@sassoftware/sas-score-mcp-serverjs 1.0.1-8 → 1.1.1

package/scripts/docs/sas-mcp-tools-reference.md

@@ -1,4 +1,4 @@
-# SAS MCP Server Tools Reference
+# SAS MCP Server Tools Reference
 
 ## Overview
 
@@ -11,8 +11,10 @@ All tools are registered as sas-score-<toolname>
 - [Model Management & Scoring](#model-management--scoring)
 - [Library Management](#library-management)
 - [Table Operations](#table-operations)
-- [Job Management](#job-management)
-- [Program Execution](#program-execution)
+- [Jobs Model](#jobs-model)
+- [Jobdef Models](#jobdef-models)
+- [Program Models](#program-models)
+- [Macro Models](#macro-models)
 - [Context & Configuration](#context--configuration)
 - [Utility Tools](#utility-tools)
 
@@ -20,7 +22,7 @@ All tools are registered as sas-score-<toolname>
 
 ## Model Management & Scoring
 
-### list-models
+### list-mas
 
 Enumerate models published to MAS (Model Aggregation Service).
 
@@ -42,7 +44,7 @@ list 25 models
 
 ---
 
-### find-model
+### find-mas
 
 Locate a specific model deployed to MAS.
 
@@ -61,7 +63,7 @@ find model myModel
 
 ---
 
-### model-info
+### mas-describe
 
 Retrieve detailed metadata for a deployed model including input/output variables, data types, and constraints.
 
@@ -80,12 +82,12 @@ Retrieve detailed metadata for a deployed model including input/output variables
 
 **Example:**
 ```
-model-info model=churnRisk
+mas-describe model=churnRisk
 ```
 
 ---
 
-### model-score
+### mas-score
 
 Score user-supplied scenario data using a MAS-published model.
 
@@ -105,13 +107,13 @@ Score user-supplied scenario data using a MAS-published model.
 
 **Example:**
 ```
-model-score model=mycoolmodel scenario={x:1,y:2}
-model-score model=cancer1 scenario="age=45, sex=M, tumor=stage2"
+mas-score model=mycoolmodel scenario={x:1,y:2}
+mas-score model=cancer1 scenario="age=45, sex=M, tumor=stage2"
 ```
 
 ---
 
-### scr-info
+### scr-describe
 
 Return input/output schema and metadata for an SCR (Score Code Runtime) model.
 
@@ -124,7 +126,7 @@ Return input/output schema and metadata for an SCR (Score Code Runtime) model.
 
 **Example:**
 ```
-scr-info name="https://scr-host/models/loan"
+scr-describe name="https://scr-host/models/loan"
 ```
 
 ---
@@ -138,7 +140,7 @@ Score a scenario using an SCR container model.
 - `scenario` (string | object | array, optional): Input values
 
 **Usage:**
-- Run scrInfo first to inspect expected inputs
+- Run scrDescribe first to inspect expected inputs
 - Omit scenario to get model metadata
 
 **Example:**
@@ -243,7 +245,7 @@ find table cars in sashelp in sas
 
 ---
 
-### table-info
+### table-describe
 
 Return metadata about a table including columns, types, and statistics.
 
@@ -262,7 +264,7 @@ Return metadata about a table including columns, types, and statistics.
 
 **Example:**
 ```
-table-info table=cars lib=Public
+table-describe table=cars lib=Public
 describe table air in lib sashelp on sas server
 ```
 
@@ -320,7 +322,7 @@ sasquery table=mylib.students query="How many students in each year as percentag
 
 ---
 
-## Job Management
+## Jobs Model
 
 ### list-jobs
 
@@ -363,7 +365,7 @@ find job cars_job_v4
 
 ---
 
-### run-job
+### job-score
 
 Execute a job on a SAS Viya server.
 
@@ -377,12 +379,14 @@ Execute a job on a SAS Viya server.
 **Example:**
 ```
 run job xyz param1=10,param2=val2
-run-job myjob scenario a=10,b=20
+job-score myjob scenario a=10,b=20
 job myjob scenario a=10,b=20
 ```
 
 ---
 
+## Jobdef Models
+
 ### list-jobdefs
 
 Enumerate SAS Viya job definition assets.
@@ -422,7 +426,7 @@ find jobdef metricsRefresh
 
 ---
 
-### run-jobdef
+### jobdef-score
 
 Execute a job definition on a SAS Viya server.
 
@@ -435,15 +439,15 @@ Execute a job definition on a SAS Viya server.
 
 **Example:**
 ```
-run-jobdef xyz param1=10,param2=val2
+jobdef-score xyz param1=10,param2=val2
 jobdef myjobdef scenario a=10,b=20
 ```
 
 ---
 
-## Program Execution
+## Program Models
 
-### run-program
+### program-score
 
 Execute arbitrary SAS code or stored programs on a SAS Viya server.
 
@@ -469,7 +473,9 @@ program sample folder=/Public/models scenario="name='John', age=45" output=a
 
 ---
 
-### run-macro
+## Macro Models
+
+### macro-score
 
 Submit and execute a SAS macro on a SAS Viya server.
 
@@ -478,8 +484,8 @@ Submit and execute a SAS macro on a SAS Viya server.
 - `scenario` (string, optional): Parameters or SAS setup code
 
 **Scenario formats:**
-- Comma-separated: `"x=1, y=abc"` → converted to %let statements
-- Raw SAS: `"%let x=1; %let y=abc;"` → passed through unchanged
+- Comma-separated: `"x=1, y=abc"` → converted to %let statements
+- Raw SAS: `"%let x=1; %let y=abc;"` → passed through unchanged
 
 **Example:**
 ```
@@ -520,14 +526,14 @@ Use this to verify that the mcp server is up and running.
 
 ### deva-score
 
-Compute a numeric score based on two input values using the formula: (a + b) × 42
+Compute a numeric score based on two input values using the formula: (a + b) × 42
 
 **Parameters:**
 - `a` (number, required): First numeric input
 - `b` (number, required): Second numeric input
 
 **Returns:**
-- Numeric result: (a + b) × 42
+- Numeric result: (a + b) × 42
 
 **Usage:**
 - "Calculate deva score for 5 and 10"
@@ -545,11 +551,13 @@ deva-score a=1 b=2   // returns 126
 
 | Category | Tool Count | Tools |
 |----------|-----------|-------|
-| **Model Management** | 6 | list-models, find-model, model-info, model-score, scr-info, scr-score |
+| **Model Management** | 6 | list-mas, find-mas, mas-describe, mas-score, scr-describe, scr-score |
 | **Library Management** | 2 | list-libraries, find-library |
-| **Table Operations** | 5 | list-tables, find-table, table-info, read-table, sas-query |
-| **Job Management** | 6 | list-jobs, find-job, job, list-jobdefs, find-jobdef, job-def |
-| **Program Execution** | 2 | run-program, run-macro |
+| **Table Operations** | 5 | list-tables, find-table, table-describe, read-table, sas-query |
+| **Jobs Model** | 3 | list-jobs, find-job, job-score |
+| **Jobdef Models** | 3 | list-jobdefs, find-jobdef, jobdef-score |
+| **Program Models** | 1 | program-score |
+| **Macro Models** | 1 | macro-score |
 | **Context & Config** | 1 | set-context |
 | **Utilities** | 1 | deva-score |
 | **Total** | **24** | |
@@ -558,7 +566,7 @@ deva-score a=1 b=2   // returns 126
 
 ## Common Patterns
 
-### Discovery → Inspection → Action
+### Discovery → Inspection → Action
 
 1. **List** tools to discover available resources
 2. **Find** tools to locate specific items
@@ -598,3 +606,6 @@ Tools accepting scenarios support multiple formats:
 
 *Document generated for @sassoftware/mcp-serverjs*  
 *Last updated: December 2024*
+
+
+

package/scripts/plot_msrp_usa.py

@@ -0,0 +1,49 @@
+import matplotlib
+matplotlib.use('Agg')
+import matplotlib.pyplot as plt
+from pathlib import Path
+
+data = [
+    ("Cadillac", 50474.375),
+    ("Hummer", 49995.0),
+    ("Lincoln", 42875.555556),
+    ("Buick", 30537.777778),
+    ("GMC", 29560.5),
+    ("Mercury", 27972.777778),
+    ("Chrysler", 27252.0),
+    ("Chevrolet", 26587.037037),
+    ("Dodge", 26253.846154),
+    ("Jeep", 24518.333333),
+    ("Pontiac", 24156.363636),
+    ("Ford", 24015.869565),
+    ("Oldsmobile", 23763.333333),
+    ("Saturn", 17234.375),
+]
+
+# Sort by value descending
+data.sort(key=lambda x: x[1], reverse=True)
+makes = [d[0] for d in data]
+values = [d[1] for d in data]
+
+out_dir = Path('outputs')
+out_dir.mkdir(parents=True, exist_ok=True)
+out_file = out_dir / 'make_avg_msrp_usa.png'
+
+plt.figure(figsize=(12, 6))
+bars = plt.bar(makes, values, color='tab:blue')
+plt.title('Average MSRP by Make (Origin = USA)')
+plt.ylabel('Average MSRP')
+plt.xticks(rotation=45, ha='right')
+plt.tight_layout()
+
+# Annotate bars
+for bar in bars:
+    height = bar.get_height()
+    plt.annotate(f'{height:,.0f}',
+                 xy=(bar.get_x() + bar.get_width() / 2, height),
+                 xytext=(0, 3),
+                 textcoords='offset points',
+                 ha='center', va='bottom', fontsize=8)
+
+plt.savefig(out_file)
+print(f'Plot saved to {out_file}')

package/scripts/refreshtoken.js

@@ -0,0 +1,58 @@
+/*
+* Copyright © 2025, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+* SPDX-License-Identifier: Apache-2.0
+*/
+import { Agent, fetch } from 'undici';
+import fs from "fs";
+
+refreshToken()
+.then (token => {
+  console.log(token);
+  fs.writeFileSync('token.txt', `"AUTHORIZATION": "Bearer ${token}"`, 'utf8');
+})
+.catch (err => {
+  console.error('[Error] Failed to refresh token: ', err);
+});
+async function refreshToken(){
+  let host = process.env.VIYA_SERVER;
+  let token = process.env.REFRESH_TOKEN;
+  let url = `${host}/SASLogon/oauth/token`;
+
+  let aconnect = {
+    rejectUnauthorized: false  // or false, if you really want to bypass checks
+  }
+
+  const agent = new Agent(aconnect);
+
+  console.error('[Info] Refreshing token...', token);
+  const ibody = {
+    grant_type: 'refresh_token',
+    refresh_token: token,
+    client_id: 'sas.cli'
+  };
+
+  let body = new URLSearchParams(ibody);
+  try {
+    const response = await fetch(url, {
+      method: 'POST',
+      headers: {
+        'Accept': 'application/json',
+        'Content-Type': 'application/x-www-form-urlencoded',
+        dispatcher: agent
+      },
+      body: body.toString()
+    });
+
+    if (!response.ok) {
+      const error = await response.text();
+      console.error('[Error] Failed to refresh token: ', error);
+      throw new Error(error);
+    }
+
+    const data = await response.json();
+    return data.access_token;
+  } catch (err) {
+    console.error('[Error] Failed to refresh token: ', err);
+    throw err;
+  }
+}

package/scripts/runListScr.mjs

@@ -0,0 +1,16 @@
+#!/usr/bin/env node
+import listScr from '../src/toolSet/listScr.js';
+
+async function run() {
+  const appContext = { brand: 'sas-score' };
+  const spec = listScr(appContext);
+  try {
+    const res = await spec.handler({});
+    console.log(JSON.stringify(res, null, 2));
+  } catch (err) {
+    console.error('Error running listScr:', err);
+    process.exit(1);
+  }
+}
+
+run();

package/src/createMcpServer.js

@@ -78,6 +78,7 @@ async function createMcpServer(cache, _appContext) {
   // Register the tools with brand prefix
   console.error(`[Note] Brand: ${_appContext.brand}`);
   let toolNames = [];
+  let totalDescription = 0;
   toolSet.forEach((tool, i) => {
     let toolName = _appContext.brand + '-' + tool.name;
     //tool.inputSchema.additionalProperties = false; // disallow extra properties 
@@ -85,12 +86,14 @@ async function createMcpServer(cache, _appContext) {
       description: tool.description,
       inputSchema: tool.inputSchema
     }
+    totalDescription += tool.description.length;``
     let toolHandler = wrapf(cache, tool.handler);
-  //  console.error(`[Note] Registering tool ${toolName} with config: ${JSON.stringify(config)}`);
     let r = mcpServer.registerTool(toolName, config, toolHandler);
     toolNames.push(toolName);
   });
+  console.error(`[Note]  Agent Mode: ${_appContext.agent}`);
   console.error(`[Note] Registered ${toolSet.length} tools: ${toolNames}`);
+  console.error(`[Note] Total description length: ${totalDescription} characters`); 
   cache.set("mcpServer", mcpServer);
   return mcpServer;
 }

package/src/expressMcpServer.js

@@ -9,6 +9,7 @@ import cors from "cors";
 import bodyParser from "body-parser";
 import selfsigned from "selfsigned";
 import openAPIJson from "./openAPIJson.js";
+import createMcpServer from "./createMcpServer.js";
 
 import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
 import { randomUUID } from "node:crypto";
@@ -21,7 +22,7 @@ import processHeaders from "./processHeaders.js";
 
 // setup express server
 
-async function expressMcpServer(mcpServer, cache, baseAppEnvContext) {
+async function expressMcpServer(_mcpServer, cache, baseAppEnvContext) {
   // setup for change to persistence session
   cache.del("headerCache");
   const app = express();
@@ -50,6 +51,10 @@ async function expressMcpServer(mcpServer, cache, baseAppEnvContext) {
   const pkceStore = new Map(); // ourState -> { codeVerifier, clientRedirectUri, clientState }
   const codeStore = new Map(); // ourCode   -> { access_token, refresh_token, expires_in }
 
+  // Per-session transports — each initialize creates its own transport
+  const transports = new Map(); // sessionId -> transport
+  cache.set("transports", transports);
+
   app.get('/.well-known/oauth-protected-resource', (req, res) => {
     let payload = {
       resource: `${baseAppEnvContext.mcpHost}/mcp`,
@@ -152,67 +157,54 @@ async function expressMcpServer(mcpServer, cache, baseAppEnvContext) {
 
   // process mcp endpoint requests
   const handleRequest = async (req, res) => {
-    let transport = null;
-    let transports = cache.get("transports");
     console.error("=========================================================");
     console.error("Processing POST /mcp request");
-    if (transports == null) {
-      console.error("[Error] ***** transports cache is null. This is an error");
-      transports = {};
-      cache.set("transports", transports);
-    }
-
-    console.error("current transports in cache:", Object.keys(transports));
+    console.error("current active sessions:", transports.size);
     try {
 
       let sessionId = req.headers["mcp-session-id"];
       console.error("[Note]Incoming session ID:", sessionId);
       let body = (req.body == null) ? 'no body' : JSON.stringify(req.body);
       console.error('[Note] Payload is ', body);
-      if (/*!sessionId &&*/ isInitializeRequest(req.body)) {
-        // create transport
-        console.error("[Note] Initializing new transport for MCP session...");
-
-        transport = new StreamableHTTPServerTransport({
+     
+      if (isInitializeRequest(req.body)) {
+        console.error("[Note]>>>>>>>>>>>>>>>>>>>>>>>>>  Creating  new MCP server");
+        let mcpServer = await createMcpServer(cache, baseAppEnvContext);
+        // New session — create a dedicated transport
+        console.error("[Note] Initializing new session with fresh transport...");
+        const isInitRequest = req.body?.method === 'initialize';
+
+        const transport = new StreamableHTTPServerTransport({
           sessionIdGenerator: () => randomUUID(),
           enableJsonResponse: true,
-          enableDnsRebindingProtection: true,
-          onsessioninitialized: (sessionId) => {
-            // Store the transport by session ID
-            console.error('Session initialized');
-            console.error("[Note] Transport initialized with ID:", sessionId);
-            transports[sessionId] = transport;
+          onsessioninitialized: (newSessionId) => {
+            console.error("[Note] Session initialized with ID:", newSessionId);
+            transports.set(newSessionId, transport);
+            cache.set("transports", transports);
+            console.error("[Note] Total active sessions:", Object.keys(transports));
           },
         });
-        // Clean up transport when closed
         transport.onclose = () => {
-          if (transport.sessionId && transports[transport.sessionId]) {
-            delete transports[transport.sessionId];
+          if (transport.sessionId) {
+            console.error("[Note] Session closed, removing transport:", transport.sessionId);
+            transports.delete(transport.sessionId);
+            cache.del(transport.sessionId);
           }
         };
-        console.error("[Note] Connecting mcpServer to new transport...");
         await mcpServer.connect(transport);
-
-        // Save transport data and app context for use in tools
-        console.error('[Note] Connected to mcpServer');
-        cache.set("transports", transports);
         console.error("=======================================================");
         return await transport.handleRequest(req, res, req.body);
 
-        // cache transport
-
       } else if (sessionId != null) {
-        console.error('[Note] Incoming session ID:', sessionId);
-        transport = transports[sessionId];
-        console.error("[Note] Found transport:", transport != null);
-        if (transport == null) {
-          // this can happen if client is holding on to old session id 
-          console.error("[Error] No transport found for session ID:", sessionId, "Returning a 404 error with instructions for the user");
-          res.status(404).send(`Invalid or missing session ID ${sessionId}. Please ensure your MCP client is configured to use the correct session ID returned in the 'mcp-session-id' header of the response from the /mcp endpoint.`);
-          return;
+        const transport = transports.get(sessionId);
+        if (!transport) {
+          console.error("[Note] Unknown session ID:", sessionId);
+          return res.status(404).json({ jsonrpc: "2.0", error: { code: -32000, message: "Session not found. Please re-initialize." }, id: null });
         }
+        console.error('[Note] Incoming session ID:', sessionId);
+        console.error("[Note] Using transport for session ID:", sessionId);
 
-        // post the curren session - used to pass _appContext to tools
+        // post the current session - used to pass _appContext to tools
         cache.set("currentId", sessionId);
 
         // get app context for session
@@ -230,7 +222,6 @@ async function expressMcpServer(mcpServer, cache, baseAppEnvContext) {
           _appContext = Object.assign(_appContext, headerCache);
           cache.set(sessionId, _appContext);
         }
-        console.error("[Note] Using existing transport for session ID:", sessionId);
         console.error("==========================================================");
         await transport.handleRequest(req, res, req.body);
         return;
@@ -260,21 +251,28 @@ async function expressMcpServer(mcpServer, cache, baseAppEnvContext) {
     const sessionId = req.headers["mcp-session-id"];
     console.error("[Note] SessionId:", sessionId);
 
-    let transports = cache.get("transports");
-    let transport = (sessionId == null) ? null : transports[sessionId];
-    console.error("[Note] Transport found:", transport != null);
-    if (!sessionId || transport == null) {
-      res.status(404).send(`[Error] In ${req.method}: Invalid or missing session ID ${sessionId}`);
-      return;
+    if (!sessionId) {
+      console.error("[Note] No session ID on /DELETE — rejecting");
+      return res.status(400).json({ jsonrpc: "2.0", error: { code: -32000, message: "Bad Request: Mcp-Session-Id header is required" }, id: null });
     }
+
+    const transport = transports.get(sessionId);
+    if (!transport) {
+      console.error("[Note] Unknown session ID:", sessionId);
+      return res.status(404).json({ jsonrpc: "2.0", error: { code: -32000, message: "Session not found. Please re-initialize." }, id: null });
+    }
+
     if (req.method === "GET") {
+      console.error("[Note] calling transport.handleRequest for GET /mcp");
       await transport.handleRequest(req, res);
       return;
     }
-    if (req.method === "DELETE" && sessionId != null) {
+    if (req.method === "DELETE") {
       console.error("[Note] Deleting transport and cache for session ID:", sessionId);
-      delete transports[sessionId];
+      transports.delete(sessionId);
       cache.del(sessionId);
+      console.error("[Note] Deleted session ID:", sessionId);
+      console.error("[Note] Total active sessions:", Object.keys(transports));
       res.status(201).send(`[Info] Deleted session ${sessionId}`);
     }
   }

package/src/oauthHandlers/authorize.js

@@ -1,4 +1,7 @@
-//authorize
+/*
+ * Copyright © 2026, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
 import { randomBytes, createHash } from "node:crypto";
 import baseUrl from "./baseUrl.js";
 

package/src/oauthHandlers/baseUrl.js

@@ -1,3 +1,7 @@
+/*
+ * Copyright © 2026, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
 function baseUrl(appContext) {
     const protocol = appContext.HTTPS === "TRUE" ? "https" : "http";
     //const host = "localhost";

package/src/oauthHandlers/callback.js

@@ -1,3 +1,7 @@
+/*
+ * Copyright © 2026, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
 import baseUrl from "./baseUrl.js";
 import { Agent, fetch as undiciFetch } from "undici";
 import { randomUUID } from "node:crypto";

package/src/oauthHandlers/getMetadata.js

@@ -1,3 +1,7 @@
+/*
+ * Copyright © 2026, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
 import baseUrl from "./baseUrl.js";
 function getMetadata(req, res, appEnvContext) {
     let base = '';

package/src/oauthHandlers/index.js

@@ -1,3 +1,7 @@
+/*
+ * Copyright © 2026, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
 import authorize from "./authorize.js";
 import callback from "./callback.js";   
 import token from "./token.js";

package/src/oauthHandlers/token.js

@@ -1,3 +1,7 @@
+/*
+ * Copyright © 2026, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
 function token(req, res, appContext, codeStore, cache) {
   console.error("===============================================================");
   console.error("[Note] at /token endpoint");