@phake/mcp 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +112 -18
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -1,17 +1,19 @@
1
1
  # @phake/mcp
2
2
 
3
+ [![npm](https://img.shields.io/npm/v/@phake/mcp)](https://www.npmjs.com/package/@phake/mcp)
4
+
3
5
  A TypeScript library for building MCP (Model Context Protocol) servers, designed to run on Cloudflare Workers and Node.js.
4
6
 
5
7
  ## Features
6
8
 
7
- - **Multi-runtime support** Deploy to Cloudflare Workers (itty-router) or Node.js (Hono)
8
- - **OAuth 2.0 authentication** Full PKCE flow with dynamic token resolution and proactive refresh
9
- - **5 auth strategies** `oauth`, `bearer`, `api_key`, `custom`, `none`
10
- - **Tool registration** Define and register MCP tools with Zod input/output schemas
11
- - **Session & token management** Persistent storage with LRU eviction and TTL
12
- - **Multiple storage backends** Cloudflare KV, SQLite, file-based, and in-memory
13
- - **CORS support** Configurable CORS headers
14
- - **Type-safe** Full TypeScript support with Zod validation
9
+ - **Multi-runtime support** - Deploy to Cloudflare Workers (itty-router) or Node.js (Hono)
10
+ - **OAuth 2.0 authentication** - Full PKCE flow with dynamic token resolution and proactive refresh
11
+ - **5 auth strategies** - `oauth`, `bearer`, `api_key`, `custom`, `none`
12
+ - **Tool registration** - Define and register MCP tools with Zod input/output schemas
13
+ - **Session & token management** - Persistent storage with LRU eviction and TTL
14
+ - **Multiple storage backends** - Cloudflare KV, SQLite, file-based, and in-memory
15
+ - **CORS support** - Configurable CORS headers
16
+ - **Type-safe** - Full TypeScript support with Zod validation
15
17
 
16
18
  ## Installation
17
19
 
@@ -75,11 +77,11 @@ Creates an MCP server instance.
75
77
 
76
78
  | Strategy | Description | Config Env Vars |
77
79
  |----------|-------------|-----------------|
78
- | `oauth` | Full OAuth 2.1 PKCE flow with RS token provider token mapping | `OAUTH_CLIENT_ID`, `OAUTH_CLIENT_SECRET`, `OAUTH_SCOPES`, `OAUTH_REDIRECT_URI`, `PROVIDER_CLIENT_ID`, `PROVIDER_CLIENT_SECRET`, `PROVIDER_ACCOUNTS_URL` |
80
+ | `oauth` | Full OAuth 2.1 PKCE flow with RS token -> provider token mapping | `OAUTH_CLIENT_ID`, `OAUTH_CLIENT_SECRET`, `OAUTH_SCOPES`, `OAUTH_REDIRECT_URI`, `PROVIDER_CLIENT_ID`, `PROVIDER_CLIENT_SECRET`, `PROVIDER_ACCOUNTS_URL` |
79
81
  | `bearer` | Static Bearer token | `BEARER_TOKEN` |
80
82
  | `api_key` | Static API key in custom header (default: `x-api-key`) | `API_KEY`, `API_KEY_HEADER` |
81
83
  | `custom` | Arbitrary custom headers | `CUSTOM_HEADERS` |
82
- | `none` | No authentication required | |
84
+ | `none` | No authentication required | - |
83
85
 
84
86
  ## Storage Backends
85
87
 
@@ -92,6 +94,98 @@ Creates an MCP server instance.
92
94
  | `FileTokenStore` | RS token mappings | JSON file persistence, AES-256-GCM encryption, secure permissions (0600) |
93
95
  | `SqliteSessionStore` | Sessions | SQLite via better-sqlite3 + Drizzle ORM, WAL mode, atomic transactions |
94
96
 
97
+ ## Creating Tools
98
+
99
+ Use `defineTool` to create a type-safe tool definition, then pass it to `tools` when creating the server.
100
+
101
+ ```typescript
102
+ import { z } from "zod";
103
+ import { defineTool } from "@phake/mcp";
104
+
105
+ const greetTool = defineTool({
106
+ name: "greet",
107
+ title: "Greet User",
108
+ description: "Returns a greeting for the given name",
109
+ inputSchema: z.object({
110
+ name: z.string().describe("Name to greet"),
111
+ }),
112
+ outputSchema: {
113
+ message: z.string().describe("The greeting message"),
114
+ },
115
+ annotations: {
116
+ readOnlyHint: true,
117
+ destructiveHint: false,
118
+ idempotentHint: true,
119
+ },
120
+ handler: async (args, context) => {
121
+ const message = `Hello, ${args.name}!`;
122
+ return {
123
+ content: [{ type: "text", text: message }],
124
+ structuredContent: { message },
125
+ };
126
+ },
127
+ });
128
+ ```
129
+
130
+ ### Authenticated Tools
131
+
132
+ Set `requiresAuth: true` to have the dispatcher automatically reject calls when no token is present. Use `context.resolvedHeaders` to call external APIs.
133
+
134
+ ```typescript
135
+ import { defineTool } from "@phake/mcp";
136
+ import { z } from "zod";
137
+
138
+ const profileTool = defineTool({
139
+ name: "get_profile",
140
+ description: "Fetch the authenticated user's profile",
141
+ inputSchema: z.object({}),
142
+ requiresAuth: true,
143
+ handler: async (_args, context) => {
144
+ const response = await fetch("https://api.example.com/me", {
145
+ headers: context.resolvedHeaders,
146
+ });
147
+ const data = await response.json();
148
+ return {
149
+ content: [{ type: "text", text: JSON.stringify(data) }],
150
+ };
151
+ },
152
+ });
153
+ ```
154
+
155
+ ### Registering Tools
156
+
157
+ ```typescript
158
+ import { createMCPServer } from "@phake/mcp";
159
+
160
+ const server = createMCPServer({
161
+ adapter: "worker",
162
+ tools: [greetTool, profileTool],
163
+ });
164
+ ```
165
+
166
+ ### Tool Handler Reference
167
+
168
+ | Field | Type | Required | Description |
169
+ |-------|------|----------|-------------|
170
+ | `name` | `string` | Yes | Unique tool name |
171
+ | `description` | `string` | Yes | Description shown to the LLM |
172
+ | `inputSchema` | `ZodObject` | Yes | Zod schema for input validation |
173
+ | `outputSchema` | `ZodRawShape` | No | Zod schema for structured output |
174
+ | `handler` | `function` | Yes | `(args, context) => Promise<ToolResult>` |
175
+ | `requiresAuth` | `boolean` | No | Reject calls without a provider token |
176
+ | `title` | `string` | No | Human-readable display title |
177
+ | `annotations` | `object` | No | MCP hints (`readOnlyHint`, `destructiveHint`, etc.) |
178
+
179
+ The `context` object provides:
180
+
181
+ | Property | Description |
182
+ |----------|-------------|
183
+ | `sessionId` | Current MCP session ID |
184
+ | `providerToken` | Access token for external API calls |
185
+ | `resolvedHeaders` | Ready-to-use auth headers for `fetch` |
186
+ | `authStrategy` | Active auth strategy |
187
+ | `signal` | `AbortSignal` for cancellation |
188
+
95
189
  ## Built-in Tools
96
190
 
97
191
  | Tool | Input | Output | Description |
@@ -170,13 +264,13 @@ src/
170
264
 
171
265
  ## Dependencies
172
266
 
173
- - `@modelcontextprotocol/sdk` MCP protocol implementation
174
- - `zod` Schema validation
175
- - `jose` JWT and JWS/JWE
176
- - `oauth4webapi` OAuth 2.0 for Web API
177
- - `itty-router` Lightweight router (Workers)
178
- - `hono` / `@hono/node-server` Node.js HTTP framework (optional)
179
- - `drizzle-orm` / `better-sqlite3` Database layer (optional)
267
+ - `@modelcontextprotocol/sdk` - MCP protocol implementation
268
+ - `zod` - Schema validation
269
+ - `jose` - JWT and JWS/JWE
270
+ - `oauth4webapi` - OAuth 2.0 for Web API
271
+ - `itty-router` - Lightweight router (Workers)
272
+ - `hono` / `@hono/node-server` - Node.js HTTP framework (optional)
273
+ - `drizzle-orm` / `better-sqlite3` - Database layer (optional)
180
274
 
181
275
  ## Inspired By
182
276
 
@@ -184,4 +278,4 @@ This project was inspired by [streamable-mcp-server-template](https://github.com
184
278
 
185
279
  ## License
186
280
 
187
- This project is licensed under the MIT License see the [LICENSE](LICENSE) file for details.
281
+ This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@phake/mcp",
3
- "version": "0.0.1",
3
+ "version": "0.0.2",
4
4
  "repository": {
5
5
  "type": "git",
6
6
  "url": "https://github.com/fuongz/phake-mcp"