@symbo.ls/mcp-server 3.6.6 → 3.6.7

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@symbo.ls/mcp-server",
-  "version": "3.6.6",
+  "version": "3.6.7",
   "description": "HTTP proxy for the Symbols MCP server — runs as a Cloudflare Worker",
   "type": "module",
   "main": "index.js",

package/src/worker-handler.js

@@ -1,9 +1,12 @@
 /**
- * Cloudflare Worker request handler for Symbols MCP HTTP proxy.
+ * Cloudflare Worker request handler for Symbols MCP — Streamable HTTP transport.
  *
- * Exposes the MCP server over HTTP with two interfaces:
- *   1. MCP JSON-RPC protocol (POST /mcp)
- *   2. REST-style endpoints for direct access
+ * MCP endpoint is root (/):
+ *   - POST / — JSON-RPC requests/notifications/responses
+ *   - GET  / — SSE stream (returns 405, not needed for stateless server)
+ *   - DELETE / — terminate session (returns 405)
+ *
+ * Also exposes REST endpoints for direct access.
  */
 
 import {
@@ -17,15 +20,76 @@ import {
 
 const CORS_HEADERS = {
   'Access-Control-Allow-Origin': '*',
-  'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
-  'Access-Control-Allow-Headers': 'Content-Type, Authorization',
+  'Access-Control-Allow-Methods': 'GET, POST, DELETE, OPTIONS',
+  'Access-Control-Allow-Headers': 'Content-Type, Accept, Authorization, Mcp-Session-Id, MCP-Protocol-Version',
+  'Access-Control-Expose-Headers': 'Mcp-Session-Id',
 };
 
-function json(data, status = 200) {
+function json(data, status = 200, extraHeaders = {}) {
   return new Response(JSON.stringify(data), {
     status,
-    headers: { 'Content-Type': 'application/json', ...CORS_HEADERS },
+    headers: { 'Content-Type': 'application/json', ...CORS_HEADERS, ...extraHeaders },
+  });
+}
+
+function sseResponse(data, extraHeaders = {}) {
+  const encoder = new TextEncoder();
+  const stream = new ReadableStream({
+    start(controller) {
+      controller.enqueue(encoder.encode(`event: message\ndata: ${JSON.stringify(data)}\n\n`));
+      controller.close();
+    },
   });
+
+  return new Response(stream, {
+    status: 200,
+    headers: {
+      'Content-Type': 'text/event-stream',
+      'Cache-Control': 'no-cache',
+      'Connection': 'keep-alive',
+      ...CORS_HEADERS,
+      ...extraHeaders,
+    },
+  });
+}
+
+function generateSessionId() {
+  const bytes = new Uint8Array(16);
+  crypto.getRandomValues(bytes);
+  return Array.from(bytes, b => b.toString(16).padStart(2, '0')).join('');
+}
+
+function isNotificationOrResponse(msg) {
+  if (msg.method && msg.id === undefined) return true;
+  if (!msg.method && (msg.result !== undefined || msg.error !== undefined)) return true;
+  return false;
+}
+
+function handleMcpPost(request, body) {
+  // Notifications and responses get 202 Accepted
+  if (isNotificationOrResponse(body)) {
+    return new Response(null, { status: 202, headers: CORS_HEADERS });
+  }
+
+  // Handle JSON-RPC request
+  const result = handleJsonRpc(body);
+  if (result === null) {
+    return new Response(null, { status: 202, headers: CORS_HEADERS });
+  }
+
+  // For initialize, generate and attach session ID
+  const extraHeaders = {};
+  if (body.method === 'initialize') {
+    extraHeaders['Mcp-Session-Id'] = generateSessionId();
+  }
+
+  // Check if client accepts SSE
+  const accept = request.headers.get('Accept') || '';
+  if (accept.includes('text/event-stream')) {
+    return sseResponse(result, extraHeaders);
+  }
+
+  return json(result, 200, extraHeaders);
 }
 
 export async function handleRequest(request) {
@@ -37,34 +101,60 @@ export async function handleRequest(request) {
     return new Response(null, { status: 204, headers: CORS_HEADERS });
   }
 
-  // ── MCP JSON-RPC endpoint ──────────────────────────────────────────────
-  if (pathname === '/mcp' && request.method === 'POST') {
-    let body;
-    try {
-      body = await request.json();
-    } catch {
-      return json({ error: 'Invalid JSON body' }, 400);
+  // OAuth metadata discovery — no auth required, return 404
+  if (pathname === '/.well-known/oauth-authorization-server') {
+    return new Response('Not Found', { status: 404 });
+  }
+
+  // ── MCP Streamable HTTP transport on root (/) and /mcp ─────────────
+
+  if (pathname === '/' || pathname === '' || pathname === '/mcp') {
+    if (request.method === 'GET') {
+      const accept = request.headers.get('Accept') || '';
+      if (accept.includes('text/event-stream')) {
+        return new Response('Method Not Allowed', { status: 405, headers: CORS_HEADERS });
+      }
+      return json({
+        name: 'Symbols MCP',
+        version: '1.0.11',
+        description: 'MCP server for Symbols.app — documentation search and framework reference',
+        endpoints: {
+          mcp: 'POST / (Streamable HTTP transport)',
+          health: 'GET /health',
+          tools: 'GET /tools',
+          resources: 'GET /resources',
+          prompts: 'GET /prompts',
+        },
+      });
     }
 
-    // Support batch requests
-    if (Array.isArray(body)) {
-      const results = body.map(handleJsonRpc).filter(Boolean);
-      return json(results);
+    if (request.method === 'DELETE') {
+      return new Response(null, { status: 405, headers: CORS_HEADERS });
     }
 
-    const result = handleJsonRpc(body);
-    if (result === null) return new Response(null, { status: 204 });
-    return json(result);
+    if (request.method === 'POST') {
+      let body;
+      try {
+        body = await request.json();
+      } catch {
+        return json({ jsonrpc: '2.0', error: { code: -32700, message: 'Parse error' } }, 400);
+      }
+      return handleMcpPost(request, body);
+    }
   }
 
-  // ── REST endpoints ─────────────────────────────────────────────────────
+  // ── Health check ────────────────────────────────────────────────────
+
+  if (pathname === '/health' && request.method === 'GET') {
+    return json({ alive: true, service: 'symbols-mcp', runtime: 'cloudflare-worker' });
+  }
+
+  // ── REST endpoints ─────────────────────────────────────────────────
 
-  // GET /tools — list all tools
   if (pathname === '/tools' && request.method === 'GET') {
     return json({ tools: TOOLS });
   }
 
-  // POST /tools/:name — call a tool
   if (pathname.startsWith('/tools/') && request.method === 'POST') {
     const toolName = pathname.slice('/tools/'.length);
     let args = {};
@@ -74,7 +164,6 @@ export async function handleRequest(request) {
     } catch {
       return json({ error: 'Invalid JSON body' }, 400);
     }
-
     try {
       const result = callTool(toolName, args);
       return json({ content: [{ type: 'text', text: result }] });
@@ -83,12 +172,10 @@ export async function handleRequest(request) {
     }
   }
 
-  // GET /resources — list all resources
   if (pathname === '/resources' && request.method === 'GET') {
     return json({ resources: listResources() });
   }
 
-  // GET /resources/:uri — read a resource (uri passed as query param)
   if (pathname === '/resources/read' && request.method === 'GET') {
     const uri = url.searchParams.get('uri');
     if (!uri) return json({ error: 'Missing ?uri= parameter' }, 400);
@@ -97,10 +184,9 @@ export async function handleRequest(request) {
     return json({ contents: [{ uri, mimeType: 'text/markdown', text: content }] });
   }
 
-  // GET /prompts — list all prompts
   if (pathname === '/prompts' && request.method === 'GET') {
     return json({ prompts: PROMPTS });
   }
 
-  return json({ error: 'Not found' }, 404);
+  return new Response('Not Found', { status: 404 });
 }

package/worker.js

@@ -14,19 +14,7 @@ export default {
   async fetch(request, env) {
     const url = new URL(request.url);
 
-    // Health check
-    if (url.pathname === '/health') {
-      return Response.json({
-        alive: true,
-        service: 'symbols-mcp',
-        runtime: 'cloudflare-worker',
-      });
-    }
-
     try {
-      if (env.NODE_ENV) process.env.NODE_ENV = env.NODE_ENV;
-      if (env.LOG_LEVEL) process.env.LOG_LEVEL = env.LOG_LEVEL;
-
       const { handleRequest } = await import('./src/worker-handler.js');
       return await handleRequest(request);
     } catch (err) {

package/wrangler.toml

@@ -8,11 +8,11 @@
 # Local dev:
 #   npx wrangler dev
 
+account_id = "98091ed46ea209bb648b108950bd78e7"
 name = "symbols-mcp-dev"
 main = "worker.js"
 compatibility_date = "2024-09-01"
-compatibility_flags = ["nodejs_compat_v2"]
-node_compat = true
+compatibility_flags = ["nodejs_compat"]
 
 # Default vars (dev)
 [vars]
@@ -32,19 +32,12 @@ LOG_LEVEL = "info"
 
 [env.production]
 name = "symbols-mcp"
+workers_dev = true
 
 [env.production.vars]
 NODE_ENV = "production"
 LOG_LEVEL = "info"
 
-# ── Routes (configure once DNS is ready) ─────────────────────────────────────
-#
-# Production: mcp.symbols.app
-# [env.production.routes]
-# pattern = "mcp.symbols.app/*"
-# zone_name = "symbols.app"
-#
-# Dev: mcp.dev.symbols.app
-# [[routes]]
-# pattern = "mcp.dev.symbols.app/*"
-# zone_name = "symbols.app"
+# ── Routes ────────────────────────────────────────────────────────────────────
+
+# Route handled via Cloudflare DNS CNAME → workers.dev