@phake/mcp 0.0.1

package/dist/index.js

@@ -0,0 +1,1083 @@
+// @bun
+import {
+  FileTokenStore,
+  JSON_RPC_METHOD_NOT_FOUND,
+  SqliteSessionStore,
+  buildServer,
+  getLowLevelServer,
+  getServerWithInternals,
+  isJsonRpcError,
+  sessions
+} from "./index-1zyem3xr.js";
+import {
+  ClientMetadataSchema,
+  JsonRpcErrorCode,
+  KvSessionStore,
+  KvTokenStore,
+  LATEST_PROTOCOL_VERSION,
+  SUPPORTED_PROTOCOL_VERSIONS,
+  assertSsrfSafe,
+  buildAuthorizationServerMetadata,
+  buildCorsHeaders,
+  buildFlowOptions,
+  buildOAuthConfig,
+  buildProtectedResourceMetadata,
+  buildProviderConfig,
+  buildProviderRefreshConfig,
+  buildTokenInput,
+  buildUnauthorizedChallenge,
+  checkSsrfSafe,
+  corsPreflightResponse,
+  createDiscoveryHandlers,
+  createWorkerRouter,
+  dispatchMcpMethod,
+  ensureFreshToken,
+  fetchClientMetadata,
+  generateOpaqueToken,
+  getLogLevel,
+  getSessionStore,
+  getTokenStore,
+  handleAuthorize,
+  handleMcpNotification,
+  handleProviderCallback,
+  handleRegister,
+  handleRevoke,
+  handleToken,
+  initializeStorage,
+  initializeWorkerStorage,
+  isClientIdUrl,
+  isSsrfSafe,
+  isTokenExpiredOrExpiring,
+  nodeDiscoveryStrategy,
+  parseAuthorizeInput,
+  parseCallbackInput,
+  parseTokenInput,
+  refreshProviderToken,
+  shimProcessEnv,
+  validateOrigin,
+  validateProtocolVersion,
+  validateRedirectUri,
+  withCors,
+  workerDiscoveryStrategy
+} from "./index-sbqy8kgq.js";
+import {
+  CancellationError,
+  CancellationToken,
+  MAX_SESSIONS_PER_API_KEY,
+  MemorySessionStore,
+  MemoryTokenStore,
+  assertProviderToken,
+  authContextStorage,
+  base64Decode,
+  base64Encode,
+  base64UrlDecode,
+  base64UrlDecodeJson,
+  base64UrlDecodeString,
+  base64UrlEncode,
+  base64UrlEncodeJson,
+  base64UrlEncodeString,
+  buildCapabilities,
+  contextRegistry,
+  createCancellationToken,
+  createEncryptor,
+  decrypt,
+  defineTool,
+  echoInputSchema,
+  echoTool,
+  encrypt,
+  executeSharedTool,
+  exports_external,
+  generateKey,
+  getCurrentAuthContext,
+  getSharedTool,
+  getSharedToolNames,
+  healthInputSchema,
+  healthTool,
+  logger,
+  registerTools,
+  sharedLogger,
+  sharedTools,
+  startContextCleanup,
+  stopContextCleanup,
+  toProviderInfo,
+  toProviderTokens,
+  withCancellation
+} from "./index-4f4xvtt9.js";
+// src/shared/config/env.ts
+function parseBoolean(value) {
+  return String(value || "false").toLowerCase() === "true";
+}
+function parseNumber(value, defaultValue) {
+  const num = Number(value);
+  return Number.isFinite(num) ? num : defaultValue;
+}
+function parseStringArray(value) {
+  return String(value || "").split(",").map((s) => s.trim()).filter(Boolean);
+}
+function parseAuthStrategy(env) {
+  const explicit = env.AUTH_STRATEGY?.toLowerCase();
+  if (explicit && ["oauth", "bearer", "api_key", "custom", "none"].includes(explicit)) {
+    return explicit;
+  }
+  if (parseBoolean(env.AUTH_ENABLED)) {
+    return "oauth";
+  }
+  if (env.API_KEY) {
+    return "api_key";
+  }
+  if (env.BEARER_TOKEN) {
+    return "bearer";
+  }
+  return "none";
+}
+function parseConfig(env) {
+  const authStrategy = parseAuthStrategy(env);
+  return {
+    HOST: String(env.HOST || "127.0.0.1"),
+    PORT: parseNumber(env.PORT, 3000),
+    NODE_ENV: env.NODE_ENV || "development",
+    MCP_TITLE: String(env.MCP_TITLE || "MCP Server Template"),
+    MCP_INSTRUCTIONS: String(env.MCP_INSTRUCTIONS || "Use these tools responsibly. Prefer minimal scopes and small page sizes."),
+    MCP_VERSION: String(env.MCP_VERSION || "0.1.0"),
+    MCP_PROTOCOL_VERSION: String(env.MCP_PROTOCOL_VERSION || "2025-06-18"),
+    MCP_ACCEPT_HEADERS: parseStringArray(env.MCP_ACCEPT_HEADERS),
+    AUTH_STRATEGY: authStrategy,
+    AUTH_ENABLED: authStrategy === "oauth" || parseBoolean(env.AUTH_ENABLED),
+    AUTH_REQUIRE_RS: parseBoolean(env.AUTH_REQUIRE_RS),
+    AUTH_ALLOW_DIRECT_BEARER: parseBoolean(env.AUTH_ALLOW_DIRECT_BEARER),
+    AUTH_RESOURCE_URI: env.AUTH_RESOURCE_URI,
+    AUTH_DISCOVERY_URL: env.AUTH_DISCOVERY_URL,
+    API_KEY: env.API_KEY,
+    API_KEY_HEADER: String(env.API_KEY_HEADER || "x-api-key"),
+    BEARER_TOKEN: env.BEARER_TOKEN,
+    CUSTOM_HEADERS: env.CUSTOM_HEADERS,
+    OAUTH_CLIENT_ID: env.OAUTH_CLIENT_ID,
+    OAUTH_CLIENT_SECRET: env.OAUTH_CLIENT_SECRET,
+    OAUTH_SCOPES: String(env.OAUTH_SCOPES || ""),
+    OAUTH_AUTHORIZATION_URL: env.OAUTH_AUTHORIZATION_URL,
+    OAUTH_TOKEN_URL: env.OAUTH_TOKEN_URL,
+    OAUTH_REVOCATION_URL: env.OAUTH_REVOCATION_URL,
+    OAUTH_REDIRECT_URI: String(env.OAUTH_REDIRECT_URI || "http://localhost:3000/callback"),
+    OAUTH_REDIRECT_ALLOWLIST: parseStringArray(env.OAUTH_REDIRECT_ALLOWLIST),
+    OAUTH_REDIRECT_ALLOW_ALL: parseBoolean(env.OAUTH_REDIRECT_ALLOW_ALL),
+    OAUTH_EXTRA_AUTH_PARAMS: env.OAUTH_EXTRA_AUTH_PARAMS,
+    CIMD_ENABLED: parseBoolean(env.CIMD_ENABLED ?? "true"),
+    CIMD_FETCH_TIMEOUT_MS: parseNumber(env.CIMD_FETCH_TIMEOUT_MS, 5000),
+    CIMD_MAX_RESPONSE_BYTES: parseNumber(env.CIMD_MAX_RESPONSE_BYTES, 65536),
+    CIMD_ALLOWED_DOMAINS: parseStringArray(env.CIMD_ALLOWED_DOMAINS),
+    PROVIDER_CLIENT_ID: env.PROVIDER_CLIENT_ID?.trim(),
+    PROVIDER_CLIENT_SECRET: env.PROVIDER_CLIENT_SECRET?.trim(),
+    PROVIDER_API_URL: env.PROVIDER_API_URL,
+    PROVIDER_ACCOUNTS_URL: env.PROVIDER_ACCOUNTS_URL,
+    BASE_URL: env.BASE_URL,
+    RS_TOKENS_FILE: env.RS_TOKENS_FILE,
+    RS_TOKENS_ENC_KEY: env.RS_TOKENS_ENC_KEY,
+    RPS_LIMIT: parseNumber(env.RPS_LIMIT, 10),
+    CONCURRENCY_LIMIT: parseNumber(env.CONCURRENCY_LIMIT, 5),
+    LOG_LEVEL: env.LOG_LEVEL || "info"
+  };
+}
+
+// src/mcp-server.ts
+function createMCPServer(options) {
+  if (options.adapter === "worker") {
+    return createWorkerServer(options.tools);
+  }
+  throw new Error(`Adapter '${options.adapter}' not supported yet`);
+}
+function createWorkerServer(tools) {
+  return {
+    async fetch(request, env) {
+      shimProcessEnv(env);
+      const config = parseConfig(env);
+      const storage = initializeWorkerStorage(env, config);
+      if (!storage) {
+        return withCors(new Response("Server misconfigured: Storage unavailable", {
+          status: 503
+        }));
+      }
+      const router = createWorkerRouter({
+        tokenStore: storage.tokenStore,
+        sessionStore: storage.sessionStore,
+        config,
+        tools
+      });
+      return router.fetch(request);
+    }
+  };
+}
+// src/shared/auth/strategy.ts
+function parseCustomHeaders(value) {
+  if (!value)
+    return {};
+  const headers = {};
+  const pairs = value.split(",");
+  for (const pair of pairs) {
+    const colonIndex = pair.indexOf(":");
+    if (colonIndex === -1)
+      continue;
+    const key = pair.slice(0, colonIndex).trim();
+    const val = pair.slice(colonIndex + 1).trim();
+    if (key && val) {
+      headers[key] = val;
+    }
+  }
+  return headers;
+}
+function parseAuthStrategy2(env) {
+  const strategy = env.AUTH_STRATEGY?.toLowerCase();
+  switch (strategy) {
+    case "api_key":
+      return {
+        type: "api_key",
+        headerName: env.API_KEY_HEADER || "x-api-key",
+        value: env.API_KEY
+      };
+    case "bearer":
+      return {
+        type: "bearer",
+        value: env.BEARER_TOKEN
+      };
+    case "custom":
+      return {
+        type: "custom",
+        customHeaders: parseCustomHeaders(env.CUSTOM_HEADERS)
+      };
+    case "none":
+      return { type: "none" };
+    default:
+      return { type: "oauth" };
+  }
+}
+function buildAuthHeaders(strategyConfig) {
+  const headers = {};
+  switch (strategyConfig.type) {
+    case "api_key":
+      if (strategyConfig.value && strategyConfig.headerName) {
+        headers[strategyConfig.headerName] = strategyConfig.value;
+      }
+      break;
+    case "bearer":
+      if (strategyConfig.value) {
+        headers.Authorization = `Bearer ${strategyConfig.value}`;
+      }
+      break;
+    case "custom":
+      if (strategyConfig.customHeaders) {
+        Object.assign(headers, strategyConfig.customHeaders);
+      }
+      break;
+    case "oauth":
+    case "none":
+      break;
+  }
+  return headers;
+}
+function resolveStaticAuth(strategyConfig) {
+  const headers = buildAuthHeaders(strategyConfig);
+  return {
+    strategy: strategyConfig.type,
+    headers,
+    accessToken: strategyConfig.type === "bearer" ? strategyConfig.value : undefined
+  };
+}
+function mergeAuthHeaders(incoming, strategy) {
+  return {
+    ...incoming,
+    ...strategy
+  };
+}
+function isOAuthStrategy(config) {
+  return config.type === "oauth";
+}
+function requiresAuth(config) {
+  return config.type !== "none";
+}
+function validateAuthConfig(config) {
+  const errors = [];
+  switch (config.type) {
+    case "api_key":
+      if (!config.value) {
+        errors.push("API_KEY is required when AUTH_STRATEGY=api_key");
+      }
+      break;
+    case "bearer":
+      if (!config.value) {
+        errors.push("BEARER_TOKEN is required when AUTH_STRATEGY=bearer");
+      }
+      break;
+    case "custom":
+      if (!config.customHeaders || Object.keys(config.customHeaders).length === 0) {
+        errors.push("CUSTOM_HEADERS is required when AUTH_STRATEGY=custom");
+      }
+      break;
+  }
+  return errors;
+}
+// src/shared/utils/limits.ts
+var makeTokenBucket = (capacity, refillPerSec) => {
+  let tokens = capacity;
+  let last = Date.now();
+  const refillLoop = () => {
+    const now = Date.now();
+    const delta = (now - last) / 1000;
+    last = now;
+    tokens = Math.min(capacity, tokens + delta * refillPerSec);
+  };
+  return {
+    take(n = 1) {
+      refillLoop();
+      if (tokens >= n) {
+        tokens -= n;
+        return true;
+      }
+      return false;
+    },
+    refill(n = capacity) {
+      tokens = Math.min(capacity, tokens + n);
+    }
+  };
+};
+var makeConcurrencyGate = (max) => {
+  let active = 0;
+  const queue = [];
+  return async (fn) => {
+    if (active >= max) {
+      await new Promise((resolve) => queue.push(resolve));
+    }
+    active++;
+    try {
+      return await fn();
+    } finally {
+      active--;
+      const next = queue.shift();
+      if (next)
+        next();
+    }
+  };
+};
+
+// src/shared/services/http-client.ts
+var DEFAULT_RPS = 10;
+var DEFAULT_CONCURRENCY = 5;
+function createHttpClient(options = {}) {
+  const {
+    baseHeaders = {},
+    timeout = 30000,
+    retries = 3,
+    retryDelay = 1000,
+    rateLimit = { rps: DEFAULT_RPS, burst: DEFAULT_RPS * 2 },
+    concurrency = DEFAULT_CONCURRENCY
+  } = options;
+  const rateLimiter = makeTokenBucket(rateLimit.burst, rateLimit.rps);
+  const concurrencyGate = makeConcurrencyGate(concurrency);
+  return async (input, init) => {
+    return concurrencyGate(async () => {
+      if (!rateLimiter.take()) {
+        logger.warning("http_client", {
+          message: "Rate limit exceeded, request rejected"
+        });
+        throw new Error("Rate limit exceeded");
+      }
+      const url = typeof input === "string" ? input : input instanceof URL ? input.toString() : input?.url ?? String(input);
+      const method = init?.method || "GET";
+      logger.debug("http_client", {
+        message: "HTTP request starting",
+        url,
+        method
+      });
+      for (let attempt = 1;attempt <= retries; attempt++) {
+        try {
+          const controller = new AbortController;
+          const timeoutId = setTimeout(() => controller.abort(), timeout);
+          const response = await fetch(url, {
+            ...init,
+            headers: {
+              ...baseHeaders,
+              ...init?.headers
+            },
+            signal: controller.signal
+          });
+          clearTimeout(timeoutId);
+          if (response.ok || attempt === retries) {
+            logger.info("http_client", {
+              message: "HTTP request completed",
+              url,
+              method,
+              status: response.status,
+              attempt
+            });
+            return response;
+          }
+          logger.warning("http_client", {
+            message: "HTTP request failed, retrying",
+            url,
+            method,
+            status: response.status,
+            attempt
+          });
+          const delay = retryDelay * 2 ** (attempt - 1) + Math.random() * 1000;
+          await new Promise((resolve) => setTimeout(resolve, delay));
+        } catch (error) {
+          if (attempt === retries) {
+            logger.error("http_client", {
+              message: "HTTP request failed after all retries",
+              url,
+              method,
+              error: error.message,
+              attempts: retries
+            });
+            throw error;
+          }
+          logger.warning("http_client", {
+            message: "HTTP request error, retrying",
+            url,
+            method,
+            error: error.message,
+            attempt
+          });
+          const delay = retryDelay * 2 ** (attempt - 1) + Math.random() * 1000;
+          await new Promise((resolve) => setTimeout(resolve, delay));
+        }
+      }
+      throw new Error("Unexpected end of retry loop");
+    });
+  };
+}
+// src/shared/utils/elicitation.ts
+function getLowLevelServer2(server) {
+  return server.server;
+}
+var ElicitResultSchema = exports_external.object({
+  action: exports_external.enum(["accept", "decline", "cancel"]),
+  content: exports_external.record(exports_external.string(), exports_external.union([exports_external.string(), exports_external.number(), exports_external.boolean(), exports_external.array(exports_external.string())])).optional()
+});
+function validateElicitationSchema(schema) {
+  if (schema.type !== "object") {
+    throw new Error('Elicitation schema must have type: "object" at root');
+  }
+  if (!schema.properties || typeof schema.properties !== "object") {
+    throw new Error('Elicitation schema must have a "properties" object');
+  }
+  for (const [fieldName, fieldSchema] of Object.entries(schema.properties)) {
+    if ("properties" in fieldSchema) {
+      throw new Error(`Nested objects not allowed in elicitation schema (field: "${fieldName}"). ` + "Only primitive types (string, number, integer, boolean) and enums are supported.");
+    }
+    if (fieldSchema.type === "array" && "items" in fieldSchema) {
+      const items = fieldSchema.items;
+      if (items.type === "object" || "properties" in items) {
+        throw new Error(`Array of objects not allowed in elicitation schema (field: "${fieldName}"). ` + "Only arrays with string enum items are supported for multi-select.");
+      }
+    }
+    const allowedTypes = ["boolean", "string", "number", "integer", "array"];
+    if (!allowedTypes.includes(fieldSchema.type)) {
+      throw new Error(`Invalid field type "${fieldSchema.type}" in elicitation schema (field: "${fieldName}"). ` + `Allowed types: ${allowedTypes.join(", ")}`);
+    }
+  }
+}
+function clientSupportsFormElicitation(server) {
+  try {
+    const lowLevel = getLowLevelServer2(server);
+    const clientCapabilities = lowLevel.getClientCapabilities?.() ?? {};
+    return Boolean(clientCapabilities.elicitation);
+  } catch {
+    return false;
+  }
+}
+function clientSupportsUrlElicitation(server) {
+  try {
+    const lowLevel = getLowLevelServer2(server);
+    const clientCapabilities = lowLevel.getClientCapabilities?.() ?? {};
+    return Boolean(clientCapabilities.elicitation?.url);
+  } catch {
+    return false;
+  }
+}
+async function elicitForm(server, request) {
+  if (!clientSupportsFormElicitation(server)) {
+    logger.warning("elicitation", {
+      message: "Client does not support form elicitation"
+    });
+    throw new Error("Client does not support form elicitation");
+  }
+  validateElicitationSchema(request.requestedSchema);
+  logger.debug("elicitation", {
+    message: "Requesting form elicitation",
+    fieldCount: Object.keys(request.requestedSchema.properties).length
+  });
+  try {
+    const lowLevel = getLowLevelServer2(server);
+    const response = await lowLevel.elicitInput({
+      mode: "form",
+      message: request.message,
+      requestedSchema: request.requestedSchema
+    });
+    logger.info("elicitation", {
+      message: "Form elicitation completed",
+      action: response.action
+    });
+    return response;
+  } catch (error) {
+    logger.error("elicitation", {
+      message: "Form elicitation failed",
+      error: error.message
+    });
+    throw error;
+  }
+}
+async function elicitUrl(server, request) {
+  if (!clientSupportsUrlElicitation(server)) {
+    logger.warning("elicitation", {
+      message: "Client does not support URL elicitation"
+    });
+    throw new Error("Client does not support URL elicitation");
+  }
+  logger.debug("elicitation", {
+    message: "Requesting URL elicitation",
+    elicitationId: request.elicitationId,
+    url: request.url
+  });
+  try {
+    const lowLevel = getLowLevelServer2(server);
+    const response = await lowLevel.elicitInput({
+      mode: "url",
+      message: request.message,
+      elicitationId: request.elicitationId,
+      url: request.url
+    });
+    logger.info("elicitation", {
+      message: "URL elicitation completed",
+      action: response.action,
+      elicitationId: request.elicitationId
+    });
+    return response;
+  } catch (error) {
+    logger.error("elicitation", {
+      message: "URL elicitation failed",
+      error: error.message,
+      elicitationId: request.elicitationId
+    });
+    throw error;
+  }
+}
+async function notifyElicitationComplete(server, elicitationId) {
+  if (!clientSupportsUrlElicitation(server)) {
+    throw new Error("Client does not support URL elicitation notifications");
+  }
+  logger.debug("elicitation", {
+    message: "Sending elicitation complete notification",
+    elicitationId
+  });
+  try {
+    const lowLevel = getLowLevelServer2(server);
+    const notifyComplete = lowLevel.createElicitationCompletionNotifier(elicitationId);
+    await notifyComplete();
+    logger.info("elicitation", {
+      message: "Elicitation complete notification sent",
+      elicitationId
+    });
+  } catch (error) {
+    logger.error("elicitation", {
+      message: "Failed to send elicitation complete notification",
+      error: error.message,
+      elicitationId
+    });
+    throw error;
+  }
+}
+async function confirm(server, message, options) {
+  const result = await elicitForm(server, {
+    message,
+    requestedSchema: {
+      type: "object",
+      properties: {
+        confirmed: {
+          type: "boolean",
+          title: options?.confirmLabel ?? "Confirm",
+          default: false
+        }
+      }
+    }
+  });
+  return result.action === "accept" && result.content?.confirmed === true;
+}
+async function promptText(server, message, options) {
+  const result = await elicitForm(server, {
+    message,
+    requestedSchema: {
+      type: "object",
+      properties: {
+        value: {
+          type: "string",
+          title: options?.title ?? "Value",
+          description: options?.description,
+          default: options?.defaultValue,
+          minLength: options?.minLength,
+          maxLength: options?.maxLength
+        }
+      },
+      ...options?.required && { required: ["value"] }
+    }
+  });
+  if (result.action === "accept") {
+    return result.content?.value;
+  }
+  return;
+}
+async function promptSelect(server, message, options, config) {
+  const result = await elicitForm(server, {
+    message,
+    requestedSchema: {
+      type: "object",
+      properties: {
+        selection: {
+          type: "string",
+          title: config?.title ?? "Selection",
+          oneOf: options.map((opt) => ({ const: opt.value, title: opt.label })),
+          default: config?.defaultValue
+        }
+      },
+      ...config?.required && { required: ["selection"] }
+    }
+  });
+  if (result.action === "accept") {
+    return result.content?.selection;
+  }
+  return;
+}
+// src/shared/utils/formatting.ts
+function summarizeList(items, formatPreview, options = {}) {
+  const {
+    title = "List",
+    maxPreview = 100,
+    detailsFormatter,
+    maxDetails = 5
+  } = options;
+  if (items.length === 0) {
+    return `## ${title} (0 items)
+
+No items found.`;
+  }
+  const parts = [];
+  const previewItems = items.slice(0, maxPreview);
+  const hasMore = items.length > maxPreview;
+  parts.push(`## ${title} (${items.length} items)`);
+  parts.push("");
+  parts.push(...previewItems.map(formatPreview));
+  if (hasMore) {
+    parts.push(`... and ${items.length - maxPreview} more`);
+  }
+  if (detailsFormatter && items.length > 0) {
+    parts.push("");
+    parts.push("## Details");
+    parts.push("");
+    const detailItems = items.slice(0, maxDetails);
+    parts.push(...detailItems.map(detailsFormatter));
+    if (items.length > maxDetails) {
+      parts.push("");
+      parts.push(`_Showing ${maxDetails} of ${items.length} items. Use pagination to see more._`);
+    }
+  }
+  return parts.join(`
+`);
+}
+function summarizeBatch(results, options) {
+  const { operationName, successFormatter, errorFormatter } = options;
+  const successes = results.filter((r) => r.success);
+  const failures = results.filter((r) => !r.success);
+  const parts = [];
+  parts.push(`## ${operationName} Results`);
+  parts.push("");
+  parts.push(`**Summary**: ${successes.length} succeeded, ${failures.length} failed (${results.length} total)`);
+  if (successes.length > 0) {
+    parts.push("");
+    parts.push("### Successful Operations");
+    parts.push("");
+    parts.push(...successes.map(successFormatter));
+  }
+  if (failures.length > 0) {
+    parts.push("");
+    parts.push("### Failed Operations");
+    parts.push("");
+    parts.push(...failures.map(errorFormatter));
+  }
+  return parts.join(`
+`);
+}
+function formatFieldChange(fieldName, before, after) {
+  const formatValue = (value) => {
+    if (value === null || value === undefined)
+      return "\u2014";
+    if (typeof value === "boolean")
+      return value ? "true" : "false";
+    return String(value);
+  };
+  return `${fieldName}: ${formatValue(before)} \u2192 ${formatValue(after)}`;
+}
+function createSection(content, options = {}) {
+  const { tag, indent = 0 } = options;
+  const indentation = " ".repeat(indent);
+  if (!tag) {
+    return content.split(`
+`).map((line) => indentation + line).join(`
+`);
+  }
+  const lines = [];
+  lines.push(`${indentation}<ove tag="${tag}">`);
+  lines.push(...content.split(`
+`).map((line) => indentation + (line ? `  ${line}` : line)));
+  lines.push(`${indentation}</ove>`);
+  return lines.join(`
+`);
+}
+function truncate(text, maxLength = 100) {
+  if (text.length <= maxLength)
+    return text;
+  return `${text.slice(0, maxLength - 3)}...`;
+}
+function formatKeyValueList(pairs) {
+  return Object.entries(pairs).filter(([_key, value]) => value !== null && value !== undefined).map(([key, value]) => {
+    const capitalizedKey = key.charAt(0).toUpperCase() + key.slice(1);
+    return `- **${capitalizedKey}**: ${value}`;
+  }).join(`
+`);
+}
+// src/shared/utils/pagination.ts
+function createCursor(offset) {
+  return base64Encode(JSON.stringify({ offset }));
+}
+function parseCursor(cursor) {
+  if (!cursor)
+    return 0;
+  try {
+    const decoded = base64Decode(cursor);
+    const parsed = JSON.parse(decoded);
+    return typeof parsed.offset === "number" ? parsed.offset : 0;
+  } catch {
+    return 0;
+  }
+}
+function paginateArray(items, cursor, limit = 50) {
+  const offset = parseCursor(cursor);
+  const startIndex = Math.max(0, offset);
+  const endIndex = startIndex + limit;
+  const data = items.slice(startIndex, endIndex);
+  const nextCursor = endIndex < items.length ? createCursor(endIndex) : undefined;
+  return { data, nextCursor };
+}
+// src/shared/utils/progress.ts
+class ProgressReporter {
+  server;
+  progressToken;
+  completed = false;
+  constructor(server, progressToken) {
+    this.server = server;
+    this.progressToken = progressToken;
+  }
+  async report(progress, total, message) {
+    if (this.completed) {
+      logger.warning("progress", {
+        message: "Attempted to send progress after completion - notification will be ignored",
+        progressToken: this.progressToken
+      });
+      return;
+    }
+    try {
+      const lowLevel = getLowLevelServer(this.server);
+      await lowLevel.notification?.({
+        method: "notifications/progress",
+        params: {
+          progressToken: this.progressToken,
+          progress,
+          total,
+          ...message ? { message } : {}
+        }
+      });
+    } catch (error) {
+      logger.warning("progress", {
+        message: "Failed to send progress notification",
+        error: error.message,
+        progressToken: this.progressToken
+      });
+    }
+  }
+  async complete(message) {
+    await this.report(1, 1, message ?? "Complete");
+    this.completed = true;
+  }
+}
+function createProgressReporter(server, progressToken) {
+  if (!progressToken) {
+    return null;
+  }
+  return new ProgressReporter(server, progressToken);
+}
+// src/shared/utils/roots.ts
+async function requestRoots(server) {
+  logger.debug("roots", {
+    message: "Requesting roots from client"
+  });
+  try {
+    const lowLevel = getLowLevelServer(server);
+    if (!lowLevel.request) {
+      throw new Error("Roots not supported: Server does not support client requests");
+    }
+    const clientCapabilities = lowLevel.getClientCapabilities?.() ?? {};
+    if (!clientCapabilities.roots) {
+      throw new Error("Client does not support roots capability. " + 'Client must declare "roots" capability to list filesystem roots.');
+    }
+    const response = await lowLevel.request({
+      method: "roots/list"
+    });
+    logger.info("roots", {
+      message: "Received roots from client",
+      rootCount: response.roots.length
+    });
+    return response.roots;
+  } catch (error) {
+    logger.error("roots", {
+      message: "Roots request failed",
+      error: error.message
+    });
+    if (isJsonRpcError(error, JSON_RPC_METHOD_NOT_FOUND)) {
+      throw new Error('Roots not supported by client. Client must declare "roots" capability.');
+    }
+    throw error;
+  }
+}
+function clientSupportsRoots(server) {
+  try {
+    const lowLevel = getLowLevelServer(server);
+    const clientCapabilities = lowLevel.getClientCapabilities?.() ?? {};
+    return Boolean(clientCapabilities.roots);
+  } catch {
+    return false;
+  }
+}
+function clientSupportsRootsListChanged(server) {
+  try {
+    const lowLevel = getLowLevelServer(server);
+    const clientCapabilities = lowLevel.getClientCapabilities?.() ?? {};
+    const roots = clientCapabilities.roots;
+    return Boolean(roots?.listChanged);
+  } catch {
+    return false;
+  }
+}
+// src/shared/utils/sampling.ts
+function getLowLevelServer3(server) {
+  return server.server;
+}
+async function requestSampling(server, request) {
+  logger.debug("sampling", {
+    message: "Requesting LLM sampling from client",
+    messageCount: request.messages.length,
+    modelHints: request.modelPreferences?.hints?.map((h) => h.name),
+    hasTools: !!request.tools,
+    hasToolChoice: !!request.toolChoice
+  });
+  try {
+    const lowLevel = getLowLevelServer3(server);
+    const params = {
+      messages: request.messages,
+      maxTokens: request.maxTokens,
+      modelPreferences: request.modelPreferences,
+      systemPrompt: request.systemPrompt,
+      temperature: request.temperature,
+      stopSequences: request.stopSequences,
+      metadata: request.metadata,
+      ...request.tools && { tools: request.tools },
+      ...request.toolChoice && { toolChoice: request.toolChoice }
+    };
+    const response = await lowLevel.createMessage(params);
+    logger.info("sampling", {
+      message: "Received LLM response from client",
+      model: response.model,
+      stopReason: response.stopReason
+    });
+    return response;
+  } catch (error) {
+    logger.error("sampling", {
+      message: "Sampling request failed",
+      error: error.message
+    });
+    throw error;
+  }
+}
+function clientSupportsSampling(server) {
+  try {
+    const lowLevel = getLowLevelServer3(server);
+    const clientCapabilities = lowLevel.getClientCapabilities?.() ?? {};
+    return Boolean(clientCapabilities.sampling);
+  } catch {
+    return false;
+  }
+}
+function clientSupportsSamplingTools(server) {
+  try {
+    const lowLevel = getLowLevelServer3(server);
+    const clientCapabilities = lowLevel.getClientCapabilities?.() ?? {};
+    const sampling = clientCapabilities.sampling;
+    return Boolean(sampling?.tools);
+  } catch {
+    return false;
+  }
+}
+async function requestTextCompletion(server, prompt, maxTokens, options) {
+  const response = await requestSampling(server, {
+    messages: [
+      {
+        role: "user",
+        content: {
+          type: "text",
+          text: prompt
+        }
+      }
+    ],
+    maxTokens,
+    ...options
+  });
+  if (response.content.type !== "text") {
+    throw new Error(`Expected text response but got ${response.content.type}`);
+  }
+  return response.content.text;
+}
+export {
+  workerDiscoveryStrategy,
+  withCors,
+  withCancellation,
+  validateRedirectUri,
+  validateProtocolVersion,
+  validateOrigin,
+  validateElicitationSchema,
+  validateAuthConfig,
+  truncate,
+  toProviderTokens,
+  toProviderInfo,
+  summarizeList,
+  summarizeBatch,
+  stopContextCleanup,
+  startContextCleanup,
+  shimProcessEnv,
+  sharedTools,
+  sharedLogger,
+  sessions,
+  resolveStaticAuth,
+  requiresAuth,
+  requestTextCompletion,
+  requestSampling,
+  requestRoots,
+  registerTools,
+  refreshProviderToken,
+  promptText,
+  promptSelect,
+  parseTokenInput,
+  parseCursor,
+  parseConfig,
+  parseCallbackInput,
+  parseAuthorizeInput,
+  parseAuthStrategy2 as parseAuthStrategy,
+  paginateArray,
+  notifyElicitationComplete,
+  nodeDiscoveryStrategy,
+  mergeAuthHeaders,
+  makeTokenBucket,
+  makeConcurrencyGate,
+  logger,
+  isTokenExpiredOrExpiring,
+  isSsrfSafe,
+  isOAuthStrategy,
+  isJsonRpcError,
+  isClientIdUrl,
+  initializeWorkerStorage,
+  initializeStorage,
+  healthTool,
+  healthInputSchema,
+  handleToken,
+  handleRevoke,
+  handleRegister,
+  handleProviderCallback,
+  handleMcpNotification,
+  handleAuthorize,
+  getTokenStore,
+  getSharedToolNames,
+  getSharedTool,
+  getSessionStore,
+  getServerWithInternals,
+  getLowLevelServer,
+  getLogLevel,
+  getCurrentAuthContext,
+  generateOpaqueToken,
+  generateKey,
+  formatKeyValueList,
+  formatFieldChange,
+  fetchClientMetadata,
+  executeSharedTool,
+  ensureFreshToken,
+  encrypt,
+  elicitUrl,
+  elicitForm,
+  echoTool,
+  echoInputSchema,
+  dispatchMcpMethod,
+  defineTool,
+  decrypt,
+  createWorkerRouter,
+  createSection,
+  createProgressReporter,
+  createMCPServer,
+  createHttpClient,
+  createEncryptor,
+  createDiscoveryHandlers,
+  createCursor,
+  createCancellationToken,
+  corsPreflightResponse,
+  contextRegistry,
+  confirm,
+  clientSupportsUrlElicitation,
+  clientSupportsSamplingTools,
+  clientSupportsSampling,
+  clientSupportsRootsListChanged,
+  clientSupportsRoots,
+  clientSupportsFormElicitation,
+  checkSsrfSafe,
+  buildUnauthorizedChallenge,
+  buildTokenInput,
+  buildServer,
+  buildProviderRefreshConfig,
+  buildProviderConfig,
+  buildProtectedResourceMetadata,
+  buildOAuthConfig,
+  buildFlowOptions,
+  buildCorsHeaders,
+  buildCapabilities,
+  buildAuthorizationServerMetadata,
+  buildAuthHeaders,
+  base64UrlEncodeString,
+  base64UrlEncodeJson,
+  base64UrlEncode,
+  base64UrlDecodeString,
+  base64UrlDecodeJson,
+  base64UrlDecode,
+  base64Encode,
+  base64Decode,
+  authContextStorage,
+  assertSsrfSafe,
+  assertProviderToken,
+  SqliteSessionStore,
+  SUPPORTED_PROTOCOL_VERSIONS,
+  ProgressReporter,
+  MemoryTokenStore,
+  MemorySessionStore,
+  MAX_SESSIONS_PER_API_KEY,
+  LATEST_PROTOCOL_VERSION,
+  KvTokenStore,
+  KvSessionStore,
+  JsonRpcErrorCode,
+  JSON_RPC_METHOD_NOT_FOUND,
+  FileTokenStore,
+  ElicitResultSchema,
+  ClientMetadataSchema,
+  CancellationToken,
+  CancellationError
+};