const OAuthProtectedResourceMetadataSchema: z.ZodObject<{
|
|
13
|
+
resource: z.ZodString;
|
|
14
|
+
authorization_servers: z.ZodOptional<z.ZodArray<z.ZodURL>>;
|
|
15
|
+
jwks_uri: z.ZodOptional<z.ZodString>;
|
|
16
|
+
scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
17
|
+
bearer_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
18
|
+
resource_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
19
|
+
resource_name: z.ZodOptional<z.ZodString>;
|
|
20
|
+
resource_documentation: z.ZodOptional<z.ZodString>;
|
|
21
|
+
resource_policy_uri: z.ZodOptional<z.ZodString>;
|
|
22
|
+
resource_tos_uri: z.ZodOptional<z.ZodString>;
|
|
23
|
+
tls_client_certificate_bound_access_tokens: z.ZodOptional<z.ZodBoolean>;
|
|
24
|
+
authorization_details_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
25
|
+
dpop_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
26
|
+
dpop_bound_access_tokens_required: z.ZodOptional<z.ZodBoolean>;
|
|
27
|
+
}, z.core.$loose>;
|
|
28
|
+
/**
|
|
29
|
+
* RFC 8414 OAuth 2.0 Authorization Server Metadata
|
|
30
|
+
*/
|
|
31
|
+
declare const OAuthMetadataSchema: z.ZodObject<{
|
|
32
|
+
issuer: z.ZodString;
|
|
33
|
+
authorization_endpoint: z.ZodURL;
|
|
34
|
+
token_endpoint: z.ZodURL;
|
|
35
|
+
registration_endpoint: z.ZodOptional<z.ZodURL>;
|
|
36
|
+
scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
37
|
+
response_types_supported: z.ZodArray<z.ZodString>;
|
|
38
|
+
response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
39
|
+
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
40
|
+
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
41
|
+
token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
42
|
+
service_documentation: z.ZodOptional<z.ZodURL>;
|
|
43
|
+
revocation_endpoint: z.ZodOptional<z.ZodURL>;
|
|
44
|
+
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
45
|
+
revocation_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
46
|
+
introspection_endpoint: z.ZodOptional<z.ZodString>;
|
|
47
|
+
introspection_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
48
|
+
introspection_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
49
|
+
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
50
|
+
client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
|
|
51
|
+
authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
|
|
52
|
+
}, z.core.$loose>;
|
|
53
|
+
/**
|
|
54
|
+
* OpenID Connect Discovery 1.0 Provider Metadata
|
|
55
|
+
*
|
|
56
|
+
* @see https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
|
|
57
|
+
*/
|
|
58
|
+
declare const OpenIdProviderMetadataSchema: z.ZodObject<{
|
|
59
|
+
issuer: z.ZodString;
|
|
60
|
+
authorization_endpoint: z.ZodURL;
|
|
61
|
+
token_endpoint: z.ZodURL;
|
|
62
|
+
userinfo_endpoint: z.ZodOptional<z.ZodURL>;
|
|
63
|
+
jwks_uri: z.ZodURL;
|
|
64
|
+
registration_endpoint: z.ZodOptional<z.ZodURL>;
|
|
65
|
+
scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
66
|
+
response_types_supported: z.ZodArray<z.ZodString>;
|
|
67
|
+
response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
68
|
+
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
69
|
+
acr_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
70
|
+
subject_types_supported: z.ZodArray<z.ZodString>;
|
|
71
|
+
id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
|
|
72
|
+
id_token_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
73
|
+
id_token_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
74
|
+
userinfo_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
75
|
+
userinfo_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
76
|
+
userinfo_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
77
|
+
request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
78
|
+
request_object_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
79
|
+
request_object_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
80
|
+
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
81
|
+
token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
82
|
+
display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
83
|
+
claim_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
84
|
+
claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
85
|
+
service_documentation: z.ZodOptional<z.ZodString>;
|
|
86
|
+
claims_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
87
|
+
ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
88
|
+
claims_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
89
|
+
request_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
90
|
+
request_uri_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
91
|
+
require_request_uri_registration: z.ZodOptional<z.ZodBoolean>;
|
|
92
|
+
op_policy_uri: z.ZodOptional<z.ZodURL>;
|
|
93
|
+
op_tos_uri: z.ZodOptional<z.ZodURL>;
|
|
94
|
+
client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
|
|
95
|
+
authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
|
|
96
|
+
}, z.core.$loose>;
|
|
97
|
+
/**
|
|
98
|
+
* OpenID Connect Discovery metadata that may include OAuth 2.0 fields
|
|
99
|
+
* This schema represents the real-world scenario where OIDC providers
|
|
100
|
+
* return a mix of OpenID Connect and OAuth 2.0 metadata fields
|
|
101
|
+
*/
|
|
102
|
+
declare const OpenIdProviderDiscoveryMetadataSchema: z.ZodObject<{
|
|
103
|
+
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
104
|
+
issuer: z.ZodString;
|
|
105
|
+
authorization_endpoint: z.ZodURL;
|
|
106
|
+
token_endpoint: z.ZodURL;
|
|
107
|
+
userinfo_endpoint: z.ZodOptional<z.ZodURL>;
|
|
108
|
+
jwks_uri: z.ZodURL;
|
|
109
|
+
registration_endpoint: z.ZodOptional<z.ZodURL>;
|
|
110
|
+
scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
111
|
+
response_types_supported: z.ZodArray<z.ZodString>;
|
|
112
|
+
response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
113
|
+
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
114
|
+
acr_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
115
|
+
subject_types_supported: z.ZodArray<z.ZodString>;
|
|
116
|
+
id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
|
|
117
|
+
id_token_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
118
|
+
id_token_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
119
|
+
userinfo_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
120
|
+
userinfo_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
121
|
+
userinfo_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
122
|
+
request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
123
|
+
request_object_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
124
|
+
request_object_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
125
|
+
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
126
|
+
token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
127
|
+
display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
128
|
+
claim_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
129
|
+
claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
130
|
+
service_documentation: z.ZodOptional<z.ZodString>;
|
|
131
|
+
claims_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
132
|
+
ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
133
|
+
claims_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
134
|
+
request_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
135
|
+
request_uri_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
136
|
+
require_request_uri_registration: z.ZodOptional<z.ZodBoolean>;
|
|
137
|
+
op_policy_uri: z.ZodOptional<z.ZodURL>;
|
|
138
|
+
op_tos_uri: z.ZodOptional<z.ZodURL>;
|
|
139
|
+
client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
|
|
140
|
+
authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
|
|
141
|
+
}, z.core.$strip>;
|
|
142
|
+
/**
|
|
143
|
+
* OAuth 2.1 token response
|
|
144
|
+
*/
|
|
145
|
+
declare const OAuthTokensSchema: z.ZodObject<{
|
|
146
|
+
access_token: z.ZodString;
|
|
147
|
+
id_token: z.ZodOptional<z.ZodString>;
|
|
148
|
+
token_type: z.ZodString;
|
|
149
|
+
expires_in: z.ZodOptional<z.ZodCoercedNumber<unknown>>;
|
|
150
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
151
|
+
refresh_token: z.ZodOptional<z.ZodString>;
|
|
152
|
+
}, z.core.$strip>;
|
|
153
|
+
/**
|
|
154
|
+
* RFC 8693 §2.2.1 Token Exchange response for ID-JAG tokens.
|
|
155
|
+
*
|
|
156
|
+
* `token_type` is intentionally optional: per RFC 8693 §2.2.1 it is informational when
|
|
157
|
+
* the issued token is not an access token, and per RFC 6749 §5.1 it is case-insensitive,
|
|
158
|
+
* so strict checking rejects conformant IdPs.
|
|
159
|
+
*/
|
|
160
|
+
declare const IdJagTokenExchangeResponseSchema: z.ZodObject<{
|
|
161
|
+
issued_token_type: z.ZodLiteral<"urn:ietf:params:oauth:token-type:id-jag">;
|
|
162
|
+
access_token: z.ZodString;
|
|
163
|
+
token_type: z.ZodOptional<z.ZodString>;
|
|
164
|
+
expires_in: z.ZodOptional<z.ZodNumber>;
|
|
165
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
166
|
+
}, z.core.$strip>;
|
|
167
|
+
type IdJagTokenExchangeResponse = z.infer<typeof IdJagTokenExchangeResponseSchema>;
|
|
168
|
+
/**
|
|
169
|
+
* OAuth 2.1 error response
|
|
170
|
+
*/
|
|
171
|
+
declare const OAuthErrorResponseSchema: z.ZodObject<{
|
|
172
|
+
error: z.ZodString;
|
|
173
|
+
error_description: z.ZodOptional<z.ZodString>;
|
|
174
|
+
error_uri: z.ZodOptional<z.ZodString>;
|
|
175
|
+
}, z.core.$strip>;
|
|
176
|
+
/**
|
|
177
|
+
* RFC 7591 OAuth 2.0 Dynamic Client Registration metadata
|
|
178
|
+
*/
|
|
179
|
+
declare const OAuthClientMetadataSchema: z.ZodObject<{
|
|
180
|
+
redirect_uris: z.ZodArray<z.ZodURL>;
|
|
181
|
+
token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
|
|
182
|
+
grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
183
|
+
response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
184
|
+
application_type: z.ZodOptional<z.ZodString>;
|
|
185
|
+
client_name: z.ZodOptional<z.ZodString>;
|
|
186
|
+
client_uri: z.ZodOptional<z.ZodURL>;
|
|
187
|
+
logo_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
|
|
188
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
189
|
+
contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
190
|
+
tos_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
|
|
191
|
+
policy_uri: z.ZodOptional<z.ZodString>;
|
|
192
|
+
jwks_uri: z.ZodOptional<z.ZodURL>;
|
|
193
|
+
jwks: z.ZodOptional<z.ZodAny>;
|
|
194
|
+
software_id: z.ZodOptional<z.ZodString>;
|
|
195
|
+
software_version: z.ZodOptional<z.ZodString>;
|
|
196
|
+
software_statement: z.ZodOptional<z.ZodString>;
|
|
197
|
+
}, z.core.$strip>;
|
|
198
|
+
/**
|
|
199
|
+
* RFC 7591 OAuth 2.0 Dynamic Client Registration client information
|
|
200
|
+
*/
|
|
201
|
+
declare const OAuthClientInformationSchema: z.ZodObject<{
|
|
202
|
+
client_id: z.ZodString;
|
|
203
|
+
client_secret: z.ZodOptional<z.ZodString>;
|
|
204
|
+
client_id_issued_at: z.ZodOptional<z.ZodNumber>;
|
|
205
|
+
client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
|
|
206
|
+
}, z.core.$strip>;
|
|
207
|
+
/**
|
|
208
|
+
* RFC 7591 OAuth 2.0 Dynamic Client Registration full response (client information plus metadata)
|
|
209
|
+
*/
|
|
210
|
+
declare const OAuthClientInformationFullSchema: z.ZodObject<{
|
|
211
|
+
redirect_uris: z.ZodArray<z.ZodURL>;
|
|
212
|
+
token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
|
|
213
|
+
grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
214
|
+
response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
215
|
+
application_type: z.ZodOptional<z.ZodString>;
|
|
216
|
+
client_name: z.ZodOptional<z.ZodString>;
|
|
217
|
+
client_uri: z.ZodOptional<z.ZodURL>;
|
|
218
|
+
logo_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
|
|
219
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
220
|
+
contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
221
|
+
tos_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
|
|
222
|
+
policy_uri: z.ZodOptional<z.ZodString>;
|
|
223
|
+
jwks_uri: z.ZodOptional<z.ZodURL>;
|
|
224
|
+
jwks: z.ZodOptional<z.ZodAny>;
|
|
225
|
+
software_id: z.ZodOptional<z.ZodString>;
|
|
226
|
+
software_version: z.ZodOptional<z.ZodString>;
|
|
227
|
+
software_statement: z.ZodOptional<z.ZodString>;
|
|
228
|
+
client_id: z.ZodString;
|
|
229
|
+
client_secret: z.ZodOptional<z.ZodString>;
|
|
230
|
+
client_id_issued_at: z.ZodOptional<z.ZodNumber>;
|
|
231
|
+
client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
|
|
232
|
+
}, z.core.$strip>;
|
|
233
|
+
/**
|
|
234
|
+
* RFC 7591 OAuth 2.0 Dynamic Client Registration error response
|
|
235
|
+
*/
|
|
236
|
+
declare const OAuthClientRegistrationErrorSchema: z.ZodObject<{
|
|
237
|
+
error: z.ZodString;
|
|
238
|
+
error_description: z.ZodOptional<z.ZodString>;
|
|
239
|
+
}, z.core.$strip>;
|
|
240
|
+
/**
|
|
241
|
+
* RFC 7009 OAuth 2.0 Token Revocation request
|
|
242
|
+
*/
|
|
243
|
+
declare const OAuthTokenRevocationRequestSchema: z.ZodObject<{
|
|
244
|
+
token: z.ZodString;
|
|
245
|
+
token_type_hint: z.ZodOptional<z.ZodString>;
|
|
246
|
+
}, z.core.$strip>;
|
|
247
|
+
type OAuthMetadata = z.infer<typeof OAuthMetadataSchema>;
|
|
248
|
+
type OpenIdProviderMetadata = z.infer<typeof OpenIdProviderMetadataSchema>;
|
|
249
|
+
type OpenIdProviderDiscoveryMetadata = z.infer<typeof OpenIdProviderDiscoveryMetadataSchema>;
|
|
250
|
+
type OAuthTokens = z.infer<typeof OAuthTokensSchema>;
|
|
251
|
+
type OAuthErrorResponse = z.infer<typeof OAuthErrorResponseSchema>;
|
|
252
|
+
type OAuthClientMetadata = z.infer<typeof OAuthClientMetadataSchema>;
|
|
253
|
+
type OAuthClientInformation = z.infer<typeof OAuthClientInformationSchema>;
|
|
254
|
+
type OAuthClientInformationFull = z.infer<typeof OAuthClientInformationFullSchema>;
|
|
255
|
+
type OAuthClientInformationMixed = OAuthClientInformation | OAuthClientInformationFull;
|
|
256
|
+
/**
|
|
257
|
+
* {@linkcode OAuthTokens} as persisted by an `OAuthClientProvider`. Adds an
|
|
258
|
+
* SDK-stamped authorization-server `issuer` identifier so stored tokens are
|
|
259
|
+
* bound to the AS that issued them. The `issuer` field is **not** part of the
|
|
260
|
+
* RFC 6749 wire response and is intentionally absent from the wire-response
|
|
261
|
+
* schema; the client SDK writes it before calling `saveTokens`.
|
|
262
|
+
*/
|
|
263
|
+
type StoredOAuthTokens = OAuthTokens & {
|
|
264
|
+
issuer?: string;
|
|
265
|
+
};
|
|
266
|
+
/**
|
|
267
|
+
* {@linkcode OAuthClientInformationMixed} as persisted by an
|
|
268
|
+
* `OAuthClientProvider`. Adds an SDK-stamped authorization-server `issuer`
|
|
269
|
+
* identifier so stored client credentials are bound to the AS that issued them.
|
|
270
|
+
* The `issuer` field is **not** part of the RFC 7591 wire response and is
|
|
271
|
+
* intentionally absent from the wire-response schema; the client SDK writes it
|
|
272
|
+
* before calling `saveClientInformation`.
|
|
273
|
+
*/
|
|
274
|
+
type StoredOAuthClientInformation = OAuthClientInformationMixed & {
|
|
275
|
+
issuer?: string;
|
|
276
|
+
};
|
|
277
|
+
type OAuthClientRegistrationError = z.infer<typeof OAuthClientRegistrationErrorSchema>;
|
|
278
|
+
type OAuthTokenRevocationRequest = z.infer<typeof OAuthTokenRevocationRequestSchema>;
|
|
279
|
+
type OAuthProtectedResourceMetadata = z.infer<typeof OAuthProtectedResourceMetadataSchema>;
|
|
280
|
+
type AuthorizationServerMetadata = OAuthMetadata | OpenIdProviderDiscoveryMetadata;
|
|
281
|
+
//#endregion
|
|
282
|
+
//#region ../core-internal/src/auth/errors.d.ts
|
|
283
|
+
/**
|
|
284
|
+
* OAuth error codes as defined by {@link https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 | RFC 6749}
|
|
285
|
+
* and extensions.
|
|
286
|
+
*/
|
|
287
|
+
declare enum OAuthErrorCode {
|
|
288
|
+
/**
|
|
289
|
+
* The request is missing a required parameter, includes an invalid parameter value,
|
|
290
|
+
* includes a parameter more than once, or is otherwise malformed.
|
|
291
|
+
*/
|
|
292
|
+
InvalidRequest = "invalid_request",
|
|
293
|
+
/**
|
|
294
|
+
* Client authentication failed (e.g., unknown client, no client authentication included,
|
|
295
|
+
* or unsupported authentication method).
|
|
296
|
+
*/
|
|
297
|
+
InvalidClient = "invalid_client",
|
|
298
|
+
/**
|
|
299
|
+
* The provided authorization grant or refresh token is invalid, expired, revoked,
|
|
300
|
+
* does not match the redirection URI used in the authorization request, or was issued to another client.
|
|
301
|
+
*/
|
|
302
|
+
InvalidGrant = "invalid_grant",
|
|
303
|
+
/**
|
|
304
|
+
* The authenticated client is not authorized to use this authorization grant type.
|
|
305
|
+
*/
|
|
306
|
+
UnauthorizedClient = "unauthorized_client",
|
|
307
|
+
/**
|
|
308
|
+
* The authorization grant type is not supported by the authorization server.
|
|
309
|
+
*/
|
|
310
|
+
UnsupportedGrantType = "unsupported_grant_type",
|
|
311
|
+
/**
|
|
312
|
+
* The requested scope is invalid, unknown, malformed, or exceeds the scope granted by the resource owner.
|
|
313
|
+
*/
|
|
314
|
+
InvalidScope = "invalid_scope",
|
|
315
|
+
/**
|
|
316
|
+
* The resource owner or authorization server denied the request.
|
|
317
|
+
*/
|
|
318
|
+
AccessDenied = "access_denied",
|
|
319
|
+
/**
|
|
320
|
+
* The authorization server encountered an unexpected condition that prevented it from fulfilling the request.
|
|
321
|
+
*/
|
|
322
|
+
ServerError = "server_error",
|
|
323
|
+
/**
|
|
324
|
+
* The authorization server is currently unable to handle the request due to temporary overloading or maintenance.
|
|
325
|
+
*/
|
|
326
|
+
TemporarilyUnavailable = "temporarily_unavailable",
|
|
327
|
+
/**
|
|
328
|
+
* The authorization server does not support obtaining an authorization code using this method.
|
|
329
|
+
*/
|
|
330
|
+
UnsupportedResponseType = "unsupported_response_type",
|
|
331
|
+
/**
|
|
332
|
+
* The authorization server does not support the requested token type.
|
|
333
|
+
*/
|
|
334
|
+
UnsupportedTokenType = "unsupported_token_type",
|
|
335
|
+
/**
|
|
336
|
+
* The access token provided is expired, revoked, malformed, or invalid for other reasons.
|
|
337
|
+
*/
|
|
338
|
+
InvalidToken = "invalid_token",
|
|
339
|
+
/**
|
|
340
|
+
* The HTTP method used is not allowed for this endpoint. (Custom, non-standard error)
|
|
341
|
+
*/
|
|
342
|
+
MethodNotAllowed = "method_not_allowed",
|
|
343
|
+
/**
|
|
344
|
+
* Rate limit exceeded. (Custom, non-standard error based on RFC 6585)
|
|
345
|
+
*/
|
|
346
|
+
TooManyRequests = "too_many_requests",
|
|
347
|
+
/**
|
|
348
|
+
* The client metadata is invalid. (Custom error for dynamic client registration - RFC 7591)
|
|
349
|
+
*/
|
|
350
|
+
InvalidClientMetadata = "invalid_client_metadata",
|
|
351
|
+
/**
|
|
352
|
+
* The value of one or more redirection URIs is invalid. (Dynamic client registration - RFC 7591 §3.2.2)
|
|
353
|
+
*/
|
|
354
|
+
InvalidRedirectUri = "invalid_redirect_uri",
|
|
355
|
+
/**
|
|
356
|
+
* The request requires higher privileges than provided by the access token.
|
|
357
|
+
*/
|
|
358
|
+
InsufficientScope = "insufficient_scope",
|
|
359
|
+
/**
|
|
360
|
+
* The requested resource is invalid, missing, unknown, or malformed. (Custom error for resource indicators - RFC 8707)
|
|
361
|
+
*/
|
|
362
|
+
InvalidTarget = "invalid_target",
|
|
363
|
+
}
|
|
364
|
+
/**
|
|
365
|
+
* OAuth error class for all OAuth-related errors.
|
|
366
|
+
*/
|
|
367
|
+
declare class OAuthError extends Error {
|
|
368
|
+
readonly code: OAuthErrorCode | string;
|
|
369
|
+
readonly errorUri?: string | undefined;
|
|
370
|
+
constructor(code: OAuthErrorCode | string, message: string, errorUri?: string | undefined);
|
|
371
|
+
/**
|
|
372
|
+
* Converts the error to a standard OAuth error response object.
|
|
373
|
+
*/
|
|
374
|
+
toResponseObject(): OAuthErrorResponse;
|
|
375
|
+
/**
|
|
376
|
+
* Creates an {@linkcode OAuthError} from an OAuth error response.
|
|
377
|
+
*/
|
|
378
|
+
static fromResponse(response: OAuthErrorResponse): OAuthError;
|
|
379
|
+
}
|
|
380
|
+
//#endregion
|
|
381
|
+
//#region ../core-internal/src/shared/authUtils.d.ts
|
|
382
|
+
/**
|
|
383
|
+
* Utilities for handling OAuth resource URIs.
|
|
384
|
+
*/
|
|
385
|
+
/**
|
|
386
|
+
* Converts a server URL to a resource URL by removing the fragment.
|
|
387
|
+
* {@link https://datatracker.ietf.org/doc/html/rfc8707#section-2 | RFC 8707 section 2}
|
|
388
|
+
* states that resource URIs "MUST NOT include a fragment component".
|
|
389
|
+
* Keeps everything else unchanged (scheme, domain, port, path, query).
|
|
390
|
+
*/
|
|
391
|
+
declare function resourceUrlFromServerUrl(url: URL | string): URL;
|
|
392
|
+
/**
|
|
393
|
+
* Checks if a requested resource URL matches a configured resource URL.
|
|
394
|
+
* A requested resource matches if it has the same scheme, domain, port,
|
|
395
|
+
* and its path starts with the configured resource's path.
|
|
396
|
+
*
|
|
397
|
+
* @param options - The options object
|
|
398
|
+
* @param options.requestedResource - The resource URL being requested
|
|
399
|
+
* @param options.configuredResource - The resource URL that has been configured
|
|
400
|
+
* @returns true if the requested resource matches the configured resource, false otherwise
|
|
401
|
+
*/
|
|
402
|
+
declare function checkResourceAllowed({
|
|
403
|
+
requestedResource,
|
|
404
|
+
configuredResource
|
|
405
|
+
}: {
|
|
406
|
+
requestedResource: URL | string;
|
|
407
|
+
configuredResource: URL | string;
|
|
408
|
+
}): boolean;
|
|
409
|
+
//#endregion
|
|
410
|
+
//#region ../core-internal/src/shared/inboundClassification.d.ts
|
|
411
|
+
/**
|
|
412
|
+
* The transport-neutral description of an inbound HTTP request the classifier
|
|
413
|
+
* evaluates. The caller (the HTTP entry) reads the body exactly once and
|
|
414
|
+
* extracts the two protocol headers; the classifier never touches a request
|
|
415
|
+
* object itself.
|
|
416
|
+
*/
|
|
417
|
+
interface InboundHttpRequest {
|
|
418
|
+
/** The HTTP request method, e.g. `POST`, `GET`, `DELETE`. */
|
|
419
|
+
httpMethod: string;
|
|
420
|
+
/** The value of the `MCP-Protocol-Version` header, when present. */
|
|
421
|
+
protocolVersionHeader?: string;
|
|
422
|
+
/** The value of the `Mcp-Method` header, when present. */
|
|
423
|
+
mcpMethodHeader?: string;
|
|
424
|
+
/** The value of the `Mcp-Name` header, when present. */
|
|
425
|
+
mcpNameHeader?: string;
|
|
426
|
+
/** The parsed JSON request body (`undefined` for body-less methods). */
|
|
427
|
+
body?: unknown;
|
|
428
|
+
}
|
|
429
|
+
/** Why an inbound request was routed to legacy-era serving. */
|
|
430
|
+
type InboundLegacyRouteReason = /** Non-`POST` HTTP method: a body-less 2025-era session operation. */
|
|
431
|
+
'http-method'
|
|
432
|
+
/** An `initialize` request without a valid modern envelope claim — the legacy handshake by definition. */ | 'initialize'
|
|
433
|
+
/** A request without a per-request envelope claim. */ | 'no-claim'
|
|
434
|
+
/** A notification without a body claim or a modern protocol-version header. */ | 'notification'
|
|
435
|
+
/** An all-legacy JSON-RPC batch array. */ | 'batch'
|
|
436
|
+
/** A JSON-RPC response posted to the endpoint (2025-era session traffic). */ | 'response';
|
|
437
|
+
/**
|
|
438
|
+
* The request is legacy-era traffic. It carries no classification on purpose:
|
|
439
|
+
* legacy serving receives it exactly as a hand-wired 2025 transport would.
|
|
440
|
+
*/
|
|
441
|
+
interface InboundLegacyRoute {
|
|
442
|
+
kind: 'legacy';
|
|
443
|
+
reason: InboundLegacyRouteReason;
|
|
444
|
+
/**
|
|
445
|
+
* The protocol version the request named, when it named one (an
|
|
446
|
+
* `initialize` body's `protocolVersion`, or the `MCP-Protocol-Version`
|
|
447
|
+
* header). Used to echo `requested` when legacy serving is not configured.
|
|
448
|
+
*/
|
|
449
|
+
requestedVersion?: string;
|
|
450
|
+
}
|
|
451
|
+
/**
|
|
452
|
+
* The request claims the per-request envelope mechanism and is served on the
|
|
453
|
+
* modern path. Discriminated by `messageKind` so the typed `message` narrows
|
|
454
|
+
* with it — the classifier has already proved the JSON-RPC shape via the
|
|
455
|
+
* `isJSONRPCRequest` / `isJSONRPCNotification` guards, so consumers never
|
|
456
|
+
* cast the body again.
|
|
457
|
+
*/
|
|
458
|
+
type InboundModernRoute = {
|
|
459
|
+
kind: 'modern';
|
|
460
|
+
messageKind: 'request';
|
|
461
|
+
/** The classified body — guard-proved {@linkcode JSONRPCRequest} shape. */
|
|
462
|
+
message: JSONRPCRequest;
|
|
463
|
+
/**
|
|
464
|
+
* The classification handed to the per-request transport and validated by
|
|
465
|
+
* the protocol layer against the serving instance's negotiated era.
|
|
466
|
+
*/
|
|
467
|
+
classification: MessageClassification;
|
|
468
|
+
} | {
|
|
469
|
+
kind: 'modern';
|
|
470
|
+
messageKind: 'notification';
|
|
471
|
+
/** The classified body — guard-proved {@linkcode JSONRPCNotification} shape. */
|
|
472
|
+
message: JSONRPCNotification;
|
|
473
|
+
classification: MessageClassification;
|
|
474
|
+
};
|
|
475
|
+
/** The named steps of the inbound validation ladder, in evaluation order. */
|
|
476
|
+
type InboundValidationRung = 'http-method' | 'jsonrpc-shape' | 'era-classification' | 'envelope' | 'method-registry' | 'request-params' | 'standard-header-validation' | 'client-capabilities' | 'param-header-validation';
|
|
477
|
+
/** A ladder rejection: the JSON-RPC error to emit and the HTTP status to emit it with. */
|
|
478
|
+
interface InboundLadderRejection {
|
|
479
|
+
kind: 'reject';
|
|
480
|
+
/** The ladder rung that produced the rejection. */
|
|
481
|
+
rung: InboundValidationRung;
|
|
482
|
+
/** The cell this rejection corresponds to on the ladder cell sheet (stable identifier for tests). */
|
|
483
|
+
cell: string;
|
|
484
|
+
/** The HTTP status the rejection is emitted with. */
|
|
485
|
+
httpStatus: number;
|
|
486
|
+
/** The JSON-RPC error code. */
|
|
487
|
+
code: number;
|
|
488
|
+
/** The JSON-RPC error message. */
|
|
489
|
+
message: string;
|
|
490
|
+
/** Structured error data (recognizers parse this; they never rely on class identity). */
|
|
491
|
+
data?: unknown;
|
|
492
|
+
/**
|
|
493
|
+
* `false` when the exact error code for this cell is not settled upstream
|
|
494
|
+
* yet and the emitted code is provisional.
|
|
495
|
+
*/
|
|
496
|
+
settled: boolean;
|
|
497
|
+
}
|
|
498
|
+
/** The outcome of classifying one inbound HTTP request. */
|
|
499
|
+
type InboundClassificationOutcome = InboundLegacyRoute | InboundModernRoute | InboundLadderRejection;
|
|
500
|
+
/**
|
|
501
|
+
* Classifies one inbound HTTP request for dual-era serving.
|
|
502
|
+
*
|
|
503
|
+
* The body-primary predicate, evaluated once at the entry boundary: see the
|
|
504
|
+
* module documentation for the rules. Returns a routing outcome (`legacy` or
|
|
505
|
+
* `modern`) or a ladder rejection; it never throws.
|
|
506
|
+
*/
|
|
507
|
+
declare function classifyInboundRequest(request: InboundHttpRequest): InboundClassificationOutcome;
|
|
508
|
+
//#endregion
|
|
509
|
+
//#region ../core-internal/src/shared/inputRequired.d.ts
|
|
510
|
+
/** The shape accepted by {@linkcode inputRequired}. */
|
|
511
|
+
interface InputRequiredSpec {
|
|
512
|
+
/** Embedded requests the client must fulfil before retrying. */
|
|
513
|
+
inputRequests?: InputRequests;
|
|
514
|
+
/** Opaque server state echoed back verbatim by the client on retry. */
|
|
515
|
+
requestState?: string;
|
|
516
|
+
}
|
|
517
|
+
interface InputRequiredBuilder {
|
|
518
|
+
/**
|
|
519
|
+
* Builds the input-required return value for a multi-round-trip handler.
|
|
520
|
+
*
|
|
521
|
+
* At least one of `inputRequests` or `requestState` must be provided
|
|
522
|
+
* (spec: basic/patterns/mrtr, server requirements) — the builder throws a
|
|
523
|
+
* `TypeError` otherwise, and the server seam re-checks the same rule for
|
|
524
|
+
* hand-built results.
|
|
525
|
+
*
|
|
526
|
+
* `requestState` is opaque, server-minted state. It round-trips through
|
|
527
|
+
* the client and comes back as attacker-controlled input: a server that
|
|
528
|
+
* lets it influence authorization, resource access, or business logic
|
|
529
|
+
* MUST integrity-protect it (e.g. HMAC or AEAD) and MUST reject state
|
|
530
|
+
* that fails verification. The SDK does not do this for you.
|
|
531
|
+
*/
|
|
532
|
+
(spec: InputRequiredSpec): InputRequiredResult;
|
|
533
|
+
/** Builds an embedded form-mode elicitation request (`elicitation/create`). */
|
|
534
|
+
elicit(params: Omit<ElicitRequestFormParams, 'mode'> & {
|
|
535
|
+
mode?: 'form';
|
|
536
|
+
}): InputRequest;
|
|
537
|
+
/**
|
|
538
|
+
* Builds an embedded URL-mode elicitation request (`elicitation/create`).
|
|
539
|
+
* On the 2026-07-28 revision URL elicitation rides the multi-round-trip
|
|
540
|
+
* flow — the `-32042` error of earlier revisions never appears on this
|
|
541
|
+
* era's wire. The 2025-era `elicitationId` is not part of the 2026-07-28
|
|
542
|
+
* URL-mode shape; correlation across retries is the server's own
|
|
543
|
+
* identifier inside `requestState`.
|
|
544
|
+
*/
|
|
545
|
+
elicitUrl(params: Omit<ElicitRequestURLParams, 'mode' | 'elicitationId'>): InputRequest;
|
|
546
|
+
/** Builds an embedded sampling request (`sampling/createMessage`). */
|
|
547
|
+
createMessage(params: CreateMessageRequestParams): InputRequest;
|
|
548
|
+
/** Builds an embedded roots listing request (`roots/list`). */
|
|
549
|
+
listRoots(): InputRequest;
|
|
550
|
+
}
|
|
551
|
+
/**
|
|
552
|
+
* Builder for the input-required return value of multi-round-trip handlers,
|
|
553
|
+
* with per-kind constructors for the embedded requests
|
|
554
|
+
* (`inputRequired.elicit`, `inputRequired.elicitUrl`,
|
|
555
|
+
* `inputRequired.createMessage`, `inputRequired.listRoots`).
|
|
556
|
+
*
|
|
557
|
+
* @example Write-once tool requesting confirmation
|
|
558
|
+
* ```ts
|
|
559
|
+
* server.registerTool('deploy', { inputSchema: z.object({ env: z.string() }) }, async ({ env }, ctx) => {
|
|
560
|
+
* const confirmed = acceptedContent<{ confirm: boolean }>(ctx.mcpReq.inputResponses, 'confirm');
|
|
561
|
+
* if (!confirmed) {
|
|
562
|
+
* return inputRequired({
|
|
563
|
+
* inputRequests: {
|
|
564
|
+
* confirm: inputRequired.elicit({
|
|
565
|
+
* message: `Deploy to ${env}?`,
|
|
566
|
+
* requestedSchema: { type: 'object', properties: { confirm: { type: 'boolean' } }, required: ['confirm'] }
|
|
567
|
+
* })
|
|
568
|
+
* }
|
|
569
|
+
* });
|
|
570
|
+
* }
|
|
571
|
+
* return { content: [{ type: 'text', text: `deployed to ${env}` }] };
|
|
572
|
+
* });
|
|
573
|
+
* ```
|
|
574
|
+
*/
|
|
575
|
+
declare const inputRequired: InputRequiredBuilder;
|
|
576
|
+
/**
|
|
577
|
+
* Reads the accepted content of a form-mode elicitation response from a
|
|
578
|
+
* retried request's `inputResponses` (`ctx.mcpReq.inputResponses`).
|
|
579
|
+
*
|
|
580
|
+
* Returns the response's `content` for `key` when the entry is an accepted
|
|
581
|
+
* elicitation result, and `undefined` otherwise (missing key, declined or
|
|
582
|
+
* cancelled elicitation, or a response of another kind). The values arrive
|
|
583
|
+
* from the client and are not re-validated here — treat them as untrusted
|
|
584
|
+
* input.
|
|
585
|
+
*/
|
|
586
|
+
declare function acceptedContent<T extends Record<string, unknown> = Record<string, unknown>>(responses: InputResponses | Record<string, unknown> | undefined, key: string): T | undefined;
|
|
587
|
+
/**
|
|
588
|
+
* Schema-aware overload: validates the accepted content against the given
|
|
589
|
+
* schema (any Standard Schema, e.g. a zod object) before returning it, so the
|
|
590
|
+
* untrusted client value arrives in the handler already validated and typed.
|
|
591
|
+
*
|
|
592
|
+
* Returns `undefined` when the response is missing/declined/of another kind
|
|
593
|
+
* (as the two-argument form does) AND when the accepted content fails schema
|
|
594
|
+
* validation — handlers treat both the same way (re-issue the request or
|
|
595
|
+
* give up). Only synchronous schemas are supported (zod schemas without async
|
|
596
|
+
* refinements are synchronous); an asynchronously-validating schema throws a
|
|
597
|
+
* `TypeError`.
|
|
598
|
+
*/
|
|
599
|
+
declare function acceptedContent<S extends StandardSchemaV1>(responses: InputResponses | Record<string, unknown> | undefined, key: string, schema: S): StandardSchemaV1.InferOutput<S> | undefined;
|
|
600
|
+
/**
|
|
601
|
+
* The discriminated view {@linkcode inputResponse} returns: which kind of
|
|
602
|
+
* embedded response (if any) a retried request carried for a key. Bare
|
|
603
|
+
* response objects are discriminated structurally — an `action` member means
|
|
604
|
+
* an elicitation result, a `roots` array a roots listing, a `role` + `content`
|
|
605
|
+
* pair a sampling result. A missing key or an entry that matches none of the
|
|
606
|
+
* three shapes reads as `{ kind: 'missing' }`.
|
|
607
|
+
*/
|
|
608
|
+
type InputResponseView = {
|
|
609
|
+
kind: 'missing';
|
|
610
|
+
} | {
|
|
611
|
+
kind: 'elicit';
|
|
612
|
+
action: 'accept' | 'decline' | 'cancel';
|
|
613
|
+
content?: Record<string, unknown>;
|
|
614
|
+
} | {
|
|
615
|
+
kind: 'sampling';
|
|
616
|
+
result: CreateMessageResult | CreateMessageResultWithTools;
|
|
617
|
+
} | {
|
|
618
|
+
kind: 'roots';
|
|
619
|
+
roots: Root[];
|
|
620
|
+
};
|
|
621
|
+
/**
|
|
622
|
+
* Reads one entry of a retried request's `inputResponses`
|
|
623
|
+
* (`ctx.mcpReq.inputResponses`) as a discriminated view, covering
|
|
624
|
+
* decline/cancel detection and the non-elicitation response kinds that
|
|
625
|
+
* {@linkcode acceptedContent} does not surface.
|
|
626
|
+
*
|
|
627
|
+
* The values arrive from the client and are not re-validated here — treat
|
|
628
|
+
* them as untrusted input (validate elicitation content with the
|
|
629
|
+
* schema-aware {@linkcode acceptedContent} overload where it matters).
|
|
630
|
+
*/
|
|
631
|
+
declare function inputResponse(responses: InputResponses | Record<string, unknown> | undefined, key: string): InputResponseView;
|
|
632
|
+
//#endregion
|
|
633
|
+
//#region ../core-internal/src/types/enums.d.ts
|
|
634
|
+
/**
|
|
635
|
+
* Error codes for protocol errors that cross the wire as JSON-RPC error responses.
|
|
636
|
+
* These follow the JSON-RPC specification and MCP-specific extensions.
|
|
637
|
+
*/
|
|
638
|
+
declare enum ProtocolErrorCode {
|
|
639
|
+
ParseError = -32700,
|
|
640
|
+
InvalidRequest = -32600,
|
|
641
|
+
MethodNotFound = -32601,
|
|
642
|
+
InvalidParams = -32602,
|
|
643
|
+
InternalError = -32603,
|
|
644
|
+
/**
|
|
645
|
+
* Resource not found.
|
|
646
|
+
*
|
|
647
|
+
* Receive-tolerated only: the SDK never EMITS `-32002` — `resources/read`
|
|
648
|
+
* misses answer `-32602` (Invalid Params) on every protocol revision per
|
|
649
|
+
* the 2026-07-28 spec MUST, and a handler-thrown `-32002` is mapped to
|
|
650
|
+
* `-32602` at the era encode seam. The member stays importable so clients
|
|
651
|
+
* can recognise `-32002` from peers built on earlier SDK releases (the
|
|
652
|
+
* spec's "clients SHOULD also accept `-32002`" backwards-compatibility
|
|
653
|
+
* clause). Throw `ResourceNotFoundError` instead.
|
|
654
|
+
*/
|
|
655
|
+
ResourceNotFound = -32002,
|
|
656
|
+
/**
|
|
657
|
+
* Processing the request requires a capability the client did not declare
|
|
658
|
+
* in the request's `clientCapabilities` (protocol revision 2026-07-28).
|
|
659
|
+
*/
|
|
660
|
+
MissingRequiredClientCapability = -32021,
|
|
661
|
+
/**
|
|
662
|
+
* The request's protocol version is unknown to the server or unsupported
|
|
663
|
+
* by it (protocol revision 2026-07-28).
|
|
664
|
+
*/
|
|
665
|
+
UnsupportedProtocolVersion = -32022,
|
|
666
|
+
UrlElicitationRequired = -32042,
|
|
667
|
+
}
|
|
668
|
+
//#endregion
|
|
669
|
+
//#region ../core-internal/src/types/errors.d.ts
|
|
670
|
+
/**
|
|
671
|
+
* Protocol errors are JSON-RPC errors that cross the wire as error responses.
|
|
672
|
+
* They use numeric error codes from the {@linkcode ProtocolErrorCode} enum.
|
|
673
|
+
*/
|
|
674
|
+
declare class ProtocolError extends Error {
|
|
675
|
+
readonly code: number;
|
|
676
|
+
readonly data?: unknown | undefined;
|
|
677
|
+
constructor(code: number, message: string, data?: unknown | undefined);
|
|
678
|
+
/**
|
|
679
|
+
* Factory method to create the appropriate error type based on the error code and data
|
|
680
|
+
*/
|
|
681
|
+
static fromError(code: number, message: string, data?: unknown): ProtocolError;
|
|
682
|
+
}
|
|
683
|
+
/**
|
|
684
|
+
* Error type for a `resources/read` miss: the requested resource does not
|
|
685
|
+
* exist. The wire code is `-32602` (Invalid Params) on every protocol
|
|
686
|
+
* revision — the spec MUST for revision 2026-07-28, and the value the v1.x
|
|
687
|
+
* SDK has always emitted on earlier revisions. The error data echoes the
|
|
688
|
+
* requested URI.
|
|
689
|
+
*
|
|
690
|
+
* Recognise this error by checking `error.data` is exactly `{ uri: string }`
|
|
691
|
+
* (a `-32602` whose data carries `uri` and nothing else is resource-not-found;
|
|
692
|
+
* any other `-32602` is an ordinary Invalid Params). For backwards compatibility, clients should also
|
|
693
|
+
* accept `-32002` as resource not found — earlier SDK builds emitted that
|
|
694
|
+
* code, and {@linkcode ProtocolError.fromError} reconstructs this class for
|
|
695
|
+
* either code **when `error.data` carries `uri`** (a bare `-32002` without
|
|
696
|
+
* `data.uri` stays a generic {@linkcode ProtocolError}). Do not rely on
|
|
697
|
+
* `instanceof` — it does not work across separately bundled copies of the
|
|
698
|
+
* SDK.
|
|
699
|
+
*/
|
|
700
|
+
declare class ResourceNotFoundError extends ProtocolError {
|
|
701
|
+
constructor(uri: string, message?: string);
|
|
702
|
+
/** The URI that was requested and not found. */
|
|
703
|
+
get uri(): string;
|
|
704
|
+
}
|
|
705
|
+
/**
|
|
706
|
+
* Specialized error type when a tool requires a URL mode elicitation.
|
|
707
|
+
* This makes it nicer for the client to handle since there is specific data to work with instead of just a code to check against.
|
|
708
|
+
*/
|
|
709
|
+
declare class UrlElicitationRequiredError extends ProtocolError {
|
|
710
|
+
constructor(elicitations: ElicitRequestURLParams[], message?: string);
|
|
711
|
+
get elicitations(): ElicitRequestURLParams[];
|
|
712
|
+
}
|
|
713
|
+
/**
|
|
714
|
+
* Error type for the `-32022` UnsupportedProtocolVersion protocol error (protocol
|
|
715
|
+
* revision 2026-07-28): the request's protocol version is unknown to the server or
|
|
716
|
+
* unsupported by it.
|
|
717
|
+
*
|
|
718
|
+
* The error data lists the protocol versions the receiver supports (`supported`),
|
|
719
|
+
* so the sender can choose a mutually supported version and retry, and echoes the
|
|
720
|
+
* version that was requested (`requested`).
|
|
721
|
+
*/
|
|
722
|
+
declare class UnsupportedProtocolVersionError extends ProtocolError {
|
|
723
|
+
constructor(data: UnsupportedProtocolVersionErrorData, message?: string);
|
|
724
|
+
/**
|
|
725
|
+
* Protocol versions the receiver supports.
|
|
726
|
+
*/
|
|
727
|
+
get supported(): string[];
|
|
728
|
+
/**
|
|
729
|
+
* The protocol version that was requested.
|
|
730
|
+
*/
|
|
731
|
+
get requested(): string;
|
|
732
|
+
}
|
|
733
|
+
/**
|
|
734
|
+
* Error type for the `-32021` MissingRequiredClientCapability protocol error
|
|
735
|
+
* (protocol revision 2026-07-28): processing the request requires a capability
|
|
736
|
+
* the client did not declare in the request's `clientCapabilities`.
|
|
737
|
+
*
|
|
738
|
+
* The error data lists the missing capabilities (`requiredCapabilities`) in
|
|
739
|
+
* the `ClientCapabilities` shape, so the client can see exactly what it would
|
|
740
|
+
* have to declare for the request to be served. On HTTP, the response status
|
|
741
|
+
* is `400 Bad Request`.
|
|
742
|
+
*
|
|
743
|
+
* Recognize this error by its code and `data.requiredCapabilities` rather than
|
|
744
|
+
* by class identity (`instanceof` does not work across separately bundled
|
|
745
|
+
* copies of the SDK).
|
|
746
|
+
*/
|
|
747
|
+
declare class MissingRequiredClientCapabilityError extends ProtocolError {
|
|
748
|
+
constructor(data: MissingRequiredClientCapabilityErrorData, message?: string);
|
|
749
|
+
/**
|
|
750
|
+
* The capabilities the server requires from the client to process the
|
|
751
|
+
* request (only the missing capabilities are listed).
|
|
752
|
+
*/
|
|
753
|
+
get requiredCapabilities(): ClientCapabilities;
|
|
754
|
+
}
|
|
755
|
+
//#endregion
|
|
756
|
+
//#region ../core-internal/src/types/guards.d.ts
|
|
757
|
+
/**
|
|
758
|
+
* Validates and parses an unknown value as a JSON-RPC message.
|
|
759
|
+
*
|
|
760
|
+
* Use this to validate incoming messages in custom transport implementations.
|
|
761
|
+
* Throws if the value does not conform to the JSON-RPC message schema.
|
|
762
|
+
*
|
|
763
|
+
* @param value - The value to validate (typically a parsed JSON object).
|
|
764
|
+
* @returns The validated {@linkcode JSONRPCMessage}.
|
|
765
|
+
* @throws If validation fails.
|
|
766
|
+
*/
|
|
767
|
+
declare function parseJSONRPCMessage(value: unknown): JSONRPCMessage;
|
|
768
|
+
declare const isJSONRPCRequest: (value: unknown) => value is JSONRPCRequest;
|
|
769
|
+
declare const isJSONRPCNotification: (value: unknown) => value is JSONRPCNotification;
|
|
770
|
+
/**
|
|
771
|
+
* Checks if a value is a valid {@linkcode JSONRPCResultResponse}.
|
|
772
|
+
* @param value - The value to check.
|
|
773
|
+
*
|
|
774
|
+
* @returns True if the value is a valid {@linkcode JSONRPCResultResponse}, false otherwise.
|
|
775
|
+
*/
|
|
776
|
+
declare const isJSONRPCResultResponse: (value: unknown) => value is JSONRPCResultResponse;
|
|
777
|
+
/**
|
|
778
|
+
* Checks if a value is a valid {@linkcode JSONRPCErrorResponse}.
|
|
779
|
+
* @param value - The value to check.
|
|
780
|
+
*
|
|
781
|
+
* @returns True if the value is a valid {@linkcode JSONRPCErrorResponse}, false otherwise.
|
|
782
|
+
*/
|
|
783
|
+
declare const isJSONRPCErrorResponse: (value: unknown) => value is JSONRPCErrorResponse;
|
|
784
|
+
/**
|
|
785
|
+
* Checks if a value is a valid {@linkcode JSONRPCResponse} (either a result or error response).
|
|
786
|
+
* @param value - The value to check.
|
|
787
|
+
*
|
|
788
|
+
* @returns True if the value is a valid {@linkcode JSONRPCResponse}, false otherwise.
|
|
789
|
+
*/
|
|
790
|
+
declare const isJSONRPCResponse: (value: unknown) => value is JSONRPCResponse;
|
|
791
|
+
/**
|
|
792
|
+
* Checks if a value is a valid {@linkcode CallToolResult}.
|
|
793
|
+
*
|
|
794
|
+
* This is a consumer-side VALUE check against the neutral model, not a wire
|
|
795
|
+
* validator: a raw wire object that additionally carries wire-only members
|
|
796
|
+
* (e.g. `resultType`) still passes through the loose index signature. Use a
|
|
797
|
+
* transport-level parse to validate raw wire traffic.
|
|
798
|
+
*
|
|
799
|
+
* @param value - The value to check.
|
|
800
|
+
*
|
|
801
|
+
* @returns True if the value is a valid {@linkcode CallToolResult}, false otherwise.
|
|
802
|
+
*/
|
|
803
|
+
declare const isCallToolResult: (value: unknown) => value is CallToolResult;
|
|
804
|
+
/**
|
|
805
|
+
* Checks whether a value is an input-required result (protocol revision
|
|
806
|
+
* 2026-07-28): the multi-round-trip return shape discriminated by
|
|
807
|
+
* `resultType: 'input_required'`.
|
|
808
|
+
*
|
|
809
|
+
* This is a discriminator check, not a full validator — the at-least-one rule
|
|
810
|
+
* (`inputRequests` or `requestState`) is enforced by the `inputRequired()`
|
|
811
|
+
* builder and re-checked by the server seam for hand-built values.
|
|
812
|
+
*
|
|
813
|
+
* @param value - The value to check.
|
|
814
|
+
* @returns True if the value carries the `input_required` discriminator.
|
|
815
|
+
*/
|
|
816
|
+
declare const isInputRequiredResult: (value: unknown) => value is InputRequiredResult;
|
|
817
|
+
/**
|
|
818
|
+
* Checks if a value is a valid {@linkcode TaskAugmentedRequestParams}.
|
|
819
|
+
* @param value - The value to check.
|
|
820
|
+
*
|
|
821
|
+
* @returns True if the value is a valid {@linkcode TaskAugmentedRequestParams}, false otherwise.
|
|
822
|
+
*
|
|
823
|
+
* @deprecated Recognizes 2025-11-25 task wire vocabulary, which has no SDK
|
|
824
|
+
* runtime; kept importable for interoperability only.
|
|
825
|
+
*/
|
|
826
|
+
declare const isTaskAugmentedRequestParams: (value: unknown) => value is TaskAugmentedRequestParams;
|
|
827
|
+
declare const isInitializeRequest: (value: unknown) => value is InitializeRequest;
|
|
828
|
+
declare const isInitializedNotification: (value: unknown) => value is InitializedNotification;
|
|
829
|
+
declare function assertCompleteRequestPrompt(request: CompleteRequest): asserts request is CompleteRequestPrompt;
|
|
830
|
+
declare function assertCompleteRequestResourceTemplate(request: CompleteRequest): asserts request is CompleteRequestResourceTemplate;
|
|
831
|
+
//#endregion
|
|
832
|
+
//#region ../core-internal/src/types/specTypeSchema.d.ts
|
|
833
|
+
/**
|
|
834
|
+
* Explicit allowlist of protocol Zod schemas that correspond to a public spec type in `types.ts`.
|
|
835
|
+
*
|
|
836
|
+
* This intentionally excludes internal helper schemas exported from `schemas.ts` that have no
|
|
837
|
+
* matching public type (e.g. `ListChangedOptionsBaseSchema`, `BaseRequestParamsSchema`,
|
|
838
|
+
* `NotificationsParamsSchema`, `ClientTasksCapabilitySchema`, `ServerTasksCapabilitySchema`).
|
|
839
|
+
* Keeping the list explicit means new public spec types must be added here deliberately, and
|
|
840
|
+
* internals never leak into `SpecTypeName`.
|
|
841
|
+
*
|
|
842
|
+
* `ResourceTemplateSchema` is included; its public type is exported as `ResourceTemplateType`
|
|
843
|
+
* (the bare name collides with the server package's `ResourceTemplate` class), so
|
|
844
|
+
* `SpecTypes['ResourceTemplate']` is structurally equal to `ResourceTemplateType` rather than to
|
|
845
|
+
* a type literally named `ResourceTemplate`.
|
|
846
|
+
*/
|
|
847
|
+
declare const SPEC_SCHEMA_KEYS: readonly ["AnnotationsSchema", "AudioContentSchema", "BaseMetadataSchema", "BlobResourceContentsSchema", "BooleanSchemaSchema", "CallToolRequestSchema", "CallToolRequestParamsSchema", "CallToolResultSchema", "CancelledNotificationSchema", "CancelledNotificationParamsSchema", "CancelTaskRequestSchema", "CancelTaskResultSchema", "ClientCapabilitiesSchema", "ClientNotificationSchema", "ClientRequestSchema", "ClientResultSchema", "CompatibilityCallToolResultSchema", "CompleteRequestSchema", "CompleteRequestParamsSchema", "CompleteResultSchema", "ContentBlockSchema", "CreateMessageRequestSchema", "CreateMessageRequestParamsSchema", "CreateMessageResultSchema", "CreateMessageResultWithToolsSchema", "CreateTaskResultSchema", "CursorSchema", "DiscoverRequestSchema", "DiscoverResultSchema", "ElicitationCompleteNotificationSchema", "ElicitationCompleteNotificationParamsSchema", "ElicitRequestSchema", "ElicitRequestFormParamsSchema", "ElicitRequestParamsSchema", "ElicitRequestURLParamsSchema", "ElicitResultSchema", "EmbeddedResourceSchema", "EmptyResultSchema", "EnumSchemaSchema", "GetPromptRequestSchema", "GetPromptRequestParamsSchema", "GetPromptResultSchema", "GetTaskPayloadRequestSchema", "GetTaskPayloadResultSchema", "GetTaskRequestSchema", "GetTaskResultSchema", "IconSchema", "IconsSchema", "ImageContentSchema", "ImplementationSchema", "InitializedNotificationSchema", "InitializeRequestSchema", "InitializeRequestParamsSchema", "InitializeResultSchema", "JSONArraySchema", "JSONObjectSchema", "JSONRPCErrorResponseSchema", "JSONRPCMessageSchema", "JSONRPCNotificationSchema", "JSONRPCRequestSchema", "JSONRPCResponseSchema", "JSONRPCResultResponseSchema", "JSONValueSchema", "LegacyTitledEnumSchemaSchema", "ListPromptsRequestSchema", "ListPromptsResultSchema", "ListResourcesRequestSchema", "ListResourcesResultSchema", "ListResourceTemplatesRequestSchema", "ListResourceTemplatesResultSchema", "ListRootsRequestSchema", "ListRootsResultSchema", "ListTasksRequestSchema", "ListTasksResultSchema", "ListToolsRequestSchema", "ListToolsResultSchema", "LoggingLevelSchema", "LoggingMessageNotificationSchema", "LoggingMessageNotificationParamsSchema", "ModelHintSchema", "ModelPreferencesSchema", "MultiSelectEnumSchemaSchema", "NotificationSchema", "NumberSchemaSchema", "PaginatedRequestSchema", "PaginatedRequestParamsSchema", "PaginatedResultSchema", "PingRequestSchema", "PrimitiveSchemaDefinitionSchema", "ProgressSchema", "ProgressNotificationSchema", "ProgressNotificationParamsSchema", "ProgressTokenSchema", "PromptSchema", "PromptArgumentSchema", "PromptListChangedNotificationSchema", "PromptMessageSchema", "PromptReferenceSchema", "ReadResourceRequestSchema", "ReadResourceRequestParamsSchema", "ReadResourceResultSchema", "RelatedTaskMetadataSchema", "RequestSchema", "RequestIdSchema", "RequestMetaSchema", "ResourceSchema", "ResourceContentsSchema", "ResourceLinkSchema", "ResourceListChangedNotificationSchema", "ResourceRequestParamsSchema", "ResourceTemplateSchema", "ResourceTemplateReferenceSchema", "ResourceUpdatedNotificationSchema", "ResourceUpdatedNotificationParamsSchema", "ResultSchema", "RoleSchema", "RootSchema", "RootsListChangedNotificationSchema", "SamplingContentSchema", "SamplingMessageSchema", "SamplingMessageContentBlockSchema", "ServerCapabilitiesSchema", "ServerNotificationSchema", "ServerRequestSchema", "ServerResultSchema", "SetLevelRequestSchema", "SetLevelRequestParamsSchema", "SingleSelectEnumSchemaSchema", "StringSchemaSchema", "SubscribeRequestSchema", "SubscribeRequestParamsSchema", "SubscriptionFilterSchema", "SubscriptionsAcknowledgedNotificationSchema", "SubscriptionsAcknowledgedNotificationParamsSchema", "SubscriptionsListenRequestSchema", "SubscriptionsListenRequestParamsSchema", "SubscriptionsListenResultSchema", "SubscriptionsListenResultMetaSchema", "TaskAugmentedRequestParamsSchema", "TaskCreationParamsSchema", "TaskMetadataSchema", "TaskSchema", "TaskStatusSchema", "TaskStatusNotificationSchema", "TaskStatusNotificationParamsSchema", "TextContentSchema", "TextResourceContentsSchema", "TitledMultiSelectEnumSchemaSchema", "TitledSingleSelectEnumSchemaSchema", "ToolSchema", "ToolAnnotationsSchema", "ToolChoiceSchema", "ToolExecutionSchema", "ToolListChangedNotificationSchema", "ToolResultContentSchema", "ToolUseContentSchema", "UnsubscribeRequestSchema", "UnsubscribeRequestParamsSchema", "UntitledMultiSelectEnumSchemaSchema", "UntitledSingleSelectEnumSchemaSchema"];
|
|
848
|
+
declare const authSchemas: {
|
|
849
|
+
readonly IdJagTokenExchangeResponseSchema: z.ZodObject<{
|
|
850
|
+
issued_token_type: z.ZodLiteral<"urn:ietf:params:oauth:token-type:id-jag">;
|
|
851
|
+
access_token: z.ZodString;
|
|
852
|
+
token_type: z.ZodOptional<z.ZodString>;
|
|
853
|
+
expires_in: z.ZodOptional<z.ZodNumber>;
|
|
854
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
855
|
+
}, z.core.$strip>;
|
|
856
|
+
readonly OAuthClientInformationFullSchema: z.ZodObject<{
|
|
857
|
+
redirect_uris: z.ZodArray<z.ZodURL>;
|
|
858
|
+
token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
|
|
859
|
+
grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
860
|
+
response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
861
|
+
application_type: z.ZodOptional<z.ZodString>;
|
|
862
|
+
client_name: z.ZodOptional<z.ZodString>;
|
|
863
|
+
client_uri: z.ZodOptional<z.ZodURL>;
|
|
864
|
+
logo_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
|
|
865
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
866
|
+
contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
867
|
+
tos_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
|
|
868
|
+
policy_uri: z.ZodOptional<z.ZodString>;
|
|
869
|
+
jwks_uri: z.ZodOptional<z.ZodURL>;
|
|
870
|
+
jwks: z.ZodOptional<z.ZodAny>;
|
|
871
|
+
software_id: z.ZodOptional<z.ZodString>;
|
|
872
|
+
software_version: z.ZodOptional<z.ZodString>;
|
|
873
|
+
software_statement: z.ZodOptional<z.ZodString>;
|
|
874
|
+
client_id: z.ZodString;
|
|
875
|
+
client_secret: z.ZodOptional<z.ZodString>;
|
|
876
|
+
client_id_issued_at: z.ZodOptional<z.ZodNumber>;
|
|
877
|
+
client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
|
|
878
|
+
}, z.core.$strip>;
|
|
879
|
+
readonly OAuthClientInformationSchema: z.ZodObject<{
|
|
880
|
+
client_id: z.ZodString;
|
|
881
|
+
client_secret: z.ZodOptional<z.ZodString>;
|
|
882
|
+
client_id_issued_at: z.ZodOptional<z.ZodNumber>;
|
|
883
|
+
client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
|
|
884
|
+
}, z.core.$strip>;
|
|
885
|
+
readonly OAuthClientMetadataSchema: z.ZodObject<{
|
|
886
|
+
redirect_uris: z.ZodArray<z.ZodURL>;
|
|
887
|
+
token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
|
|
888
|
+
grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
889
|
+
response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
890
|
+
application_type: z.ZodOptional<z.ZodString>;
|
|
891
|
+
client_name: z.ZodOptional<z.ZodString>;
|
|
892
|
+
client_uri: z.ZodOptional<z.ZodURL>;
|
|
893
|
+
logo_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
|
|
894
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
895
|
+
contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
896
|
+
tos_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
|
|
897
|
+
policy_uri: z.ZodOptional<z.ZodString>;
|
|
898
|
+
jwks_uri: z.ZodOptional<z.ZodURL>;
|
|
899
|
+
jwks: z.ZodOptional<z.ZodAny>;
|
|
900
|
+
software_id: z.ZodOptional<z.ZodString>;
|
|
901
|
+
software_version: z.ZodOptional<z.ZodString>;
|
|
902
|
+
software_statement: z.ZodOptional<z.ZodString>;
|
|
903
|
+
}, z.core.$strip>;
|
|
904
|
+
readonly OAuthClientRegistrationErrorSchema: z.ZodObject<{
|
|
905
|
+
error: z.ZodString;
|
|
906
|
+
error_description: z.ZodOptional<z.ZodString>;
|
|
907
|
+
}, z.core.$strip>;
|
|
908
|
+
readonly OAuthErrorResponseSchema: z.ZodObject<{
|
|
909
|
+
error: z.ZodString;
|
|
910
|
+
error_description: z.ZodOptional<z.ZodString>;
|
|
911
|
+
error_uri: z.ZodOptional<z.ZodString>;
|
|
912
|
+
}, z.core.$strip>;
|
|
913
|
+
readonly OAuthMetadataSchema: z.ZodObject<{
|
|
914
|
+
issuer: z.ZodString;
|
|
915
|
+
authorization_endpoint: z.ZodURL;
|
|
916
|
+
token_endpoint: z.ZodURL;
|
|
917
|
+
registration_endpoint: z.ZodOptional<z.ZodURL>;
|
|
918
|
+
scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
919
|
+
response_types_supported: z.ZodArray<z.ZodString>;
|
|
920
|
+
response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
921
|
+
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
922
|
+
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
923
|
+
token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
924
|
+
service_documentation: z.ZodOptional<z.ZodURL>;
|
|
925
|
+
revocation_endpoint: z.ZodOptional<z.ZodURL>;
|
|
926
|
+
revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
927
|
+
revocation_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
928
|
+
introspection_endpoint: z.ZodOptional<z.ZodString>;
|
|
929
|
+
introspection_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
930
|
+
introspection_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
931
|
+
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
932
|
+
client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
|
|
933
|
+
authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
|
|
934
|
+
}, z.core.$loose>;
|
|
935
|
+
readonly OAuthProtectedResourceMetadataSchema: z.ZodObject<{
|
|
936
|
+
resource: z.ZodString;
|
|
937
|
+
authorization_servers: z.ZodOptional<z.ZodArray<z.ZodURL>>;
|
|
938
|
+
jwks_uri: z.ZodOptional<z.ZodString>;
|
|
939
|
+
scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
940
|
+
bearer_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
941
|
+
resource_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
942
|
+
resource_name: z.ZodOptional<z.ZodString>;
|
|
943
|
+
resource_documentation: z.ZodOptional<z.ZodString>;
|
|
944
|
+
resource_policy_uri: z.ZodOptional<z.ZodString>;
|
|
945
|
+
resource_tos_uri: z.ZodOptional<z.ZodString>;
|
|
946
|
+
tls_client_certificate_bound_access_tokens: z.ZodOptional<z.ZodBoolean>;
|
|
947
|
+
authorization_details_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
948
|
+
dpop_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
949
|
+
dpop_bound_access_tokens_required: z.ZodOptional<z.ZodBoolean>;
|
|
950
|
+
}, z.core.$loose>;
|
|
951
|
+
readonly OAuthTokenRevocationRequestSchema: z.ZodObject<{
|
|
952
|
+
token: z.ZodString;
|
|
953
|
+
token_type_hint: z.ZodOptional<z.ZodString>;
|
|
954
|
+
}, z.core.$strip>;
|
|
955
|
+
readonly OAuthTokensSchema: z.ZodObject<{
|
|
956
|
+
access_token: z.ZodString;
|
|
957
|
+
id_token: z.ZodOptional<z.ZodString>;
|
|
958
|
+
token_type: z.ZodString;
|
|
959
|
+
expires_in: z.ZodOptional<z.ZodCoercedNumber<unknown>>;
|
|
960
|
+
scope: z.ZodOptional<z.ZodString>;
|
|
961
|
+
refresh_token: z.ZodOptional<z.ZodString>;
|
|
962
|
+
}, z.core.$strip>;
|
|
963
|
+
readonly OpenIdProviderDiscoveryMetadataSchema: z.ZodObject<{
|
|
964
|
+
code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
965
|
+
issuer: z.ZodString;
|
|
966
|
+
authorization_endpoint: z.ZodURL;
|
|
967
|
+
token_endpoint: z.ZodURL;
|
|
968
|
+
userinfo_endpoint: z.ZodOptional<z.ZodURL>;
|
|
969
|
+
jwks_uri: z.ZodURL;
|
|
970
|
+
registration_endpoint: z.ZodOptional<z.ZodURL>;
|
|
971
|
+
scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
972
|
+
response_types_supported: z.ZodArray<z.ZodString>;
|
|
973
|
+
response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
974
|
+
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
975
|
+
acr_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
976
|
+
subject_types_supported: z.ZodArray<z.ZodString>;
|
|
977
|
+
id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
|
|
978
|
+
id_token_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
979
|
+
id_token_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
980
|
+
userinfo_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
981
|
+
userinfo_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
982
|
+
userinfo_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
983
|
+
request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
984
|
+
request_object_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
985
|
+
request_object_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
986
|
+
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
987
|
+
token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
988
|
+
display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
989
|
+
claim_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
990
|
+
claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
991
|
+
service_documentation: z.ZodOptional<z.ZodString>;
|
|
992
|
+
claims_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
993
|
+
ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
994
|
+
claims_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
995
|
+
request_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
996
|
+
request_uri_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
997
|
+
require_request_uri_registration: z.ZodOptional<z.ZodBoolean>;
|
|
998
|
+
op_policy_uri: z.ZodOptional<z.ZodURL>;
|
|
999
|
+
op_tos_uri: z.ZodOptional<z.ZodURL>;
|
|
1000
|
+
client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
|
|
1001
|
+
authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
|
|
1002
|
+
}, z.core.$strip>;
|
|
1003
|
+
readonly OpenIdProviderMetadataSchema: z.ZodObject<{
|
|
1004
|
+
issuer: z.ZodString;
|
|
1005
|
+
authorization_endpoint: z.ZodURL;
|
|
1006
|
+
token_endpoint: z.ZodURL;
|
|
1007
|
+
userinfo_endpoint: z.ZodOptional<z.ZodURL>;
|
|
1008
|
+
jwks_uri: z.ZodURL;
|
|
1009
|
+
registration_endpoint: z.ZodOptional<z.ZodURL>;
|
|
1010
|
+
scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1011
|
+
response_types_supported: z.ZodArray<z.ZodString>;
|
|
1012
|
+
response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1013
|
+
grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1014
|
+
acr_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1015
|
+
subject_types_supported: z.ZodArray<z.ZodString>;
|
|
1016
|
+
id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
|
|
1017
|
+
id_token_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1018
|
+
id_token_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1019
|
+
userinfo_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1020
|
+
userinfo_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1021
|
+
userinfo_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1022
|
+
request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1023
|
+
request_object_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1024
|
+
request_object_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1025
|
+
token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1026
|
+
token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1027
|
+
display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1028
|
+
claim_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1029
|
+
claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1030
|
+
service_documentation: z.ZodOptional<z.ZodString>;
|
|
1031
|
+
claims_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1032
|
+
ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
1033
|
+
claims_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
1034
|
+
request_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
1035
|
+
request_uri_parameter_supported: z.ZodOptional<z.ZodBoolean>;
|
|
1036
|
+
require_request_uri_registration: z.ZodOptional<z.ZodBoolean>;
|
|
1037
|
+
op_policy_uri: z.ZodOptional<z.ZodURL>;
|
|
1038
|
+
op_tos_uri: z.ZodOptional<z.ZodURL>;
|
|
1039
|
+
client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
|
|
1040
|
+
authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
|
|
1041
|
+
}, z.core.$loose>;
|
|
1042
|
+
};
|
|
1043
|
+
type ProtocolSchemaKey = (typeof SPEC_SCHEMA_KEYS)[number];
|
|
1044
|
+
type AuthSchemaKey = keyof typeof authSchemas;
|
|
1045
|
+
type SchemaKey = ProtocolSchemaKey | AuthSchemaKey;
|
|
1046
|
+
type SchemaFor<K$1 extends SchemaKey> = K$1 extends ProtocolSchemaKey ? (typeof schemas_d_exports)[K$1] : K$1 extends AuthSchemaKey ? (typeof authSchemas)[K$1] : never;
|
|
1047
|
+
type StripSchemaSuffix<K$1> = K$1 extends `${infer N}Schema` ? N : never;
|
|
1048
|
+
/**
|
|
1049
|
+
* Union of every named type in the SDK's protocol and OAuth schemas (e.g. `'CallToolResult'`,
|
|
1050
|
+
* `'ContentBlock'`, `'Tool'`, `'OAuthTokens'`). Derived from the internal Zod schemas, so it stays
|
|
1051
|
+
* in sync with the spec.
|
|
1052
|
+
*/
|
|
1053
|
+
type SpecTypeName = StripSchemaSuffix<SchemaKey>;
|
|
1054
|
+
/**
|
|
1055
|
+
* Maps each {@linkcode SpecTypeName} to its TypeScript type.
|
|
1056
|
+
*
|
|
1057
|
+
* `SpecTypes['Tool']` is equivalent to importing the `Tool` type directly.
|
|
1058
|
+
* These validators cover the NEUTRAL model — the consumer-facing shapes with
|
|
1059
|
+
* no wire-only members (`resultType`, the reserved `_meta` envelope keys).
|
|
1060
|
+
* Per-revision WIRE validators are deliberately not public surface; they are
|
|
1061
|
+
* planned to return as versioned `zod-schemas/<revision>` exports for
|
|
1062
|
+
* consumers who validate raw wire traffic themselves.
|
|
1063
|
+
*/
|
|
1064
|
+
type SpecTypes = { [K in SchemaKey as StripSchemaSuffix<K>]: SchemaFor<K> extends z.ZodType ? z.output<SchemaFor<K>> : never };
|
|
1065
|
+
/**
|
|
1066
|
+
* Input shape for each {@linkcode SpecTypeName}. For most types this equals {@linkcode SpecTypes},
|
|
1067
|
+
* but a few schemas apply defaults/preprocessing, so the accepted input may be looser than the
|
|
1068
|
+
* resulting output type.
|
|
1069
|
+
*/
|
|
1070
|
+
type SpecTypeInputs = { [K in SchemaKey as StripSchemaSuffix<K>]: SchemaFor<K> extends z.ZodType ? z.input<SchemaFor<K>> : never };
|
|
1071
|
+
type SchemaRecord = { readonly [K in SpecTypeName]: StandardSchemaV1Sync<SpecTypeInputs[K], SpecTypes[K]> };
|
|
1072
|
+
type GuardRecord = { readonly [K in SpecTypeName]: (value: unknown) => value is SpecTypeInputs[K] };
|
|
1073
|
+
/**
|
|
1074
|
+
* Runtime validators for every MCP spec type, keyed by type name.
|
|
1075
|
+
*
|
|
1076
|
+
* Use this when you need to validate a spec-defined shape at a boundary the SDK does not own, for
|
|
1077
|
+
* example an extension's custom-method payload that embeds a `CallToolResult`, or a value read from
|
|
1078
|
+
* storage that should be a `Tool`.
|
|
1079
|
+
*
|
|
1080
|
+
* Each entry implements the Standard Schema interface, so it composes with any
|
|
1081
|
+
* Standard-Schema-aware library. For a simple boolean check, use {@linkcode isSpecType} instead.
|
|
1082
|
+
*
|
|
1083
|
+
* @example
|
|
1084
|
+
* ```ts source="./specTypeSchema.examples.ts#specTypeSchemas_basicUsage"
|
|
1085
|
+
* const result = specTypeSchemas.CallToolResult['~standard'].validate(untrusted);
|
|
1086
|
+
* if (result.issues === undefined) {
|
|
1087
|
+
* // result.value is CallToolResult
|
|
1088
|
+
* }
|
|
1089
|
+
* ```
|
|
1090
|
+
*/
|
|
1091
|
+
declare const specTypeSchemas: SchemaRecord;
|
|
1092
|
+
/**
|
|
1093
|
+
* Type predicates for every MCP spec type, keyed by type name.
|
|
1094
|
+
*
|
|
1095
|
+
* Returns `true` if the value satisfies the schema's input type (`z.input<>`, before defaults and
|
|
1096
|
+
* transforms are applied), and narrows to that input type. For schemas with `.default()` or
|
|
1097
|
+
* `.preprocess()`, this may accept values that do not structurally match the named output type;
|
|
1098
|
+
* for example `isSpecType.CallToolResult({})` is `true` because `content` has a default. Use
|
|
1099
|
+
* `specTypeSchemas.X['~standard'].validate(value)` when you need the validated output value.
|
|
1100
|
+
*
|
|
1101
|
+
* Each guard is a standalone function, so it can be passed directly as a callback.
|
|
1102
|
+
*
|
|
1103
|
+
* @example
|
|
1104
|
+
* ```ts source="./specTypeSchema.examples.ts#isSpecType_basicUsage"
|
|
1105
|
+
* if (isSpecType.ContentBlock(value)) {
|
|
1106
|
+
* // value is ContentBlock
|
|
1107
|
+
* }
|
|
1108
|
+
*
|
|
1109
|
+
* const blocks = mixed.filter(isSpecType.ContentBlock);
|
|
1110
|
+
* ```
|
|
1111
|
+
*/
|
|
1112
|
+
declare const isSpecType: GuardRecord;
|
|
1113
|
+
//#endregion
|
|
1114
|
+
//#region ../core-internal/src/shared/metadataUtils.d.ts
|
|
1115
|
+
/**
|
|
1116
|
+
* Utilities for working with {@linkcode BaseMetadata} objects.
|
|
1117
|
+
*/
|
|
1118
|
+
/**
|
|
1119
|
+
* Gets the display name for an object with {@linkcode BaseMetadata}.
|
|
1120
|
+
* For tools, the precedence is: `title` → {@linkcode index.ToolAnnotations | annotations}.`title` → `name`
|
|
1121
|
+
* For other objects: `title` → `name`
|
|
1122
|
+
* This implements the spec requirement: "if no title is provided, name should be used for display purposes"
|
|
1123
|
+
*/
|
|
1124
|
+
declare function getDisplayName(metadata: BaseMetadata | (BaseMetadata & {
|
|
1125
|
+
annotations?: {
|
|
1126
|
+
title?: string;
|
|
1127
|
+
};
|
|
1128
|
+
})): string;
|
|
1129
|
+
//#endregion
|
|
1130
|
+
//#region ../core-internal/src/shared/protocolEras.d.ts
|
|
1131
|
+
/**
|
|
1132
|
+
* Protocol-era helpers (pure module). The MCP wire protocol splits into two eras:
|
|
1133
|
+
* legacy (the 2025-11-25 family and earlier; the version is negotiated via the
|
|
1134
|
+
* `initialize` handshake) and modern (2026-07-28 and later; no `initialize` —
|
|
1135
|
+
* servers advertise versions via `server/discover` and every request carries a
|
|
1136
|
+
* `_meta` envelope).
|
|
1137
|
+
*
|
|
1138
|
+
* An operation that belongs to one era must only ever consult that era's subset
|
|
1139
|
+
* of a supported-versions list: `initialize` never accepts or counter-offers a
|
|
1140
|
+
* modern revision, and the `server/discover` advertisement only ever contains
|
|
1141
|
+
* modern revisions.
|
|
1142
|
+
*/
|
|
1143
|
+
/**
|
|
1144
|
+
* The protocol era of a connection: `'legacy'` for the 2025-11-25 family and
|
|
1145
|
+
* earlier (negotiated via `initialize`), `'modern'` for 2026-07-28 and later
|
|
1146
|
+
* (negotiated via `server/discover`; every request carries a `_meta` envelope).
|
|
1147
|
+
*/
|
|
1148
|
+
type ProtocolEra = 'legacy' | 'modern';
|
|
1149
|
+
//#endregion
|
|
1150
|
+
//#region ../core-internal/src/shared/stdio.d.ts
|
|
1151
|
+
declare const STDIO_DEFAULT_MAX_BUFFER_SIZE: number;
|
|
1152
|
+
/**
|
|
1153
|
+
* Buffers a continuous stdio stream into discrete JSON-RPC messages.
|
|
1154
|
+
*/
|
|
1155
|
+
declare class ReadBuffer {
|
|
1156
|
+
private _buffer?;
|
|
1157
|
+
private _maxBufferSize;
|
|
1158
|
+
constructor(options?: {
|
|
1159
|
+
maxBufferSize?: number;
|
|
1160
|
+
});
|
|
1161
|
+
append(chunk: Buffer): void;
|
|
1162
|
+
readMessage(): JSONRPCMessage | null;
|
|
1163
|
+
clear(): void;
|
|
1164
|
+
}
|
|
1165
|
+
declare function deserializeMessage(line: string): JSONRPCMessage;
|
|
1166
|
+
declare function serializeMessage(message: JSONRPCMessage): string;
|
|
1167
|
+
//#endregion
|
|
1168
|
+
//#region ../core-internal/src/util/inMemory.d.ts
|
|
1169
|
+
/**
|
|
1170
|
+
* In-memory transport for creating clients and servers that talk to each other within the same process.
|
|
1171
|
+
*
|
|
1172
|
+
* Intended for testing and development. For production in-process connections, use
|
|
1173
|
+
* `StreamableHTTPClientTransport` against a local server URL.
|
|
1174
|
+
*/
|
|
1175
|
+
declare class InMemoryTransport implements Transport {
|
|
1176
|
+
private _otherTransport?;
|
|
1177
|
+
private _messageQueue;
|
|
1178
|
+
private _closed;
|
|
1179
|
+
onclose?: () => void;
|
|
1180
|
+
onerror?: (error: Error) => void;
|
|
1181
|
+
onmessage?: (message: JSONRPCMessage, extra?: {
|
|
1182
|
+
authInfo?: AuthInfo;
|
|
1183
|
+
}) => void;
|
|
1184
|
+
sessionId?: string;
|
|
1185
|
+
/**
|
|
1186
|
+
* Creates a pair of linked in-memory transports that can communicate with each other. One should be passed to a {@linkcode @modelcontextprotocol/client!client/client.Client | Client} and one to a {@linkcode @modelcontextprotocol/server!server/server.Server | Server}.
|
|
1187
|
+
*/
|
|
1188
|
+
static createLinkedPair(): [InMemoryTransport, InMemoryTransport];
|
|
1189
|
+
start(): Promise<void>;
|
|
1190
|
+
close(): Promise<void>;
|
|
1191
|
+
/**
|
|
1192
|
+
* Sends a message with optional auth info.
|
|
1193
|
+
* This is useful for testing authentication scenarios.
|
|
1194
|
+
*/
|
|
1195
|
+
send(message: JSONRPCMessage, options?: {
|
|
1196
|
+
relatedRequestId?: RequestId;
|
|
1197
|
+
authInfo?: AuthInfo;
|
|
1198
|
+
}): Promise<void>;
|
|
1199
|
+
}
|
|
1200
|
+
//#endregion
|
|
1201
|
+
//#region src/server/completable.d.ts
|
|
1202
|
+
declare const COMPLETABLE_SYMBOL: unique symbol;
|
|
1203
|
+
type CompleteCallback<T extends StandardSchemaV1 = StandardSchemaV1> = (value: StandardSchemaV1.InferInput<T>, context?: {
|
|
1204
|
+
arguments?: Record<string, string>;
|
|
1205
|
+
}) => StandardSchemaV1.InferInput<T>[] | Promise<StandardSchemaV1.InferInput<T>[]>;
|
|
1206
|
+
type CompletableMeta<T extends StandardSchemaV1 = StandardSchemaV1> = {
|
|
1207
|
+
complete: CompleteCallback<T>;
|
|
1208
|
+
};
|
|
1209
|
+
type CompletableSchema<T extends StandardSchemaV1> = T & {
|
|
1210
|
+
[COMPLETABLE_SYMBOL]: CompletableMeta<T>;
|
|
1211
|
+
};
|
|
1212
|
+
/**
|
|
1213
|
+
* Wraps a schema to provide autocompletion capabilities. Useful for, e.g., prompt arguments in MCP.
|
|
1214
|
+
*
|
|
1215
|
+
* @example
|
|
1216
|
+
* ```ts source="./completable.examples.ts#completable_basicUsage"
|
|
1217
|
+
* server.registerPrompt(
|
|
1218
|
+
* 'review-code',
|
|
1219
|
+
* {
|
|
1220
|
+
* title: 'Code Review',
|
|
1221
|
+
* argsSchema: z.object({
|
|
1222
|
+
* language: completable(z.string().describe('Programming language'), value =>
|
|
1223
|
+
* ['typescript', 'javascript', 'python', 'rust', 'go'].filter(lang => lang.startsWith(value))
|
|
1224
|
+
* )
|
|
1225
|
+
* })
|
|
1226
|
+
* },
|
|
1227
|
+
* ({ language }) => ({
|
|
1228
|
+
* messages: [
|
|
1229
|
+
* {
|
|
1230
|
+
* role: 'user' as const,
|
|
1231
|
+
* content: {
|
|
1232
|
+
* type: 'text' as const,
|
|
1233
|
+
* text: `Review this ${language} code.`
|
|
1234
|
+
* }
|
|
1235
|
+
* }
|
|
1236
|
+
* ]
|
|
1237
|
+
* })
|
|
1238
|
+
* );
|
|
1239
|
+
* ```
|
|
1240
|
+
*
|
|
1241
|
+
* @see {@linkcode server/mcp.McpServer.registerPrompt | McpServer.registerPrompt} for using completable schemas in prompt argument definitions
|
|
1242
|
+
*/
|
|
1243
|
+
declare function completable<T extends StandardSchemaV1>(schema: T, complete: CompleteCallback<T>): CompletableSchema<T>;
|
|
1244
|
+
/**
|
|
1245
|
+
* Checks if a schema is completable (has completion metadata).
|
|
1246
|
+
*/
|
|
1247
|
+
declare function isCompletable(schema: unknown): schema is CompletableSchema<StandardSchemaV1>;
|
|
1248
|
+
//#endregion
|
|
1249
|
+
//#region src/server/middleware/hostHeaderValidation.d.ts
|
|
1250
|
+
type HostHeaderValidationResult = {
|
|
1251
|
+
ok: true;
|
|
1252
|
+
hostname: string;
|
|
1253
|
+
} | {
|
|
1254
|
+
ok: false;
|
|
1255
|
+
errorCode: 'missing_host' | 'invalid_host_header' | 'invalid_host';
|
|
1256
|
+
message: string;
|
|
1257
|
+
hostHeader?: string;
|
|
1258
|
+
hostname?: string;
|
|
1259
|
+
};
|
|
1260
|
+
/**
|
|
1261
|
+
* Parse and validate a `Host` header against an allowlist of hostnames (port-agnostic).
|
|
1262
|
+
*
|
|
1263
|
+
* - Input host header may include a port (e.g. `localhost:3000`) or IPv6 brackets (e.g. `[::1]:3000`).
|
|
1264
|
+
* - Allowlist items should be hostnames only (no ports). For IPv6, include brackets (e.g. `[::1]`).
|
|
1265
|
+
*/
|
|
1266
|
+
declare function validateHostHeader(hostHeader: string | null | undefined, allowedHostnames: string[]): HostHeaderValidationResult;
|
|
1267
|
+
/**
|
|
1268
|
+
* Convenience allowlist for `localhost` DNS rebinding protection.
|
|
1269
|
+
*/
|
|
1270
|
+
declare function localhostAllowedHostnames(): string[];
|
|
1271
|
+
/**
|
|
1272
|
+
* Web-standard `Request` helper for DNS rebinding protection.
|
|
1273
|
+
* @example
|
|
1274
|
+
* ```ts source="./hostHeaderValidation.examples.ts#hostHeaderValidationResponse_basicUsage"
|
|
1275
|
+
* const result = validateHostHeader(req.headers.get('host'), ['localhost']);
|
|
1276
|
+
* ```
|
|
1277
|
+
*/
|
|
1278
|
+
declare function hostHeaderValidationResponse(req: Request, allowedHostnames: string[]): Response | undefined;
|
|
1279
|
+
//#endregion
|
|
1280
|
+
//#region src/server/middleware/originValidation.d.ts
|
|
1281
|
+
/**
|
|
1282
|
+
* Framework-agnostic Origin header validation helpers.
|
|
1283
|
+
*
|
|
1284
|
+
* Browsers attach an `Origin` header to cross-origin requests; validating it
|
|
1285
|
+
* against an allowlist (alongside Host header validation) protects local and
|
|
1286
|
+
* development MCP servers against DNS rebinding and cross-site request
|
|
1287
|
+
* forgery. The framework middleware packages (`@modelcontextprotocol/express`,
|
|
1288
|
+
* `@modelcontextprotocol/hono`, `@modelcontextprotocol/fastify`,
|
|
1289
|
+
* `@modelcontextprotocol/node`) wrap these helpers; use them directly when
|
|
1290
|
+
* mounting a handler bare on a fetch-native runtime.
|
|
1291
|
+
*
|
|
1292
|
+
* Validation is deny-on-failure: a present `Origin` value that cannot be
|
|
1293
|
+
* parsed (including the opaque `null` origin) is rejected, never passed
|
|
1294
|
+
* through. Requests without an `Origin` header pass — non-browser MCP clients
|
|
1295
|
+
* do not send one.
|
|
1296
|
+
*/
|
|
1297
|
+
type OriginValidationResult = {
|
|
1298
|
+
ok: true;
|
|
1299
|
+
origin?: string;
|
|
1300
|
+
hostname?: string;
|
|
1301
|
+
} | {
|
|
1302
|
+
ok: false;
|
|
1303
|
+
errorCode: 'invalid_origin_header' | 'invalid_origin';
|
|
1304
|
+
message: string;
|
|
1305
|
+
originHeader?: string;
|
|
1306
|
+
hostname?: string;
|
|
1307
|
+
};
|
|
1308
|
+
/**
|
|
1309
|
+
* Validate an `Origin` header against an allowlist of hostnames (port-agnostic).
|
|
1310
|
+
*
|
|
1311
|
+
* - A missing/empty `Origin` header passes: non-browser clients do not send one,
|
|
1312
|
+
* and only browser-originated requests carry the header this check defends against.
|
|
1313
|
+
* - Allowlist items are hostnames only (no scheme, no port), the same convention as
|
|
1314
|
+
* `validateHostHeader`. For IPv6, include brackets (e.g. `[::1]`).
|
|
1315
|
+
* - Any present value that cannot be parsed as an origin URL — including the literal
|
|
1316
|
+
* `null` origin browsers send for opaque contexts — is rejected (deny on failure).
|
|
1317
|
+
*/
|
|
1318
|
+
declare function validateOriginHeader(originHeader: string | null | undefined, allowedOriginHostnames: string[]): OriginValidationResult;
|
|
1319
|
+
/**
|
|
1320
|
+
* Convenience allowlist of localhost-class origin hostnames, mirroring
|
|
1321
|
+
* `localhostAllowedHostnames`.
|
|
1322
|
+
*/
|
|
1323
|
+
declare function localhostAllowedOrigins(): string[];
|
|
1324
|
+
/**
|
|
1325
|
+
* Web-standard `Request` helper for Origin validation: returns a `403` JSON-RPC
|
|
1326
|
+
* error response when the request's `Origin` header is not allowed, and
|
|
1327
|
+
* `undefined` when the request may proceed.
|
|
1328
|
+
*
|
|
1329
|
+
* ```ts
|
|
1330
|
+
* const rejected = originValidationResponse(request, localhostAllowedOrigins());
|
|
1331
|
+
* if (rejected) return rejected;
|
|
1332
|
+
* ```
|
|
1333
|
+
*/
|
|
1334
|
+
declare function originValidationResponse(req: Request, allowedOriginHostnames: string[]): Response | undefined;
|
|
1335
|
+
//#endregion
|
|
1336
|
+
//#region src/server/requestStateCodec.d.ts
|
|
1337
|
+
/**
|
|
1338
|
+
* Options for {@linkcode createRequestStateCodec}.
|
|
1339
|
+
*/
|
|
1340
|
+
interface RequestStateCodecOptions {
|
|
1341
|
+
/**
|
|
1342
|
+
* The HMAC secret. A `string` value is UTF-8-encoded. MUST be at least
|
|
1343
|
+
* 32 bytes (256 bits) long; a `RangeError` is thrown at
|
|
1344
|
+
* construction otherwise. The same key must be available to every server
|
|
1345
|
+
* instance that may receive an echoed `requestState` (so a per-process
|
|
1346
|
+
* random key only works when one process serves every round of a flow).
|
|
1347
|
+
*/
|
|
1348
|
+
key: Uint8Array | string;
|
|
1349
|
+
/**
|
|
1350
|
+
* How long a minted `requestState` stays valid, in seconds. An echoed
|
|
1351
|
+
* value past its expiry is rejected by {@linkcode RequestStateCodec.verify}.
|
|
1352
|
+
* Defaults to `600` (ten minutes).
|
|
1353
|
+
*/
|
|
1354
|
+
ttlSeconds?: number;
|
|
1355
|
+
/**
|
|
1356
|
+
* Optional context binding. Called at mint time and again at verify time;
|
|
1357
|
+
* a `requestState` minted under one binding value is rejected when echoed
|
|
1358
|
+
* under a different one. Use this to bind state to the authenticated
|
|
1359
|
+
* principal and/or the originating method (the spec's user-binding MUST
|
|
1360
|
+
* for state that influences authorization), for example:
|
|
1361
|
+
*
|
|
1362
|
+
* ```ts
|
|
1363
|
+
* bind: ctx => `${ctx.mcpReq.method}\0${ctx.http?.authInfo?.clientId ?? ''}`
|
|
1364
|
+
* ```
|
|
1365
|
+
*
|
|
1366
|
+
* The returned value is stored in the envelope as a domain-separated HMAC
|
|
1367
|
+
* tag (keyed by the codec's `key`), not the raw string — so a principal
|
|
1368
|
+
* identifier in the binding does not appear in the wire value the client
|
|
1369
|
+
* holds.
|
|
1370
|
+
*
|
|
1371
|
+
* When configured, {@linkcode RequestStateCodec.mint} requires its `ctx`
|
|
1372
|
+
* argument.
|
|
1373
|
+
*/
|
|
1374
|
+
bind?: (ctx: ServerContext) => string;
|
|
1375
|
+
}
|
|
1376
|
+
/**
|
|
1377
|
+
* The codec returned by {@linkcode createRequestStateCodec}: `mint` seals a
|
|
1378
|
+
* JSON-serializable payload into the wire string a handler returns from
|
|
1379
|
+
* `inputRequired({ requestState })`; `verify` is the function to drop into
|
|
1380
|
+
* {@linkcode server/server.ServerOptions | ServerOptions}`.requestState.verify`
|
|
1381
|
+
* (it throws on any failure, which the seam answers as the frozen `-32602`).
|
|
1382
|
+
* The decoded payload `verify` resolves with is handed to the handler by the
|
|
1383
|
+
* seam via the typed `ctx.mcpReq.requestState<T>()` accessor — `mint<T>` and
|
|
1384
|
+
* `requestState<T>()` are the typed encode/read pair.
|
|
1385
|
+
*/
|
|
1386
|
+
interface RequestStateCodec<T = unknown> {
|
|
1387
|
+
/**
|
|
1388
|
+
* Seal `payload` into an opaque wire string. The result is what the
|
|
1389
|
+
* handler returns from `inputRequired({ requestState })`.
|
|
1390
|
+
*
|
|
1391
|
+
* @param ctx The handler's context. Required when the codec was created
|
|
1392
|
+
* with a {@linkcode RequestStateCodecOptions.bind | bind}
|
|
1393
|
+
* callback; ignored otherwise.
|
|
1394
|
+
*/
|
|
1395
|
+
mint(payload: T, ctx?: ServerContext): Promise<string>;
|
|
1396
|
+
/**
|
|
1397
|
+
* Verify an echoed `requestState` and return the original payload. Throws
|
|
1398
|
+
* on any failure (bad MAC, expired, bind mismatch, malformed). The thrown
|
|
1399
|
+
* message is a fixed opaque reason code (`'malformed'` / `'mac'` /
|
|
1400
|
+
* `'expired'` / `'bind'`) — never the decoded payload, the binding value,
|
|
1401
|
+
* or any other context-derived field.
|
|
1402
|
+
*
|
|
1403
|
+
* Pass this directly as `ServerOptions.requestState.verify`.
|
|
1404
|
+
*/
|
|
1405
|
+
verify(state: string, ctx: ServerContext): Promise<T>;
|
|
1406
|
+
}
|
|
1407
|
+
/**
|
|
1408
|
+
* Create an opt-in HMAC-SHA256 codec for the multi-round-trip `requestState`
|
|
1409
|
+
* (protocol revision 2026-07-28).
|
|
1410
|
+
*
|
|
1411
|
+
* `requestState` round-trips through the client and is attacker-controlled
|
|
1412
|
+
* input on re-entry. The SDK applies no protection of its own; this helper is
|
|
1413
|
+
* the convenience implementation of the spec's integrity MUST so authors don't
|
|
1414
|
+
* hand-roll HMAC. Wire shape:
|
|
1415
|
+
*
|
|
1416
|
+
* "v1." b64url({"p":<payload>,"exp":<unixSeconds>,"b":<bindTag>?}) "." b64url(mac)
|
|
1417
|
+
*
|
|
1418
|
+
* where `bindTag` is `b64url(HMAC(key, "mcp.requestState.bind:" + bind(ctx))[:16])`
|
|
1419
|
+
* — the binding value is never embedded raw.
|
|
1420
|
+
*
|
|
1421
|
+
* The codec is **signed, not encrypted**: the body is integrity-protected but
|
|
1422
|
+
* the client can base64url-decode it and read the payload (`p`) in clear. Do
|
|
1423
|
+
* not put secrets in the payload; use an AEAD construction if confidentiality
|
|
1424
|
+
* is required. The handler reads its payload back via the typed
|
|
1425
|
+
* `ctx.mcpReq.requestState<T>()` accessor — the seam has already run `verify`
|
|
1426
|
+
* (integrity proven, payload decoded) by the time the handler is entered.
|
|
1427
|
+
*
|
|
1428
|
+
* Verification is fail-closed and constant-time (WebCrypto `subtle.verify` for
|
|
1429
|
+
* the body MAC; a fixed-length XOR-accumulator compare for the bind tag).
|
|
1430
|
+
* See `examples/mrtr/server.ts` for a worked end-to-end example.
|
|
1431
|
+
*
|
|
1432
|
+
* Design comparison (mcp.d `secureRequestState`, the peer SDK's reference
|
|
1433
|
+
* implementation): mcp.d additionally offers an AES-256-GCM encrypted mode and
|
|
1434
|
+
* derives independent cipher / bind-HMAC sub-keys from the operator secret via
|
|
1435
|
+
* HKDF-SHA256, with an auto-generated per-process ephemeral key when none is
|
|
1436
|
+
* supplied. This codec deliberately ships only the signed mode and a single
|
|
1437
|
+
* keyed HMAC (domain-separated by input prefix) — HKDF sub-key derivation and
|
|
1438
|
+
* an encrypted mode are intentionally out of scope for the initial release.
|
|
1439
|
+
*/
|
|
1440
|
+
declare function createRequestStateCodec<T = unknown>(options: RequestStateCodecOptions): RequestStateCodec<T>;
|
|
1441
|
+
//#endregion
|
|
1442
|
+
//#region src/server/streamableHttp.d.ts
|
|
1443
|
+
type StreamId = string;
|
|
1444
|
+
type EventId = string;
|
|
1445
|
+
/**
|
|
1446
|
+
* Interface for resumability support via event storage
|
|
1447
|
+
*/
|
|
1448
|
+
interface EventStore {
|
|
1449
|
+
/**
|
|
1450
|
+
* Stores an event for later retrieval
|
|
1451
|
+
* @param streamId ID of the stream the event belongs to
|
|
1452
|
+
* @param message The JSON-RPC message to store
|
|
1453
|
+
* @returns The generated event ID for the stored event
|
|
1454
|
+
*/
|
|
1455
|
+
storeEvent(streamId: StreamId, message: JSONRPCMessage): Promise<EventId>;
|
|
1456
|
+
/**
|
|
1457
|
+
* Get the stream ID associated with a given event ID.
|
|
1458
|
+
* @param eventId The event ID to look up
|
|
1459
|
+
* @returns The stream ID, or `undefined` if not found
|
|
1460
|
+
*
|
|
1461
|
+
* Optional: If not provided, the SDK will use the `streamId` returned by
|
|
1462
|
+
* {@linkcode replayEventsAfter} for stream mapping.
|
|
1463
|
+
*/
|
|
1464
|
+
getStreamIdForEventId?(eventId: EventId): Promise<StreamId | undefined>;
|
|
1465
|
+
replayEventsAfter(lastEventId: EventId, {
|
|
1466
|
+
send
|
|
1467
|
+
}: {
|
|
1468
|
+
send: (eventId: EventId, message: JSONRPCMessage) => Promise<void>;
|
|
1469
|
+
}): Promise<StreamId>;
|
|
1470
|
+
}
|
|
1471
|
+
/**
|
|
1472
|
+
* Configuration options for {@linkcode WebStandardStreamableHTTPServerTransport}
|
|
1473
|
+
*/
|
|
1474
|
+
interface WebStandardStreamableHTTPServerTransportOptions {
|
|
1475
|
+
/**
|
|
1476
|
+
* Function that generates a session ID for the transport.
|
|
1477
|
+
* The session ID SHOULD be globally unique and cryptographically secure (e.g., a securely generated UUID, a JWT, or a cryptographic hash)
|
|
1478
|
+
*
|
|
1479
|
+
* If not provided, session management is disabled (stateless mode).
|
|
1480
|
+
*/
|
|
1481
|
+
sessionIdGenerator?: (() => string) | undefined;
|
|
1482
|
+
/**
|
|
1483
|
+
* A callback for session initialization events
|
|
1484
|
+
* This is called when the server initializes a new session.
|
|
1485
|
+
* Useful in cases when you need to register multiple mcp sessions
|
|
1486
|
+
* and need to keep track of them.
|
|
1487
|
+
* @param sessionId The generated session ID
|
|
1488
|
+
*/
|
|
1489
|
+
onsessioninitialized?: ((sessionId: string) => void | Promise<void>) | undefined;
|
|
1490
|
+
/**
|
|
1491
|
+
* A callback for session close events
|
|
1492
|
+
* This is called when the server closes a session due to a `DELETE` request.
|
|
1493
|
+
* Useful in cases when you need to clean up resources associated with the session.
|
|
1494
|
+
* Note that this is different from the transport closing, if you are handling
|
|
1495
|
+
* HTTP requests from multiple nodes you might want to close each
|
|
1496
|
+
* {@linkcode WebStandardStreamableHTTPServerTransport} after a request is completed while still keeping the
|
|
1497
|
+
* session open/running.
|
|
1498
|
+
* @param sessionId The session ID that was closed
|
|
1499
|
+
*/
|
|
1500
|
+
onsessionclosed?: ((sessionId: string) => void | Promise<void>) | undefined;
|
|
1501
|
+
/**
|
|
1502
|
+
* If `true`, the server will return JSON responses instead of starting an SSE stream.
|
|
1503
|
+
* This can be useful for simple request/response scenarios without streaming.
|
|
1504
|
+
* Default is `false` (SSE streams are preferred).
|
|
1505
|
+
*/
|
|
1506
|
+
enableJsonResponse?: boolean;
|
|
1507
|
+
/**
|
|
1508
|
+
* Event store for resumability support
|
|
1509
|
+
* If provided, resumability will be enabled, allowing clients to reconnect and resume messages
|
|
1510
|
+
*/
|
|
1511
|
+
eventStore?: EventStore;
|
|
1512
|
+
/**
|
|
1513
|
+
* List of allowed `Host` header values for DNS rebinding protection.
|
|
1514
|
+
* If not specified, host validation is disabled.
|
|
1515
|
+
* @deprecated Use external middleware for host validation instead.
|
|
1516
|
+
*/
|
|
1517
|
+
allowedHosts?: string[];
|
|
1518
|
+
/**
|
|
1519
|
+
* List of allowed `Origin` header values for DNS rebinding protection.
|
|
1520
|
+
* If not specified, origin validation is disabled.
|
|
1521
|
+
* @deprecated Use external middleware for origin validation instead.
|
|
1522
|
+
*/
|
|
1523
|
+
allowedOrigins?: string[];
|
|
1524
|
+
/**
|
|
1525
|
+
* Enable DNS rebinding protection (requires `allowedHosts` and/or `allowedOrigins` to be configured).
|
|
1526
|
+
* Default is `false` for backwards compatibility.
|
|
1527
|
+
* @deprecated Use external middleware for DNS rebinding protection instead.
|
|
1528
|
+
*/
|
|
1529
|
+
enableDnsRebindingProtection?: boolean;
|
|
1530
|
+
/**
|
|
1531
|
+
* Retry interval in milliseconds to suggest to clients in SSE `retry` field.
|
|
1532
|
+
* When set, the server will send a `retry` field in SSE priming events to control
|
|
1533
|
+
* client reconnection timing for polling behavior.
|
|
1534
|
+
*/
|
|
1535
|
+
retryInterval?: number;
|
|
1536
|
+
/**
|
|
1537
|
+
* List of protocol versions that this transport will accept.
|
|
1538
|
+
* Used to validate the `mcp-protocol-version` header in incoming requests.
|
|
1539
|
+
*
|
|
1540
|
+
* Note: When using {@linkcode server/server.Server.connect | Server.connect()}, the server automatically passes its
|
|
1541
|
+
* `supportedProtocolVersions` to the transport, so you typically don't need
|
|
1542
|
+
* to set this option directly.
|
|
1543
|
+
*
|
|
1544
|
+
* @default {@linkcode SUPPORTED_PROTOCOL_VERSIONS}
|
|
1545
|
+
*/
|
|
1546
|
+
supportedProtocolVersions?: string[];
|
|
1547
|
+
}
|
|
1548
|
+
/**
|
|
1549
|
+
* Options for handling a request
|
|
1550
|
+
*/
|
|
1551
|
+
interface HandleRequestOptions {
|
|
1552
|
+
/**
|
|
1553
|
+
* Pre-parsed request body. If provided, the transport will use this instead of parsing `req.json()`.
|
|
1554
|
+
* Useful when using body-parser middleware that has already parsed the body.
|
|
1555
|
+
*/
|
|
1556
|
+
parsedBody?: unknown;
|
|
1557
|
+
/**
|
|
1558
|
+
* Authentication info from middleware. If provided, will be passed to message handlers.
|
|
1559
|
+
*/
|
|
1560
|
+
authInfo?: AuthInfo;
|
|
1561
|
+
}
|
|
1562
|
+
/**
|
|
1563
|
+
* Server transport for Web Standards Streamable HTTP: this implements the MCP Streamable HTTP transport specification
|
|
1564
|
+
* using Web Standard APIs (`Request`, `Response`, `ReadableStream`).
|
|
1565
|
+
*
|
|
1566
|
+
* This transport works on any runtime that supports Web Standards: Node.js 18+, Cloudflare Workers, Deno, Bun, etc.
|
|
1567
|
+
*
|
|
1568
|
+
* In stateful mode:
|
|
1569
|
+
* - Session ID is generated and included in response headers
|
|
1570
|
+
* - Session ID is always included in initialization responses
|
|
1571
|
+
* - Requests with invalid session IDs are rejected with `404 Not Found`
|
|
1572
|
+
* - Non-initialization requests without a session ID are rejected with `400 Bad Request`
|
|
1573
|
+
* - State is maintained in-memory (connections, message history)
|
|
1574
|
+
*
|
|
1575
|
+
* In stateless mode:
|
|
1576
|
+
* - No Session ID is included in any responses
|
|
1577
|
+
* - No session validation is performed
|
|
1578
|
+
*
|
|
1579
|
+
* @example Stateful setup
|
|
1580
|
+
* ```ts source="./streamableHttp.examples.ts#WebStandardStreamableHTTPServerTransport_stateful"
|
|
1581
|
+
* const server = new McpServer({ name: 'my-server', version: '1.0.0' });
|
|
1582
|
+
*
|
|
1583
|
+
* const transport = new WebStandardStreamableHTTPServerTransport({
|
|
1584
|
+
* sessionIdGenerator: () => crypto.randomUUID()
|
|
1585
|
+
* });
|
|
1586
|
+
*
|
|
1587
|
+
* await server.connect(transport);
|
|
1588
|
+
* ```
|
|
1589
|
+
*
|
|
1590
|
+
* @example Stateless setup
|
|
1591
|
+
* ```ts source="./streamableHttp.examples.ts#WebStandardStreamableHTTPServerTransport_stateless"
|
|
1592
|
+
* const transport = new WebStandardStreamableHTTPServerTransport({
|
|
1593
|
+
* sessionIdGenerator: undefined
|
|
1594
|
+
* });
|
|
1595
|
+
* ```
|
|
1596
|
+
*
|
|
1597
|
+
* @example Hono.js
|
|
1598
|
+
* ```ts source="./streamableHttp.examples.ts#WebStandardStreamableHTTPServerTransport_hono"
|
|
1599
|
+
* app.all('/mcp', async c => {
|
|
1600
|
+
* return transport.handleRequest(c.req.raw);
|
|
1601
|
+
* });
|
|
1602
|
+
* ```
|
|
1603
|
+
*
|
|
1604
|
+
* @example Cloudflare Workers
|
|
1605
|
+
* ```ts source="./streamableHttp.examples.ts#WebStandardStreamableHTTPServerTransport_workers"
|
|
1606
|
+
* const worker = {
|
|
1607
|
+
* async fetch(request: Request): Promise<Response> {
|
|
1608
|
+
* return transport.handleRequest(request);
|
|
1609
|
+
* }
|
|
1610
|
+
* };
|
|
1611
|
+
* ```
|
|
1612
|
+
*/
|
|
1613
|
+
declare class WebStandardStreamableHTTPServerTransport implements Transport {
|
|
1614
|
+
private sessionIdGenerator;
|
|
1615
|
+
private _started;
|
|
1616
|
+
private _closed;
|
|
1617
|
+
private _streamMapping;
|
|
1618
|
+
private _requestToStreamMapping;
|
|
1619
|
+
private _requestResponseMap;
|
|
1620
|
+
private _initialized;
|
|
1621
|
+
private _enableJsonResponse;
|
|
1622
|
+
private _standaloneSseStreamId;
|
|
1623
|
+
private _eventStore?;
|
|
1624
|
+
private _onsessioninitialized?;
|
|
1625
|
+
private _onsessionclosed?;
|
|
1626
|
+
private _allowedHosts?;
|
|
1627
|
+
private _allowedOrigins?;
|
|
1628
|
+
private _enableDnsRebindingProtection;
|
|
1629
|
+
private _retryInterval?;
|
|
1630
|
+
private _supportedProtocolVersions;
|
|
1631
|
+
sessionId?: string;
|
|
1632
|
+
onclose?: () => void;
|
|
1633
|
+
onerror?: (error: Error) => void;
|
|
1634
|
+
onmessage?: (message: JSONRPCMessage, extra?: MessageExtraInfo) => void;
|
|
1635
|
+
constructor(options?: WebStandardStreamableHTTPServerTransportOptions);
|
|
1636
|
+
/**
|
|
1637
|
+
* Starts the transport. This is required by the {@linkcode Transport} interface but is a no-op
|
|
1638
|
+
* for the Streamable HTTP transport as connections are managed per-request.
|
|
1639
|
+
*/
|
|
1640
|
+
start(): Promise<void>;
|
|
1641
|
+
/**
|
|
1642
|
+
* Sets the supported protocol versions for header validation.
|
|
1643
|
+
* Called by the server during {@linkcode server/server.Server.connect | connect()} to pass its supported versions.
|
|
1644
|
+
*/
|
|
1645
|
+
setSupportedProtocolVersions(versions: string[]): void;
|
|
1646
|
+
/**
|
|
1647
|
+
* Helper to create a JSON error response
|
|
1648
|
+
*/
|
|
1649
|
+
private createJsonErrorResponse;
|
|
1650
|
+
/**
|
|
1651
|
+
* Validates request headers for DNS rebinding protection.
|
|
1652
|
+
* @returns Error response if validation fails, `undefined` if validation passes.
|
|
1653
|
+
*/
|
|
1654
|
+
private validateRequestHeaders;
|
|
1655
|
+
/**
|
|
1656
|
+
* Handles an incoming HTTP request, whether `GET`, `POST`, or `DELETE`
|
|
1657
|
+
* Returns a `Response` object (Web Standard)
|
|
1658
|
+
*/
|
|
1659
|
+
handleRequest(req: Request, options?: HandleRequestOptions): Promise<Response>;
|
|
1660
|
+
/**
|
|
1661
|
+
* Returns true if the client's protocol version supports empty SSE data in
|
|
1662
|
+
* priming events (the fix shipped with protocol version `2025-11-25`).
|
|
1663
|
+
*
|
|
1664
|
+
* The version is checked for membership in this transport instance's
|
|
1665
|
+
* supported protocol versions rather than with an open-ended
|
|
1666
|
+
* `>= '2025-11-25'` comparison: the value may come from an `initialize`
|
|
1667
|
+
* request body, which (unlike the `MCP-Protocol-Version` header) is not
|
|
1668
|
+
* validated against `supportedProtocolVersions` before reaching this
|
|
1669
|
+
* check. An unknown future version string must not silently enable
|
|
1670
|
+
* behavior reserved for versions this transport actually supports.
|
|
1671
|
+
*/
|
|
1672
|
+
private supportsEmptySSEData;
|
|
1673
|
+
/**
|
|
1674
|
+
* Writes a priming event to establish resumption capability.
|
|
1675
|
+
* Only sends if `eventStore` is configured (opt-in for resumability) and
|
|
1676
|
+
* the client's protocol version supports empty SSE data (a supported
|
|
1677
|
+
* version that is >= `2025-11-25`).
|
|
1678
|
+
*/
|
|
1679
|
+
private writePrimingEvent;
|
|
1680
|
+
/**
|
|
1681
|
+
* Handles `GET` requests for SSE stream
|
|
1682
|
+
*/
|
|
1683
|
+
private handleGetRequest;
|
|
1684
|
+
/**
|
|
1685
|
+
* Replays events that would have been sent after the specified event ID
|
|
1686
|
+
* Only used when resumability is enabled
|
|
1687
|
+
*/
|
|
1688
|
+
private replayEvents;
|
|
1689
|
+
/**
|
|
1690
|
+
* Writes an event to an SSE stream via controller with proper formatting
|
|
1691
|
+
*/
|
|
1692
|
+
private writeSSEEvent;
|
|
1693
|
+
/**
|
|
1694
|
+
* Handles unsupported requests (`PUT`, `PATCH`, etc.)
|
|
1695
|
+
*/
|
|
1696
|
+
private handleUnsupportedRequest;
|
|
1697
|
+
/**
|
|
1698
|
+
* Handles `POST` requests containing JSON-RPC messages
|
|
1699
|
+
*/
|
|
1700
|
+
private handlePostRequest;
|
|
1701
|
+
/**
|
|
1702
|
+
* Handles `DELETE` requests to terminate sessions
|
|
1703
|
+
*/
|
|
1704
|
+
private handleDeleteRequest;
|
|
1705
|
+
/**
|
|
1706
|
+
* Validates session ID for non-initialization requests.
|
|
1707
|
+
* Returns `Response` error if invalid, `undefined` otherwise
|
|
1708
|
+
*/
|
|
1709
|
+
private validateSession;
|
|
1710
|
+
/**
|
|
1711
|
+
* Validates the `MCP-Protocol-Version` header on incoming requests.
|
|
1712
|
+
*
|
|
1713
|
+
* For initialization: Version negotiation handles unknown versions gracefully
|
|
1714
|
+
* (server responds with its supported version).
|
|
1715
|
+
*
|
|
1716
|
+
* For subsequent requests with `MCP-Protocol-Version` header:
|
|
1717
|
+
* - Accept if in supported list
|
|
1718
|
+
* - 400 if unsupported
|
|
1719
|
+
*
|
|
1720
|
+
* For HTTP requests without the `MCP-Protocol-Version` header:
|
|
1721
|
+
* - Accept and default to the version negotiated at initialization
|
|
1722
|
+
*/
|
|
1723
|
+
private validateProtocolVersion;
|
|
1724
|
+
close(): Promise<void>;
|
|
1725
|
+
/**
|
|
1726
|
+
* Close an SSE stream for a specific request, triggering client reconnection.
|
|
1727
|
+
* Use this to implement polling behavior during long-running operations -
|
|
1728
|
+
* client will reconnect after the retry interval specified in the priming event.
|
|
1729
|
+
*/
|
|
1730
|
+
closeSSEStream(requestId: RequestId): void;
|
|
1731
|
+
/**
|
|
1732
|
+
* Close the standalone `GET` SSE stream, triggering client reconnection.
|
|
1733
|
+
* Use this to implement polling behavior for server-initiated notifications.
|
|
1734
|
+
*/
|
|
1735
|
+
closeStandaloneSSEStream(): void;
|
|
1736
|
+
send(message: JSONRPCMessage, options?: {
|
|
1737
|
+
relatedRequestId?: RequestId;
|
|
1738
|
+
}): Promise<void>;
|
|
1739
|
+
}
|
|
1740
|
+
//#endregion
|
|
1741
|
+
//#region src/fromJsonSchema.d.ts
|
|
1742
|
+
declare function fromJsonSchema<T = unknown>(schema: JsonSchemaType, validator?: jsonSchemaValidator): StandardSchemaWithJSON<T, T>;
|
|
1743
|
+
//#endregion
|
|
1744
|
+
export { AjvJsonSchemaValidator, Annotations, type AnyToolHandler, AudioContent, AuthInfo, AuthorizationServerMetadata, BAGGAGE_META_KEY, BaseContext, BaseMetadata, type BaseToolCallback, BlobResourceContents, BooleanSchema, CLIENT_CAPABILITIES_META_KEY, CLIENT_INFO_META_KEY, type CacheHint, type CacheScope, CallToolRequest, CallToolRequestParams, CallToolResult, CancelTaskRequest, CancelTaskResult, CancelledNotification, CancelledNotificationParams, CfWorkerJsonSchemaValidator, CfWorkerSchemaDraft, ClientCapabilities, ClientContext, ClientNotification, ClientRequest, ClientResult, CompatibilityCallToolResult, type CompletableSchema, type CompleteCallback, CompleteRequest, CompleteRequestParams, CompleteRequestPrompt, CompleteRequestResourceTemplate, type CompleteResourceTemplateCallback, CompleteResult, ContentBlock, type CreateMcpHandlerOptions, CreateMessageRequest, CreateMessageRequestParams, CreateMessageRequestParamsBase, CreateMessageRequestParamsWithTools, CreateMessageResult, CreateMessageResultWithTools, CreateTaskResult, Cursor, DEFAULT_NEGOTIATED_PROTOCOL_VERSION, DEFAULT_REQUEST_TIMEOUT_MSEC, DiscoverRequest, DiscoverResult, ElicitRequest, ElicitRequestFormParams, ElicitRequestParams, ElicitRequestURLParams, ElicitResult, ElicitationCompleteNotification, ElicitationCompleteNotificationParams, EmbeddedResource, EmptyResult, EnumSchema, type EventId, type EventStore, FetchLike, GetPromptRequest, GetPromptRequestParams, GetPromptResult, GetTaskPayloadRequest, GetTaskPayloadResult, GetTaskRequest, GetTaskResult, type HandleRequestOptions, HandlerResultTypeMap, type HostHeaderValidationResult, INTERNAL_ERROR, INVALID_PARAMS, INVALID_REQUEST, Icon, Icons, IdJagTokenExchangeResponse, ImageContent, Implementation, InMemoryServerEventBus, InMemoryTransport, type InboundClassificationOutcome, type InboundHttpRequest, type InboundLadderRejection, type InboundLegacyRoute, type InboundLegacyRouteReason, type InboundModernRoute, type InboundValidationRung, InitializeRequest, InitializeRequestParams, InitializeResult, InitializedNotification, InputRequest, InputRequests, InputRequiredResult, type InputRequiredSpec, InputResponse, type InputResponseView, InputResponses, InternalError, InvalidParamsError, InvalidRequestError, JSONArray, JSONObject, JSONRPCErrorResponse, JSONRPCMessage, JSONRPCNotification, JSONRPCRequest, JSONRPCResponse, JSONRPCResultResponse, JSONRPC_VERSION, JSONValue, JsonSchemaType, JsonSchemaValidator, JsonSchemaValidatorResult, LATEST_PROTOCOL_VERSION, LOG_LEVEL_META_KEY, type LegacyHttpHandler, LegacyTitledEnumSchema, ListChangedCallback, ListChangedHandlers, ListChangedOptions, ListPromptsRequest, ListPromptsResult, ListResourceTemplatesRequest, ListResourceTemplatesResult, type ListResourcesCallback, ListResourcesRequest, ListResourcesResult, ListRootsRequest, ListRootsResult, ListTasksRequest, ListTasksResult, ListToolsRequest, ListToolsResult, LoggingLevel, LoggingMessageNotification, LoggingMessageNotificationParams, METHOD_NOT_FOUND, type McpHandlerRequestOptions, type McpHttpHandler, type McpRequestContext, McpServer, type McpServerFactory, MessageClassification, MessageExtraInfo, MetaObject, MethodNotFoundError, MissingRequiredClientCapabilityError, MissingRequiredClientCapabilityErrorData, ModelHint, ModelPreferences, MultiSelectEnumSchema, Notification, NotificationMethod, NotificationOptions, NotificationParams, NotificationTypeMap, NumberSchema, OAuthClientInformation, OAuthClientInformationFull, OAuthClientInformationMixed, OAuthClientMetadata, OAuthClientRegistrationError, OAuthError, OAuthErrorCode, OAuthErrorResponse, OAuthMetadata, OAuthProtectedResourceMetadata, OAuthTokenRevocationRequest, OAuthTokens, OpenIdProviderDiscoveryMetadata, OpenIdProviderMetadata, type OriginValidationResult, PARSE_ERROR, PROTOCOL_VERSION_META_KEY, PaginatedRequest, PaginatedRequestParams, PaginatedResult, ParseError, PerRequestHTTPServerTransport, type PerRequestHTTPServerTransportOptions, type PerRequestMessageExtra, type PerRequestResponseMode, PingRequest, PrimitiveSchemaDefinition, Progress, ProgressCallback, ProgressNotification, ProgressNotificationParams, ProgressToken, Prompt, PromptArgument, type PromptCallback, PromptListChangedNotification, PromptMessage, PromptReference, ProtocolEra, ProtocolError, ProtocolErrorCode, ProtocolOptions, RELATED_TASK_META_KEY, ReadBuffer, type ReadResourceCallback, ReadResourceRequest, ReadResourceRequestParams, ReadResourceResult, type ReadResourceTemplateCallback, type RegisteredPrompt, type RegisteredResource, type RegisteredResourceTemplate, type RegisteredTool, RelatedTaskMetadata, Request$1 as Request, RequestHandlerSchemas, RequestId, RequestMeta, RequestMetaEnvelope, RequestMetaObject, RequestMethod, RequestOptions, RequestParams, RequestStateAccessor, type RequestStateCodec, type RequestStateCodecOptions, RequestTypeMap, Resource, ResourceContents, ResourceLink, ResourceListChangedNotification, type ResourceMetadata, ResourceNotFoundError, ResourceRequestParams, ResourceTemplate, ResourceTemplateReference, ResourceTemplateType, ResourceUpdatedNotification, ResourceUpdatedNotificationParams, Result, ResultTypeMap, Role, Root, RootsListChangedNotification, STDIO_DEFAULT_MAX_BUFFER_SIZE, SUBSCRIPTION_ID_META_KEY, SUPPORTED_PROTOCOL_VERSIONS, SamplingContent, SamplingMessage, SamplingMessageContentBlock, SdkError, SdkErrorCode, SdkHttpError, SdkHttpErrorData, Server, ServerCapabilities, ServerContext, type ServerEvent, type ServerEventBus, ServerNotification, type ServerNotifier, type ServerOptions, ServerRequest, ServerResult, SetLevelRequest, SetLevelRequestParams, SingleSelectEnumSchema, SpecTypeName, SpecTypes, StandardSchemaV1, StandardSchemaV1Sync, StandardSchemaWithJSON, StoredOAuthClientInformation, StoredOAuthTokens, type StreamId, StringSchema, SubscribeRequest, SubscribeRequestParams, SubscriptionFilter, SubscriptionsAcknowledgedNotification, SubscriptionsAcknowledgedNotificationParams, SubscriptionsListenRequest, SubscriptionsListenRequestParams, SubscriptionsListenResult, SubscriptionsListenResultMeta, TRACEPARENT_META_KEY, TRACESTATE_META_KEY, Task, TaskAugmentedRequestParams, TaskCreationParams, TaskMetadata, TaskStatus, TaskStatusNotification, TaskStatusNotificationParams, TextContent, TextResourceContents, TitledMultiSelectEnumSchema, TitledSingleSelectEnumSchema, Tool, ToolAnnotations, type ToolCallback, ToolChoice, ToolExecution, ToolListChangedNotification, ToolResultContent, ToolUseContent, Transport, TransportSendOptions, UnsubscribeRequest, UnsubscribeRequestParams, UnsupportedProtocolVersionError, UnsupportedProtocolVersionErrorData, UntitledMultiSelectEnumSchema, UntitledSingleSelectEnumSchema, UriTemplate, UrlElicitationRequiredError, Variables, WebStandardStreamableHTTPServerTransport, type WebStandardStreamableHTTPServerTransportOptions, acceptedContent, assertCompleteRequestPrompt, assertCompleteRequestResourceTemplate, checkResourceAllowed, classifyInboundRequest, completable, createFetchWithInit, createMcpHandler, createRequestStateCodec, deserializeMessage, fromJsonSchema, getDisplayName, hostHeaderValidationResponse, inputRequired, inputResponse, isCallToolResult, isCompletable, isInitializeRequest, isInitializedNotification, isInputRequiredResult, isJSONRPCErrorResponse, isJSONRPCNotification, isJSONRPCRequest, isJSONRPCResponse, isJSONRPCResultResponse, isLegacyRequest, isSpecType, isTaskAugmentedRequestParams, jsonSchemaValidator, legacyStatelessFallback, localhostAllowedHostnames, localhostAllowedOrigins, originValidationResponse, parseJSONRPCMessage, resourceUrlFromServerUrl, serializeMessage, specTypeSchemas, validateHostHeader, validateOriginHeader };
|
|
1745
|
+
//# sourceMappingURL=index.d.cts.map
|