@samanhappy/mcphub 0.12.11 → 0.12.13

package/dist/services/mcpService.js

@@ -2,7 +2,7 @@ import os from 'os';
 import path from 'path';
 import fs from 'fs';
 import { Server } from '@modelcontextprotocol/sdk/server/index.js';
-import { CallToolRequestSchema, ListToolsRequestSchema, ListPromptsRequestSchema, GetPromptRequestSchema, ListResourcesRequestSchema, ReadResourceRequestSchema, } from '@modelcontextprotocol/sdk/types.js';
+import { CallToolRequestSchema, ListToolsRequestSchema, ListPromptsRequestSchema, GetPromptRequestSchema, ListResourcesRequestSchema, ListResourceTemplatesRequestSchema, ReadResourceRequestSchema, } from '@modelcontextprotocol/sdk/types.js';
 import { Client } from '@modelcontextprotocol/sdk/client/index.js';
 import { SSEClientTransport } from '@modelcontextprotocol/sdk/client/sse.js';
 import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
@@ -12,7 +12,7 @@ import { createFetchWithProxy, getProxyConfigFromEnv } from './proxy.js';
 import { expandEnvVars, replaceEnvVars, getNameSeparator } from '../config/index.js';
 import config from '../config/index.js';
 import { getGroup } from './sseService.js';
-import { getServersInGroup, getServerConfigInGroup } from './groupService.js';
+import { getServerConfigsInGroup, getServerConfigInGroup } from './groupService.js';
 import { removeServerToolEmbeddings, saveToolsAsVectorEmbeddings } from './vectorSearchService.js';
 import { OpenAPIClient } from '../clients/openapi.js';
 import { RequestContextService } from './requestContextService.js';
@@ -22,6 +22,7 @@ import { initializeAllOAuthClients } from './oauthService.js';
 import { createOAuthProvider } from './mcpOAuthProvider.js';
 import { initSmartRoutingService, getSmartRoutingTools, handleSearchToolsRequest, handleDescribeToolRequest, isSmartRoutingGroup, } from './smartRoutingService.js';
 import { getActivityLoggingService } from './activityLoggingService.js';
+import { formatErrorForLogging, sanitizeStringForLogging, summarizeErrorForLogging, } from '../utils/serialization.js';
 const servers = {};
 import { setupClientKeepAlive } from './keepAliveService.js';
 /**
@@ -309,6 +310,149 @@ const getHeaderValue = (headers, name) => {
     }
     return undefined;
 };
+const LOG_SUMMARY_LIMIT = 8;
+const getValueTypeForLogging = (value) => {
+    if (Array.isArray(value)) {
+        return `array(${value.length})`;
+    }
+    if (value === null) {
+        return 'null';
+    }
+    if (value && typeof value === 'object') {
+        return `object(${Object.keys(value).length} keys)`;
+    }
+    return typeof value;
+};
+const summarizeObjectShapeForLogging = (value) => {
+    const entries = Object.entries(value);
+    return {
+        keyCount: entries.length,
+        keys: entries.slice(0, LOG_SUMMARY_LIMIT).map(([key]) => key),
+        valueTypes: Object.fromEntries(entries
+            .slice(0, LOG_SUMMARY_LIMIT)
+            .map(([key, entryValue]) => [key, getValueTypeForLogging(entryValue)])),
+        truncated: entries.length > LOG_SUMMARY_LIMIT || undefined,
+    };
+};
+export const summarizeArgumentsForLogging = (value) => {
+    if (value === undefined) {
+        return { present: false };
+    }
+    if (Array.isArray(value)) {
+        return {
+            present: true,
+            type: 'array',
+            length: value.length,
+            itemTypes: Array.from(new Set(value.slice(0, LOG_SUMMARY_LIMIT).map(getValueTypeForLogging))),
+            truncated: value.length > LOG_SUMMARY_LIMIT || undefined,
+        };
+    }
+    if (value && typeof value === 'object') {
+        return {
+            present: true,
+            type: 'object',
+            ...summarizeObjectShapeForLogging(value),
+        };
+    }
+    return {
+        present: true,
+        type: getValueTypeForLogging(value),
+    };
+};
+const summarizeTextPayloadForLogging = (text) => ({
+    textLength: text.length,
+    looksLikeJson: /^[[{]/.test(text.trim()) || undefined,
+    wasSanitized: sanitizeStringForLogging(text) !== text || undefined,
+});
+const getHttpErrorStatusCode = (error) => {
+    if (!error || typeof error !== 'object') {
+        return undefined;
+    }
+    const err = error;
+    const code = err.status ?? err.response?.status ?? err.code;
+    if (typeof code === 'number' && Number.isFinite(code)) {
+        return code;
+    }
+    if (typeof code === 'string') {
+        const parsedCode = Number.parseInt(code, 10);
+        return Number.isFinite(parsedCode) ? parsedCode : undefined;
+    }
+    return undefined;
+};
+const isRecoverableHttp4xxError = (error) => {
+    const statusCode = getHttpErrorStatusCode(error);
+    if (statusCode !== undefined) {
+        return statusCode === 401 || statusCode === 404;
+    }
+    const message = typeof error?.message === 'string'
+        ? error.message
+        : '';
+    return /Error POSTing to endpoint \(HTTP 40[14]/.test(message);
+};
+const summarizeContentItemForLogging = (item) => {
+    if (!item || typeof item !== 'object') {
+        return { type: getValueTypeForLogging(item) };
+    }
+    const record = item;
+    return {
+        type: typeof record.type === 'string' ? record.type : 'object',
+        keys: Object.keys(record).slice(0, LOG_SUMMARY_LIMIT),
+        text: typeof record.text === 'string' ? summarizeTextPayloadForLogging(record.text) : undefined,
+        truncated: Object.keys(record).length > LOG_SUMMARY_LIMIT || undefined,
+    };
+};
+export const summarizeToolResultForLogging = (value) => {
+    if (!value || typeof value !== 'object') {
+        return { type: getValueTypeForLogging(value) };
+    }
+    const record = value;
+    const summary = {
+        type: 'object',
+        ...summarizeObjectShapeForLogging(record),
+    };
+    if (typeof record.isError === 'boolean') {
+        summary.isError = record.isError;
+    }
+    if (Array.isArray(record.content)) {
+        summary.contentCount = record.content.length;
+        summary.content = record.content
+            .slice(0, LOG_SUMMARY_LIMIT)
+            .map((item) => summarizeContentItemForLogging(item));
+        summary.contentTruncated = record.content.length > LOG_SUMMARY_LIMIT || undefined;
+    }
+    return summary;
+};
+const summarizeToolRequestForLogging = (params) => ({
+    name: typeof params?.name === 'string' ? params.name : 'unknown',
+    arguments: summarizeArgumentsForLogging(params?.arguments),
+});
+const summarizePromptForLogging = (prompt) => {
+    if (!prompt || typeof prompt !== 'object') {
+        return { type: getValueTypeForLogging(prompt) };
+    }
+    const record = prompt;
+    const summary = {
+        type: 'object',
+        ...summarizeObjectShapeForLogging(record),
+    };
+    if (Array.isArray(record.messages)) {
+        const messages = record.messages;
+        summary.messageCount = messages.length;
+        summary.messages = messages.slice(0, LOG_SUMMARY_LIMIT).map((message) => ({
+            role: typeof message.role === 'string' ? message.role : undefined,
+            contentType: message.content && typeof message.content === 'object'
+                ? message.content.type
+                : getValueTypeForLogging(message.content),
+            text: message.content &&
+                typeof message.content === 'object' &&
+                typeof message.content.text === 'string'
+                ? summarizeTextPayloadForLogging(String(message.content.text))
+                : undefined,
+        }));
+        summary.messagesTruncated = messages.length > LOG_SUMMARY_LIMIT || undefined;
+    }
+    return summary;
+};
 export const collectPassthroughHeaders = (requestHeaders, passthroughHeaderNames) => {
     if (!requestHeaders || !Array.isArray(passthroughHeaderNames) || passthroughHeaderNames.length === 0) {
         return {};
@@ -422,7 +566,7 @@ export const createTransportFromConfig = async (name, conf) => {
         const { command: finalCommand, args: finalArgs } = wrapWithProxychains(name, conf.command, replaceEnvVars(conf.args), conf.proxy);
         // Create STDIO transport with potentially wrapped command
         transport = new StdioClientTransport({
-            cwd: os.homedir(),
+            cwd: process.cwd(),
             command: finalCommand,
             args: finalArgs,
             env: env,
@@ -450,8 +594,7 @@ const callToolWithReconnect = async (serverInfo, toolParams, options, maxRetries
             return result;
         }
         catch (error) {
-            // Check if error message starts with "Error POSTing to endpoint (HTTP 40"
-            const isHttp40xError = error?.message?.startsWith?.('Error POSTing to endpoint (HTTP 40');
+            const isHttp40xError = isRecoverableHttp4xxError(error);
             // Only retry for StreamableHTTPClientTransport
             const isStreamableHttp = serverInfo.transport instanceof StreamableHTTPClientTransport;
             const isSSE = serverInfo.transport instanceof SSEClientTransport;
@@ -499,12 +642,15 @@ const callToolWithReconnect = async (serverInfo, toolParams, options, maxRetries
                             console.warn(`[EMBED_SYNC_ERROR] Failed to sync tool embeddings after reconnect for server "${serverInfo.name}"`);
                             console.error('Error syncing tool embeddings after reconnect', {
                                 serverName: serverInfo.name,
-                                error,
+                                error: summarizeErrorForLogging(error),
                             });
                         });
                     }
                     catch (listToolsError) {
-                        console.warn(`Failed to reload tools after reconnection for server ${serverInfo.name}:`, listToolsError);
+                        console.warn('Failed to reload tools after reconnection', {
+                            serverName: serverInfo.name,
+                            error: summarizeErrorForLogging(listToolsError),
+                        });
                         // Continue anyway, as the connection might still work for the current tool
                     }
                     console.log(`Successfully reconnected to server: ${serverInfo.name}`);
@@ -514,10 +660,10 @@ const callToolWithReconnect = async (serverInfo, toolParams, options, maxRetries
                 catch (reconnectError) {
                     console.error('Failed to reconnect to server', {
                         serverName: serverInfo.name,
-                        error: reconnectError,
+                        error: summarizeErrorForLogging(reconnectError),
                     });
                     serverInfo.status = 'disconnected';
-                    serverInfo.error = `Failed to reconnect: ${reconnectError}`;
+                    serverInfo.error = `Failed to reconnect: ${formatErrorForLogging(reconnectError)}`;
                     // If this was the last attempt, throw the original error
                     if (attempt === maxRetries) {
                         throw error;
@@ -624,15 +770,21 @@ export const initializeClientsFromSettings = async (isInit, serverName, options)
                         reportProgress: options?.reportEmbeddingProgress === true && serverName === name,
                     }).catch((error) => {
                         console.warn(`[EMBED_SYNC_ERROR] Failed to sync OpenAPI embeddings for server "${name}"`);
-                        console.error('Error syncing OpenAPI tool embeddings', { serverName: name, error });
+                        console.error('Error syncing OpenAPI tool embeddings', {
+                            serverName: name,
+                            error: summarizeErrorForLogging(error),
+                        });
                     });
                     continue;
                 }
                 catch (error) {
-                    console.error('Failed to initialize OpenAPI server', { serverName: name, error });
+                    console.error('Failed to initialize OpenAPI server', {
+                        serverName: name,
+                        error: summarizeErrorForLogging(error),
+                    });
                     // Update the already pushed server info with error status
                     serverInfo.status = 'disconnected';
-                    serverInfo.error = `Failed to initialize OpenAPI server: ${error}`;
+                    serverInfo.error = `Failed to initialize OpenAPI server: ${formatErrorForLogging(error)}`;
                     continue;
                 }
             }
@@ -688,7 +840,7 @@ export const initializeClientsFromSettings = async (isInit, serverName, options)
                 .then(() => {
                 console.log(`Successfully connected client for server: ${name}`);
                 const capabilities = client.getServerCapabilities();
-                console.log(`Server capabilities: ${JSON.stringify(capabilities)}`);
+                console.log('Server capabilities', JSON.stringify(capabilities));
                 let dataError = null;
                 if (capabilities?.tools) {
                     client
@@ -707,12 +859,15 @@ export const initializeClientsFromSettings = async (isInit, serverName, options)
                             console.warn(`[EMBED_SYNC_ERROR] Failed to sync tool embeddings for connected server "${name}"`);
                             console.error('Error syncing tool embeddings for connected server', {
                                 serverName: name,
-                                error: embeddingError,
+                                error: summarizeErrorForLogging(embeddingError),
                             });
                         });
                     })
                         .catch((error) => {
-                        console.error(`Failed to list tools for server ${name} by error: ${error} with stack: ${error.stack}`);
+                        console.error('Failed to list tools for server', {
+                            serverName: name,
+                            error: summarizeErrorForLogging(error),
+                        });
                         dataError = error;
                     });
                 }
@@ -729,7 +884,10 @@ export const initializeClientsFromSettings = async (isInit, serverName, options)
                         }));
                     })
                         .catch((error) => {
-                        console.error(`Failed to list prompts for server ${name} by error: ${error} with stack: ${error.stack}`);
+                        console.error('Failed to list prompts for server', {
+                            serverName: name,
+                            error: summarizeErrorForLogging(error),
+                        });
                         dataError = error;
                     });
                 }
@@ -746,7 +904,10 @@ export const initializeClientsFromSettings = async (isInit, serverName, options)
                         }));
                     })
                         .catch((error) => {
-                        console.error(`Failed to list resources for server ${name} by error: ${error} with stack: ${error.stack}`);
+                        console.error('Failed to list resources for server', {
+                            serverName: name,
+                            error: summarizeErrorForLogging(error),
+                        });
                         dataError = error;
                     });
                 }
@@ -754,11 +915,14 @@ export const initializeClientsFromSettings = async (isInit, serverName, options)
                     serverInfo.status = 'connected';
                     serverInfo.error = null;
                     // Set up keep-alive ping for SSE connections via shared service
-                    setupClientKeepAlive(serverInfo, expandedConf).catch((e) => console.warn('Keepalive setup failed', { serverName: name, error: e }));
+                    setupClientKeepAlive(serverInfo, expandedConf).catch((e) => console.warn('Keepalive setup failed', {
+                        serverName: name,
+                        error: summarizeErrorForLogging(e),
+                    }));
                 }
                 else {
                     serverInfo.status = 'disconnected';
-                    serverInfo.error = `Failed to list data: ${dataError} `;
+                    serverInfo.error = `Failed to list data: ${formatErrorForLogging(dataError)}`;
                 }
             })
                 .catch(async (error) => {
@@ -776,10 +940,13 @@ export const initializeClientsFromSettings = async (isInit, serverName, options)
                     serverInfo.error = null;
                 }
                 else {
-                    console.error(`Failed to connect client for server ${name} by error: ${error} with stack: ${error.stack}`);
+                    console.error('Failed to connect client for server', {
+                        serverName: name,
+                        error: summarizeErrorForLogging(error),
+                    });
                     // Other connection errors
                     serverInfo.status = 'disconnected';
-                    serverInfo.error = `Failed to connect: ${error.stack} `;
+                    serverInfo.error = `Failed to connect: ${formatErrorForLogging(error)}`;
                 }
             });
             console.log(`Initialized client for server: ${name}`);
@@ -1067,7 +1234,7 @@ export const toggleServerStatus = async (name, enabled) => {
             catch (embeddingError) {
                 console.warn('Failed to remove embeddings for server', {
                     serverName: name,
-                    error: embeddingError,
+                    error: summarizeErrorForLogging(embeddingError),
                 });
             }
         }
@@ -1080,7 +1247,7 @@ export const toggleServerStatus = async (name, enabled) => {
             catch (reconnectError) {
                 console.warn('Failed to reconnect server during enable', {
                     serverName: name,
-                    error: reconnectError,
+                    error: summarizeErrorForLogging(reconnectError),
                 });
             }
         }
@@ -1100,32 +1267,14 @@ export const handleListToolsRequest = async (_, extra) => {
     if (isSmartRoutingGroup(group)) {
         return getSmartRoutingTools(group);
     }
-    // Need to filter servers based on group asynchronously
-    const filteredServerInfos = [];
-    for (const serverInfo of getDataService().filterData(serverInfos)) {
-        if (serverInfo.enabled === false)
-            continue;
-        if (!group) {
-            filteredServerInfos.push(serverInfo);
-            continue;
-        }
-        const serversInGroup = await getServersInGroup(group);
-        if (!serversInGroup || serversInGroup.length === 0) {
-            if (serverInfo.name === group)
-                filteredServerInfos.push(serverInfo);
-            continue;
-        }
-        if (serversInGroup.includes(serverInfo.name)) {
-            filteredServerInfos.push(serverInfo);
-        }
-    }
+    const { filteredServerInfos, serverConfigsByName } = await getFilteredServerInfosForGroup(group);
     const allTools = [];
     for (const serverInfo of filteredServerInfos) {
         if (serverInfo.tools && serverInfo.tools.length > 0) {
             // Filter tools based on server configuration
             let tools = await filterToolsByConfig(serverInfo.name, serverInfo.tools);
             // If this is a group request, apply group-level tool filtering
-            tools = await filterToolsByGroup(group, serverInfo.name, tools);
+            tools = await filterToolsByGroup(group, serverInfo.name, tools, serverConfigsByName.get(serverInfo.name));
             // Apply custom descriptions from server configuration
             const serverConfig = await getServerDao().findById(serverInfo.name);
             const toolsWithCustomDescriptions = tools.map((tool) => {
@@ -1143,7 +1292,7 @@ export const handleListToolsRequest = async (_, extra) => {
     };
 };
 export const handleCallToolRequest = async (request, extra) => {
-    console.log(`Handling CallToolRequest for tool: ${JSON.stringify(request.params)}`);
+    console.log('Handling CallToolRequest for tool', summarizeToolRequestForLogging(request.params));
     const startTime = Date.now();
     const activityLogger = getActivityLoggingService();
     // Get request context for activity logging
@@ -1197,7 +1346,11 @@ export const handleCallToolRequest = async (request, extra) => {
                 const openApiClient = targetServerInfo.openApiClient;
                 // Use toolArgs if it has properties, otherwise fallback to request.params.arguments
                 const finalArgs = toolArgs && typeof toolArgs === 'object' ? toolArgs : {};
-                console.log(`Invoking OpenAPI tool '${toolName}' on server '${targetServerInfo.name}' with arguments: ${JSON.stringify(finalArgs)}`);
+                console.log('Invoking OpenAPI tool', {
+                    toolName,
+                    serverName: targetServerInfo.name,
+                    arguments: summarizeArgumentsForLogging(finalArgs),
+                });
                 // Remove server prefix from tool name if present
                 const separator = getNameSeparator();
                 const prefix = `${targetServerInfo.name}${separator}`;
@@ -1229,7 +1382,11 @@ export const handleCallToolRequest = async (request, extra) => {
                     }
                 }
                 const result = await openApiClient.callTool(cleanToolName, finalArgs, passthroughHeaders);
-                console.log(`OpenAPI tool invocation result: ${JSON.stringify(result)}`);
+                console.log('OpenAPI tool invocation result', {
+                    serverName: targetServerInfo.name,
+                    toolName: cleanToolName,
+                    result: summarizeToolResultForLogging(result),
+                });
                 // Log successful activity
                 const duration = Date.now() - startTime;
                 await activityLogger.logToolCall({
@@ -1237,8 +1394,8 @@ export const handleCallToolRequest = async (request, extra) => {
                     tool: cleanToolName,
                     duration,
                     status: 'success',
-                    input: finalArgs,
-                    output: result,
+                    input: summarizeArgumentsForLogging(finalArgs),
+                    output: summarizeToolResultForLogging(result),
                     group,
                     keyId,
                     keyName,
@@ -1259,7 +1416,11 @@ export const handleCallToolRequest = async (request, extra) => {
             }
             // Use toolArgs if it has properties, otherwise fallback to request.params.arguments
             const finalArgs = toolArgs && typeof toolArgs === 'object' ? toolArgs : {};
-            console.log(`Invoking tool '${toolName}' on server '${targetServerInfo.name}' with arguments: ${JSON.stringify(finalArgs)}`);
+            console.log('Invoking tool', {
+                toolName,
+                serverName: targetServerInfo.name,
+                arguments: summarizeArgumentsForLogging(finalArgs),
+            });
             const separator = getNameSeparator();
             const prefix = `${targetServerInfo.name}${separator}`;
             const cleanToolName = toolName.startsWith(prefix)
@@ -1269,7 +1430,11 @@ export const handleCallToolRequest = async (request, extra) => {
                 name: cleanToolName,
                 arguments: finalArgs,
             }, targetServerInfo.options || {});
-            console.log(`Tool invocation result: ${JSON.stringify(result)}`);
+            console.log('Tool invocation result', {
+                serverName: targetServerInfo.name,
+                toolName: cleanToolName,
+                result: summarizeToolResultForLogging(result),
+            });
             // Log successful activity
             const duration = Date.now() - startTime;
             await activityLogger.logToolCall({
@@ -1277,14 +1442,12 @@ export const handleCallToolRequest = async (request, extra) => {
                 tool: cleanToolName,
                 duration,
                 status: result.isError ? 'error' : 'success',
-                input: finalArgs,
-                output: result,
+                input: summarizeArgumentsForLogging(finalArgs),
+                output: summarizeToolResultForLogging(result),
                 group,
                 keyId,
                 keyName,
-                errorMessage: result.isError
-                    ? String(result.content?.[0]?.text || 'Unknown error')
-                    : undefined,
+                errorMessage: result.isError ? 'Tool returned error response' : undefined,
             });
             return result;
         }
@@ -1303,7 +1466,11 @@ export const handleCallToolRequest = async (request, extra) => {
             const cleanToolName = request.params.name.startsWith(prefix)
                 ? request.params.name.substring(prefix.length)
                 : request.params.name;
-            console.log(`Invoking OpenAPI tool '${cleanToolName}' on server '${serverInfo.name}' with arguments: ${JSON.stringify(request.params.arguments)}`);
+            console.log('Invoking OpenAPI tool', {
+                toolName: cleanToolName,
+                serverName: serverInfo.name,
+                arguments: summarizeArgumentsForLogging(request.params.arguments),
+            });
             // Extract passthrough headers from extra or request context
             let passthroughHeaders;
             let requestHeaders = null;
@@ -1329,7 +1496,11 @@ export const handleCallToolRequest = async (request, extra) => {
                 }
             }
             const result = await openApiClient.callTool(cleanToolName, request.params.arguments || {}, passthroughHeaders);
-            console.log(`OpenAPI tool invocation result: ${JSON.stringify(result)}`);
+            console.log('OpenAPI tool invocation result', {
+                serverName: serverInfo.name,
+                toolName: cleanToolName,
+                result: summarizeToolResultForLogging(result),
+            });
             // Log successful activity
             const duration = Date.now() - startTime;
             await activityLogger.logToolCall({
@@ -1337,8 +1508,8 @@ export const handleCallToolRequest = async (request, extra) => {
                 tool: cleanToolName,
                 duration,
                 status: 'success',
-                input: request.params.arguments,
-                output: result,
+                input: summarizeArgumentsForLogging(request.params.arguments),
+                output: summarizeToolResultForLogging(result),
                 group,
                 keyId,
                 keyName,
@@ -1363,7 +1534,11 @@ export const handleCallToolRequest = async (request, extra) => {
             ? request.params.name.substring(prefix.length)
             : request.params.name;
         const result = await callToolWithReconnect(serverInfo, { ...request.params, name: cleanToolName }, serverInfo.options || {});
-        console.log(`Tool call result: ${JSON.stringify(result)}`);
+        console.log('Tool call result', {
+            serverName: serverInfo.name,
+            toolName: cleanToolName,
+            result: summarizeToolResultForLogging(result),
+        });
         // Log successful activity
         const duration = Date.now() - startTime;
         await activityLogger.logToolCall({
@@ -1371,19 +1546,17 @@ export const handleCallToolRequest = async (request, extra) => {
             tool: cleanToolName,
             duration,
             status: result.isError ? 'error' : 'success',
-            input: request.params.arguments,
-            output: result,
+            input: summarizeArgumentsForLogging(request.params.arguments),
+            output: summarizeToolResultForLogging(result),
             group,
             keyId,
             keyName,
-            errorMessage: result.isError
-                ? String(result.content?.[0]?.text || 'Unknown error')
-                : undefined,
+            errorMessage: result.isError ? 'Tool returned error response' : undefined,
         });
         return result;
     }
     catch (error) {
-        console.error(`Error handling CallToolRequest: ${error}`);
+        console.error('Error handling CallToolRequest', summarizeErrorForLogging(error));
         // Log error activity
         const duration = Date.now() - startTime;
         const toolName = request.params?.name || 'unknown';
@@ -1393,17 +1566,18 @@ export const handleCallToolRequest = async (request, extra) => {
             tool: toolName,
             duration,
             status: 'error',
-            input: request.params?.arguments,
+            input: summarizeArgumentsForLogging(request.params?.arguments),
             group,
             keyId,
             keyName,
-            errorMessage: String(error),
+            errorMessage: formatErrorForLogging(error),
         });
+        const safeErrorText = formatErrorForLogging(error);
         return {
             content: [
                 {
                     type: 'text',
-                    text: `Error: ${error}`,
+                    text: `Error: ${safeErrorText}`,
                 },
             ],
             isError: true,
@@ -1454,21 +1628,25 @@ export const handleGetPromptRequest = async (request, extra) => {
             arguments: promptArgs,
         };
         // Log the final promptParams
-        console.log(`Calling getPrompt with params: ${JSON.stringify(promptParams)}`);
+        console.log('Calling getPrompt with params', {
+            name: cleanPromptName || '',
+            arguments: summarizeArgumentsForLogging(promptArgs),
+        });
         const prompt = await server.client?.getPrompt(promptParams);
-        console.log(`Received prompt: ${JSON.stringify(prompt)}`);
+        console.log('Received prompt', summarizePromptForLogging(prompt));
         if (!prompt) {
             throw new Error(`Prompt not found: ${cleanPromptName}`);
         }
         return prompt;
     }
     catch (error) {
-        console.error(`Error handling GetPromptRequest: ${error}`);
+        console.error('Error handling GetPromptRequest', summarizeErrorForLogging(error));
+        const safeErrorText = formatErrorForLogging(error);
         return {
             content: [
                 {
                     type: 'text',
-                    text: `Error: ${error}`,
+                    text: `Error: ${safeErrorText}`,
                 },
             ],
             isError: true,
@@ -1487,25 +1665,7 @@ export const handleListPromptsRequest = async (_, extra) => {
         description: bp.description,
         arguments: bp.arguments,
     }));
-    // Need to filter servers based on group asynchronously
-    const filteredServerInfos = [];
-    for (const serverInfo of getDataService().filterData(serverInfos)) {
-        if (serverInfo.enabled === false)
-            continue;
-        if (!group) {
-            filteredServerInfos.push(serverInfo);
-            continue;
-        }
-        const serversInGroup = await getServersInGroup(group);
-        if (!serversInGroup || serversInGroup.length === 0) {
-            if (serverInfo.name === group)
-                filteredServerInfos.push(serverInfo);
-            continue;
-        }
-        if (serversInGroup.includes(serverInfo.name)) {
-            filteredServerInfos.push(serverInfo);
-        }
-    }
+    const { filteredServerInfos, serverConfigsByName } = await getFilteredServerInfosForGroup(group);
     for (const serverInfo of filteredServerInfos) {
         if (serverInfo.prompts && serverInfo.prompts.length > 0) {
             // Filter prompts based on server configuration
@@ -1518,16 +1678,7 @@ export const handleListPromptsRequest = async (_, extra) => {
                     return promptConfig?.enabled !== false;
                 });
             }
-            // If this is a group request, apply group-level prompt filtering
-            if (group) {
-                const serverConfigInGroup = await getServerConfigInGroup(group, serverInfo.name);
-                if (serverConfigInGroup &&
-                    serverConfigInGroup.tools !== 'all' &&
-                    Array.isArray(serverConfigInGroup.tools)) {
-                    // Note: Group config uses 'tools' field but we're filtering prompts here
-                    // This might be a design decision to control access at the server level
-                }
-            }
+            enabledPrompts = await filterPromptsByGroup(group, serverInfo.name, enabledPrompts, serverConfigsByName.get(serverInfo.name));
             // Apply custom descriptions from server configuration
             const promptsWithCustomDescriptions = enabledPrompts.map((prompt) => {
                 const promptConfig = serverConfig?.prompts?.[prompt.name];
@@ -1555,25 +1706,7 @@ export const handleListResourcesRequest = async (_, extra) => {
         description: br.description,
         mimeType: br.mimeType,
     }));
-    // Add resources from connected MCP servers
-    const filteredServerInfos = [];
-    for (const serverInfo of getDataService().filterData(serverInfos)) {
-        if (serverInfo.enabled === false)
-            continue;
-        if (!group) {
-            filteredServerInfos.push(serverInfo);
-            continue;
-        }
-        const serversInGroup = await getServersInGroup(group);
-        if (!serversInGroup || serversInGroup.length === 0) {
-            if (serverInfo.name === group)
-                filteredServerInfos.push(serverInfo);
-            continue;
-        }
-        if (serversInGroup.includes(serverInfo.name)) {
-            filteredServerInfos.push(serverInfo);
-        }
-    }
+    const { filteredServerInfos, serverConfigsByName } = await getFilteredServerInfosForGroup(group);
     for (const serverInfo of filteredServerInfos) {
         if (serverInfo.resources && serverInfo.resources.length > 0) {
             // Filter resources based on server configuration
@@ -1585,6 +1718,7 @@ export const handleListResourcesRequest = async (_, extra) => {
                     return resourceConfig?.enabled !== false;
                 });
             }
+            enabledResources = await filterResourcesByGroup(group, serverInfo.name, enabledResources, serverConfigsByName.get(serverInfo.name));
             // Apply custom descriptions from server configuration
             const resourcesWithCustomDescriptions = enabledResources.map((resource) => {
                 const resourceConfig = serverConfig?.resources?.[resource.uri];
@@ -1600,6 +1734,24 @@ export const handleListResourcesRequest = async (_, extra) => {
         resources: allResources,
     };
 };
+export const handleListResourceTemplatesRequest = async (_, extra) => {
+    const sessionId = extra.sessionId || '';
+    const group = getGroup(sessionId);
+    console.log(`Handling ListResourceTemplatesRequest for group: ${group}`);
+    const { filteredServerInfos, serverConfigsByName } = await getFilteredServerInfosForGroup(group, {
+        requireClient: true,
+    });
+    const results = await Promise.allSettled(filteredServerInfos.map(async (serverInfo) => {
+        if (!serverInfo.client?.listResourceTemplates) {
+            return [];
+        }
+        const templates = await serverInfo.client.listResourceTemplates({}, serverInfo.options || {});
+        return filterResourceTemplatesByGroup(group, serverInfo.name, templates.resourceTemplates || [], serverConfigsByName.get(serverInfo.name));
+    }));
+    return {
+        resourceTemplates: results.flatMap((result) => result.status === 'fulfilled' ? result.value : []),
+    };
+};
 export const handleReadResourceRequest = async (request, _extra) => {
     try {
         const { uri } = request.params;
@@ -1630,13 +1782,14 @@ export const handleReadResourceRequest = async (request, _extra) => {
         return result;
     }
     catch (error) {
-        console.error(`Error handling ReadResourceRequest: ${error}`);
+        console.error('Error handling ReadResourceRequest', summarizeErrorForLogging(error));
+        const safeErrorText = formatErrorForLogging(error);
         return {
             contents: [
                 {
                     uri: request.params?.uri || '',
                     mimeType: 'text/plain',
-                    text: `Error: ${error}`,
+                    text: `Error: ${safeErrorText}`,
                 },
             ],
         };
@@ -1658,19 +1811,121 @@ export const createMcpServer = (name, version, group) => {
     server.setRequestHandler(GetPromptRequestSchema, handleGetPromptRequest);
     server.setRequestHandler(ListPromptsRequestSchema, handleListPromptsRequest);
     server.setRequestHandler(ListResourcesRequestSchema, handleListResourcesRequest);
+    server.setRequestHandler(ListResourceTemplatesRequestSchema, handleListResourceTemplatesRequest);
     server.setRequestHandler(ReadResourceRequestSchema, handleReadResourceRequest);
     return server;
 };
+const getFilteredServerInfosForGroup = async (group, options) => {
+    const serverConfigs = group ? await getServerConfigsInGroup(group) : [];
+    const serverNamesInGroup = new Set(serverConfigs.map((serverConfig) => serverConfig.name));
+    const serverConfigsByName = new Map(serverConfigs.map((serverConfig) => [serverConfig.name, serverConfig]));
+    const filteredServerInfos = [];
+    for (const serverInfo of getDataService().filterData(serverInfos)) {
+        if (serverInfo.enabled === false)
+            continue;
+        if (options?.requireClient && !serverInfo.client)
+            continue;
+        if (!group) {
+            filteredServerInfos.push(serverInfo);
+            continue;
+        }
+        if (serverNamesInGroup.size === 0) {
+            if (serverInfo.name === group) {
+                filteredServerInfos.push(serverInfo);
+            }
+            continue;
+        }
+        if (serverNamesInGroup.has(serverInfo.name)) {
+            filteredServerInfos.push(serverInfo);
+        }
+    }
+    return { filteredServerInfos, serverConfigsByName };
+};
+const getGroupServerConfig = async (group, serverName, serverConfig) => {
+    if (!group) {
+        return undefined;
+    }
+    return serverConfig ?? getServerConfigInGroup(group, serverName);
+};
 // Filter tools based on group configuration
-async function filterToolsByGroup(group, serverName, tools) {
+async function filterToolsByGroup(group, serverName, tools, serverConfig) {
     if (group) {
-        const serverConfig = await getServerConfigInGroup(group, serverName);
-        if (serverConfig && serverConfig.tools !== 'all' && Array.isArray(serverConfig.tools)) {
+        const resolvedServerConfig = await getGroupServerConfig(group, serverName, serverConfig);
+        if (resolvedServerConfig &&
+            resolvedServerConfig.tools !== 'all' &&
+            Array.isArray(resolvedServerConfig.tools)) {
             // Filter tools based on group configuration
-            const allowedToolNames = serverConfig.tools.map((toolName) => `${serverName}${getNameSeparator()}${toolName}`);
+            const allowedToolNames = resolvedServerConfig.tools.map((toolName) => `${serverName}${getNameSeparator()}${toolName}`);
             tools = tools.filter((tool) => allowedToolNames.includes(tool.name));
         }
     }
     return tools;
 }
+const normalizePromptNameForGroup = (serverName, promptName) => {
+    const prefix = `${serverName}${getNameSeparator()}`;
+    return promptName.startsWith(prefix) ? promptName.substring(prefix.length) : promptName;
+};
+export async function filterPromptsByGroup(group, serverName, prompts, serverConfig) {
+    if (group) {
+        const resolvedServerConfig = await getGroupServerConfig(group, serverName, serverConfig);
+        if (resolvedServerConfig &&
+            resolvedServerConfig.prompts !== 'all' &&
+            Array.isArray(resolvedServerConfig.prompts)) {
+            const allowedPromptNames = new Set(resolvedServerConfig.prompts);
+            return prompts.filter((prompt) => allowedPromptNames.has(normalizePromptNameForGroup(serverName, prompt.name)));
+        }
+    }
+    return prompts;
+}
+export async function filterResourcesByGroup(group, serverName, resources, serverConfig) {
+    if (group) {
+        const resolvedServerConfig = await getGroupServerConfig(group, serverName, serverConfig);
+        if (resolvedServerConfig &&
+            resolvedServerConfig.resources !== 'all' &&
+            Array.isArray(resolvedServerConfig.resources)) {
+            const allowedResources = new Set(resolvedServerConfig.resources);
+            return resources.filter((resource) => allowedResources.has(resource.uri));
+        }
+    }
+    return resources;
+}
+const resourceTemplateMatchesSelection = (uriTemplate, allowedResources) => {
+    if (allowedResources.has(uriTemplate)) {
+        return true;
+    }
+    const dynamicSegmentIndex = uriTemplate.search(/[{*]/);
+    if (dynamicSegmentIndex === -1) {
+        return false;
+    }
+    const staticPrefix = uriTemplate.slice(0, dynamicSegmentIndex);
+    if (!staticPrefix) {
+        return false;
+    }
+    for (const resourceUri of allowedResources) {
+        if (resourceUri.startsWith(staticPrefix)) {
+            return true;
+        }
+    }
+    return false;
+};
+export async function filterResourceTemplatesByGroup(group, serverName, resourceTemplates, serverConfig) {
+    if (group) {
+        const resolvedServerConfig = await getGroupServerConfig(group, serverName, serverConfig);
+        if (resolvedServerConfig &&
+            resolvedServerConfig.resources !== 'all' &&
+            Array.isArray(resolvedServerConfig.resources)) {
+            if (resolvedServerConfig.resources.length === 0) {
+                return [];
+            }
+            const allowedResources = new Set(resolvedServerConfig.resources);
+            return resourceTemplates.filter((resourceTemplate) => {
+                if (typeof resourceTemplate.uriTemplate !== 'string') {
+                    return false;
+                }
+                return resourceTemplateMatchesSelection(resourceTemplate.uriTemplate, allowedResources);
+            });
+        }
+    }
+    return resourceTemplates;
+}
 //# sourceMappingURL=mcpService.js.map