@nitrostack/core 1.0.0

package/dist/core/transports/http-server.js

@@ -0,0 +1,293 @@
+/**
+ * HTTP Server Transport for MCP
+ *
+ * Implements HTTP transport with Server-Sent Events (SSE) for bidirectional communication.
+ * Required for OAuth 2.1 authentication as per MCP specification.
+ *
+ * This transport:
+ * - Exposes MCP over HTTP endpoints
+ * - Provides OAuth 2.1 metadata endpoints (RFC 9728)
+ * - Uses SSE for server-to-client messages
+ * - Uses POST for client-to-server messages
+ */
+import express from 'express';
+/**
+ * HTTP Server Transport
+ *
+ * Implements MCP protocol over HTTP with SSE for real-time communication.
+ * Compatible with OAuth 2.1 authentication.
+ */
+export class HttpServerTransport {
+    app;
+    server = null;
+    sseClients = new Map();
+    messageHandler;
+    closeHandler;
+    errorHandler;
+    options;
+    constructor(options = {}) {
+        this.options = {
+            port: options.port || 3000,
+            host: options.host || '0.0.0.0',
+            basePath: options.basePath || '/mcp',
+            oauth: options.oauth,
+        };
+        this.app = options.app || express();
+        this.setupRoutes();
+    }
+    /**
+     * Setup HTTP routes for MCP protocol
+     */
+    setupRoutes() {
+        const basePath = this.options.basePath;
+        // Enable CORS
+        this.app.use((req, res, next) => {
+            res.header('Access-Control-Allow-Origin', '*');
+            res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
+            res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization');
+            if (req.method === 'OPTIONS') {
+                res.sendStatus(200);
+            }
+            else {
+                next();
+            }
+        });
+        // JSON parsing
+        this.app.use(express.json());
+        // SSE endpoint for server-to-client messages
+        this.app.get(`${basePath}/sse`, (req, res) => {
+            this.handleSSE(req, res);
+        });
+        // POST endpoint for client-to-server messages
+        this.app.post(`${basePath}/message`, async (req, res) => {
+            await this.handleMessage(req, res);
+        });
+        // OAuth 2.1 Protected Resource Metadata (RFC 9728)
+        if (this.options.oauth) {
+            this.app.get('/.well-known/oauth-protected-resource', (req, res) => {
+                this.handleProtectedResourceMetadata(req, res);
+            });
+        }
+        // Root info endpoint
+        this.app.get(basePath, (req, res) => {
+            res.json({
+                name: 'NitroStack MCP Server',
+                version: '1.0.0',
+                transport: 'HTTP',
+                status: 'running',
+                endpoints: {
+                    sse: `${basePath}/sse`,
+                    message: `${basePath}/message`,
+                    health: `${basePath}/health`,
+                },
+                docs: 'https://github.com/nitrostack/nitrostack',
+            });
+        });
+        // Health check
+        this.app.get(`${basePath}/health`, (req, res) => {
+            res.json({
+                status: 'ok',
+                transport: 'http',
+                uptime: process.uptime(),
+                timestamp: new Date().toISOString(),
+            });
+        });
+    }
+    /**
+     * Handle SSE connection for server-to-client messages
+     */
+    handleSSE(req, res) {
+        const clientId = req.query.clientId || `client_${Date.now()}`;
+        // Setup SSE
+        res.writeHead(200, {
+            'Content-Type': 'text/event-stream',
+            'Cache-Control': 'no-cache',
+            'Connection': 'keep-alive',
+        });
+        // Store client
+        this.sseClients.set(clientId, res);
+        // Send initial connection event
+        res.write(`data: ${JSON.stringify({ type: 'connected', clientId })}\n\n`);
+        // Handle client disconnect
+        req.on('close', () => {
+            this.sseClients.delete(clientId);
+        });
+    }
+    /**
+     * Handle incoming message from client
+     */
+    async handleMessage(req, res) {
+        try {
+            const message = req.body;
+            if (!message || !message.jsonrpc) {
+                res.status(400).json({ error: 'Invalid JSON-RPC message' });
+                return;
+            }
+            // Pass to message handler
+            if (this.messageHandler) {
+                await this.messageHandler(message);
+            }
+            res.json({ status: 'received' });
+        }
+        catch (error) {
+            console.error('Error handling message:', error);
+            res.status(500).json({ error: error instanceof Error ? error.message : String(error) });
+        }
+    }
+    /**
+     * Handle OAuth Protected Resource Metadata request (RFC 9728)
+     */
+    handleProtectedResourceMetadata(req, res) {
+        if (!this.options.oauth) {
+            res.status(404).json({ error: 'OAuth not configured' });
+            return;
+        }
+        const metadata = {
+            resource: this.options.oauth.resourceUri,
+            authorization_servers: this.options.oauth.authorizationServers,
+            ...(this.options.oauth.scopesSupported && {
+                scopes_supported: this.options.oauth.scopesSupported,
+            }),
+        };
+        res.json(metadata);
+    }
+    /**
+     * Start the HTTP server
+     */
+    async start() {
+        // Close existing server if any
+        if (this.server) {
+            await this.close();
+        }
+        return new Promise((resolve, reject) => {
+            // Set up error handler BEFORE calling listen
+            const errorHandler = (error) => {
+                console.error(`❌ Failed to start HTTP server: ${error.message}`);
+                this.server = null;
+                reject(error);
+            };
+            try {
+                const server = this.app.listen(this.options.port, this.options.host);
+                // Register error handler immediately
+                server.once('error', errorHandler);
+                // Success handler
+                server.once('listening', () => {
+                    // Remove error handler since we're now listening
+                    server.removeListener('error', errorHandler);
+                    // Set up permanent error handler for runtime errors
+                    server.on('error', (error) => {
+                        if (this.errorHandler) {
+                            this.errorHandler(error);
+                        }
+                        else {
+                            console.error('HTTP server error:', error);
+                        }
+                    });
+                    this.server = server;
+                    console.error(`🌐 HTTP MCP Server listening on http://${this.options.host}:${this.options.port}${this.options.basePath}`);
+                    if (this.options.oauth) {
+                        console.error(`🔐 OAuth 2.1 enabled`);
+                        console.error(`   Resource URI: ${this.options.oauth.resourceUri}`);
+                        console.error(`   Auth Servers: ${this.options.oauth.authorizationServers.join(', ')}`);
+                        console.error(`   Metadata: http://${this.options.host}:${this.options.port}/.well-known/oauth-protected-resource`);
+                    }
+                    resolve();
+                });
+            }
+            catch (error) {
+                reject(error);
+            }
+        });
+    }
+    /**
+     * Send message to client(s)
+     */
+    async send(message) {
+        const data = `data: ${JSON.stringify(message)}\n\n`;
+        // Send to all connected SSE clients
+        for (const [clientId, res] of this.sseClients) {
+            try {
+                res.write(data);
+            }
+            catch (error) {
+                console.error(`Error sending to client ${clientId}:`, error);
+                this.sseClients.delete(clientId);
+            }
+        }
+    }
+    /**
+     * Close the transport
+     */
+    async close() {
+        // Close all SSE connections
+        for (const [clientId, res] of this.sseClients) {
+            try {
+                res.end();
+            }
+            catch (error) {
+                // Ignore errors on close
+            }
+        }
+        this.sseClients.clear();
+        // Close HTTP server
+        if (this.server) {
+            return new Promise((resolve) => {
+                const server = this.server;
+                this.server = null; // Clear reference immediately
+                // Force close all connections
+                server.closeAllConnections?.(); // Available in Node 18+
+                server.close((err) => {
+                    if (err) {
+                        console.error('HTTP server close error (ignoring):', err.message);
+                    }
+                    else {
+                        console.error('🔌 HTTP MCP Server closed');
+                    }
+                    // Small delay to ensure port is fully released
+                    setTimeout(() => {
+                        if (this.closeHandler) {
+                            this.closeHandler();
+                        }
+                        resolve();
+                    }, 100);
+                });
+            });
+        }
+        if (this.closeHandler) {
+            this.closeHandler();
+        }
+    }
+    /**
+     * Set message handler
+     */
+    set onmessage(handler) {
+        this.messageHandler = handler;
+    }
+    /**
+     * Set close handler
+     */
+    set onclose(handler) {
+        this.closeHandler = handler;
+    }
+    /**
+     * Set error handler
+     */
+    set onerror(handler) {
+        this.errorHandler = handler;
+    }
+    /**
+     * Get the Express app (for adding custom routes)
+     */
+    getApp() {
+        return this.app;
+    }
+    /**
+     * Register a custom route handler (compatible with DiscoveryHttpServer interface)
+     * @param path - The route path
+     * @param handler - The request handler (Node.js http.RequestListener format)
+     */
+    on(path, handler) {
+        this.app.get(path, handler);
+    }
+}
+//# sourceMappingURL=http-server.js.map

package/dist/core/transports/http-server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http-server.js","sourceRoot":"","sources":["../../../src/core/transports/http-server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,OAAuC,MAAM,SAAS,CAAC;AAoC9D;;;;;GAKG;AACH,MAAM,OAAO,mBAAmB;IACtB,GAAG,CAAU;IACb,MAAM,GAAsB,IAAI,CAAC;IACjC,UAAU,GAA0B,IAAI,GAAG,EAAE,CAAC;IAC9C,cAAc,CAA8C;IAC5D,YAAY,CAAc;IAC1B,YAAY,CAA0B;IACtC,OAAO,CAAgH;IAE/H,YAAY,UAAsC,EAAE;QAClD,IAAI,CAAC,OAAO,GAAG;YACb,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,IAAI;YAC1B,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,SAAS;YAC/B,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,MAAM;YACpC,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC;QAEF,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,OAAO,EAAE,CAAC;QACpC,IAAI,CAAC,WAAW,EAAE,CAAC;IACrB,CAAC;IAED;;OAEG;IACK,WAAW;QACjB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC;QAEvC,cAAc;QACd,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YAC9B,GAAG,CAAC,MAAM,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;YAC/C,GAAG,CAAC,MAAM,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;YACjE,GAAG,CAAC,MAAM,CAAC,8BAA8B,EAAE,6BAA6B,CAAC,CAAC;YAC1E,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBAC7B,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YACtB,CAAC;iBAAM,CAAC;gBACN,IAAI,EAAE,CAAC;YACT,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,eAAe;QACf,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAE7B,6CAA6C;QAC7C,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,QAAQ,MAAM,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;YAC9D,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;QAEH,8CAA8C;QAC9C,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,QAAQ,UAAU,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;YACzE,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QAEH,mDAAmD;QACnD,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACvB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,uCAAuC,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;gBACpF,IAAI,CAAC,+BAA+B,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACjD,CAAC,CAAC,CAAC;QACL,CAAC;QAED,qBAAqB;QACrB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;YACrD,GAAG,CAAC,IAAI,CAAC;gBACP,IAAI,EAAE,uBAAuB;gBAC7B,OAAO,EAAE,OAAO;gBAChB,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,SAAS;gBACjB,SAAS,EAAE;oBACT,GAAG,EAAE,GAAG,QAAQ,MAAM;oBACtB,OAAO,EAAE,GAAG,QAAQ,UAAU;oBAC9B,MAAM,EAAE,GAAG,QAAQ,SAAS;iBAC7B;gBACD,IAAI,EAAE,0CAA0C;aACjD,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,eAAe;QACf,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,QAAQ,SAAS,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;YACjE,GAAG,CAAC,IAAI,CAAC;gBACP,MAAM,EAAE,IAAI;gBACZ,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE;gBACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,SAAS,CAAC,GAAY,EAAE,GAAa;QAC3C,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,QAAkB,IAAI,UAAU,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAExE,YAAY;QACZ,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;YACjB,cAAc,EAAE,mBAAmB;YACnC,eAAe,EAAE,UAAU;YAC3B,YAAY,EAAE,YAAY;SAC3B,CAAC,CAAC;QAEH,eAAe;QACf,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAEnC,gCAAgC;QAChC,GAAG,CAAC,KAAK,CAAC,SAAS,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,MAAM,CAAC,CAAC;QAE1E,2BAA2B;QAC3B,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YACnB,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,aAAa,CAAC,GAAY,EAAE,GAAa;QACrD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,GAAG,CAAC,IAAsB,CAAC;YAE3C,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBACjC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAC;gBAC5D,OAAO;YACT,CAAC;YAED,0BAA0B;YAC1B,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YACrC,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;QACnC,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;YAChD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC1F,CAAC;IACH,CAAC;IAED;;OAEG;IACK,+BAA+B,CAAC,GAAY,EAAE,GAAa;QACjE,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC,CAAC;YACxD,OAAO;QACT,CAAC;QAED,MAAM,QAAQ,GAAG;YACf,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW;YACxC,qBAAqB,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,oBAAoB;YAC9D,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,IAAI;gBACxC,gBAAgB,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe;aACrD,CAAC;SACH,CAAC;QAEF,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK;QACT,+BAA+B;QAC/B,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,6CAA6C;YAC7C,MAAM,YAAY,GAAG,CAAC,KAAY,EAAE,EAAE;gBACpC,OAAO,CAAC,KAAK,CAAC,kCAAkC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;gBACjE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;gBACnB,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC,CAAC;YAEF,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAErE,qCAAqC;gBACrC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;gBAEnC,kBAAkB;gBAClB,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE;oBAC5B,iDAAiD;oBACjD,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;oBAE7C,oDAAoD;oBACpD,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;wBAC3B,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;4BACtB,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;wBAC3B,CAAC;6BAAM,CAAC;4BACN,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;wBAC7C,CAAC;oBACH,CAAC,CAAC,CAAC;oBAEH,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;oBAErB,OAAO,CAAC,KAAK,CAAC,0CAA0C,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;oBAE1H,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;wBACvB,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;wBACtC,OAAO,CAAC,KAAK,CAAC,oBAAoB,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;wBACpE,OAAO,CAAC,KAAK,CAAC,oBAAoB,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;wBACxF,OAAO,CAAC,KAAK,CAAC,uBAAuB,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,uCAAuC,CAAC,CAAC;oBACtH,CAAC;oBAED,OAAO,EAAE,CAAC;gBACZ,CAAC,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAuB;QAChC,MAAM,IAAI,GAAG,SAAS,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC;QAEpD,oCAAoC;QACpC,KAAK,MAAM,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YAC9C,IAAI,CAAC;gBACH,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,QAAQ,GAAG,EAAE,KAAK,CAAC,CAAC;gBAC7D,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK;QACT,4BAA4B;QAC5B,KAAK,MAAM,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YAC9C,IAAI,CAAC;gBACH,GAAG,CAAC,GAAG,EAAE,CAAC;YACZ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,yBAAyB;YAC3B,CAAC;QACH,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QAExB,oBAAoB;QACpB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAO,CAAC;gBAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,8BAA8B;gBAElD,8BAA8B;gBAC9B,MAAM,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAC,wBAAwB;gBAExD,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBACnB,IAAI,GAAG,EAAE,CAAC;wBACR,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;oBACpE,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;oBAC7C,CAAC;oBAED,+CAA+C;oBAC/C,UAAU,CAAC,GAAG,EAAE;wBACd,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;4BACtB,IAAI,CAAC,YAAY,EAAE,CAAC;wBACtB,CAAC;wBACD,OAAO,EAAE,CAAC;oBACZ,CAAC,EAAE,GAAG,CAAC,CAAC;gBACV,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,IAAI,CAAC,YAAY,EAAE,CAAC;QACtB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,IAAI,SAAS,CAAC,OAAmD;QAC/D,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,IAAI,OAAO,CAAC,OAAmB;QAC7B,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,IAAI,OAAO,CAAC,OAA+B;QACzC,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,MAAM;QACJ,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAED;;;;OAIG;IACH,EAAE,CAAC,IAAY,EAAE,OAA8C;QAC7D,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC9B,CAAC;CACF"}

package/dist/core/transports/streamable-http.d.ts

@@ -0,0 +1,177 @@
+/**
+ * Streamable HTTP Transport for MCP
+ *
+ * Implements the MCP Streamable HTTP transport specification (2025-06-18).
+ * https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#streamable-http
+ *
+ * Features:
+ * - Single MCP endpoint supporting both POST and GET
+ * - POST for sending messages to server
+ * - GET for SSE streams from server
+ * - Session management with Mcp-Session-Id header
+ * - Resumability support with Last-Event-ID
+ * - Multiple concurrent client connections
+ * - Protocol version header support
+ */
+import { Express, Request, Response } from 'express';
+import { Transport } from '@modelcontextprotocol/sdk/shared/transport.js';
+import { JSONRPCMessage, Tool as McpTool } from '@modelcontextprotocol/sdk/types.js';
+export interface StreamableHttpTransportOptions {
+    /**
+     * Port to listen on (default: 3000)
+     */
+    port?: number;
+    /**
+     * Host to bind to (default: 'localhost' for security)
+     */
+    host?: string;
+    /**
+     * MCP endpoint path (default: '/mcp')
+     */
+    endpoint?: string;
+    /**
+     * Enable session management (default: true)
+     */
+    enableSessions?: boolean;
+    /**
+     * Session timeout in ms (default: 30 minutes)
+     */
+    sessionTimeout?: number;
+    /**
+     * Custom Express app (optional)
+     */
+    app?: Express;
+    /**
+     * Enable CORS (default: false for security)
+     */
+    enableCors?: boolean;
+}
+/**
+ * Streamable HTTP Transport
+ * Implements MCP Streamable HTTP specification
+ */
+export declare class StreamableHttpTransport implements Transport {
+    private app;
+    private server;
+    private sessions;
+    private activeStreams;
+    private messageHandler?;
+    private closeHandler?;
+    private errorHandler?;
+    private options;
+    private sessionCleanupInterval?;
+    private getToolsCallback?;
+    private serverConfig?;
+    private logoBase64?;
+    constructor(options?: StreamableHttpTransportOptions);
+    /**
+     * Load logo image as base64 for embedding in documentation page
+     */
+    private loadLogo;
+    /**
+     * Setup Express middleware
+     */
+    private setupMiddleware;
+    /**
+     * Setup MCP endpoint routes
+     */
+    private setupRoutes;
+    /**
+     * Handle POST requests (client sending messages to server)
+     */
+    private handlePost;
+    /**
+     * Handle GET requests (client opening SSE stream)
+     */
+    private handleGet;
+    /**
+     * Handle DELETE requests (session termination)
+     */
+    private handleDelete;
+    /**
+     * Start SSE stream for a request
+     */
+    private startSSEStream;
+    /**
+     * Send message to client(s)
+     */
+    send(message: JSONRPCMessage): Promise<void>;
+    /**
+     * Send message to a specific stream
+     */
+    private sendToStream;
+    /**
+     * Send response to the stream that made the request
+     */
+    private sendToRequestStream;
+    /**
+     * Send message to a sessionless stream
+     */
+    private sendToStreamSessionless;
+    /**
+     * Replay messages for resumability
+     */
+    private replayMessages;
+    /**
+     * Start the HTTP server
+     */
+    start(): Promise<void>;
+    /**
+     * Register additional HTTP routes
+     * Allows modules (like OAuthModule) to add custom endpoints
+     */
+    on(path: string, handler: (req: Request, res: Response) => void): void;
+    /**
+     * Close the transport
+     */
+    close(): Promise<void>;
+    /**
+     * Set message handler
+     */
+    set onmessage(handler: (message: JSONRPCMessage) => Promise<void>);
+    /**
+     * Set close handler
+     */
+    set onclose(handler: () => void);
+    /**
+     * Set error handler
+     */
+    set onerror(handler: (error: Error) => void);
+    /**
+     * Start session cleanup interval
+     */
+    private startSessionCleanup;
+    /**
+     * Helper methods
+     */
+    private generateSessionId;
+    private getMessageType;
+    private isResponse;
+    private isInitializeRequest;
+    private isLocalhost;
+    /**
+     * Get the Express app (for adding custom routes)
+     */
+    getApp(): Express;
+    /**
+     * Set callback to get tools list for documentation page
+     */
+    setToolsCallback(callback: () => Promise<McpTool[]>): void;
+    /**
+     * Set server configuration for documentation page
+     */
+    setServerConfig(config: {
+        name: string;
+        version: string;
+        description?: string;
+    }): void;
+    /**
+     * Generate HTML documentation page
+     */
+    private generateDocumentationPage;
+    /**
+     * Escape HTML to prevent XSS
+     */
+    private escapeHtml;
+}
+//# sourceMappingURL=streamable-http.d.ts.map

package/dist/core/transports/streamable-http.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"streamable-http.d.ts","sourceRoot":"","sources":["../../../src/core/transports/streamable-http.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAgB,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAgB,MAAM,SAAS,CAAC;AAE5E,OAAO,EAAE,SAAS,EAAE,MAAM,+CAA+C,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAwD,IAAI,IAAI,OAAO,EAAE,MAAM,oCAAoC,CAAC;AAM3I,MAAM,WAAW,8BAA8B;IAC7C;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,GAAG,CAAC,EAAE,OAAO,CAAC;IAEd;;OAEG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAuBD;;;GAGG;AACH,qBAAa,uBAAwB,YAAW,SAAS;IACvD,OAAO,CAAC,GAAG,CAAU;IACrB,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,QAAQ,CAAyC;IACzD,OAAO,CAAC,aAAa,CAAqC;IAC1D,OAAO,CAAC,cAAc,CAAC,CAA6C;IACpE,OAAO,CAAC,YAAY,CAAC,CAAa;IAClC,OAAO,CAAC,YAAY,CAAC,CAAyB;IAC9C,OAAO,CAAC,OAAO,CAAwD;IACvE,OAAO,CAAC,sBAAsB,CAAC,CAAiB;IAChD,OAAO,CAAC,gBAAgB,CAAC,CAA2B;IACpD,OAAO,CAAC,YAAY,CAAC,CAA0D;IAC/E,OAAO,CAAC,UAAU,CAAC,CAAS;gBAEhB,OAAO,GAAE,8BAAmC;IA2BxD;;OAEG;IACH,OAAO,CAAC,QAAQ;IAwChB;;OAEG;IACH,OAAO,CAAC,eAAe;IAwCvB;;OAEG;IACH,OAAO,CAAC,WAAW;IA2InB;;OAEG;YACW,UAAU;IAwFxB;;OAEG;IACH,OAAO,CAAC,SAAS;IAsHjB;;OAEG;IACH,OAAO,CAAC,YAAY;IA6BpB;;OAEG;YACW,cAAc;IAkD5B;;OAEG;IACG,IAAI,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IA2BlD;;OAEG;YACW,YAAY;IAwB1B;;OAEG;YACW,mBAAmB;IAuBjC;;OAEG;YACW,uBAAuB;IAiBrC;;OAEG;IACH,OAAO,CAAC,cAAc;IAqBtB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAwC5B;;;OAGG;IACH,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,KAAK,IAAI,GAAG,IAAI;IAItE;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA4C5B;;OAEG;IACH,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC,OAAO,EAAE,cAAc,KAAK,OAAO,CAAC,IAAI,CAAC,EAEhE;IAED;;OAEG;IACH,IAAI,OAAO,CAAC,OAAO,EAAE,MAAM,IAAI,EAE9B;IAED;;OAEG;IACH,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,EAE1C;IAED;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAqB3B;;OAEG;IAEH,OAAO,CAAC,iBAAiB;IAIzB,OAAO,CAAC,cAAc;IAMtB,OAAO,CAAC,UAAU;IAIlB,OAAO,CAAC,mBAAmB;IAI3B,OAAO,CAAC,WAAW;IAiBnB;;OAEG;IACH,MAAM,IAAI,OAAO;IAIjB;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,MAAM,OAAO,CAAC,OAAO,EAAE,CAAC,GAAG,IAAI;IAI1D;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;IAItF;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAycjC;;OAEG;IACH,OAAO,CAAC,UAAU;CAUnB"}