@modelcontextprotocol/server 2.0.0-beta.1 → 2.0.0-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/dist/ajvProvider-D2kRT_qB.d.cts +1030 -0
  2. package/dist/ajvProvider-D2kRT_qB.d.cts.map +1 -0
  3. package/dist/ajvProvider-DhTNkgm1.cjs +7059 -0
  4. package/dist/ajvProvider-DhTNkgm1.cjs.map +1 -0
  5. package/dist/cfWorkerProvider-Djgwc46-.cjs +976 -0
  6. package/dist/cfWorkerProvider-Djgwc46-.cjs.map +1 -0
  7. package/dist/cfWorkerProvider-RncldJmy.d.cts +59 -0
  8. package/dist/cfWorkerProvider-RncldJmy.d.cts.map +1 -0
  9. package/dist/chunk-Bnu9O96Y.cjs +60 -0
  10. package/dist/createMcpHandler-Du3hjXvf.d.mts.map +1 -1
  11. package/dist/createMcpHandler-DyxapqGO.d.cts +11190 -0
  12. package/dist/createMcpHandler-DyxapqGO.d.cts.map +1 -0
  13. package/dist/index.cjs +1657 -0
  14. package/dist/index.cjs.map +1 -0
  15. package/dist/index.d.cts +1745 -0
  16. package/dist/index.d.cts.map +1 -0
  17. package/dist/index.mjs +3 -2
  18. package/dist/index.mjs.map +1 -1
  19. package/dist/{mcp-JttQJlI9.mjs → mcp-C2tFGfLG.mjs} +18 -5
  20. package/dist/mcp-C2tFGfLG.mjs.map +1 -0
  21. package/dist/mcp-DVEehpM2.cjs +10545 -0
  22. package/dist/mcp-DVEehpM2.cjs.map +1 -0
  23. package/dist/shimsNode.cjs +12 -0
  24. package/dist/shimsNode.d.cts +3 -0
  25. package/dist/shimsWorkerd.cjs +23 -0
  26. package/dist/shimsWorkerd.cjs.map +1 -0
  27. package/dist/shimsWorkerd.d.cts +11 -0
  28. package/dist/shimsWorkerd.d.cts.map +1 -0
  29. package/dist/stdio.cjs +563 -0
  30. package/dist/stdio.cjs.map +1 -0
  31. package/dist/stdio.d.cts +107 -0
  32. package/dist/stdio.d.cts.map +1 -0
  33. package/dist/stdio.mjs +1 -1
  34. package/dist/types-Pc2fJzyM.d.cts +1099 -0
  35. package/dist/types-Pc2fJzyM.d.cts.map +1 -0
  36. package/dist/validators/ajv.cjs +10 -0
  37. package/dist/validators/ajv.d.cts +2 -0
  38. package/dist/validators/cfWorker.cjs +3 -0
  39. package/dist/validators/cfWorker.d.cts +2 -0
  40. package/package.json +68 -19
  41. package/dist/mcp-JttQJlI9.mjs.map +0 -1
@@ -0,0 +1,1745 @@
1
+ import { $ as StandardSchemaV1, $i as SdkErrorCode, $n as NotificationMethod, $r as SingleSelectEnumSchema, $t as HandlerResultTypeMap, A as ResourceMetadata, Ai as UnsupportedProtocolVersionErrorData, An as ListPromptsResult, Ar as Resource, At as CreateMessageResult, B as ClientContext, Bi as INVALID_REQUEST, Bn as ListToolsResult, Br as ResultTypeMap, Bt as ElicitResult, C as PromptCallback, Ci as ToolChoice, Cn as JSONRPCResultResponse, Cr as RequestId, Ct as CompleteRequestResourceTemplate, D as RegisteredResource, Di as ToolUseContent, Dn as ListChangedHandlers, Dr as RequestMethod, Dt as CreateMessageRequestParams, E as RegisteredPrompt, Ei as ToolResultContent, En as ListChangedCallback, Er as RequestMetaObject, Et as CreateMessageRequest, F as UriTemplate, Fi as CLIENT_CAPABILITIES_META_KEY, Fn as ListRootsRequest, Fr as ResourceTemplateReference, Ft as DiscoverResult, G as RequestHandlerSchemas, Gi as PARSE_ERROR, Gn as MessageExtraInfo, Gr as SamplingMessage, Gt as EnumSchema, H as NotificationOptions, Hi as LATEST_PROTOCOL_VERSION, Hn as LoggingMessageNotification, Hr as Root, Ht as ElicitationCompleteNotificationParams, I as Variables, Ii as CLIENT_INFO_META_KEY, In as ListRootsResult, Ir as ResourceTemplateType, It as ElicitRequest, J as ServerContext, Ji as SUBSCRIPTION_ID_META_KEY, Jn as MissingRequiredClientCapabilityErrorData, Jr as ServerNotification, Jt as GetPromptResult, K as RequestOptions, Ki as PROTOCOL_VERSION_META_KEY, Kn as MetaObject, Kr as SamplingMessageContentBlock, Kt as GetPromptRequest, L as CacheHint, Li as DEFAULT_NEGOTIATED_PROTOCOL_VERSION, Ln as ListTasksRequest, Lr as ResourceUpdatedNotification, Lt as ElicitRequestFormParams, M as ToolCallback, Mi as UntitledSingleSelectEnumSchema, Mn as ListResourceTemplatesResult, Mr as ResourceLink, Mt as CreateTaskResult, N as Server, Ni as schemas_d_exports, Nn as ListResourcesRequest, Nr as ResourceListChangedNotification, Nt as Cursor, O as RegisteredResourceTemplate, Oi as UnsubscribeRequest, On as ListChangedOptions, Or as RequestParams, Ot as CreateMessageRequestParamsBase, P as ServerOptions, Pi as BAGGAGE_META_KEY, Pn as ListResourcesResult, Pr as ResourceRequestParams, Pt as DiscoverRequest, Q as createFetchWithInit, Qi as SdkError, Qn as Notification, Qr as SetLevelRequestParams, Qt as GetTaskResult, R as CacheScope, Ri as INTERNAL_ERROR, Rn as ListTasksResult, Rr as ResourceUpdatedNotificationParams, Rt as ElicitRequestParams, S as McpServer, Si as ToolAnnotations, Sn as JSONRPCResponse, Sr as Request$1, St as CompleteRequestPrompt, T as ReadResourceTemplateCallback, Ti as ToolListChangedNotification, Tn as LegacyTitledEnumSchema, Tr as RequestMetaEnvelope, Tt as ContentBlock, U as ProgressCallback, Ui as LOG_LEVEL_META_KEY, Un as LoggingMessageNotificationParams, Ur as RootsListChangedNotification, Ut as EmbeddedResource, V as DEFAULT_REQUEST_TIMEOUT_MSEC, Vi as JSONRPC_VERSION, Vn as LoggingLevel, Vr as Role, Vt as ElicitationCompleteNotification, W as ProtocolOptions, Wi as METHOD_NOT_FOUND, Wn as MessageClassification, Wr as SamplingContent, Wt as EmptyResult, X as Transport, Xi as TRACEPARENT_META_KEY, Xn as ModelPreferences, Xr as ServerResult, Xt as GetTaskPayloadResult, Y as FetchLike, Yi as SUPPORTED_PROTOCOL_VERSIONS, Yn as ModelHint, Yr as ServerRequest, Yt as GetTaskPayloadRequest, Z as TransportSendOptions, Zi as TRACESTATE_META_KEY, Zn as MultiSelectEnumSchema, Zr as SetLevelRequest, Zt as GetTaskRequest, _ as PerRequestResponseMode, _i as TextContent, _n as JSONObject, _r as PromptReference, _t as ClientRequest, a as McpRequestContext, ai as SubscriptionsAcknowledgedNotificationParams, an as InitializeRequestParams, ar as PaginatedResult, at as BaseMetadata, b as CompleteResourceTemplateCallback, bi as TitledSingleSelectEnumSchema, bn as JSONRPCNotification, br as ReadResourceResult, bt as CompleteRequest, c as isLegacyRequest, ci as SubscriptionsListenResult, cn as InputRequest, cr as PrimitiveSchemaDefinition, ct as CallToolRequest, d as ServerEvent, di as TaskAugmentedRequestParams, dn as InputResponse, dr as ProgressNotificationParams, dt as CancelTaskRequest, ea as SdkHttpError, ei as StringSchema, en as Icon, er as NotificationParams, et as StandardSchemaV1Sync, f as ServerEventBus, fi as TaskCreationParams, fn as InputResponses, fr as ProgressToken, ft as CancelTaskResult, g as PerRequestMessageExtra, gi as TaskStatusNotificationParams, gn as JSONArray, gr as PromptMessage, gt as ClientNotification, h as PerRequestHTTPServerTransportOptions, hi as TaskStatusNotification, hn as InvalidRequestError, hr as PromptListChangedNotification, ht as ClientCapabilities, i as McpHttpHandler, ii as SubscriptionsAcknowledgedNotification, in as InitializeRequest, ir as PaginatedRequestParams, it as AuthInfo, j as ResourceTemplate, ji as UntitledMultiSelectEnumSchema, jn as ListResourceTemplatesRequest, jr as ResourceContents, jt as CreateMessageResultWithTools, k as RegisteredTool, ki as UnsubscribeRequestParams, kn as ListPromptsRequest, kr as RequestTypeMap, kt as CreateMessageRequestParamsWithTools, l as legacyStatelessFallback, li as SubscriptionsListenResultMeta, ln as InputRequests, lr as Progress, lt as CallToolRequestParams, m as PerRequestHTTPServerTransport, mi as TaskStatus, mn as InvalidParamsError, mr as PromptArgument, mt as CancelledNotificationParams, n as LegacyHttpHandler, ni as SubscribeRequestParams, nn as ImageContent, nr as NumberSchema, nt as Annotations, o as McpServerFactory, oi as SubscriptionsListenRequest, on as InitializeResult, or as ParseError, ot as BlobResourceContents, p as ServerNotifier, pi as TaskMetadata, pn as InternalError, pr as Prompt, pt as CancelledNotification, q as RequestStateAccessor, qi as RELATED_TASK_META_KEY, qn as MethodNotFoundError, qr as ServerCapabilities, qt as GetPromptRequestParams, r as McpHandlerRequestOptions, ri as SubscriptionFilter, rn as Implementation, rr as PaginatedRequest, rt as AudioContent, s as createMcpHandler, si as SubscriptionsListenRequestParams, sn as InitializedNotification, sr as PingRequest, st as BooleanSchema, t as CreateMcpHandlerOptions, ta as SdkHttpErrorData, ti as SubscribeRequest, tn as Icons, tr as NotificationTypeMap, tt as StandardSchemaWithJSON, u as InMemoryServerEventBus, ui as Task, un as InputRequiredResult, ur as ProgressNotification, ut as CallToolResult, v as AnyToolHandler, vi as TextResourceContents, vn as JSONRPCErrorResponse, vr as ReadResourceRequest, vt as ClientResult, w as ReadResourceCallback, wi as ToolExecution, wn as JSONValue, wr as RequestMeta, wt as CompleteResult, x as ListResourcesCallback, xi as Tool, xn as JSONRPCRequest, xr as RelatedTaskMetadata, xt as CompleteRequestParams, y as BaseToolCallback, yi as TitledMultiSelectEnumSchema, yn as JSONRPCMessage, yr as ReadResourceRequestParams, yt as CompatibilityCallToolResult, z as BaseContext, zi as INVALID_PARAMS, zn as ListToolsRequest, zr as Result, zt as ElicitRequestURLParams } from "./createMcpHandler-DyxapqGO.cjs";
2
+ import { t as AjvJsonSchemaValidator } from "./ajvProvider-D2kRT_qB.cjs";
3
+ import { i as jsonSchemaValidator, n as JsonSchemaValidator, r as JsonSchemaValidatorResult, t as JsonSchemaType } from "./types-Pc2fJzyM.cjs";
4
+ import { n as CfWorkerSchemaDraft, t as CfWorkerJsonSchemaValidator } from "./cfWorkerProvider-RncldJmy.cjs";
5
+ import * as z from "zod/v4";
6
+
7
+ //#region ../core-internal/src/shared/auth.d.ts
8
+
9
+ /**
10
+ * RFC 9728 OAuth Protected Resource Metadata
11
+ */
12
+ declare const OAuthProtectedResourceMetadataSchema: z.ZodObject<{
13
+ resource: z.ZodString;
14
+ authorization_servers: z.ZodOptional<z.ZodArray<z.ZodURL>>;
15
+ jwks_uri: z.ZodOptional<z.ZodString>;
16
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
17
+ bearer_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
18
+ resource_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
19
+ resource_name: z.ZodOptional<z.ZodString>;
20
+ resource_documentation: z.ZodOptional<z.ZodString>;
21
+ resource_policy_uri: z.ZodOptional<z.ZodString>;
22
+ resource_tos_uri: z.ZodOptional<z.ZodString>;
23
+ tls_client_certificate_bound_access_tokens: z.ZodOptional<z.ZodBoolean>;
24
+ authorization_details_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
25
+ dpop_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
26
+ dpop_bound_access_tokens_required: z.ZodOptional<z.ZodBoolean>;
27
+ }, z.core.$loose>;
28
+ /**
29
+ * RFC 8414 OAuth 2.0 Authorization Server Metadata
30
+ */
31
+ declare const OAuthMetadataSchema: z.ZodObject<{
32
+ issuer: z.ZodString;
33
+ authorization_endpoint: z.ZodURL;
34
+ token_endpoint: z.ZodURL;
35
+ registration_endpoint: z.ZodOptional<z.ZodURL>;
36
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
37
+ response_types_supported: z.ZodArray<z.ZodString>;
38
+ response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
39
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
40
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
41
+ token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
42
+ service_documentation: z.ZodOptional<z.ZodURL>;
43
+ revocation_endpoint: z.ZodOptional<z.ZodURL>;
44
+ revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
45
+ revocation_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
46
+ introspection_endpoint: z.ZodOptional<z.ZodString>;
47
+ introspection_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
48
+ introspection_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
49
+ code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
50
+ client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
51
+ authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
52
+ }, z.core.$loose>;
53
+ /**
54
+ * OpenID Connect Discovery 1.0 Provider Metadata
55
+ *
56
+ * @see https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
57
+ */
58
+ declare const OpenIdProviderMetadataSchema: z.ZodObject<{
59
+ issuer: z.ZodString;
60
+ authorization_endpoint: z.ZodURL;
61
+ token_endpoint: z.ZodURL;
62
+ userinfo_endpoint: z.ZodOptional<z.ZodURL>;
63
+ jwks_uri: z.ZodURL;
64
+ registration_endpoint: z.ZodOptional<z.ZodURL>;
65
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
66
+ response_types_supported: z.ZodArray<z.ZodString>;
67
+ response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
68
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
69
+ acr_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
70
+ subject_types_supported: z.ZodArray<z.ZodString>;
71
+ id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
72
+ id_token_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
73
+ id_token_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
74
+ userinfo_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
75
+ userinfo_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
76
+ userinfo_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
77
+ request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
78
+ request_object_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
79
+ request_object_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
80
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
81
+ token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
82
+ display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
83
+ claim_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
84
+ claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
85
+ service_documentation: z.ZodOptional<z.ZodString>;
86
+ claims_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
87
+ ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
88
+ claims_parameter_supported: z.ZodOptional<z.ZodBoolean>;
89
+ request_parameter_supported: z.ZodOptional<z.ZodBoolean>;
90
+ request_uri_parameter_supported: z.ZodOptional<z.ZodBoolean>;
91
+ require_request_uri_registration: z.ZodOptional<z.ZodBoolean>;
92
+ op_policy_uri: z.ZodOptional<z.ZodURL>;
93
+ op_tos_uri: z.ZodOptional<z.ZodURL>;
94
+ client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
95
+ authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
96
+ }, z.core.$loose>;
97
+ /**
98
+ * OpenID Connect Discovery metadata that may include OAuth 2.0 fields
99
+ * This schema represents the real-world scenario where OIDC providers
100
+ * return a mix of OpenID Connect and OAuth 2.0 metadata fields
101
+ */
102
+ declare const OpenIdProviderDiscoveryMetadataSchema: z.ZodObject<{
103
+ code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
104
+ issuer: z.ZodString;
105
+ authorization_endpoint: z.ZodURL;
106
+ token_endpoint: z.ZodURL;
107
+ userinfo_endpoint: z.ZodOptional<z.ZodURL>;
108
+ jwks_uri: z.ZodURL;
109
+ registration_endpoint: z.ZodOptional<z.ZodURL>;
110
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
111
+ response_types_supported: z.ZodArray<z.ZodString>;
112
+ response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
113
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
114
+ acr_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
115
+ subject_types_supported: z.ZodArray<z.ZodString>;
116
+ id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
117
+ id_token_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
118
+ id_token_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
119
+ userinfo_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
120
+ userinfo_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
121
+ userinfo_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
122
+ request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
123
+ request_object_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
124
+ request_object_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
125
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
126
+ token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
127
+ display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
128
+ claim_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
129
+ claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
130
+ service_documentation: z.ZodOptional<z.ZodString>;
131
+ claims_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
132
+ ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
133
+ claims_parameter_supported: z.ZodOptional<z.ZodBoolean>;
134
+ request_parameter_supported: z.ZodOptional<z.ZodBoolean>;
135
+ request_uri_parameter_supported: z.ZodOptional<z.ZodBoolean>;
136
+ require_request_uri_registration: z.ZodOptional<z.ZodBoolean>;
137
+ op_policy_uri: z.ZodOptional<z.ZodURL>;
138
+ op_tos_uri: z.ZodOptional<z.ZodURL>;
139
+ client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
140
+ authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
141
+ }, z.core.$strip>;
142
+ /**
143
+ * OAuth 2.1 token response
144
+ */
145
+ declare const OAuthTokensSchema: z.ZodObject<{
146
+ access_token: z.ZodString;
147
+ id_token: z.ZodOptional<z.ZodString>;
148
+ token_type: z.ZodString;
149
+ expires_in: z.ZodOptional<z.ZodCoercedNumber<unknown>>;
150
+ scope: z.ZodOptional<z.ZodString>;
151
+ refresh_token: z.ZodOptional<z.ZodString>;
152
+ }, z.core.$strip>;
153
+ /**
154
+ * RFC 8693 §2.2.1 Token Exchange response for ID-JAG tokens.
155
+ *
156
+ * `token_type` is intentionally optional: per RFC 8693 §2.2.1 it is informational when
157
+ * the issued token is not an access token, and per RFC 6749 §5.1 it is case-insensitive,
158
+ * so strict checking rejects conformant IdPs.
159
+ */
160
+ declare const IdJagTokenExchangeResponseSchema: z.ZodObject<{
161
+ issued_token_type: z.ZodLiteral<"urn:ietf:params:oauth:token-type:id-jag">;
162
+ access_token: z.ZodString;
163
+ token_type: z.ZodOptional<z.ZodString>;
164
+ expires_in: z.ZodOptional<z.ZodNumber>;
165
+ scope: z.ZodOptional<z.ZodString>;
166
+ }, z.core.$strip>;
167
+ type IdJagTokenExchangeResponse = z.infer<typeof IdJagTokenExchangeResponseSchema>;
168
+ /**
169
+ * OAuth 2.1 error response
170
+ */
171
+ declare const OAuthErrorResponseSchema: z.ZodObject<{
172
+ error: z.ZodString;
173
+ error_description: z.ZodOptional<z.ZodString>;
174
+ error_uri: z.ZodOptional<z.ZodString>;
175
+ }, z.core.$strip>;
176
+ /**
177
+ * RFC 7591 OAuth 2.0 Dynamic Client Registration metadata
178
+ */
179
+ declare const OAuthClientMetadataSchema: z.ZodObject<{
180
+ redirect_uris: z.ZodArray<z.ZodURL>;
181
+ token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
182
+ grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
183
+ response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
184
+ application_type: z.ZodOptional<z.ZodString>;
185
+ client_name: z.ZodOptional<z.ZodString>;
186
+ client_uri: z.ZodOptional<z.ZodURL>;
187
+ logo_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
188
+ scope: z.ZodOptional<z.ZodString>;
189
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
190
+ tos_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
191
+ policy_uri: z.ZodOptional<z.ZodString>;
192
+ jwks_uri: z.ZodOptional<z.ZodURL>;
193
+ jwks: z.ZodOptional<z.ZodAny>;
194
+ software_id: z.ZodOptional<z.ZodString>;
195
+ software_version: z.ZodOptional<z.ZodString>;
196
+ software_statement: z.ZodOptional<z.ZodString>;
197
+ }, z.core.$strip>;
198
+ /**
199
+ * RFC 7591 OAuth 2.0 Dynamic Client Registration client information
200
+ */
201
+ declare const OAuthClientInformationSchema: z.ZodObject<{
202
+ client_id: z.ZodString;
203
+ client_secret: z.ZodOptional<z.ZodString>;
204
+ client_id_issued_at: z.ZodOptional<z.ZodNumber>;
205
+ client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
206
+ }, z.core.$strip>;
207
+ /**
208
+ * RFC 7591 OAuth 2.0 Dynamic Client Registration full response (client information plus metadata)
209
+ */
210
+ declare const OAuthClientInformationFullSchema: z.ZodObject<{
211
+ redirect_uris: z.ZodArray<z.ZodURL>;
212
+ token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
213
+ grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
214
+ response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
215
+ application_type: z.ZodOptional<z.ZodString>;
216
+ client_name: z.ZodOptional<z.ZodString>;
217
+ client_uri: z.ZodOptional<z.ZodURL>;
218
+ logo_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
219
+ scope: z.ZodOptional<z.ZodString>;
220
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
221
+ tos_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
222
+ policy_uri: z.ZodOptional<z.ZodString>;
223
+ jwks_uri: z.ZodOptional<z.ZodURL>;
224
+ jwks: z.ZodOptional<z.ZodAny>;
225
+ software_id: z.ZodOptional<z.ZodString>;
226
+ software_version: z.ZodOptional<z.ZodString>;
227
+ software_statement: z.ZodOptional<z.ZodString>;
228
+ client_id: z.ZodString;
229
+ client_secret: z.ZodOptional<z.ZodString>;
230
+ client_id_issued_at: z.ZodOptional<z.ZodNumber>;
231
+ client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
232
+ }, z.core.$strip>;
233
+ /**
234
+ * RFC 7591 OAuth 2.0 Dynamic Client Registration error response
235
+ */
236
+ declare const OAuthClientRegistrationErrorSchema: z.ZodObject<{
237
+ error: z.ZodString;
238
+ error_description: z.ZodOptional<z.ZodString>;
239
+ }, z.core.$strip>;
240
+ /**
241
+ * RFC 7009 OAuth 2.0 Token Revocation request
242
+ */
243
+ declare const OAuthTokenRevocationRequestSchema: z.ZodObject<{
244
+ token: z.ZodString;
245
+ token_type_hint: z.ZodOptional<z.ZodString>;
246
+ }, z.core.$strip>;
247
+ type OAuthMetadata = z.infer<typeof OAuthMetadataSchema>;
248
+ type OpenIdProviderMetadata = z.infer<typeof OpenIdProviderMetadataSchema>;
249
+ type OpenIdProviderDiscoveryMetadata = z.infer<typeof OpenIdProviderDiscoveryMetadataSchema>;
250
+ type OAuthTokens = z.infer<typeof OAuthTokensSchema>;
251
+ type OAuthErrorResponse = z.infer<typeof OAuthErrorResponseSchema>;
252
+ type OAuthClientMetadata = z.infer<typeof OAuthClientMetadataSchema>;
253
+ type OAuthClientInformation = z.infer<typeof OAuthClientInformationSchema>;
254
+ type OAuthClientInformationFull = z.infer<typeof OAuthClientInformationFullSchema>;
255
+ type OAuthClientInformationMixed = OAuthClientInformation | OAuthClientInformationFull;
256
+ /**
257
+ * {@linkcode OAuthTokens} as persisted by an `OAuthClientProvider`. Adds an
258
+ * SDK-stamped authorization-server `issuer` identifier so stored tokens are
259
+ * bound to the AS that issued them. The `issuer` field is **not** part of the
260
+ * RFC 6749 wire response and is intentionally absent from the wire-response
261
+ * schema; the client SDK writes it before calling `saveTokens`.
262
+ */
263
+ type StoredOAuthTokens = OAuthTokens & {
264
+ issuer?: string;
265
+ };
266
+ /**
267
+ * {@linkcode OAuthClientInformationMixed} as persisted by an
268
+ * `OAuthClientProvider`. Adds an SDK-stamped authorization-server `issuer`
269
+ * identifier so stored client credentials are bound to the AS that issued them.
270
+ * The `issuer` field is **not** part of the RFC 7591 wire response and is
271
+ * intentionally absent from the wire-response schema; the client SDK writes it
272
+ * before calling `saveClientInformation`.
273
+ */
274
+ type StoredOAuthClientInformation = OAuthClientInformationMixed & {
275
+ issuer?: string;
276
+ };
277
+ type OAuthClientRegistrationError = z.infer<typeof OAuthClientRegistrationErrorSchema>;
278
+ type OAuthTokenRevocationRequest = z.infer<typeof OAuthTokenRevocationRequestSchema>;
279
+ type OAuthProtectedResourceMetadata = z.infer<typeof OAuthProtectedResourceMetadataSchema>;
280
+ type AuthorizationServerMetadata = OAuthMetadata | OpenIdProviderDiscoveryMetadata;
281
+ //#endregion
282
+ //#region ../core-internal/src/auth/errors.d.ts
283
+ /**
284
+ * OAuth error codes as defined by {@link https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 | RFC 6749}
285
+ * and extensions.
286
+ */
287
+ declare enum OAuthErrorCode {
288
+ /**
289
+ * The request is missing a required parameter, includes an invalid parameter value,
290
+ * includes a parameter more than once, or is otherwise malformed.
291
+ */
292
+ InvalidRequest = "invalid_request",
293
+ /**
294
+ * Client authentication failed (e.g., unknown client, no client authentication included,
295
+ * or unsupported authentication method).
296
+ */
297
+ InvalidClient = "invalid_client",
298
+ /**
299
+ * The provided authorization grant or refresh token is invalid, expired, revoked,
300
+ * does not match the redirection URI used in the authorization request, or was issued to another client.
301
+ */
302
+ InvalidGrant = "invalid_grant",
303
+ /**
304
+ * The authenticated client is not authorized to use this authorization grant type.
305
+ */
306
+ UnauthorizedClient = "unauthorized_client",
307
+ /**
308
+ * The authorization grant type is not supported by the authorization server.
309
+ */
310
+ UnsupportedGrantType = "unsupported_grant_type",
311
+ /**
312
+ * The requested scope is invalid, unknown, malformed, or exceeds the scope granted by the resource owner.
313
+ */
314
+ InvalidScope = "invalid_scope",
315
+ /**
316
+ * The resource owner or authorization server denied the request.
317
+ */
318
+ AccessDenied = "access_denied",
319
+ /**
320
+ * The authorization server encountered an unexpected condition that prevented it from fulfilling the request.
321
+ */
322
+ ServerError = "server_error",
323
+ /**
324
+ * The authorization server is currently unable to handle the request due to temporary overloading or maintenance.
325
+ */
326
+ TemporarilyUnavailable = "temporarily_unavailable",
327
+ /**
328
+ * The authorization server does not support obtaining an authorization code using this method.
329
+ */
330
+ UnsupportedResponseType = "unsupported_response_type",
331
+ /**
332
+ * The authorization server does not support the requested token type.
333
+ */
334
+ UnsupportedTokenType = "unsupported_token_type",
335
+ /**
336
+ * The access token provided is expired, revoked, malformed, or invalid for other reasons.
337
+ */
338
+ InvalidToken = "invalid_token",
339
+ /**
340
+ * The HTTP method used is not allowed for this endpoint. (Custom, non-standard error)
341
+ */
342
+ MethodNotAllowed = "method_not_allowed",
343
+ /**
344
+ * Rate limit exceeded. (Custom, non-standard error based on RFC 6585)
345
+ */
346
+ TooManyRequests = "too_many_requests",
347
+ /**
348
+ * The client metadata is invalid. (Custom error for dynamic client registration - RFC 7591)
349
+ */
350
+ InvalidClientMetadata = "invalid_client_metadata",
351
+ /**
352
+ * The value of one or more redirection URIs is invalid. (Dynamic client registration - RFC 7591 §3.2.2)
353
+ */
354
+ InvalidRedirectUri = "invalid_redirect_uri",
355
+ /**
356
+ * The request requires higher privileges than provided by the access token.
357
+ */
358
+ InsufficientScope = "insufficient_scope",
359
+ /**
360
+ * The requested resource is invalid, missing, unknown, or malformed. (Custom error for resource indicators - RFC 8707)
361
+ */
362
+ InvalidTarget = "invalid_target",
363
+ }
364
+ /**
365
+ * OAuth error class for all OAuth-related errors.
366
+ */
367
+ declare class OAuthError extends Error {
368
+ readonly code: OAuthErrorCode | string;
369
+ readonly errorUri?: string | undefined;
370
+ constructor(code: OAuthErrorCode | string, message: string, errorUri?: string | undefined);
371
+ /**
372
+ * Converts the error to a standard OAuth error response object.
373
+ */
374
+ toResponseObject(): OAuthErrorResponse;
375
+ /**
376
+ * Creates an {@linkcode OAuthError} from an OAuth error response.
377
+ */
378
+ static fromResponse(response: OAuthErrorResponse): OAuthError;
379
+ }
380
+ //#endregion
381
+ //#region ../core-internal/src/shared/authUtils.d.ts
382
+ /**
383
+ * Utilities for handling OAuth resource URIs.
384
+ */
385
+ /**
386
+ * Converts a server URL to a resource URL by removing the fragment.
387
+ * {@link https://datatracker.ietf.org/doc/html/rfc8707#section-2 | RFC 8707 section 2}
388
+ * states that resource URIs "MUST NOT include a fragment component".
389
+ * Keeps everything else unchanged (scheme, domain, port, path, query).
390
+ */
391
+ declare function resourceUrlFromServerUrl(url: URL | string): URL;
392
+ /**
393
+ * Checks if a requested resource URL matches a configured resource URL.
394
+ * A requested resource matches if it has the same scheme, domain, port,
395
+ * and its path starts with the configured resource's path.
396
+ *
397
+ * @param options - The options object
398
+ * @param options.requestedResource - The resource URL being requested
399
+ * @param options.configuredResource - The resource URL that has been configured
400
+ * @returns true if the requested resource matches the configured resource, false otherwise
401
+ */
402
+ declare function checkResourceAllowed({
403
+ requestedResource,
404
+ configuredResource
405
+ }: {
406
+ requestedResource: URL | string;
407
+ configuredResource: URL | string;
408
+ }): boolean;
409
+ //#endregion
410
+ //#region ../core-internal/src/shared/inboundClassification.d.ts
411
+ /**
412
+ * The transport-neutral description of an inbound HTTP request the classifier
413
+ * evaluates. The caller (the HTTP entry) reads the body exactly once and
414
+ * extracts the two protocol headers; the classifier never touches a request
415
+ * object itself.
416
+ */
417
+ interface InboundHttpRequest {
418
+ /** The HTTP request method, e.g. `POST`, `GET`, `DELETE`. */
419
+ httpMethod: string;
420
+ /** The value of the `MCP-Protocol-Version` header, when present. */
421
+ protocolVersionHeader?: string;
422
+ /** The value of the `Mcp-Method` header, when present. */
423
+ mcpMethodHeader?: string;
424
+ /** The value of the `Mcp-Name` header, when present. */
425
+ mcpNameHeader?: string;
426
+ /** The parsed JSON request body (`undefined` for body-less methods). */
427
+ body?: unknown;
428
+ }
429
+ /** Why an inbound request was routed to legacy-era serving. */
430
+ type InboundLegacyRouteReason = /** Non-`POST` HTTP method: a body-less 2025-era session operation. */
431
+ 'http-method'
432
+ /** An `initialize` request without a valid modern envelope claim — the legacy handshake by definition. */ | 'initialize'
433
+ /** A request without a per-request envelope claim. */ | 'no-claim'
434
+ /** A notification without a body claim or a modern protocol-version header. */ | 'notification'
435
+ /** An all-legacy JSON-RPC batch array. */ | 'batch'
436
+ /** A JSON-RPC response posted to the endpoint (2025-era session traffic). */ | 'response';
437
+ /**
438
+ * The request is legacy-era traffic. It carries no classification on purpose:
439
+ * legacy serving receives it exactly as a hand-wired 2025 transport would.
440
+ */
441
+ interface InboundLegacyRoute {
442
+ kind: 'legacy';
443
+ reason: InboundLegacyRouteReason;
444
+ /**
445
+ * The protocol version the request named, when it named one (an
446
+ * `initialize` body's `protocolVersion`, or the `MCP-Protocol-Version`
447
+ * header). Used to echo `requested` when legacy serving is not configured.
448
+ */
449
+ requestedVersion?: string;
450
+ }
451
+ /**
452
+ * The request claims the per-request envelope mechanism and is served on the
453
+ * modern path. Discriminated by `messageKind` so the typed `message` narrows
454
+ * with it — the classifier has already proved the JSON-RPC shape via the
455
+ * `isJSONRPCRequest` / `isJSONRPCNotification` guards, so consumers never
456
+ * cast the body again.
457
+ */
458
+ type InboundModernRoute = {
459
+ kind: 'modern';
460
+ messageKind: 'request';
461
+ /** The classified body — guard-proved {@linkcode JSONRPCRequest} shape. */
462
+ message: JSONRPCRequest;
463
+ /**
464
+ * The classification handed to the per-request transport and validated by
465
+ * the protocol layer against the serving instance's negotiated era.
466
+ */
467
+ classification: MessageClassification;
468
+ } | {
469
+ kind: 'modern';
470
+ messageKind: 'notification';
471
+ /** The classified body — guard-proved {@linkcode JSONRPCNotification} shape. */
472
+ message: JSONRPCNotification;
473
+ classification: MessageClassification;
474
+ };
475
+ /** The named steps of the inbound validation ladder, in evaluation order. */
476
+ type InboundValidationRung = 'http-method' | 'jsonrpc-shape' | 'era-classification' | 'envelope' | 'method-registry' | 'request-params' | 'standard-header-validation' | 'client-capabilities' | 'param-header-validation';
477
+ /** A ladder rejection: the JSON-RPC error to emit and the HTTP status to emit it with. */
478
+ interface InboundLadderRejection {
479
+ kind: 'reject';
480
+ /** The ladder rung that produced the rejection. */
481
+ rung: InboundValidationRung;
482
+ /** The cell this rejection corresponds to on the ladder cell sheet (stable identifier for tests). */
483
+ cell: string;
484
+ /** The HTTP status the rejection is emitted with. */
485
+ httpStatus: number;
486
+ /** The JSON-RPC error code. */
487
+ code: number;
488
+ /** The JSON-RPC error message. */
489
+ message: string;
490
+ /** Structured error data (recognizers parse this; they never rely on class identity). */
491
+ data?: unknown;
492
+ /**
493
+ * `false` when the exact error code for this cell is not settled upstream
494
+ * yet and the emitted code is provisional.
495
+ */
496
+ settled: boolean;
497
+ }
498
+ /** The outcome of classifying one inbound HTTP request. */
499
+ type InboundClassificationOutcome = InboundLegacyRoute | InboundModernRoute | InboundLadderRejection;
500
+ /**
501
+ * Classifies one inbound HTTP request for dual-era serving.
502
+ *
503
+ * The body-primary predicate, evaluated once at the entry boundary: see the
504
+ * module documentation for the rules. Returns a routing outcome (`legacy` or
505
+ * `modern`) or a ladder rejection; it never throws.
506
+ */
507
+ declare function classifyInboundRequest(request: InboundHttpRequest): InboundClassificationOutcome;
508
+ //#endregion
509
+ //#region ../core-internal/src/shared/inputRequired.d.ts
510
+ /** The shape accepted by {@linkcode inputRequired}. */
511
+ interface InputRequiredSpec {
512
+ /** Embedded requests the client must fulfil before retrying. */
513
+ inputRequests?: InputRequests;
514
+ /** Opaque server state echoed back verbatim by the client on retry. */
515
+ requestState?: string;
516
+ }
517
+ interface InputRequiredBuilder {
518
+ /**
519
+ * Builds the input-required return value for a multi-round-trip handler.
520
+ *
521
+ * At least one of `inputRequests` or `requestState` must be provided
522
+ * (spec: basic/patterns/mrtr, server requirements) — the builder throws a
523
+ * `TypeError` otherwise, and the server seam re-checks the same rule for
524
+ * hand-built results.
525
+ *
526
+ * `requestState` is opaque, server-minted state. It round-trips through
527
+ * the client and comes back as attacker-controlled input: a server that
528
+ * lets it influence authorization, resource access, or business logic
529
+ * MUST integrity-protect it (e.g. HMAC or AEAD) and MUST reject state
530
+ * that fails verification. The SDK does not do this for you.
531
+ */
532
+ (spec: InputRequiredSpec): InputRequiredResult;
533
+ /** Builds an embedded form-mode elicitation request (`elicitation/create`). */
534
+ elicit(params: Omit<ElicitRequestFormParams, 'mode'> & {
535
+ mode?: 'form';
536
+ }): InputRequest;
537
+ /**
538
+ * Builds an embedded URL-mode elicitation request (`elicitation/create`).
539
+ * On the 2026-07-28 revision URL elicitation rides the multi-round-trip
540
+ * flow — the `-32042` error of earlier revisions never appears on this
541
+ * era's wire. The 2025-era `elicitationId` is not part of the 2026-07-28
542
+ * URL-mode shape; correlation across retries is the server's own
543
+ * identifier inside `requestState`.
544
+ */
545
+ elicitUrl(params: Omit<ElicitRequestURLParams, 'mode' | 'elicitationId'>): InputRequest;
546
+ /** Builds an embedded sampling request (`sampling/createMessage`). */
547
+ createMessage(params: CreateMessageRequestParams): InputRequest;
548
+ /** Builds an embedded roots listing request (`roots/list`). */
549
+ listRoots(): InputRequest;
550
+ }
551
+ /**
552
+ * Builder for the input-required return value of multi-round-trip handlers,
553
+ * with per-kind constructors for the embedded requests
554
+ * (`inputRequired.elicit`, `inputRequired.elicitUrl`,
555
+ * `inputRequired.createMessage`, `inputRequired.listRoots`).
556
+ *
557
+ * @example Write-once tool requesting confirmation
558
+ * ```ts
559
+ * server.registerTool('deploy', { inputSchema: z.object({ env: z.string() }) }, async ({ env }, ctx) => {
560
+ * const confirmed = acceptedContent<{ confirm: boolean }>(ctx.mcpReq.inputResponses, 'confirm');
561
+ * if (!confirmed) {
562
+ * return inputRequired({
563
+ * inputRequests: {
564
+ * confirm: inputRequired.elicit({
565
+ * message: `Deploy to ${env}?`,
566
+ * requestedSchema: { type: 'object', properties: { confirm: { type: 'boolean' } }, required: ['confirm'] }
567
+ * })
568
+ * }
569
+ * });
570
+ * }
571
+ * return { content: [{ type: 'text', text: `deployed to ${env}` }] };
572
+ * });
573
+ * ```
574
+ */
575
+ declare const inputRequired: InputRequiredBuilder;
576
+ /**
577
+ * Reads the accepted content of a form-mode elicitation response from a
578
+ * retried request's `inputResponses` (`ctx.mcpReq.inputResponses`).
579
+ *
580
+ * Returns the response's `content` for `key` when the entry is an accepted
581
+ * elicitation result, and `undefined` otherwise (missing key, declined or
582
+ * cancelled elicitation, or a response of another kind). The values arrive
583
+ * from the client and are not re-validated here — treat them as untrusted
584
+ * input.
585
+ */
586
+ declare function acceptedContent<T extends Record<string, unknown> = Record<string, unknown>>(responses: InputResponses | Record<string, unknown> | undefined, key: string): T | undefined;
587
+ /**
588
+ * Schema-aware overload: validates the accepted content against the given
589
+ * schema (any Standard Schema, e.g. a zod object) before returning it, so the
590
+ * untrusted client value arrives in the handler already validated and typed.
591
+ *
592
+ * Returns `undefined` when the response is missing/declined/of another kind
593
+ * (as the two-argument form does) AND when the accepted content fails schema
594
+ * validation — handlers treat both the same way (re-issue the request or
595
+ * give up). Only synchronous schemas are supported (zod schemas without async
596
+ * refinements are synchronous); an asynchronously-validating schema throws a
597
+ * `TypeError`.
598
+ */
599
+ declare function acceptedContent<S extends StandardSchemaV1>(responses: InputResponses | Record<string, unknown> | undefined, key: string, schema: S): StandardSchemaV1.InferOutput<S> | undefined;
600
+ /**
601
+ * The discriminated view {@linkcode inputResponse} returns: which kind of
602
+ * embedded response (if any) a retried request carried for a key. Bare
603
+ * response objects are discriminated structurally — an `action` member means
604
+ * an elicitation result, a `roots` array a roots listing, a `role` + `content`
605
+ * pair a sampling result. A missing key or an entry that matches none of the
606
+ * three shapes reads as `{ kind: 'missing' }`.
607
+ */
608
+ type InputResponseView = {
609
+ kind: 'missing';
610
+ } | {
611
+ kind: 'elicit';
612
+ action: 'accept' | 'decline' | 'cancel';
613
+ content?: Record<string, unknown>;
614
+ } | {
615
+ kind: 'sampling';
616
+ result: CreateMessageResult | CreateMessageResultWithTools;
617
+ } | {
618
+ kind: 'roots';
619
+ roots: Root[];
620
+ };
621
+ /**
622
+ * Reads one entry of a retried request's `inputResponses`
623
+ * (`ctx.mcpReq.inputResponses`) as a discriminated view, covering
624
+ * decline/cancel detection and the non-elicitation response kinds that
625
+ * {@linkcode acceptedContent} does not surface.
626
+ *
627
+ * The values arrive from the client and are not re-validated here — treat
628
+ * them as untrusted input (validate elicitation content with the
629
+ * schema-aware {@linkcode acceptedContent} overload where it matters).
630
+ */
631
+ declare function inputResponse(responses: InputResponses | Record<string, unknown> | undefined, key: string): InputResponseView;
632
+ //#endregion
633
+ //#region ../core-internal/src/types/enums.d.ts
634
+ /**
635
+ * Error codes for protocol errors that cross the wire as JSON-RPC error responses.
636
+ * These follow the JSON-RPC specification and MCP-specific extensions.
637
+ */
638
+ declare enum ProtocolErrorCode {
639
+ ParseError = -32700,
640
+ InvalidRequest = -32600,
641
+ MethodNotFound = -32601,
642
+ InvalidParams = -32602,
643
+ InternalError = -32603,
644
+ /**
645
+ * Resource not found.
646
+ *
647
+ * Receive-tolerated only: the SDK never EMITS `-32002` — `resources/read`
648
+ * misses answer `-32602` (Invalid Params) on every protocol revision per
649
+ * the 2026-07-28 spec MUST, and a handler-thrown `-32002` is mapped to
650
+ * `-32602` at the era encode seam. The member stays importable so clients
651
+ * can recognise `-32002` from peers built on earlier SDK releases (the
652
+ * spec's "clients SHOULD also accept `-32002`" backwards-compatibility
653
+ * clause). Throw `ResourceNotFoundError` instead.
654
+ */
655
+ ResourceNotFound = -32002,
656
+ /**
657
+ * Processing the request requires a capability the client did not declare
658
+ * in the request's `clientCapabilities` (protocol revision 2026-07-28).
659
+ */
660
+ MissingRequiredClientCapability = -32021,
661
+ /**
662
+ * The request's protocol version is unknown to the server or unsupported
663
+ * by it (protocol revision 2026-07-28).
664
+ */
665
+ UnsupportedProtocolVersion = -32022,
666
+ UrlElicitationRequired = -32042,
667
+ }
668
+ //#endregion
669
+ //#region ../core-internal/src/types/errors.d.ts
670
+ /**
671
+ * Protocol errors are JSON-RPC errors that cross the wire as error responses.
672
+ * They use numeric error codes from the {@linkcode ProtocolErrorCode} enum.
673
+ */
674
+ declare class ProtocolError extends Error {
675
+ readonly code: number;
676
+ readonly data?: unknown | undefined;
677
+ constructor(code: number, message: string, data?: unknown | undefined);
678
+ /**
679
+ * Factory method to create the appropriate error type based on the error code and data
680
+ */
681
+ static fromError(code: number, message: string, data?: unknown): ProtocolError;
682
+ }
683
+ /**
684
+ * Error type for a `resources/read` miss: the requested resource does not
685
+ * exist. The wire code is `-32602` (Invalid Params) on every protocol
686
+ * revision — the spec MUST for revision 2026-07-28, and the value the v1.x
687
+ * SDK has always emitted on earlier revisions. The error data echoes the
688
+ * requested URI.
689
+ *
690
+ * Recognise this error by checking `error.data` is exactly `{ uri: string }`
691
+ * (a `-32602` whose data carries `uri` and nothing else is resource-not-found;
692
+ * any other `-32602` is an ordinary Invalid Params). For backwards compatibility, clients should also
693
+ * accept `-32002` as resource not found — earlier SDK builds emitted that
694
+ * code, and {@linkcode ProtocolError.fromError} reconstructs this class for
695
+ * either code **when `error.data` carries `uri`** (a bare `-32002` without
696
+ * `data.uri` stays a generic {@linkcode ProtocolError}). Do not rely on
697
+ * `instanceof` — it does not work across separately bundled copies of the
698
+ * SDK.
699
+ */
700
+ declare class ResourceNotFoundError extends ProtocolError {
701
+ constructor(uri: string, message?: string);
702
+ /** The URI that was requested and not found. */
703
+ get uri(): string;
704
+ }
705
+ /**
706
+ * Specialized error type when a tool requires a URL mode elicitation.
707
+ * This makes it nicer for the client to handle since there is specific data to work with instead of just a code to check against.
708
+ */
709
+ declare class UrlElicitationRequiredError extends ProtocolError {
710
+ constructor(elicitations: ElicitRequestURLParams[], message?: string);
711
+ get elicitations(): ElicitRequestURLParams[];
712
+ }
713
+ /**
714
+ * Error type for the `-32022` UnsupportedProtocolVersion protocol error (protocol
715
+ * revision 2026-07-28): the request's protocol version is unknown to the server or
716
+ * unsupported by it.
717
+ *
718
+ * The error data lists the protocol versions the receiver supports (`supported`),
719
+ * so the sender can choose a mutually supported version and retry, and echoes the
720
+ * version that was requested (`requested`).
721
+ */
722
+ declare class UnsupportedProtocolVersionError extends ProtocolError {
723
+ constructor(data: UnsupportedProtocolVersionErrorData, message?: string);
724
+ /**
725
+ * Protocol versions the receiver supports.
726
+ */
727
+ get supported(): string[];
728
+ /**
729
+ * The protocol version that was requested.
730
+ */
731
+ get requested(): string;
732
+ }
733
+ /**
734
+ * Error type for the `-32021` MissingRequiredClientCapability protocol error
735
+ * (protocol revision 2026-07-28): processing the request requires a capability
736
+ * the client did not declare in the request's `clientCapabilities`.
737
+ *
738
+ * The error data lists the missing capabilities (`requiredCapabilities`) in
739
+ * the `ClientCapabilities` shape, so the client can see exactly what it would
740
+ * have to declare for the request to be served. On HTTP, the response status
741
+ * is `400 Bad Request`.
742
+ *
743
+ * Recognize this error by its code and `data.requiredCapabilities` rather than
744
+ * by class identity (`instanceof` does not work across separately bundled
745
+ * copies of the SDK).
746
+ */
747
+ declare class MissingRequiredClientCapabilityError extends ProtocolError {
748
+ constructor(data: MissingRequiredClientCapabilityErrorData, message?: string);
749
+ /**
750
+ * The capabilities the server requires from the client to process the
751
+ * request (only the missing capabilities are listed).
752
+ */
753
+ get requiredCapabilities(): ClientCapabilities;
754
+ }
755
+ //#endregion
756
+ //#region ../core-internal/src/types/guards.d.ts
757
+ /**
758
+ * Validates and parses an unknown value as a JSON-RPC message.
759
+ *
760
+ * Use this to validate incoming messages in custom transport implementations.
761
+ * Throws if the value does not conform to the JSON-RPC message schema.
762
+ *
763
+ * @param value - The value to validate (typically a parsed JSON object).
764
+ * @returns The validated {@linkcode JSONRPCMessage}.
765
+ * @throws If validation fails.
766
+ */
767
+ declare function parseJSONRPCMessage(value: unknown): JSONRPCMessage;
768
+ declare const isJSONRPCRequest: (value: unknown) => value is JSONRPCRequest;
769
+ declare const isJSONRPCNotification: (value: unknown) => value is JSONRPCNotification;
770
+ /**
771
+ * Checks if a value is a valid {@linkcode JSONRPCResultResponse}.
772
+ * @param value - The value to check.
773
+ *
774
+ * @returns True if the value is a valid {@linkcode JSONRPCResultResponse}, false otherwise.
775
+ */
776
+ declare const isJSONRPCResultResponse: (value: unknown) => value is JSONRPCResultResponse;
777
+ /**
778
+ * Checks if a value is a valid {@linkcode JSONRPCErrorResponse}.
779
+ * @param value - The value to check.
780
+ *
781
+ * @returns True if the value is a valid {@linkcode JSONRPCErrorResponse}, false otherwise.
782
+ */
783
+ declare const isJSONRPCErrorResponse: (value: unknown) => value is JSONRPCErrorResponse;
784
+ /**
785
+ * Checks if a value is a valid {@linkcode JSONRPCResponse} (either a result or error response).
786
+ * @param value - The value to check.
787
+ *
788
+ * @returns True if the value is a valid {@linkcode JSONRPCResponse}, false otherwise.
789
+ */
790
+ declare const isJSONRPCResponse: (value: unknown) => value is JSONRPCResponse;
791
+ /**
792
+ * Checks if a value is a valid {@linkcode CallToolResult}.
793
+ *
794
+ * This is a consumer-side VALUE check against the neutral model, not a wire
795
+ * validator: a raw wire object that additionally carries wire-only members
796
+ * (e.g. `resultType`) still passes through the loose index signature. Use a
797
+ * transport-level parse to validate raw wire traffic.
798
+ *
799
+ * @param value - The value to check.
800
+ *
801
+ * @returns True if the value is a valid {@linkcode CallToolResult}, false otherwise.
802
+ */
803
+ declare const isCallToolResult: (value: unknown) => value is CallToolResult;
804
+ /**
805
+ * Checks whether a value is an input-required result (protocol revision
806
+ * 2026-07-28): the multi-round-trip return shape discriminated by
807
+ * `resultType: 'input_required'`.
808
+ *
809
+ * This is a discriminator check, not a full validator — the at-least-one rule
810
+ * (`inputRequests` or `requestState`) is enforced by the `inputRequired()`
811
+ * builder and re-checked by the server seam for hand-built values.
812
+ *
813
+ * @param value - The value to check.
814
+ * @returns True if the value carries the `input_required` discriminator.
815
+ */
816
+ declare const isInputRequiredResult: (value: unknown) => value is InputRequiredResult;
817
+ /**
818
+ * Checks if a value is a valid {@linkcode TaskAugmentedRequestParams}.
819
+ * @param value - The value to check.
820
+ *
821
+ * @returns True if the value is a valid {@linkcode TaskAugmentedRequestParams}, false otherwise.
822
+ *
823
+ * @deprecated Recognizes 2025-11-25 task wire vocabulary, which has no SDK
824
+ * runtime; kept importable for interoperability only.
825
+ */
826
+ declare const isTaskAugmentedRequestParams: (value: unknown) => value is TaskAugmentedRequestParams;
827
+ declare const isInitializeRequest: (value: unknown) => value is InitializeRequest;
828
+ declare const isInitializedNotification: (value: unknown) => value is InitializedNotification;
829
+ declare function assertCompleteRequestPrompt(request: CompleteRequest): asserts request is CompleteRequestPrompt;
830
+ declare function assertCompleteRequestResourceTemplate(request: CompleteRequest): asserts request is CompleteRequestResourceTemplate;
831
+ //#endregion
832
+ //#region ../core-internal/src/types/specTypeSchema.d.ts
833
+ /**
834
+ * Explicit allowlist of protocol Zod schemas that correspond to a public spec type in `types.ts`.
835
+ *
836
+ * This intentionally excludes internal helper schemas exported from `schemas.ts` that have no
837
+ * matching public type (e.g. `ListChangedOptionsBaseSchema`, `BaseRequestParamsSchema`,
838
+ * `NotificationsParamsSchema`, `ClientTasksCapabilitySchema`, `ServerTasksCapabilitySchema`).
839
+ * Keeping the list explicit means new public spec types must be added here deliberately, and
840
+ * internals never leak into `SpecTypeName`.
841
+ *
842
+ * `ResourceTemplateSchema` is included; its public type is exported as `ResourceTemplateType`
843
+ * (the bare name collides with the server package's `ResourceTemplate` class), so
844
+ * `SpecTypes['ResourceTemplate']` is structurally equal to `ResourceTemplateType` rather than to
845
+ * a type literally named `ResourceTemplate`.
846
+ */
847
+ declare const SPEC_SCHEMA_KEYS: readonly ["AnnotationsSchema", "AudioContentSchema", "BaseMetadataSchema", "BlobResourceContentsSchema", "BooleanSchemaSchema", "CallToolRequestSchema", "CallToolRequestParamsSchema", "CallToolResultSchema", "CancelledNotificationSchema", "CancelledNotificationParamsSchema", "CancelTaskRequestSchema", "CancelTaskResultSchema", "ClientCapabilitiesSchema", "ClientNotificationSchema", "ClientRequestSchema", "ClientResultSchema", "CompatibilityCallToolResultSchema", "CompleteRequestSchema", "CompleteRequestParamsSchema", "CompleteResultSchema", "ContentBlockSchema", "CreateMessageRequestSchema", "CreateMessageRequestParamsSchema", "CreateMessageResultSchema", "CreateMessageResultWithToolsSchema", "CreateTaskResultSchema", "CursorSchema", "DiscoverRequestSchema", "DiscoverResultSchema", "ElicitationCompleteNotificationSchema", "ElicitationCompleteNotificationParamsSchema", "ElicitRequestSchema", "ElicitRequestFormParamsSchema", "ElicitRequestParamsSchema", "ElicitRequestURLParamsSchema", "ElicitResultSchema", "EmbeddedResourceSchema", "EmptyResultSchema", "EnumSchemaSchema", "GetPromptRequestSchema", "GetPromptRequestParamsSchema", "GetPromptResultSchema", "GetTaskPayloadRequestSchema", "GetTaskPayloadResultSchema", "GetTaskRequestSchema", "GetTaskResultSchema", "IconSchema", "IconsSchema", "ImageContentSchema", "ImplementationSchema", "InitializedNotificationSchema", "InitializeRequestSchema", "InitializeRequestParamsSchema", "InitializeResultSchema", "JSONArraySchema", "JSONObjectSchema", "JSONRPCErrorResponseSchema", "JSONRPCMessageSchema", "JSONRPCNotificationSchema", "JSONRPCRequestSchema", "JSONRPCResponseSchema", "JSONRPCResultResponseSchema", "JSONValueSchema", "LegacyTitledEnumSchemaSchema", "ListPromptsRequestSchema", "ListPromptsResultSchema", "ListResourcesRequestSchema", "ListResourcesResultSchema", "ListResourceTemplatesRequestSchema", "ListResourceTemplatesResultSchema", "ListRootsRequestSchema", "ListRootsResultSchema", "ListTasksRequestSchema", "ListTasksResultSchema", "ListToolsRequestSchema", "ListToolsResultSchema", "LoggingLevelSchema", "LoggingMessageNotificationSchema", "LoggingMessageNotificationParamsSchema", "ModelHintSchema", "ModelPreferencesSchema", "MultiSelectEnumSchemaSchema", "NotificationSchema", "NumberSchemaSchema", "PaginatedRequestSchema", "PaginatedRequestParamsSchema", "PaginatedResultSchema", "PingRequestSchema", "PrimitiveSchemaDefinitionSchema", "ProgressSchema", "ProgressNotificationSchema", "ProgressNotificationParamsSchema", "ProgressTokenSchema", "PromptSchema", "PromptArgumentSchema", "PromptListChangedNotificationSchema", "PromptMessageSchema", "PromptReferenceSchema", "ReadResourceRequestSchema", "ReadResourceRequestParamsSchema", "ReadResourceResultSchema", "RelatedTaskMetadataSchema", "RequestSchema", "RequestIdSchema", "RequestMetaSchema", "ResourceSchema", "ResourceContentsSchema", "ResourceLinkSchema", "ResourceListChangedNotificationSchema", "ResourceRequestParamsSchema", "ResourceTemplateSchema", "ResourceTemplateReferenceSchema", "ResourceUpdatedNotificationSchema", "ResourceUpdatedNotificationParamsSchema", "ResultSchema", "RoleSchema", "RootSchema", "RootsListChangedNotificationSchema", "SamplingContentSchema", "SamplingMessageSchema", "SamplingMessageContentBlockSchema", "ServerCapabilitiesSchema", "ServerNotificationSchema", "ServerRequestSchema", "ServerResultSchema", "SetLevelRequestSchema", "SetLevelRequestParamsSchema", "SingleSelectEnumSchemaSchema", "StringSchemaSchema", "SubscribeRequestSchema", "SubscribeRequestParamsSchema", "SubscriptionFilterSchema", "SubscriptionsAcknowledgedNotificationSchema", "SubscriptionsAcknowledgedNotificationParamsSchema", "SubscriptionsListenRequestSchema", "SubscriptionsListenRequestParamsSchema", "SubscriptionsListenResultSchema", "SubscriptionsListenResultMetaSchema", "TaskAugmentedRequestParamsSchema", "TaskCreationParamsSchema", "TaskMetadataSchema", "TaskSchema", "TaskStatusSchema", "TaskStatusNotificationSchema", "TaskStatusNotificationParamsSchema", "TextContentSchema", "TextResourceContentsSchema", "TitledMultiSelectEnumSchemaSchema", "TitledSingleSelectEnumSchemaSchema", "ToolSchema", "ToolAnnotationsSchema", "ToolChoiceSchema", "ToolExecutionSchema", "ToolListChangedNotificationSchema", "ToolResultContentSchema", "ToolUseContentSchema", "UnsubscribeRequestSchema", "UnsubscribeRequestParamsSchema", "UntitledMultiSelectEnumSchemaSchema", "UntitledSingleSelectEnumSchemaSchema"];
848
+ declare const authSchemas: {
849
+ readonly IdJagTokenExchangeResponseSchema: z.ZodObject<{
850
+ issued_token_type: z.ZodLiteral<"urn:ietf:params:oauth:token-type:id-jag">;
851
+ access_token: z.ZodString;
852
+ token_type: z.ZodOptional<z.ZodString>;
853
+ expires_in: z.ZodOptional<z.ZodNumber>;
854
+ scope: z.ZodOptional<z.ZodString>;
855
+ }, z.core.$strip>;
856
+ readonly OAuthClientInformationFullSchema: z.ZodObject<{
857
+ redirect_uris: z.ZodArray<z.ZodURL>;
858
+ token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
859
+ grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
860
+ response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
861
+ application_type: z.ZodOptional<z.ZodString>;
862
+ client_name: z.ZodOptional<z.ZodString>;
863
+ client_uri: z.ZodOptional<z.ZodURL>;
864
+ logo_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
865
+ scope: z.ZodOptional<z.ZodString>;
866
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
867
+ tos_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
868
+ policy_uri: z.ZodOptional<z.ZodString>;
869
+ jwks_uri: z.ZodOptional<z.ZodURL>;
870
+ jwks: z.ZodOptional<z.ZodAny>;
871
+ software_id: z.ZodOptional<z.ZodString>;
872
+ software_version: z.ZodOptional<z.ZodString>;
873
+ software_statement: z.ZodOptional<z.ZodString>;
874
+ client_id: z.ZodString;
875
+ client_secret: z.ZodOptional<z.ZodString>;
876
+ client_id_issued_at: z.ZodOptional<z.ZodNumber>;
877
+ client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
878
+ }, z.core.$strip>;
879
+ readonly OAuthClientInformationSchema: z.ZodObject<{
880
+ client_id: z.ZodString;
881
+ client_secret: z.ZodOptional<z.ZodString>;
882
+ client_id_issued_at: z.ZodOptional<z.ZodNumber>;
883
+ client_secret_expires_at: z.ZodOptional<z.ZodNumber>;
884
+ }, z.core.$strip>;
885
+ readonly OAuthClientMetadataSchema: z.ZodObject<{
886
+ redirect_uris: z.ZodArray<z.ZodURL>;
887
+ token_endpoint_auth_method: z.ZodOptional<z.ZodString>;
888
+ grant_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
889
+ response_types: z.ZodOptional<z.ZodArray<z.ZodString>>;
890
+ application_type: z.ZodOptional<z.ZodString>;
891
+ client_name: z.ZodOptional<z.ZodString>;
892
+ client_uri: z.ZodOptional<z.ZodURL>;
893
+ logo_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
894
+ scope: z.ZodOptional<z.ZodString>;
895
+ contacts: z.ZodOptional<z.ZodArray<z.ZodString>>;
896
+ tos_uri: z.ZodUnion<[z.ZodOptional<z.ZodURL>, z.ZodPipe<z.ZodLiteral<"">, z.ZodTransform<undefined, "">>]>;
897
+ policy_uri: z.ZodOptional<z.ZodString>;
898
+ jwks_uri: z.ZodOptional<z.ZodURL>;
899
+ jwks: z.ZodOptional<z.ZodAny>;
900
+ software_id: z.ZodOptional<z.ZodString>;
901
+ software_version: z.ZodOptional<z.ZodString>;
902
+ software_statement: z.ZodOptional<z.ZodString>;
903
+ }, z.core.$strip>;
904
+ readonly OAuthClientRegistrationErrorSchema: z.ZodObject<{
905
+ error: z.ZodString;
906
+ error_description: z.ZodOptional<z.ZodString>;
907
+ }, z.core.$strip>;
908
+ readonly OAuthErrorResponseSchema: z.ZodObject<{
909
+ error: z.ZodString;
910
+ error_description: z.ZodOptional<z.ZodString>;
911
+ error_uri: z.ZodOptional<z.ZodString>;
912
+ }, z.core.$strip>;
913
+ readonly OAuthMetadataSchema: z.ZodObject<{
914
+ issuer: z.ZodString;
915
+ authorization_endpoint: z.ZodURL;
916
+ token_endpoint: z.ZodURL;
917
+ registration_endpoint: z.ZodOptional<z.ZodURL>;
918
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
919
+ response_types_supported: z.ZodArray<z.ZodString>;
920
+ response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
921
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
922
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
923
+ token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
924
+ service_documentation: z.ZodOptional<z.ZodURL>;
925
+ revocation_endpoint: z.ZodOptional<z.ZodURL>;
926
+ revocation_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
927
+ revocation_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
928
+ introspection_endpoint: z.ZodOptional<z.ZodString>;
929
+ introspection_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
930
+ introspection_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
931
+ code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
932
+ client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
933
+ authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
934
+ }, z.core.$loose>;
935
+ readonly OAuthProtectedResourceMetadataSchema: z.ZodObject<{
936
+ resource: z.ZodString;
937
+ authorization_servers: z.ZodOptional<z.ZodArray<z.ZodURL>>;
938
+ jwks_uri: z.ZodOptional<z.ZodString>;
939
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
940
+ bearer_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
941
+ resource_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
942
+ resource_name: z.ZodOptional<z.ZodString>;
943
+ resource_documentation: z.ZodOptional<z.ZodString>;
944
+ resource_policy_uri: z.ZodOptional<z.ZodString>;
945
+ resource_tos_uri: z.ZodOptional<z.ZodString>;
946
+ tls_client_certificate_bound_access_tokens: z.ZodOptional<z.ZodBoolean>;
947
+ authorization_details_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
948
+ dpop_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
949
+ dpop_bound_access_tokens_required: z.ZodOptional<z.ZodBoolean>;
950
+ }, z.core.$loose>;
951
+ readonly OAuthTokenRevocationRequestSchema: z.ZodObject<{
952
+ token: z.ZodString;
953
+ token_type_hint: z.ZodOptional<z.ZodString>;
954
+ }, z.core.$strip>;
955
+ readonly OAuthTokensSchema: z.ZodObject<{
956
+ access_token: z.ZodString;
957
+ id_token: z.ZodOptional<z.ZodString>;
958
+ token_type: z.ZodString;
959
+ expires_in: z.ZodOptional<z.ZodCoercedNumber<unknown>>;
960
+ scope: z.ZodOptional<z.ZodString>;
961
+ refresh_token: z.ZodOptional<z.ZodString>;
962
+ }, z.core.$strip>;
963
+ readonly OpenIdProviderDiscoveryMetadataSchema: z.ZodObject<{
964
+ code_challenge_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
965
+ issuer: z.ZodString;
966
+ authorization_endpoint: z.ZodURL;
967
+ token_endpoint: z.ZodURL;
968
+ userinfo_endpoint: z.ZodOptional<z.ZodURL>;
969
+ jwks_uri: z.ZodURL;
970
+ registration_endpoint: z.ZodOptional<z.ZodURL>;
971
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
972
+ response_types_supported: z.ZodArray<z.ZodString>;
973
+ response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
974
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
975
+ acr_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
976
+ subject_types_supported: z.ZodArray<z.ZodString>;
977
+ id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
978
+ id_token_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
979
+ id_token_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
980
+ userinfo_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
981
+ userinfo_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
982
+ userinfo_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
983
+ request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
984
+ request_object_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
985
+ request_object_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
986
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
987
+ token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
988
+ display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
989
+ claim_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
990
+ claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
991
+ service_documentation: z.ZodOptional<z.ZodString>;
992
+ claims_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
993
+ ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
994
+ claims_parameter_supported: z.ZodOptional<z.ZodBoolean>;
995
+ request_parameter_supported: z.ZodOptional<z.ZodBoolean>;
996
+ request_uri_parameter_supported: z.ZodOptional<z.ZodBoolean>;
997
+ require_request_uri_registration: z.ZodOptional<z.ZodBoolean>;
998
+ op_policy_uri: z.ZodOptional<z.ZodURL>;
999
+ op_tos_uri: z.ZodOptional<z.ZodURL>;
1000
+ client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
1001
+ authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
1002
+ }, z.core.$strip>;
1003
+ readonly OpenIdProviderMetadataSchema: z.ZodObject<{
1004
+ issuer: z.ZodString;
1005
+ authorization_endpoint: z.ZodURL;
1006
+ token_endpoint: z.ZodURL;
1007
+ userinfo_endpoint: z.ZodOptional<z.ZodURL>;
1008
+ jwks_uri: z.ZodURL;
1009
+ registration_endpoint: z.ZodOptional<z.ZodURL>;
1010
+ scopes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1011
+ response_types_supported: z.ZodArray<z.ZodString>;
1012
+ response_modes_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1013
+ grant_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1014
+ acr_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1015
+ subject_types_supported: z.ZodArray<z.ZodString>;
1016
+ id_token_signing_alg_values_supported: z.ZodArray<z.ZodString>;
1017
+ id_token_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1018
+ id_token_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1019
+ userinfo_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1020
+ userinfo_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1021
+ userinfo_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1022
+ request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1023
+ request_object_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1024
+ request_object_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1025
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1026
+ token_endpoint_auth_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1027
+ display_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1028
+ claim_types_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1029
+ claims_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1030
+ service_documentation: z.ZodOptional<z.ZodString>;
1031
+ claims_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1032
+ ui_locales_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
1033
+ claims_parameter_supported: z.ZodOptional<z.ZodBoolean>;
1034
+ request_parameter_supported: z.ZodOptional<z.ZodBoolean>;
1035
+ request_uri_parameter_supported: z.ZodOptional<z.ZodBoolean>;
1036
+ require_request_uri_registration: z.ZodOptional<z.ZodBoolean>;
1037
+ op_policy_uri: z.ZodOptional<z.ZodURL>;
1038
+ op_tos_uri: z.ZodOptional<z.ZodURL>;
1039
+ client_id_metadata_document_supported: z.ZodOptional<z.ZodBoolean>;
1040
+ authorization_response_iss_parameter_supported: z.ZodCatch<z.ZodOptional<z.ZodBoolean>>;
1041
+ }, z.core.$loose>;
1042
+ };
1043
+ type ProtocolSchemaKey = (typeof SPEC_SCHEMA_KEYS)[number];
1044
+ type AuthSchemaKey = keyof typeof authSchemas;
1045
+ type SchemaKey = ProtocolSchemaKey | AuthSchemaKey;
1046
+ type SchemaFor<K$1 extends SchemaKey> = K$1 extends ProtocolSchemaKey ? (typeof schemas_d_exports)[K$1] : K$1 extends AuthSchemaKey ? (typeof authSchemas)[K$1] : never;
1047
+ type StripSchemaSuffix<K$1> = K$1 extends `${infer N}Schema` ? N : never;
1048
+ /**
1049
+ * Union of every named type in the SDK's protocol and OAuth schemas (e.g. `'CallToolResult'`,
1050
+ * `'ContentBlock'`, `'Tool'`, `'OAuthTokens'`). Derived from the internal Zod schemas, so it stays
1051
+ * in sync with the spec.
1052
+ */
1053
+ type SpecTypeName = StripSchemaSuffix<SchemaKey>;
1054
+ /**
1055
+ * Maps each {@linkcode SpecTypeName} to its TypeScript type.
1056
+ *
1057
+ * `SpecTypes['Tool']` is equivalent to importing the `Tool` type directly.
1058
+ * These validators cover the NEUTRAL model — the consumer-facing shapes with
1059
+ * no wire-only members (`resultType`, the reserved `_meta` envelope keys).
1060
+ * Per-revision WIRE validators are deliberately not public surface; they are
1061
+ * planned to return as versioned `zod-schemas/<revision>` exports for
1062
+ * consumers who validate raw wire traffic themselves.
1063
+ */
1064
+ type SpecTypes = { [K in SchemaKey as StripSchemaSuffix<K>]: SchemaFor<K> extends z.ZodType ? z.output<SchemaFor<K>> : never };
1065
+ /**
1066
+ * Input shape for each {@linkcode SpecTypeName}. For most types this equals {@linkcode SpecTypes},
1067
+ * but a few schemas apply defaults/preprocessing, so the accepted input may be looser than the
1068
+ * resulting output type.
1069
+ */
1070
+ type SpecTypeInputs = { [K in SchemaKey as StripSchemaSuffix<K>]: SchemaFor<K> extends z.ZodType ? z.input<SchemaFor<K>> : never };
1071
+ type SchemaRecord = { readonly [K in SpecTypeName]: StandardSchemaV1Sync<SpecTypeInputs[K], SpecTypes[K]> };
1072
+ type GuardRecord = { readonly [K in SpecTypeName]: (value: unknown) => value is SpecTypeInputs[K] };
1073
+ /**
1074
+ * Runtime validators for every MCP spec type, keyed by type name.
1075
+ *
1076
+ * Use this when you need to validate a spec-defined shape at a boundary the SDK does not own, for
1077
+ * example an extension's custom-method payload that embeds a `CallToolResult`, or a value read from
1078
+ * storage that should be a `Tool`.
1079
+ *
1080
+ * Each entry implements the Standard Schema interface, so it composes with any
1081
+ * Standard-Schema-aware library. For a simple boolean check, use {@linkcode isSpecType} instead.
1082
+ *
1083
+ * @example
1084
+ * ```ts source="./specTypeSchema.examples.ts#specTypeSchemas_basicUsage"
1085
+ * const result = specTypeSchemas.CallToolResult['~standard'].validate(untrusted);
1086
+ * if (result.issues === undefined) {
1087
+ * // result.value is CallToolResult
1088
+ * }
1089
+ * ```
1090
+ */
1091
+ declare const specTypeSchemas: SchemaRecord;
1092
+ /**
1093
+ * Type predicates for every MCP spec type, keyed by type name.
1094
+ *
1095
+ * Returns `true` if the value satisfies the schema's input type (`z.input<>`, before defaults and
1096
+ * transforms are applied), and narrows to that input type. For schemas with `.default()` or
1097
+ * `.preprocess()`, this may accept values that do not structurally match the named output type;
1098
+ * for example `isSpecType.CallToolResult({})` is `true` because `content` has a default. Use
1099
+ * `specTypeSchemas.X['~standard'].validate(value)` when you need the validated output value.
1100
+ *
1101
+ * Each guard is a standalone function, so it can be passed directly as a callback.
1102
+ *
1103
+ * @example
1104
+ * ```ts source="./specTypeSchema.examples.ts#isSpecType_basicUsage"
1105
+ * if (isSpecType.ContentBlock(value)) {
1106
+ * // value is ContentBlock
1107
+ * }
1108
+ *
1109
+ * const blocks = mixed.filter(isSpecType.ContentBlock);
1110
+ * ```
1111
+ */
1112
+ declare const isSpecType: GuardRecord;
1113
+ //#endregion
1114
+ //#region ../core-internal/src/shared/metadataUtils.d.ts
1115
+ /**
1116
+ * Utilities for working with {@linkcode BaseMetadata} objects.
1117
+ */
1118
+ /**
1119
+ * Gets the display name for an object with {@linkcode BaseMetadata}.
1120
+ * For tools, the precedence is: `title` → {@linkcode index.ToolAnnotations | annotations}.`title` → `name`
1121
+ * For other objects: `title` → `name`
1122
+ * This implements the spec requirement: "if no title is provided, name should be used for display purposes"
1123
+ */
1124
+ declare function getDisplayName(metadata: BaseMetadata | (BaseMetadata & {
1125
+ annotations?: {
1126
+ title?: string;
1127
+ };
1128
+ })): string;
1129
+ //#endregion
1130
+ //#region ../core-internal/src/shared/protocolEras.d.ts
1131
+ /**
1132
+ * Protocol-era helpers (pure module). The MCP wire protocol splits into two eras:
1133
+ * legacy (the 2025-11-25 family and earlier; the version is negotiated via the
1134
+ * `initialize` handshake) and modern (2026-07-28 and later; no `initialize` —
1135
+ * servers advertise versions via `server/discover` and every request carries a
1136
+ * `_meta` envelope).
1137
+ *
1138
+ * An operation that belongs to one era must only ever consult that era's subset
1139
+ * of a supported-versions list: `initialize` never accepts or counter-offers a
1140
+ * modern revision, and the `server/discover` advertisement only ever contains
1141
+ * modern revisions.
1142
+ */
1143
+ /**
1144
+ * The protocol era of a connection: `'legacy'` for the 2025-11-25 family and
1145
+ * earlier (negotiated via `initialize`), `'modern'` for 2026-07-28 and later
1146
+ * (negotiated via `server/discover`; every request carries a `_meta` envelope).
1147
+ */
1148
+ type ProtocolEra = 'legacy' | 'modern';
1149
+ //#endregion
1150
+ //#region ../core-internal/src/shared/stdio.d.ts
1151
+ declare const STDIO_DEFAULT_MAX_BUFFER_SIZE: number;
1152
+ /**
1153
+ * Buffers a continuous stdio stream into discrete JSON-RPC messages.
1154
+ */
1155
+ declare class ReadBuffer {
1156
+ private _buffer?;
1157
+ private _maxBufferSize;
1158
+ constructor(options?: {
1159
+ maxBufferSize?: number;
1160
+ });
1161
+ append(chunk: Buffer): void;
1162
+ readMessage(): JSONRPCMessage | null;
1163
+ clear(): void;
1164
+ }
1165
+ declare function deserializeMessage(line: string): JSONRPCMessage;
1166
+ declare function serializeMessage(message: JSONRPCMessage): string;
1167
+ //#endregion
1168
+ //#region ../core-internal/src/util/inMemory.d.ts
1169
+ /**
1170
+ * In-memory transport for creating clients and servers that talk to each other within the same process.
1171
+ *
1172
+ * Intended for testing and development. For production in-process connections, use
1173
+ * `StreamableHTTPClientTransport` against a local server URL.
1174
+ */
1175
+ declare class InMemoryTransport implements Transport {
1176
+ private _otherTransport?;
1177
+ private _messageQueue;
1178
+ private _closed;
1179
+ onclose?: () => void;
1180
+ onerror?: (error: Error) => void;
1181
+ onmessage?: (message: JSONRPCMessage, extra?: {
1182
+ authInfo?: AuthInfo;
1183
+ }) => void;
1184
+ sessionId?: string;
1185
+ /**
1186
+ * Creates a pair of linked in-memory transports that can communicate with each other. One should be passed to a {@linkcode @modelcontextprotocol/client!client/client.Client | Client} and one to a {@linkcode @modelcontextprotocol/server!server/server.Server | Server}.
1187
+ */
1188
+ static createLinkedPair(): [InMemoryTransport, InMemoryTransport];
1189
+ start(): Promise<void>;
1190
+ close(): Promise<void>;
1191
+ /**
1192
+ * Sends a message with optional auth info.
1193
+ * This is useful for testing authentication scenarios.
1194
+ */
1195
+ send(message: JSONRPCMessage, options?: {
1196
+ relatedRequestId?: RequestId;
1197
+ authInfo?: AuthInfo;
1198
+ }): Promise<void>;
1199
+ }
1200
+ //#endregion
1201
+ //#region src/server/completable.d.ts
1202
+ declare const COMPLETABLE_SYMBOL: unique symbol;
1203
+ type CompleteCallback<T extends StandardSchemaV1 = StandardSchemaV1> = (value: StandardSchemaV1.InferInput<T>, context?: {
1204
+ arguments?: Record<string, string>;
1205
+ }) => StandardSchemaV1.InferInput<T>[] | Promise<StandardSchemaV1.InferInput<T>[]>;
1206
+ type CompletableMeta<T extends StandardSchemaV1 = StandardSchemaV1> = {
1207
+ complete: CompleteCallback<T>;
1208
+ };
1209
+ type CompletableSchema<T extends StandardSchemaV1> = T & {
1210
+ [COMPLETABLE_SYMBOL]: CompletableMeta<T>;
1211
+ };
1212
+ /**
1213
+ * Wraps a schema to provide autocompletion capabilities. Useful for, e.g., prompt arguments in MCP.
1214
+ *
1215
+ * @example
1216
+ * ```ts source="./completable.examples.ts#completable_basicUsage"
1217
+ * server.registerPrompt(
1218
+ * 'review-code',
1219
+ * {
1220
+ * title: 'Code Review',
1221
+ * argsSchema: z.object({
1222
+ * language: completable(z.string().describe('Programming language'), value =>
1223
+ * ['typescript', 'javascript', 'python', 'rust', 'go'].filter(lang => lang.startsWith(value))
1224
+ * )
1225
+ * })
1226
+ * },
1227
+ * ({ language }) => ({
1228
+ * messages: [
1229
+ * {
1230
+ * role: 'user' as const,
1231
+ * content: {
1232
+ * type: 'text' as const,
1233
+ * text: `Review this ${language} code.`
1234
+ * }
1235
+ * }
1236
+ * ]
1237
+ * })
1238
+ * );
1239
+ * ```
1240
+ *
1241
+ * @see {@linkcode server/mcp.McpServer.registerPrompt | McpServer.registerPrompt} for using completable schemas in prompt argument definitions
1242
+ */
1243
+ declare function completable<T extends StandardSchemaV1>(schema: T, complete: CompleteCallback<T>): CompletableSchema<T>;
1244
+ /**
1245
+ * Checks if a schema is completable (has completion metadata).
1246
+ */
1247
+ declare function isCompletable(schema: unknown): schema is CompletableSchema<StandardSchemaV1>;
1248
+ //#endregion
1249
+ //#region src/server/middleware/hostHeaderValidation.d.ts
1250
+ type HostHeaderValidationResult = {
1251
+ ok: true;
1252
+ hostname: string;
1253
+ } | {
1254
+ ok: false;
1255
+ errorCode: 'missing_host' | 'invalid_host_header' | 'invalid_host';
1256
+ message: string;
1257
+ hostHeader?: string;
1258
+ hostname?: string;
1259
+ };
1260
+ /**
1261
+ * Parse and validate a `Host` header against an allowlist of hostnames (port-agnostic).
1262
+ *
1263
+ * - Input host header may include a port (e.g. `localhost:3000`) or IPv6 brackets (e.g. `[::1]:3000`).
1264
+ * - Allowlist items should be hostnames only (no ports). For IPv6, include brackets (e.g. `[::1]`).
1265
+ */
1266
+ declare function validateHostHeader(hostHeader: string | null | undefined, allowedHostnames: string[]): HostHeaderValidationResult;
1267
+ /**
1268
+ * Convenience allowlist for `localhost` DNS rebinding protection.
1269
+ */
1270
+ declare function localhostAllowedHostnames(): string[];
1271
+ /**
1272
+ * Web-standard `Request` helper for DNS rebinding protection.
1273
+ * @example
1274
+ * ```ts source="./hostHeaderValidation.examples.ts#hostHeaderValidationResponse_basicUsage"
1275
+ * const result = validateHostHeader(req.headers.get('host'), ['localhost']);
1276
+ * ```
1277
+ */
1278
+ declare function hostHeaderValidationResponse(req: Request, allowedHostnames: string[]): Response | undefined;
1279
+ //#endregion
1280
+ //#region src/server/middleware/originValidation.d.ts
1281
+ /**
1282
+ * Framework-agnostic Origin header validation helpers.
1283
+ *
1284
+ * Browsers attach an `Origin` header to cross-origin requests; validating it
1285
+ * against an allowlist (alongside Host header validation) protects local and
1286
+ * development MCP servers against DNS rebinding and cross-site request
1287
+ * forgery. The framework middleware packages (`@modelcontextprotocol/express`,
1288
+ * `@modelcontextprotocol/hono`, `@modelcontextprotocol/fastify`,
1289
+ * `@modelcontextprotocol/node`) wrap these helpers; use them directly when
1290
+ * mounting a handler bare on a fetch-native runtime.
1291
+ *
1292
+ * Validation is deny-on-failure: a present `Origin` value that cannot be
1293
+ * parsed (including the opaque `null` origin) is rejected, never passed
1294
+ * through. Requests without an `Origin` header pass — non-browser MCP clients
1295
+ * do not send one.
1296
+ */
1297
+ type OriginValidationResult = {
1298
+ ok: true;
1299
+ origin?: string;
1300
+ hostname?: string;
1301
+ } | {
1302
+ ok: false;
1303
+ errorCode: 'invalid_origin_header' | 'invalid_origin';
1304
+ message: string;
1305
+ originHeader?: string;
1306
+ hostname?: string;
1307
+ };
1308
+ /**
1309
+ * Validate an `Origin` header against an allowlist of hostnames (port-agnostic).
1310
+ *
1311
+ * - A missing/empty `Origin` header passes: non-browser clients do not send one,
1312
+ * and only browser-originated requests carry the header this check defends against.
1313
+ * - Allowlist items are hostnames only (no scheme, no port), the same convention as
1314
+ * `validateHostHeader`. For IPv6, include brackets (e.g. `[::1]`).
1315
+ * - Any present value that cannot be parsed as an origin URL — including the literal
1316
+ * `null` origin browsers send for opaque contexts — is rejected (deny on failure).
1317
+ */
1318
+ declare function validateOriginHeader(originHeader: string | null | undefined, allowedOriginHostnames: string[]): OriginValidationResult;
1319
+ /**
1320
+ * Convenience allowlist of localhost-class origin hostnames, mirroring
1321
+ * `localhostAllowedHostnames`.
1322
+ */
1323
+ declare function localhostAllowedOrigins(): string[];
1324
+ /**
1325
+ * Web-standard `Request` helper for Origin validation: returns a `403` JSON-RPC
1326
+ * error response when the request's `Origin` header is not allowed, and
1327
+ * `undefined` when the request may proceed.
1328
+ *
1329
+ * ```ts
1330
+ * const rejected = originValidationResponse(request, localhostAllowedOrigins());
1331
+ * if (rejected) return rejected;
1332
+ * ```
1333
+ */
1334
+ declare function originValidationResponse(req: Request, allowedOriginHostnames: string[]): Response | undefined;
1335
+ //#endregion
1336
+ //#region src/server/requestStateCodec.d.ts
1337
+ /**
1338
+ * Options for {@linkcode createRequestStateCodec}.
1339
+ */
1340
+ interface RequestStateCodecOptions {
1341
+ /**
1342
+ * The HMAC secret. A `string` value is UTF-8-encoded. MUST be at least
1343
+ * 32 bytes (256 bits) long; a `RangeError` is thrown at
1344
+ * construction otherwise. The same key must be available to every server
1345
+ * instance that may receive an echoed `requestState` (so a per-process
1346
+ * random key only works when one process serves every round of a flow).
1347
+ */
1348
+ key: Uint8Array | string;
1349
+ /**
1350
+ * How long a minted `requestState` stays valid, in seconds. An echoed
1351
+ * value past its expiry is rejected by {@linkcode RequestStateCodec.verify}.
1352
+ * Defaults to `600` (ten minutes).
1353
+ */
1354
+ ttlSeconds?: number;
1355
+ /**
1356
+ * Optional context binding. Called at mint time and again at verify time;
1357
+ * a `requestState` minted under one binding value is rejected when echoed
1358
+ * under a different one. Use this to bind state to the authenticated
1359
+ * principal and/or the originating method (the spec's user-binding MUST
1360
+ * for state that influences authorization), for example:
1361
+ *
1362
+ * ```ts
1363
+ * bind: ctx => `${ctx.mcpReq.method}\0${ctx.http?.authInfo?.clientId ?? ''}`
1364
+ * ```
1365
+ *
1366
+ * The returned value is stored in the envelope as a domain-separated HMAC
1367
+ * tag (keyed by the codec's `key`), not the raw string — so a principal
1368
+ * identifier in the binding does not appear in the wire value the client
1369
+ * holds.
1370
+ *
1371
+ * When configured, {@linkcode RequestStateCodec.mint} requires its `ctx`
1372
+ * argument.
1373
+ */
1374
+ bind?: (ctx: ServerContext) => string;
1375
+ }
1376
+ /**
1377
+ * The codec returned by {@linkcode createRequestStateCodec}: `mint` seals a
1378
+ * JSON-serializable payload into the wire string a handler returns from
1379
+ * `inputRequired({ requestState })`; `verify` is the function to drop into
1380
+ * {@linkcode server/server.ServerOptions | ServerOptions}`.requestState.verify`
1381
+ * (it throws on any failure, which the seam answers as the frozen `-32602`).
1382
+ * The decoded payload `verify` resolves with is handed to the handler by the
1383
+ * seam via the typed `ctx.mcpReq.requestState<T>()` accessor — `mint<T>` and
1384
+ * `requestState<T>()` are the typed encode/read pair.
1385
+ */
1386
+ interface RequestStateCodec<T = unknown> {
1387
+ /**
1388
+ * Seal `payload` into an opaque wire string. The result is what the
1389
+ * handler returns from `inputRequired({ requestState })`.
1390
+ *
1391
+ * @param ctx The handler's context. Required when the codec was created
1392
+ * with a {@linkcode RequestStateCodecOptions.bind | bind}
1393
+ * callback; ignored otherwise.
1394
+ */
1395
+ mint(payload: T, ctx?: ServerContext): Promise<string>;
1396
+ /**
1397
+ * Verify an echoed `requestState` and return the original payload. Throws
1398
+ * on any failure (bad MAC, expired, bind mismatch, malformed). The thrown
1399
+ * message is a fixed opaque reason code (`'malformed'` / `'mac'` /
1400
+ * `'expired'` / `'bind'`) — never the decoded payload, the binding value,
1401
+ * or any other context-derived field.
1402
+ *
1403
+ * Pass this directly as `ServerOptions.requestState.verify`.
1404
+ */
1405
+ verify(state: string, ctx: ServerContext): Promise<T>;
1406
+ }
1407
+ /**
1408
+ * Create an opt-in HMAC-SHA256 codec for the multi-round-trip `requestState`
1409
+ * (protocol revision 2026-07-28).
1410
+ *
1411
+ * `requestState` round-trips through the client and is attacker-controlled
1412
+ * input on re-entry. The SDK applies no protection of its own; this helper is
1413
+ * the convenience implementation of the spec's integrity MUST so authors don't
1414
+ * hand-roll HMAC. Wire shape:
1415
+ *
1416
+ * "v1." b64url({"p":<payload>,"exp":<unixSeconds>,"b":<bindTag>?}) "." b64url(mac)
1417
+ *
1418
+ * where `bindTag` is `b64url(HMAC(key, "mcp.requestState.bind:" + bind(ctx))[:16])`
1419
+ * — the binding value is never embedded raw.
1420
+ *
1421
+ * The codec is **signed, not encrypted**: the body is integrity-protected but
1422
+ * the client can base64url-decode it and read the payload (`p`) in clear. Do
1423
+ * not put secrets in the payload; use an AEAD construction if confidentiality
1424
+ * is required. The handler reads its payload back via the typed
1425
+ * `ctx.mcpReq.requestState<T>()` accessor — the seam has already run `verify`
1426
+ * (integrity proven, payload decoded) by the time the handler is entered.
1427
+ *
1428
+ * Verification is fail-closed and constant-time (WebCrypto `subtle.verify` for
1429
+ * the body MAC; a fixed-length XOR-accumulator compare for the bind tag).
1430
+ * See `examples/mrtr/server.ts` for a worked end-to-end example.
1431
+ *
1432
+ * Design comparison (mcp.d `secureRequestState`, the peer SDK's reference
1433
+ * implementation): mcp.d additionally offers an AES-256-GCM encrypted mode and
1434
+ * derives independent cipher / bind-HMAC sub-keys from the operator secret via
1435
+ * HKDF-SHA256, with an auto-generated per-process ephemeral key when none is
1436
+ * supplied. This codec deliberately ships only the signed mode and a single
1437
+ * keyed HMAC (domain-separated by input prefix) — HKDF sub-key derivation and
1438
+ * an encrypted mode are intentionally out of scope for the initial release.
1439
+ */
1440
+ declare function createRequestStateCodec<T = unknown>(options: RequestStateCodecOptions): RequestStateCodec<T>;
1441
+ //#endregion
1442
+ //#region src/server/streamableHttp.d.ts
1443
+ type StreamId = string;
1444
+ type EventId = string;
1445
+ /**
1446
+ * Interface for resumability support via event storage
1447
+ */
1448
+ interface EventStore {
1449
+ /**
1450
+ * Stores an event for later retrieval
1451
+ * @param streamId ID of the stream the event belongs to
1452
+ * @param message The JSON-RPC message to store
1453
+ * @returns The generated event ID for the stored event
1454
+ */
1455
+ storeEvent(streamId: StreamId, message: JSONRPCMessage): Promise<EventId>;
1456
+ /**
1457
+ * Get the stream ID associated with a given event ID.
1458
+ * @param eventId The event ID to look up
1459
+ * @returns The stream ID, or `undefined` if not found
1460
+ *
1461
+ * Optional: If not provided, the SDK will use the `streamId` returned by
1462
+ * {@linkcode replayEventsAfter} for stream mapping.
1463
+ */
1464
+ getStreamIdForEventId?(eventId: EventId): Promise<StreamId | undefined>;
1465
+ replayEventsAfter(lastEventId: EventId, {
1466
+ send
1467
+ }: {
1468
+ send: (eventId: EventId, message: JSONRPCMessage) => Promise<void>;
1469
+ }): Promise<StreamId>;
1470
+ }
1471
+ /**
1472
+ * Configuration options for {@linkcode WebStandardStreamableHTTPServerTransport}
1473
+ */
1474
+ interface WebStandardStreamableHTTPServerTransportOptions {
1475
+ /**
1476
+ * Function that generates a session ID for the transport.
1477
+ * The session ID SHOULD be globally unique and cryptographically secure (e.g., a securely generated UUID, a JWT, or a cryptographic hash)
1478
+ *
1479
+ * If not provided, session management is disabled (stateless mode).
1480
+ */
1481
+ sessionIdGenerator?: (() => string) | undefined;
1482
+ /**
1483
+ * A callback for session initialization events
1484
+ * This is called when the server initializes a new session.
1485
+ * Useful in cases when you need to register multiple mcp sessions
1486
+ * and need to keep track of them.
1487
+ * @param sessionId The generated session ID
1488
+ */
1489
+ onsessioninitialized?: ((sessionId: string) => void | Promise<void>) | undefined;
1490
+ /**
1491
+ * A callback for session close events
1492
+ * This is called when the server closes a session due to a `DELETE` request.
1493
+ * Useful in cases when you need to clean up resources associated with the session.
1494
+ * Note that this is different from the transport closing, if you are handling
1495
+ * HTTP requests from multiple nodes you might want to close each
1496
+ * {@linkcode WebStandardStreamableHTTPServerTransport} after a request is completed while still keeping the
1497
+ * session open/running.
1498
+ * @param sessionId The session ID that was closed
1499
+ */
1500
+ onsessionclosed?: ((sessionId: string) => void | Promise<void>) | undefined;
1501
+ /**
1502
+ * If `true`, the server will return JSON responses instead of starting an SSE stream.
1503
+ * This can be useful for simple request/response scenarios without streaming.
1504
+ * Default is `false` (SSE streams are preferred).
1505
+ */
1506
+ enableJsonResponse?: boolean;
1507
+ /**
1508
+ * Event store for resumability support
1509
+ * If provided, resumability will be enabled, allowing clients to reconnect and resume messages
1510
+ */
1511
+ eventStore?: EventStore;
1512
+ /**
1513
+ * List of allowed `Host` header values for DNS rebinding protection.
1514
+ * If not specified, host validation is disabled.
1515
+ * @deprecated Use external middleware for host validation instead.
1516
+ */
1517
+ allowedHosts?: string[];
1518
+ /**
1519
+ * List of allowed `Origin` header values for DNS rebinding protection.
1520
+ * If not specified, origin validation is disabled.
1521
+ * @deprecated Use external middleware for origin validation instead.
1522
+ */
1523
+ allowedOrigins?: string[];
1524
+ /**
1525
+ * Enable DNS rebinding protection (requires `allowedHosts` and/or `allowedOrigins` to be configured).
1526
+ * Default is `false` for backwards compatibility.
1527
+ * @deprecated Use external middleware for DNS rebinding protection instead.
1528
+ */
1529
+ enableDnsRebindingProtection?: boolean;
1530
+ /**
1531
+ * Retry interval in milliseconds to suggest to clients in SSE `retry` field.
1532
+ * When set, the server will send a `retry` field in SSE priming events to control
1533
+ * client reconnection timing for polling behavior.
1534
+ */
1535
+ retryInterval?: number;
1536
+ /**
1537
+ * List of protocol versions that this transport will accept.
1538
+ * Used to validate the `mcp-protocol-version` header in incoming requests.
1539
+ *
1540
+ * Note: When using {@linkcode server/server.Server.connect | Server.connect()}, the server automatically passes its
1541
+ * `supportedProtocolVersions` to the transport, so you typically don't need
1542
+ * to set this option directly.
1543
+ *
1544
+ * @default {@linkcode SUPPORTED_PROTOCOL_VERSIONS}
1545
+ */
1546
+ supportedProtocolVersions?: string[];
1547
+ }
1548
+ /**
1549
+ * Options for handling a request
1550
+ */
1551
+ interface HandleRequestOptions {
1552
+ /**
1553
+ * Pre-parsed request body. If provided, the transport will use this instead of parsing `req.json()`.
1554
+ * Useful when using body-parser middleware that has already parsed the body.
1555
+ */
1556
+ parsedBody?: unknown;
1557
+ /**
1558
+ * Authentication info from middleware. If provided, will be passed to message handlers.
1559
+ */
1560
+ authInfo?: AuthInfo;
1561
+ }
1562
+ /**
1563
+ * Server transport for Web Standards Streamable HTTP: this implements the MCP Streamable HTTP transport specification
1564
+ * using Web Standard APIs (`Request`, `Response`, `ReadableStream`).
1565
+ *
1566
+ * This transport works on any runtime that supports Web Standards: Node.js 18+, Cloudflare Workers, Deno, Bun, etc.
1567
+ *
1568
+ * In stateful mode:
1569
+ * - Session ID is generated and included in response headers
1570
+ * - Session ID is always included in initialization responses
1571
+ * - Requests with invalid session IDs are rejected with `404 Not Found`
1572
+ * - Non-initialization requests without a session ID are rejected with `400 Bad Request`
1573
+ * - State is maintained in-memory (connections, message history)
1574
+ *
1575
+ * In stateless mode:
1576
+ * - No Session ID is included in any responses
1577
+ * - No session validation is performed
1578
+ *
1579
+ * @example Stateful setup
1580
+ * ```ts source="./streamableHttp.examples.ts#WebStandardStreamableHTTPServerTransport_stateful"
1581
+ * const server = new McpServer({ name: 'my-server', version: '1.0.0' });
1582
+ *
1583
+ * const transport = new WebStandardStreamableHTTPServerTransport({
1584
+ * sessionIdGenerator: () => crypto.randomUUID()
1585
+ * });
1586
+ *
1587
+ * await server.connect(transport);
1588
+ * ```
1589
+ *
1590
+ * @example Stateless setup
1591
+ * ```ts source="./streamableHttp.examples.ts#WebStandardStreamableHTTPServerTransport_stateless"
1592
+ * const transport = new WebStandardStreamableHTTPServerTransport({
1593
+ * sessionIdGenerator: undefined
1594
+ * });
1595
+ * ```
1596
+ *
1597
+ * @example Hono.js
1598
+ * ```ts source="./streamableHttp.examples.ts#WebStandardStreamableHTTPServerTransport_hono"
1599
+ * app.all('/mcp', async c => {
1600
+ * return transport.handleRequest(c.req.raw);
1601
+ * });
1602
+ * ```
1603
+ *
1604
+ * @example Cloudflare Workers
1605
+ * ```ts source="./streamableHttp.examples.ts#WebStandardStreamableHTTPServerTransport_workers"
1606
+ * const worker = {
1607
+ * async fetch(request: Request): Promise<Response> {
1608
+ * return transport.handleRequest(request);
1609
+ * }
1610
+ * };
1611
+ * ```
1612
+ */
1613
+ declare class WebStandardStreamableHTTPServerTransport implements Transport {
1614
+ private sessionIdGenerator;
1615
+ private _started;
1616
+ private _closed;
1617
+ private _streamMapping;
1618
+ private _requestToStreamMapping;
1619
+ private _requestResponseMap;
1620
+ private _initialized;
1621
+ private _enableJsonResponse;
1622
+ private _standaloneSseStreamId;
1623
+ private _eventStore?;
1624
+ private _onsessioninitialized?;
1625
+ private _onsessionclosed?;
1626
+ private _allowedHosts?;
1627
+ private _allowedOrigins?;
1628
+ private _enableDnsRebindingProtection;
1629
+ private _retryInterval?;
1630
+ private _supportedProtocolVersions;
1631
+ sessionId?: string;
1632
+ onclose?: () => void;
1633
+ onerror?: (error: Error) => void;
1634
+ onmessage?: (message: JSONRPCMessage, extra?: MessageExtraInfo) => void;
1635
+ constructor(options?: WebStandardStreamableHTTPServerTransportOptions);
1636
+ /**
1637
+ * Starts the transport. This is required by the {@linkcode Transport} interface but is a no-op
1638
+ * for the Streamable HTTP transport as connections are managed per-request.
1639
+ */
1640
+ start(): Promise<void>;
1641
+ /**
1642
+ * Sets the supported protocol versions for header validation.
1643
+ * Called by the server during {@linkcode server/server.Server.connect | connect()} to pass its supported versions.
1644
+ */
1645
+ setSupportedProtocolVersions(versions: string[]): void;
1646
+ /**
1647
+ * Helper to create a JSON error response
1648
+ */
1649
+ private createJsonErrorResponse;
1650
+ /**
1651
+ * Validates request headers for DNS rebinding protection.
1652
+ * @returns Error response if validation fails, `undefined` if validation passes.
1653
+ */
1654
+ private validateRequestHeaders;
1655
+ /**
1656
+ * Handles an incoming HTTP request, whether `GET`, `POST`, or `DELETE`
1657
+ * Returns a `Response` object (Web Standard)
1658
+ */
1659
+ handleRequest(req: Request, options?: HandleRequestOptions): Promise<Response>;
1660
+ /**
1661
+ * Returns true if the client's protocol version supports empty SSE data in
1662
+ * priming events (the fix shipped with protocol version `2025-11-25`).
1663
+ *
1664
+ * The version is checked for membership in this transport instance's
1665
+ * supported protocol versions rather than with an open-ended
1666
+ * `>= '2025-11-25'` comparison: the value may come from an `initialize`
1667
+ * request body, which (unlike the `MCP-Protocol-Version` header) is not
1668
+ * validated against `supportedProtocolVersions` before reaching this
1669
+ * check. An unknown future version string must not silently enable
1670
+ * behavior reserved for versions this transport actually supports.
1671
+ */
1672
+ private supportsEmptySSEData;
1673
+ /**
1674
+ * Writes a priming event to establish resumption capability.
1675
+ * Only sends if `eventStore` is configured (opt-in for resumability) and
1676
+ * the client's protocol version supports empty SSE data (a supported
1677
+ * version that is >= `2025-11-25`).
1678
+ */
1679
+ private writePrimingEvent;
1680
+ /**
1681
+ * Handles `GET` requests for SSE stream
1682
+ */
1683
+ private handleGetRequest;
1684
+ /**
1685
+ * Replays events that would have been sent after the specified event ID
1686
+ * Only used when resumability is enabled
1687
+ */
1688
+ private replayEvents;
1689
+ /**
1690
+ * Writes an event to an SSE stream via controller with proper formatting
1691
+ */
1692
+ private writeSSEEvent;
1693
+ /**
1694
+ * Handles unsupported requests (`PUT`, `PATCH`, etc.)
1695
+ */
1696
+ private handleUnsupportedRequest;
1697
+ /**
1698
+ * Handles `POST` requests containing JSON-RPC messages
1699
+ */
1700
+ private handlePostRequest;
1701
+ /**
1702
+ * Handles `DELETE` requests to terminate sessions
1703
+ */
1704
+ private handleDeleteRequest;
1705
+ /**
1706
+ * Validates session ID for non-initialization requests.
1707
+ * Returns `Response` error if invalid, `undefined` otherwise
1708
+ */
1709
+ private validateSession;
1710
+ /**
1711
+ * Validates the `MCP-Protocol-Version` header on incoming requests.
1712
+ *
1713
+ * For initialization: Version negotiation handles unknown versions gracefully
1714
+ * (server responds with its supported version).
1715
+ *
1716
+ * For subsequent requests with `MCP-Protocol-Version` header:
1717
+ * - Accept if in supported list
1718
+ * - 400 if unsupported
1719
+ *
1720
+ * For HTTP requests without the `MCP-Protocol-Version` header:
1721
+ * - Accept and default to the version negotiated at initialization
1722
+ */
1723
+ private validateProtocolVersion;
1724
+ close(): Promise<void>;
1725
+ /**
1726
+ * Close an SSE stream for a specific request, triggering client reconnection.
1727
+ * Use this to implement polling behavior during long-running operations -
1728
+ * client will reconnect after the retry interval specified in the priming event.
1729
+ */
1730
+ closeSSEStream(requestId: RequestId): void;
1731
+ /**
1732
+ * Close the standalone `GET` SSE stream, triggering client reconnection.
1733
+ * Use this to implement polling behavior for server-initiated notifications.
1734
+ */
1735
+ closeStandaloneSSEStream(): void;
1736
+ send(message: JSONRPCMessage, options?: {
1737
+ relatedRequestId?: RequestId;
1738
+ }): Promise<void>;
1739
+ }
1740
+ //#endregion
1741
+ //#region src/fromJsonSchema.d.ts
1742
+ declare function fromJsonSchema<T = unknown>(schema: JsonSchemaType, validator?: jsonSchemaValidator): StandardSchemaWithJSON<T, T>;
1743
+ //#endregion
1744
+ export { AjvJsonSchemaValidator, Annotations, type AnyToolHandler, AudioContent, AuthInfo, AuthorizationServerMetadata, BAGGAGE_META_KEY, BaseContext, BaseMetadata, type BaseToolCallback, BlobResourceContents, BooleanSchema, CLIENT_CAPABILITIES_META_KEY, CLIENT_INFO_META_KEY, type CacheHint, type CacheScope, CallToolRequest, CallToolRequestParams, CallToolResult, CancelTaskRequest, CancelTaskResult, CancelledNotification, CancelledNotificationParams, CfWorkerJsonSchemaValidator, CfWorkerSchemaDraft, ClientCapabilities, ClientContext, ClientNotification, ClientRequest, ClientResult, CompatibilityCallToolResult, type CompletableSchema, type CompleteCallback, CompleteRequest, CompleteRequestParams, CompleteRequestPrompt, CompleteRequestResourceTemplate, type CompleteResourceTemplateCallback, CompleteResult, ContentBlock, type CreateMcpHandlerOptions, CreateMessageRequest, CreateMessageRequestParams, CreateMessageRequestParamsBase, CreateMessageRequestParamsWithTools, CreateMessageResult, CreateMessageResultWithTools, CreateTaskResult, Cursor, DEFAULT_NEGOTIATED_PROTOCOL_VERSION, DEFAULT_REQUEST_TIMEOUT_MSEC, DiscoverRequest, DiscoverResult, ElicitRequest, ElicitRequestFormParams, ElicitRequestParams, ElicitRequestURLParams, ElicitResult, ElicitationCompleteNotification, ElicitationCompleteNotificationParams, EmbeddedResource, EmptyResult, EnumSchema, type EventId, type EventStore, FetchLike, GetPromptRequest, GetPromptRequestParams, GetPromptResult, GetTaskPayloadRequest, GetTaskPayloadResult, GetTaskRequest, GetTaskResult, type HandleRequestOptions, HandlerResultTypeMap, type HostHeaderValidationResult, INTERNAL_ERROR, INVALID_PARAMS, INVALID_REQUEST, Icon, Icons, IdJagTokenExchangeResponse, ImageContent, Implementation, InMemoryServerEventBus, InMemoryTransport, type InboundClassificationOutcome, type InboundHttpRequest, type InboundLadderRejection, type InboundLegacyRoute, type InboundLegacyRouteReason, type InboundModernRoute, type InboundValidationRung, InitializeRequest, InitializeRequestParams, InitializeResult, InitializedNotification, InputRequest, InputRequests, InputRequiredResult, type InputRequiredSpec, InputResponse, type InputResponseView, InputResponses, InternalError, InvalidParamsError, InvalidRequestError, JSONArray, JSONObject, JSONRPCErrorResponse, JSONRPCMessage, JSONRPCNotification, JSONRPCRequest, JSONRPCResponse, JSONRPCResultResponse, JSONRPC_VERSION, JSONValue, JsonSchemaType, JsonSchemaValidator, JsonSchemaValidatorResult, LATEST_PROTOCOL_VERSION, LOG_LEVEL_META_KEY, type LegacyHttpHandler, LegacyTitledEnumSchema, ListChangedCallback, ListChangedHandlers, ListChangedOptions, ListPromptsRequest, ListPromptsResult, ListResourceTemplatesRequest, ListResourceTemplatesResult, type ListResourcesCallback, ListResourcesRequest, ListResourcesResult, ListRootsRequest, ListRootsResult, ListTasksRequest, ListTasksResult, ListToolsRequest, ListToolsResult, LoggingLevel, LoggingMessageNotification, LoggingMessageNotificationParams, METHOD_NOT_FOUND, type McpHandlerRequestOptions, type McpHttpHandler, type McpRequestContext, McpServer, type McpServerFactory, MessageClassification, MessageExtraInfo, MetaObject, MethodNotFoundError, MissingRequiredClientCapabilityError, MissingRequiredClientCapabilityErrorData, ModelHint, ModelPreferences, MultiSelectEnumSchema, Notification, NotificationMethod, NotificationOptions, NotificationParams, NotificationTypeMap, NumberSchema, OAuthClientInformation, OAuthClientInformationFull, OAuthClientInformationMixed, OAuthClientMetadata, OAuthClientRegistrationError, OAuthError, OAuthErrorCode, OAuthErrorResponse, OAuthMetadata, OAuthProtectedResourceMetadata, OAuthTokenRevocationRequest, OAuthTokens, OpenIdProviderDiscoveryMetadata, OpenIdProviderMetadata, type OriginValidationResult, PARSE_ERROR, PROTOCOL_VERSION_META_KEY, PaginatedRequest, PaginatedRequestParams, PaginatedResult, ParseError, PerRequestHTTPServerTransport, type PerRequestHTTPServerTransportOptions, type PerRequestMessageExtra, type PerRequestResponseMode, PingRequest, PrimitiveSchemaDefinition, Progress, ProgressCallback, ProgressNotification, ProgressNotificationParams, ProgressToken, Prompt, PromptArgument, type PromptCallback, PromptListChangedNotification, PromptMessage, PromptReference, ProtocolEra, ProtocolError, ProtocolErrorCode, ProtocolOptions, RELATED_TASK_META_KEY, ReadBuffer, type ReadResourceCallback, ReadResourceRequest, ReadResourceRequestParams, ReadResourceResult, type ReadResourceTemplateCallback, type RegisteredPrompt, type RegisteredResource, type RegisteredResourceTemplate, type RegisteredTool, RelatedTaskMetadata, Request$1 as Request, RequestHandlerSchemas, RequestId, RequestMeta, RequestMetaEnvelope, RequestMetaObject, RequestMethod, RequestOptions, RequestParams, RequestStateAccessor, type RequestStateCodec, type RequestStateCodecOptions, RequestTypeMap, Resource, ResourceContents, ResourceLink, ResourceListChangedNotification, type ResourceMetadata, ResourceNotFoundError, ResourceRequestParams, ResourceTemplate, ResourceTemplateReference, ResourceTemplateType, ResourceUpdatedNotification, ResourceUpdatedNotificationParams, Result, ResultTypeMap, Role, Root, RootsListChangedNotification, STDIO_DEFAULT_MAX_BUFFER_SIZE, SUBSCRIPTION_ID_META_KEY, SUPPORTED_PROTOCOL_VERSIONS, SamplingContent, SamplingMessage, SamplingMessageContentBlock, SdkError, SdkErrorCode, SdkHttpError, SdkHttpErrorData, Server, ServerCapabilities, ServerContext, type ServerEvent, type ServerEventBus, ServerNotification, type ServerNotifier, type ServerOptions, ServerRequest, ServerResult, SetLevelRequest, SetLevelRequestParams, SingleSelectEnumSchema, SpecTypeName, SpecTypes, StandardSchemaV1, StandardSchemaV1Sync, StandardSchemaWithJSON, StoredOAuthClientInformation, StoredOAuthTokens, type StreamId, StringSchema, SubscribeRequest, SubscribeRequestParams, SubscriptionFilter, SubscriptionsAcknowledgedNotification, SubscriptionsAcknowledgedNotificationParams, SubscriptionsListenRequest, SubscriptionsListenRequestParams, SubscriptionsListenResult, SubscriptionsListenResultMeta, TRACEPARENT_META_KEY, TRACESTATE_META_KEY, Task, TaskAugmentedRequestParams, TaskCreationParams, TaskMetadata, TaskStatus, TaskStatusNotification, TaskStatusNotificationParams, TextContent, TextResourceContents, TitledMultiSelectEnumSchema, TitledSingleSelectEnumSchema, Tool, ToolAnnotations, type ToolCallback, ToolChoice, ToolExecution, ToolListChangedNotification, ToolResultContent, ToolUseContent, Transport, TransportSendOptions, UnsubscribeRequest, UnsubscribeRequestParams, UnsupportedProtocolVersionError, UnsupportedProtocolVersionErrorData, UntitledMultiSelectEnumSchema, UntitledSingleSelectEnumSchema, UriTemplate, UrlElicitationRequiredError, Variables, WebStandardStreamableHTTPServerTransport, type WebStandardStreamableHTTPServerTransportOptions, acceptedContent, assertCompleteRequestPrompt, assertCompleteRequestResourceTemplate, checkResourceAllowed, classifyInboundRequest, completable, createFetchWithInit, createMcpHandler, createRequestStateCodec, deserializeMessage, fromJsonSchema, getDisplayName, hostHeaderValidationResponse, inputRequired, inputResponse, isCallToolResult, isCompletable, isInitializeRequest, isInitializedNotification, isInputRequiredResult, isJSONRPCErrorResponse, isJSONRPCNotification, isJSONRPCRequest, isJSONRPCResponse, isJSONRPCResultResponse, isLegacyRequest, isSpecType, isTaskAugmentedRequestParams, jsonSchemaValidator, legacyStatelessFallback, localhostAllowedHostnames, localhostAllowedOrigins, originValidationResponse, parseJSONRPCMessage, resourceUrlFromServerUrl, serializeMessage, specTypeSchemas, validateHostHeader, validateOriginHeader };
1745
+ //# sourceMappingURL=index.d.cts.map