@phake/mcp 0.0.5 → 0.0.7

package/README.md

@@ -125,20 +125,16 @@ const greetTool = defineTool({
   inputSchema: z.object({
     name: z.string().describe("Name to greet"),
   }),
-  outputSchema: {
+  outputSchema: z.object({
     message: z.string().describe("The greeting message"),
-  },
+  }),
   annotations: {
     readOnlyHint: true,
     destructiveHint: false,
     idempotentHint: true,
   },
-  handler: async (args, context) => {
-    const message = `Hello, ${args.name}!`;
-    return {
-      content: [{ type: "text", text: message }],
-      structuredContent: { message },
-    };
+  handler: async (args) => {
+    return { message: `Hello, ${args.name}!` };
   },
 });
 ```
@@ -150,8 +146,8 @@ const greetTool = defineTool({
 | `name` | `string` | Yes | Unique tool identifier |
 | `description` | `string` | Yes | Description shown to the LLM |
 | `inputSchema` | `ZodObject` | Yes | Zod schema for input validation |
-| `outputSchema` | `ZodRawShape` | No | Zod schema for structured output |
-| `handler` | `function` | Yes | `(args, context) => Promise<ToolResult>` |
+| `outputSchema` | `ZodRawShape \| ZodObject` | No | Zod schema for structured output |
+| `handler` | `function` | Yes | `(args, context) => Promise<ToolResult \| Record<string, unknown>>` |
 | `requiresAuth` | `boolean` | No | Reject calls without a provider token |
 | `title` | `string` | No | Human-readable display title |
 | `annotations` | `object` | No | MCP hints (`readOnlyHint`, `destructiveHint`, etc.) |
@@ -170,10 +166,7 @@ const profileTool = defineTool({
     const response = await fetch("https://api.example.com/me", {
       headers: context.resolvedHeaders,
     });
-    const data = await response.json();
-    return {
-      content: [{ type: "text", text: JSON.stringify(data) }],
-    };
+    return await response.json();
   },
 });
 ```

package/dist/{index-zhw318hb.js → index-3q8aj7k6.js}

@@ -976,20 +976,47 @@ function toProviderTokens(info) {
 }
 
 // src/shared/tools/types.ts
+import { z } from "zod";
 function assertProviderToken(context) {
   if (!context.providerToken) {
     throw new Error("Authentication required");
   }
 }
+function normalizeOutputSchema(schema) {
+  if (schema instanceof z.ZodObject) {
+    return schema.shape;
+  }
+  return schema;
+}
+function isToolResult(value) {
+  return typeof value === "object" && value !== null && "content" in value && Array.isArray(value.content);
+}
 function defineTool(def) {
-  return def;
+  if (def.outputSchema) {
+    def.outputSchema = normalizeOutputSchema(def.outputSchema);
+  }
+  const originalHandler = def.handler;
+  return {
+    ...def,
+    handler: async (args, context) => {
+      const result = await originalHandler(args, context);
+      if (isToolResult(result))
+        return result;
+      return {
+        content: [
+          { type: "text", text: JSON.stringify(result, null, 2) }
+        ],
+        structuredContent: result
+      };
+    }
+  };
 }
 
 // src/shared/tools/echo.ts
-import { z } from "zod";
-var echoInputSchema = z.object({
-  message: z.string().min(1).describe("Message to echo back"),
-  uppercase: z.boolean().optional().describe("Convert message to uppercase")
+import { z as z2 } from "zod";
+var echoInputSchema = z2.object({
+  message: z2.string().min(1).describe("Message to echo back"),
+  uppercase: z2.boolean().optional().describe("Convert message to uppercase")
 });
 var echoTool = defineTool({
   name: "echo",
@@ -997,8 +1024,8 @@ var echoTool = defineTool({
   description: "Echo back a message, optionally transformed",
   inputSchema: echoInputSchema,
   outputSchema: {
-    echoed: z.string().describe("The echoed message"),
-    length: z.number().describe("Message length")
+    echoed: z2.string().describe("The echoed message"),
+    length: z2.number().describe("Message length")
   },
   annotations: {
     title: "Echo Message",
@@ -1022,9 +1049,9 @@ var echoTool = defineTool({
 });
 
 // src/shared/tools/health.ts
-import { z as z2 } from "zod";
-var healthInputSchema = z2.object({
-  verbose: z2.boolean().optional().describe("Include additional runtime details")
+import { z as z3 } from "zod";
+var healthInputSchema = z3.object({
+  verbose: z3.boolean().optional().describe("Include additional runtime details")
 });
 var healthTool = defineTool({
   name: "health",
@@ -1032,10 +1059,10 @@ var healthTool = defineTool({
   description: "Check server health, uptime, and runtime information",
   inputSchema: healthInputSchema,
   outputSchema: {
-    status: z2.string().describe("Server status"),
-    timestamp: z2.number().describe("Current timestamp"),
-    runtime: z2.string().describe("Runtime environment"),
-    uptime: z2.number().optional().describe("Uptime in seconds (if available)")
+    status: z3.string().describe("Server status"),
+    timestamp: z3.number().describe("Current timestamp"),
+    runtime: z3.string().describe("Runtime environment"),
+    uptime: z3.number().optional().describe("Uptime in seconds (if available)")
   },
   annotations: {
     title: "Server Health Check",
@@ -1277,7 +1304,7 @@ function registerTools(server, contextResolver) {
 }
 
 // src/shared/mcp/dispatcher.ts
-import { z as z3 } from "zod";
+import { z as z4 } from "zod";
 
 // src/runtime/node/capabilities.ts
 function buildCapabilities() {
@@ -1350,9 +1377,9 @@ async function handleToolsList(ctx) {
   const tools = (ctx.tools ?? sharedTools).map((tool) => ({
     name: tool.name,
     description: tool.description,
-    inputSchema: z3.toJSONSchema(tool.inputSchema),
+    inputSchema: z4.toJSONSchema(tool.inputSchema),
     ...tool.outputSchema && {
-      outputSchema: z3.toJSONSchema(z3.object(tool.outputSchema))
+      outputSchema: z4.toJSONSchema(z4.object(tool.outputSchema))
     },
     ...tool.annotations && { annotations: tool.annotations }
   }));
@@ -1759,7 +1786,7 @@ function buildUnauthorizedChallenge(args) {
   return {
     status: 401,
     headers: {
-      "WWW-Authenticate": `Bearer realm="MCP", authorization_uri="${resourceMd}"`,
+      "WWW-Authenticate": `Bearer realm="MCP", resource_metadata="${resourceMd}"`,
       "Mcp-Session-Id": args.sid
     },
     body: {
@@ -1924,17 +1951,17 @@ function assertSsrfSafe(urlString, options) {
 }
 
 // src/shared/oauth/cimd.ts
-import { z as z4 } from "zod";
-var ClientMetadataSchema = z4.object({
-  client_id: z4.string().url(),
-  client_name: z4.string().optional(),
-  redirect_uris: z4.array(z4.string().url()),
-  client_uri: z4.string().url().optional(),
-  logo_uri: z4.string().url().optional(),
-  tos_uri: z4.string().url().optional(),
-  policy_uri: z4.string().url().optional(),
-  jwks_uri: z4.string().url().optional(),
-  software_statement: z4.string().optional()
+import { z as z5 } from "zod";
+var ClientMetadataSchema = z5.object({
+  client_id: z5.string().url(),
+  client_name: z5.string().optional(),
+  redirect_uris: z5.array(z5.string().url()),
+  client_uri: z5.string().url().optional(),
+  logo_uri: z5.string().url().optional(),
+  tos_uri: z5.string().url().optional(),
+  policy_uri: z5.string().url().optional(),
+  jwks_uri: z5.string().url().optional(),
+  software_statement: z5.string().optional()
 });
 function isClientIdUrl(clientId) {
   if (!clientId.startsWith("https://")) {
@@ -2941,6 +2968,12 @@ function attachDiscoveryRoutes(router, config) {
     const metadata = protectedResourceMetadata(here, sid);
     return jsonResponse(metadata);
   });
+  router.get("/.well-known/oauth-protected-resource/*", async (request) => {
+    const here = new URL(request.url);
+    const sid = here.searchParams.get("sid") ?? undefined;
+    const metadata = protectedResourceMetadata(here, sid);
+    return jsonResponse(metadata);
+  });
 }
 
 // src/adapters/http-worker/routes.oauth.ts
@@ -3146,4 +3179,4 @@ function shimProcessEnv(env) {
   };
 }
 
-export { base64Encode, base64Decode, base64UrlEncode, base64UrlDecode, base64UrlEncodeString, base64UrlDecodeString, base64UrlEncodeJson, base64UrlDecodeJson, encrypt, decrypt, generateKey, createEncryptor, withCors, corsPreflightResponse, buildCorsHeaders, MAX_SESSIONS_PER_API_KEY, MemoryTokenStore, MemorySessionStore, KvTokenStore, KvSessionStore, initializeStorage, getTokenStore, getSessionStore, sharedLogger, logger, JsonRpcErrorCode, CancellationError, CancellationToken, createCancellationToken, withCancellation, toProviderInfo, toProviderTokens, assertProviderToken, defineTool, echoInputSchema, echoTool, healthInputSchema, healthTool, sharedTools, getSharedTool, getSharedToolNames, executeSharedTool, registerTools, LATEST_PROTOCOL_VERSION, SUPPORTED_PROTOCOL_VERSIONS, getLogLevel, dispatchMcpMethod, handleMcpNotification, buildProviderRefreshConfig, refreshProviderToken, isTokenExpiredOrExpiring, ensureFreshToken, validateOrigin, validateProtocolVersion, buildUnauthorizedChallenge, buildAuthorizationServerMetadata, buildProtectedResourceMetadata, createDiscoveryHandlers, workerDiscoveryStrategy, nodeDiscoveryStrategy, checkSsrfSafe, isSsrfSafe, assertSsrfSafe, ClientMetadataSchema, isClientIdUrl, fetchClientMetadata, validateRedirectUri, generateOpaqueToken, handleAuthorize, handleProviderCallback, handleToken, handleRegister, handleRevoke, parseAuthorizeInput, parseCallbackInput, parseTokenInput, buildTokenInput, buildProviderConfig, buildOAuthConfig, buildFlowOptions, initializeWorkerStorage, createWorkerRouter, shimProcessEnv };
+export { base64Encode, base64Decode, base64UrlEncode, base64UrlDecode, base64UrlEncodeString, base64UrlDecodeString, base64UrlEncodeJson, base64UrlDecodeJson, encrypt, decrypt, generateKey, createEncryptor, withCors, corsPreflightResponse, buildCorsHeaders, MAX_SESSIONS_PER_API_KEY, MemoryTokenStore, MemorySessionStore, KvTokenStore, KvSessionStore, initializeStorage, getTokenStore, getSessionStore, sharedLogger, logger, JsonRpcErrorCode, CancellationError, CancellationToken, createCancellationToken, withCancellation, toProviderInfo, toProviderTokens, assertProviderToken, normalizeOutputSchema, defineTool, echoInputSchema, echoTool, healthInputSchema, healthTool, sharedTools, getSharedTool, getSharedToolNames, executeSharedTool, registerTools, LATEST_PROTOCOL_VERSION, SUPPORTED_PROTOCOL_VERSIONS, getLogLevel, dispatchMcpMethod, handleMcpNotification, buildProviderRefreshConfig, refreshProviderToken, isTokenExpiredOrExpiring, ensureFreshToken, validateOrigin, validateProtocolVersion, buildUnauthorizedChallenge, buildAuthorizationServerMetadata, buildProtectedResourceMetadata, createDiscoveryHandlers, workerDiscoveryStrategy, nodeDiscoveryStrategy, checkSsrfSafe, isSsrfSafe, assertSsrfSafe, ClientMetadataSchema, isClientIdUrl, fetchClientMetadata, validateRedirectUri, generateOpaqueToken, handleAuthorize, handleProviderCallback, handleToken, handleRegister, handleRevoke, parseAuthorizeInput, parseCallbackInput, parseTokenInput, buildTokenInput, buildProviderConfig, buildOAuthConfig, buildFlowOptions, initializeWorkerStorage, createWorkerRouter, shimProcessEnv };

package/dist/index.js

@@ -66,6 +66,7 @@ import {
   isTokenExpiredOrExpiring,
   logger,
   nodeDiscoveryStrategy,
+  normalizeOutputSchema,
   parseAuthorizeInput,
   parseCallbackInput,
   parseTokenInput,
@@ -82,7 +83,7 @@ import {
   withCancellation,
   withCors,
   workerDiscoveryStrategy
-} from "./index-zhw318hb.js";
+} from "./index-3q8aj7k6.js";
 // src/shared/config/env.ts
 function parseBoolean(value) {
   return String(value || "false").toLowerCase() === "true";
@@ -976,6 +977,7 @@ export {
   parseAuthStrategy2 as parseAuthStrategy,
   paginateArray,
   notifyElicitationComplete,
+  normalizeOutputSchema,
   nodeDiscoveryStrategy,
   mergeAuthHeaders,
   makeTokenBucket,

package/dist/runtime/node/index.js

@@ -29324,8 +29324,34 @@ function toProviderInfo(tokens) {
 }
 
 // src/shared/tools/types.ts
+function normalizeOutputSchema(schema) {
+  if (schema instanceof exports_external.ZodObject) {
+    return schema.shape;
+  }
+  return schema;
+}
+function isToolResult(value) {
+  return typeof value === "object" && value !== null && "content" in value && Array.isArray(value.content);
+}
 function defineTool(def) {
-  return def;
+  if (def.outputSchema) {
+    def.outputSchema = normalizeOutputSchema(def.outputSchema);
+  }
+  const originalHandler = def.handler;
+  return {
+    ...def,
+    handler: async (args, context) => {
+      const result = await originalHandler(args, context);
+      if (isToolResult(result))
+        return result;
+      return {
+        content: [
+          { type: "text", text: JSON.stringify(result, null, 2) }
+        ],
+        structuredContent: result
+      };
+    }
+  };
 }
 
 // src/shared/tools/echo.ts

package/dist/runtime/worker/index.js

@@ -2,7 +2,7 @@ import {
   createWorkerRouter,
   initializeWorkerStorage,
   shimProcessEnv
-} from "../../index-zhw318hb.js";
+} from "../../index-3q8aj7k6.js";
 export {
   shimProcessEnv,
   initializeWorkerStorage,

package/dist/shared/tools/types.d.ts

@@ -4,7 +4,7 @@
  *
  * Uses Zod for schema validation (works in both runtimes).
  */
-import type { ZodObject, ZodRawShape, z } from "zod";
+import { type ZodObject, type ZodRawShape, z } from "zod";
 import type { AuthStrategy } from "../types/auth.js";
 import type { ProviderInfo } from "../types/provider.js";
 export type { AuthStrategy } from "../types/auth.js";
@@ -129,8 +129,8 @@ export interface SharedToolDefinition<TShape extends ZodRawShape = ZodRawShape>
     description: string;
     /** Zod schema for input validation */
     inputSchema: ZodObject<TShape>;
-    /** Optional Zod schema for structured output */
-    outputSchema?: ZodRawShape;
+    /** Optional Zod schema for structured output (ZodRawShape or ZodObject) */
+    outputSchema?: ZodRawShape | ZodObject<ZodRawShape>;
     /** Tool handler function */
     handler: (args: z.infer<ZodObject<TShape>>, context: ToolContext) => Promise<ToolResult>;
     /**
@@ -155,7 +155,18 @@ export interface SharedToolDefinition<TShape extends ZodRawShape = ZodRawShape>
         openWorldHint?: boolean;
     };
 }
+/**
+ * Normalizes outputSchema to ZodRawShape.
+ * Accepts either ZodRawShape or ZodObject<ZodRawShape> and returns ZodRawShape.
+ */
+export declare function normalizeOutputSchema(schema: ZodRawShape | ZodObject<ZodRawShape>): ZodRawShape;
+/** Input type for defineTool — handler may return a plain object instead of ToolResult */
+type ToolDefinitionInput<TShape extends ZodRawShape> = Omit<SharedToolDefinition<TShape>, "handler"> & {
+    handler: (args: z.infer<ZodObject<TShape>>, context: ToolContext) => Promise<ToolResult | Record<string, unknown>>;
+};
 /**
  * Helper to create a type-safe tool definition.
+ * Handlers can return either a ToolResult or a plain object — plain objects are
+ * automatically wrapped as { content: [{ type: "text", text: JSON.stringify(result) }], structuredContent: result }.
  */
-export declare function defineTool<TShape extends ZodRawShape>(def: SharedToolDefinition<TShape>): SharedToolDefinition<TShape>;
+export declare function defineTool<TShape extends ZodRawShape>(def: ToolDefinitionInput<TShape>): SharedToolDefinition<TShape>;

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@phake/mcp",
-	"version": "0.0.5",
+	"version": "0.0.7",
 	"repository": {
 		"type": "git",
 		"url": "https://github.com/fuongz/phake-mcp"