agents 0.0.0-2cc0f02 → 0.0.0-2e73791

package/dist/mcp/index.js

@@ -1,9 +1,13 @@
-import { SSEEdgeClientTransport, StreamableHTTPEdgeClientTransport } from "../client-WbaRgKYN.js";
-import { MessageType } from "../ai-types-B0GBFDwi.js";
-import "../client-zS-OCVJA.js";
-import "../do-oauth-client-provider-B2jr6UNq.js";
-import { Agent, getAgentByName, getCurrentAgent } from "../src-C9xZ0CrH.js";
-import { ElicitRequestSchema, InitializeRequestSchema, JSONRPCMessageSchema, isJSONRPCError, isJSONRPCNotification, isJSONRPCRequest, isJSONRPCResponse } from "@modelcontextprotocol/sdk/types.js";
+import "../context-BkKbAa1R.js";
+import { t as MessageType } from "../ai-types-DEtF_8Km.js";
+import "../client-DjTPRM8-.js";
+import "../client-QZa2Rq0l.js";
+import "../do-oauth-client-provider-B1fVIshX.js";
+import { c as getCurrentAgent, s as getAgentByName, t as Agent } from "../src-BZDh910Z.js";
+import { AsyncLocalStorage } from "node:async_hooks";
+import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
+import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
+import { ElicitRequestSchema, InitializeRequestSchema, JSONRPCMessageSchema, SUPPORTED_PROTOCOL_VERSIONS, isInitializeRequest, isJSONRPCError, isJSONRPCNotification, isJSONRPCRequest, isJSONRPCResponse } from "@modelcontextprotocol/sdk/types.js";
 
 //#region src/mcp/utils.ts
 /**
@@ -20,7 +24,7 @@ const MCP_HTTP_METHOD_HEADER = "cf-mcp-method";
 */
 const MCP_MESSAGE_HEADER = "cf-mcp-message";
 const MAXIMUM_MESSAGE_SIZE_BYTES = 4 * 1024 * 1024;
-const createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
+const createStreamingHttpHandler = (basePath, namespace, options = {}) => {
 	let pathname = basePath;
 	if (basePath === "/") pathname = "/*";
 	const basePattern = new URLPattern({ pathname });
@@ -129,7 +133,10 @@ const createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
 					return new Response(body$1, { status: 400 });
 				}
 				sessionId = sessionId ?? namespace.newUniqueId().toString();
-				const agent = await getAgentByName(namespace, `streamable-http:${sessionId}`, { props: ctx.props });
+				const agent = await getAgentByName(namespace, `streamable-http:${sessionId}`, {
+					props: ctx.props,
+					jurisdiction: options.jurisdiction
+				});
 				const isInitialized = await agent.getInitializeRequest();
 				if (maybeInitializeRequest) await agent.setInitializeRequest(maybeInitializeRequest);
 				else if (!isInitialized) {
@@ -204,7 +211,7 @@ const createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
 				if (messages.every((msg) => isJSONRPCNotification(msg) || isJSONRPCResponse(msg))) {
 					ws.close();
 					return new Response(null, {
-						headers: corsHeaders(request, corsOptions),
+						headers: corsHeaders(request, options.corsOptions),
 						status: 202
 					});
 				}
@@ -214,7 +221,7 @@ const createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
 						Connection: "keep-alive",
 						"Content-Type": "text/event-stream",
 						"mcp-session-id": sessionId,
-						...corsHeaders(request, corsOptions)
+						...corsHeaders(request, options.corsOptions)
 					},
 					status: 200
 				});
@@ -242,7 +249,10 @@ const createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
 				const { readable, writable } = new TransformStream();
 				const writer = writable.getWriter();
 				const encoder = new TextEncoder();
-				const agent = await getAgentByName(namespace, `streamable-http:${sessionId}`, { props: ctx.props });
+				const agent = await getAgentByName(namespace, `streamable-http:${sessionId}`, {
+					props: ctx.props,
+					jurisdiction: options.jurisdiction
+				});
 				if (!await agent.getInitializeRequest()) return new Response(JSON.stringify({
 					jsonrpc: "2.0",
 					error: {
@@ -291,7 +301,7 @@ const createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
 						Connection: "keep-alive",
 						"Content-Type": "text/event-stream",
 						"mcp-session-id": sessionId,
-						...corsHeaders(request, corsOptions)
+						...corsHeaders(request, options.corsOptions)
 					},
 					status: 200
 				});
@@ -306,9 +316,9 @@ const createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
 					id: null
 				}), {
 					status: 400,
-					headers: corsHeaders(request, corsOptions)
+					headers: corsHeaders(request, options.corsOptions)
 				});
-				const agent = await getAgentByName(namespace, `streamable-http:${sessionId}`);
+				const agent = await getAgentByName(namespace, `streamable-http:${sessionId}`, { jurisdiction: options.jurisdiction });
 				if (!await agent.getInitializeRequest()) return new Response(JSON.stringify({
 					jsonrpc: "2.0",
 					error: {
@@ -318,12 +328,12 @@ const createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
 					id: null
 				}), {
 					status: 404,
-					headers: corsHeaders(request, corsOptions)
+					headers: corsHeaders(request, options.corsOptions)
 				});
 				ctx.waitUntil(agent.destroy().catch(() => {}));
 				return new Response(null, {
 					status: 204,
-					headers: corsHeaders(request, corsOptions)
+					headers: corsHeaders(request, options.corsOptions)
 				});
 			}
 		}
@@ -338,7 +348,7 @@ const createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
 		return new Response(body, { status: 404 });
 	};
 };
-const createLegacySseHandler = (basePath, namespace, corsOptions) => {
+const createLegacySseHandler = (basePath, namespace, options = {}) => {
 	let pathname = basePath;
 	if (basePath === "/") pathname = "/*";
 	const basePattern = new URLPattern({ pathname });
@@ -355,7 +365,10 @@ const createLegacySseHandler = (basePath, namespace, corsOptions) => {
 			endpointUrl.searchParams.set("sessionId", sessionId);
 			const endpointMessage = `event: endpoint\ndata: ${endpointUrl.pathname + endpointUrl.search + endpointUrl.hash}\n\n`;
 			writer.write(encoder.encode(endpointMessage));
-			const agent = await getAgentByName(namespace, `sse:${sessionId}`, { props: ctx.props });
+			const agent = await getAgentByName(namespace, `sse:${sessionId}`, {
+				props: ctx.props,
+				jurisdiction: options.jurisdiction
+			});
 			const existingHeaders = {};
 			request.headers.forEach((value, key) => {
 				existingHeaders[key] = value;
@@ -407,7 +420,7 @@ const createLegacySseHandler = (basePath, namespace, corsOptions) => {
 				"Cache-Control": "no-cache",
 				Connection: "keep-alive",
 				"Content-Type": "text/event-stream",
-				...corsHeaders(request, corsOptions)
+				...corsHeaders(request, options.corsOptions)
 			} });
 		}
 		if (request.method === "POST" && messagePattern.test(url)) {
@@ -417,15 +430,19 @@ const createLegacySseHandler = (basePath, namespace, corsOptions) => {
 			if (!contentType.includes("application/json")) return new Response(`Unsupported content-type: ${contentType}`, { status: 400 });
 			const contentLength = Number.parseInt(request.headers.get("content-length") || "0", 10);
 			if (contentLength > MAXIMUM_MESSAGE_SIZE_BYTES) return new Response(`Request body too large: ${contentLength} bytes`, { status: 400 });
-			const agent = await getAgentByName(namespace, `sse:${sessionId}`, { props: ctx.props });
+			const agent = await getAgentByName(namespace, `sse:${sessionId}`, {
+				props: ctx.props,
+				jurisdiction: options.jurisdiction
+			});
 			const messageBody = await request.json();
-			const error = await agent.onSSEMcpMessage(sessionId, messageBody);
+			const extraInfo = { requestInfo: { headers: Object.fromEntries(request.headers.entries()) } };
+			const error = await agent.onSSEMcpMessage(sessionId, messageBody, extraInfo);
 			if (error) return new Response(error.message, {
 				headers: {
 					"Cache-Control": "no-cache",
 					Connection: "keep-alive",
 					"Content-Type": "text/event-stream",
-					...corsHeaders(request, corsOptions)
+					...corsHeaders(request, options.corsOptions)
 				},
 				status: 400
 			});
@@ -434,7 +451,7 @@ const createLegacySseHandler = (basePath, namespace, corsOptions) => {
 					"Cache-Control": "no-cache",
 					Connection: "keep-alive",
 					"Content-Type": "text/event-stream",
-					...corsHeaders(request, corsOptions)
+					...corsHeaders(request, options.corsOptions)
 				},
 				status: 202
 			});
@@ -463,9 +480,12 @@ function isDurableObjectNamespace(namespace) {
 //#endregion
 //#region src/mcp/transport.ts
 var McpSSETransport = class {
-	constructor(getWebSocket) {
+	constructor() {
 		this._started = false;
-		this._getWebSocket = getWebSocket;
+		const { agent } = getCurrentAgent();
+		if (!agent) throw new Error("McpAgent was not found in Transport constructor");
+		this.sessionId = agent.getSessionId();
+		this._getWebSocket = () => agent.getWebSocket();
 	}
 	async start() {
 		if (this._started) throw new Error("Transport already started");
@@ -573,19 +593,35 @@ var StreamableHTTPServerTransport = class {
 		if (Array.isArray(rawMessage)) messages = rawMessage.map((msg) => JSONRPCMessageSchema.parse(msg));
 		else messages = [JSONRPCMessageSchema.parse(rawMessage)];
 		const hasRequests = messages.some(isJSONRPCRequest);
-		if (!hasRequests) for (const message of messages) this.onmessage?.(message, {
-			authInfo,
-			requestInfo
-		});
+		if (!hasRequests) for (const message of messages) {
+			if (this.messageInterceptor) {
+				if (await this.messageInterceptor(message, {
+					authInfo,
+					requestInfo
+				})) continue;
+			}
+			this.onmessage?.(message, {
+				authInfo,
+				requestInfo
+			});
+		}
 		else if (hasRequests) {
 			const { connection } = getCurrentAgent();
 			if (!connection) throw new Error("Connection was not found in handlePostRequest");
 			const requestIds = messages.filter(isJSONRPCRequest).map((message) => message.id);
 			connection.setState({ requestIds });
-			for (const message of messages) this.onmessage?.(message, {
-				authInfo,
-				requestInfo
-			});
+			for (const message of messages) {
+				if (this.messageInterceptor) {
+					if (await this.messageInterceptor(message, {
+						authInfo,
+						requestInfo
+					})) continue;
+				}
+				this.onmessage?.(message, {
+					authInfo,
+					requestInfo
+				});
+			}
 		}
 	}
 	async close() {
@@ -624,6 +660,553 @@ var StreamableHTTPServerTransport = class {
 	}
 };
 
+//#endregion
+//#region src/mcp/client-transports.ts
+/**
+* Deprecated transport wrappers
+*/
+let didWarnAboutSSEEdgeClientTransport = false;
+/**
+* @deprecated Use SSEClientTransport from @modelcontextprotocol/sdk/client/sse.js instead. This alias will be removed in the next major version.
+*/
+var SSEEdgeClientTransport = class extends SSEClientTransport {
+	constructor(url, options) {
+		super(url, options);
+		if (!didWarnAboutSSEEdgeClientTransport) {
+			didWarnAboutSSEEdgeClientTransport = true;
+			console.warn("SSEEdgeClientTransport is deprecated. Use SSEClientTransport from @modelcontextprotocol/sdk/client/sse.js instead. SSEEdgeClientTransport will be removed in the next major version.");
+		}
+	}
+};
+let didWarnAboutStreamableHTTPEdgeClientTransport = false;
+/**
+* @deprecated Use StreamableHTTPClientTransport from @modelcontextprotocol/sdk/client/streamableHttp.js instead. This alias will be removed in the next major version.
+*/
+var StreamableHTTPEdgeClientTransport = class extends StreamableHTTPClientTransport {
+	constructor(url, options) {
+		super(url, options);
+		if (!didWarnAboutStreamableHTTPEdgeClientTransport) {
+			didWarnAboutStreamableHTTPEdgeClientTransport = true;
+			console.warn("StreamableHTTPEdgeClientTransport is deprecated. Use StreamableHTTPClientTransport from @modelcontextprotocol/sdk/client/streamableHttp.js instead. StreamableHTTPEdgeClientTransport will be removed in the next major version.");
+		}
+	}
+};
+
+//#endregion
+//#region src/mcp/worker-transport.ts
+const MCP_PROTOCOL_VERSION_HEADER = "MCP-Protocol-Version";
+var WorkerTransport = class {
+	constructor(options) {
+		this.started = false;
+		this.initialized = false;
+		this.enableJsonResponse = false;
+		this.standaloneSseStreamId = "_GET_stream";
+		this.streamMapping = /* @__PURE__ */ new Map();
+		this.requestToStreamMapping = /* @__PURE__ */ new Map();
+		this.requestResponseMap = /* @__PURE__ */ new Map();
+		this.stateRestored = false;
+		this.sessionIdGenerator = options?.sessionIdGenerator;
+		this.enableJsonResponse = options?.enableJsonResponse ?? false;
+		this.onsessioninitialized = options?.onsessioninitialized;
+		this.corsOptions = options?.corsOptions;
+		this.storage = options?.storage;
+	}
+	/**
+	* Restore transport state from persistent storage.
+	* This is automatically called on start.
+	*/
+	async restoreState() {
+		if (!this.storage || this.stateRestored) return;
+		const state = await Promise.resolve(this.storage.get());
+		if (state) {
+			this.sessionId = state.sessionId;
+			this.initialized = state.initialized;
+		}
+		this.stateRestored = true;
+	}
+	/**
+	* Persist current transport state to storage.
+	*/
+	async saveState() {
+		if (!this.storage) return;
+		const state = {
+			sessionId: this.sessionId,
+			initialized: this.initialized
+		};
+		await Promise.resolve(this.storage.set(state));
+	}
+	async start() {
+		if (this.started) throw new Error("Transport already started");
+		this.started = true;
+	}
+	/**
+	* Validates the MCP-Protocol-Version header on incoming requests.
+	*
+	* This performs a simple check: if a version header is present, it must be
+	* in the SUPPORTED_PROTOCOL_VERSIONS list. We do not track the negotiated
+	* version or enforce version consistency across requests - the SDK handles
+	* version negotiation during initialization, and we simply reject any
+	* explicitly unsupported versions.
+	*
+	* - Header present and supported: Accept
+	* - Header present and unsupported: 400 Bad Request
+	* - Header missing: Accept (version validation is optional)
+	*/
+	validateProtocolVersion(request) {
+		const protocolVersion = request.headers.get(MCP_PROTOCOL_VERSION_HEADER);
+		if (protocolVersion !== null && !SUPPORTED_PROTOCOL_VERSIONS.includes(protocolVersion)) return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32e3,
+				message: `Bad Request: Unsupported protocol version: ${protocolVersion} (supported versions: ${SUPPORTED_PROTOCOL_VERSIONS.join(", ")})`
+			},
+			id: null
+		}), {
+			status: 400,
+			headers: {
+				"Content-Type": "application/json",
+				...this.getHeaders()
+			}
+		});
+	}
+	getHeaders({ forPreflight } = {}) {
+		const options = {
+			origin: "*",
+			headers: "Content-Type, Accept, Authorization, mcp-session-id, MCP-Protocol-Version",
+			methods: "GET, POST, DELETE, OPTIONS",
+			exposeHeaders: "mcp-session-id",
+			maxAge: 86400,
+			...this.corsOptions
+		};
+		if (forPreflight) return {
+			"Access-Control-Allow-Origin": options.origin,
+			"Access-Control-Allow-Headers": options.headers,
+			"Access-Control-Allow-Methods": options.methods,
+			"Access-Control-Max-Age": options.maxAge.toString()
+		};
+		return {
+			"Access-Control-Allow-Origin": options.origin,
+			"Access-Control-Expose-Headers": options.exposeHeaders
+		};
+	}
+	async handleRequest(request, parsedBody) {
+		await this.restoreState();
+		switch (request.method) {
+			case "OPTIONS": return this.handleOptionsRequest(request);
+			case "GET": return this.handleGetRequest(request);
+			case "POST": return this.handlePostRequest(request, parsedBody);
+			case "DELETE": return this.handleDeleteRequest(request);
+			default: return this.handleUnsupportedRequest();
+		}
+	}
+	async handleGetRequest(request) {
+		if (!request.headers.get("Accept")?.includes("text/event-stream")) return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32e3,
+				message: "Not Acceptable: Client must accept text/event-stream"
+			},
+			id: null
+		}), {
+			status: 406,
+			headers: {
+				"Content-Type": "application/json",
+				...this.getHeaders()
+			}
+		});
+		const sessionError = this.validateSession(request);
+		if (sessionError) return sessionError;
+		const versionError = this.validateProtocolVersion(request);
+		if (versionError) return versionError;
+		const streamId = this.standaloneSseStreamId;
+		if (this.streamMapping.get(streamId) !== void 0) return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32e3,
+				message: "Conflict: Only one SSE stream is allowed per session"
+			},
+			id: null
+		}), {
+			status: 409,
+			headers: {
+				"Content-Type": "application/json",
+				...this.getHeaders()
+			}
+		});
+		const { readable, writable } = new TransformStream();
+		const writer = writable.getWriter();
+		const encoder = new TextEncoder();
+		const headers = new Headers({
+			"Content-Type": "text/event-stream",
+			"Cache-Control": "no-cache",
+			Connection: "keep-alive",
+			...this.getHeaders()
+		});
+		if (this.sessionId !== void 0) headers.set("mcp-session-id", this.sessionId);
+		const keepAlive = setInterval(() => {
+			try {
+				writer.write(encoder.encode("event: ping\ndata: \n\n"));
+			} catch {
+				clearInterval(keepAlive);
+			}
+		}, 3e4);
+		this.streamMapping.set(streamId, {
+			writer,
+			encoder,
+			cleanup: () => {
+				clearInterval(keepAlive);
+				this.streamMapping.delete(streamId);
+				writer.close().catch(() => {});
+			}
+		});
+		return new Response(readable, { headers });
+	}
+	async handlePostRequest(request, parsedBody) {
+		const acceptHeader = request.headers.get("Accept");
+		if (!acceptHeader?.includes("application/json") || !acceptHeader?.includes("text/event-stream")) return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32e3,
+				message: "Not Acceptable: Client must accept both application/json and text/event-stream"
+			},
+			id: null
+		}), {
+			status: 406,
+			headers: {
+				"Content-Type": "application/json",
+				...this.getHeaders()
+			}
+		});
+		if (!request.headers.get("Content-Type")?.includes("application/json")) return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32e3,
+				message: "Unsupported Media Type: Content-Type must be application/json"
+			},
+			id: null
+		}), {
+			status: 415,
+			headers: {
+				"Content-Type": "application/json",
+				...this.getHeaders()
+			}
+		});
+		let rawMessage = parsedBody;
+		if (rawMessage === void 0) try {
+			rawMessage = await request.json();
+		} catch {
+			return new Response(JSON.stringify({
+				jsonrpc: "2.0",
+				error: {
+					code: -32700,
+					message: "Parse error: Invalid JSON"
+				},
+				id: null
+			}), {
+				status: 400,
+				headers: {
+					"Content-Type": "application/json",
+					...this.getHeaders()
+				}
+			});
+		}
+		let messages;
+		try {
+			if (Array.isArray(rawMessage)) messages = rawMessage.map((msg) => JSONRPCMessageSchema.parse(msg));
+			else messages = [JSONRPCMessageSchema.parse(rawMessage)];
+		} catch {
+			return new Response(JSON.stringify({
+				jsonrpc: "2.0",
+				error: {
+					code: -32700,
+					message: "Parse error: Invalid JSON-RPC message"
+				},
+				id: null
+			}), {
+				status: 400,
+				headers: {
+					"Content-Type": "application/json",
+					...this.getHeaders()
+				}
+			});
+		}
+		const requestInfo = { headers: Object.fromEntries(request.headers.entries()) };
+		const isInitializationRequest = messages.some(isInitializeRequest);
+		if (isInitializationRequest) {
+			if (this.initialized && this.sessionId !== void 0) return new Response(JSON.stringify({
+				jsonrpc: "2.0",
+				error: {
+					code: -32600,
+					message: "Invalid Request: Server already initialized"
+				},
+				id: null
+			}), {
+				status: 400,
+				headers: {
+					"Content-Type": "application/json",
+					...this.getHeaders()
+				}
+			});
+			if (messages.length > 1) return new Response(JSON.stringify({
+				jsonrpc: "2.0",
+				error: {
+					code: -32600,
+					message: "Invalid Request: Only one initialization request is allowed"
+				},
+				id: null
+			}), {
+				status: 400,
+				headers: {
+					"Content-Type": "application/json",
+					...this.getHeaders()
+				}
+			});
+			this.sessionId = this.sessionIdGenerator?.();
+			this.initialized = true;
+			await this.saveState();
+			if (this.sessionId && this.onsessioninitialized) this.onsessioninitialized(this.sessionId);
+		}
+		if (!isInitializationRequest) {
+			const sessionError = this.validateSession(request);
+			if (sessionError) return sessionError;
+			const versionError = this.validateProtocolVersion(request);
+			if (versionError) return versionError;
+		}
+		if (!messages.some(isJSONRPCRequest)) {
+			for (const message of messages) this.onmessage?.(message, { requestInfo });
+			return new Response(null, {
+				status: 202,
+				headers: { ...this.getHeaders() }
+			});
+		}
+		const streamId = crypto.randomUUID();
+		if (this.enableJsonResponse) return new Promise((resolve) => {
+			this.streamMapping.set(streamId, {
+				resolveJson: resolve,
+				cleanup: () => {
+					this.streamMapping.delete(streamId);
+				}
+			});
+			for (const message of messages) if (isJSONRPCRequest(message)) this.requestToStreamMapping.set(message.id, streamId);
+			for (const message of messages) this.onmessage?.(message, { requestInfo });
+		});
+		const { readable, writable } = new TransformStream();
+		const writer = writable.getWriter();
+		const encoder = new TextEncoder();
+		const headers = new Headers({
+			"Content-Type": "text/event-stream",
+			"Cache-Control": "no-cache",
+			Connection: "keep-alive",
+			...this.getHeaders()
+		});
+		if (this.sessionId !== void 0) headers.set("mcp-session-id", this.sessionId);
+		this.streamMapping.set(streamId, {
+			writer,
+			encoder,
+			cleanup: () => {
+				this.streamMapping.delete(streamId);
+				writer.close().catch(() => {});
+			}
+		});
+		for (const message of messages) if (isJSONRPCRequest(message)) this.requestToStreamMapping.set(message.id, streamId);
+		for (const message of messages) this.onmessage?.(message, { requestInfo });
+		return new Response(readable, { headers });
+	}
+	async handleDeleteRequest(request) {
+		const sessionError = this.validateSession(request);
+		if (sessionError) return sessionError;
+		const versionError = this.validateProtocolVersion(request);
+		if (versionError) return versionError;
+		await this.close();
+		return new Response(null, {
+			status: 200,
+			headers: { ...this.getHeaders() }
+		});
+	}
+	handleOptionsRequest(_request) {
+		return new Response(null, {
+			status: 200,
+			headers: { ...this.getHeaders({ forPreflight: true }) }
+		});
+	}
+	handleUnsupportedRequest() {
+		return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32e3,
+				message: "Method not allowed."
+			},
+			id: null
+		}), {
+			status: 405,
+			headers: {
+				Allow: "GET, POST, DELETE, OPTIONS",
+				"Content-Type": "application/json"
+			}
+		});
+	}
+	validateSession(request) {
+		if (this.sessionIdGenerator === void 0) return;
+		if (!this.initialized) return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32e3,
+				message: "Bad Request: Server not initialized"
+			},
+			id: null
+		}), {
+			status: 400,
+			headers: {
+				"Content-Type": "application/json",
+				...this.getHeaders()
+			}
+		});
+		const sessionId = request.headers.get("mcp-session-id");
+		if (!sessionId) return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32e3,
+				message: "Bad Request: Mcp-Session-Id header is required"
+			},
+			id: null
+		}), {
+			status: 400,
+			headers: {
+				"Content-Type": "application/json",
+				...this.getHeaders()
+			}
+		});
+		if (sessionId !== this.sessionId) return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32001,
+				message: "Session not found"
+			},
+			id: null
+		}), {
+			status: 404,
+			headers: {
+				"Content-Type": "application/json",
+				...this.getHeaders()
+			}
+		});
+	}
+	async close() {
+		for (const { cleanup } of this.streamMapping.values()) cleanup();
+		this.streamMapping.clear();
+		this.requestResponseMap.clear();
+		this.onclose?.();
+	}
+	async send(message, options) {
+		let requestId = options?.relatedRequestId;
+		if (isJSONRPCResponse(message) || isJSONRPCError(message)) requestId = message.id;
+		if (requestId === void 0) {
+			if (isJSONRPCResponse(message) || isJSONRPCError(message)) throw new Error("Cannot send a response on a standalone SSE stream unless resuming a previous client request");
+			const standaloneSse = this.streamMapping.get(this.standaloneSseStreamId);
+			if (standaloneSse === void 0) return;
+			if (standaloneSse.writer && standaloneSse.encoder) {
+				const data = `event: message\ndata: ${JSON.stringify(message)}\n\n`;
+				await standaloneSse.writer.write(standaloneSse.encoder.encode(data));
+			}
+			return;
+		}
+		const streamId = this.requestToStreamMapping.get(requestId);
+		if (!streamId) throw new Error(`No connection established for request ID: ${String(requestId)}`);
+		const response = this.streamMapping.get(streamId);
+		if (!response) throw new Error(`No connection established for request ID: ${String(requestId)}`);
+		if (!this.enableJsonResponse) {
+			if (response.writer && response.encoder) {
+				const data = `event: message\ndata: ${JSON.stringify(message)}\n\n`;
+				await response.writer.write(response.encoder.encode(data));
+			}
+		}
+		if (isJSONRPCResponse(message) || isJSONRPCError(message)) {
+			this.requestResponseMap.set(requestId, message);
+			const relatedIds = Array.from(this.requestToStreamMapping.entries()).filter(([, sid]) => sid === streamId).map(([id]) => id);
+			if (relatedIds.every((id) => this.requestResponseMap.has(id))) {
+				if (this.enableJsonResponse && response.resolveJson) {
+					const responses = relatedIds.map((id) => this.requestResponseMap.get(id));
+					const headers = new Headers({
+						"Content-Type": "application/json",
+						...this.getHeaders()
+					});
+					if (this.sessionId !== void 0) headers.set("mcp-session-id", this.sessionId);
+					const body = responses.length === 1 ? responses[0] : responses;
+					response.resolveJson(new Response(JSON.stringify(body), { headers }));
+				} else response.cleanup();
+				for (const id of relatedIds) {
+					this.requestResponseMap.delete(id);
+					this.requestToStreamMapping.delete(id);
+				}
+			}
+		}
+	}
+};
+
+//#endregion
+//#region src/mcp/auth-context.ts
+const authContextStorage = new AsyncLocalStorage();
+function getMcpAuthContext() {
+	return authContextStorage.getStore();
+}
+function runWithAuthContext(context, fn) {
+	return authContextStorage.run(context, fn);
+}
+
+//#endregion
+//#region src/mcp/handler.ts
+function createMcpHandler(server, options = {}) {
+	const route = options.route ?? "/mcp";
+	return async (request, _env, ctx) => {
+		const url = new URL(request.url);
+		if (route && url.pathname !== route) return new Response("Not Found", { status: 404 });
+		const transport = options.transport ?? new WorkerTransport({
+			sessionIdGenerator: options.sessionIdGenerator,
+			enableJsonResponse: options.enableJsonResponse,
+			onsessioninitialized: options.onsessioninitialized,
+			corsOptions: options.corsOptions,
+			storage: options.storage
+		});
+		const buildAuthContext = () => {
+			if (options.authContext) return options.authContext;
+			if (ctx.props && Object.keys(ctx.props).length > 0) return { props: ctx.props };
+		};
+		const handleRequest = async () => {
+			return await transport.handleRequest(request);
+		};
+		const authContext = buildAuthContext();
+		if (!transport.started) await server.connect(transport);
+		try {
+			if (authContext) return await runWithAuthContext(authContext, handleRequest);
+			else return await handleRequest();
+		} catch (error) {
+			console.error("MCP handler error:", error);
+			return new Response(JSON.stringify({
+				jsonrpc: "2.0",
+				error: {
+					code: -32603,
+					message: error instanceof Error ? error.message : "Internal server error"
+				},
+				id: null
+			}), {
+				status: 500,
+				headers: { "Content-Type": "application/json" }
+			});
+		}
+	};
+}
+let didWarnAboutExperimentalCreateMcpHandler = false;
+/**
+* @deprecated This has been renamed to createMcpHandler, and experimental_createMcpHandler will be removed in the next major version
+*/
+function experimental_createMcpHandler(server, options = {}) {
+	if (!didWarnAboutExperimentalCreateMcpHandler) {
+		didWarnAboutExperimentalCreateMcpHandler = true;
+		console.warn("experimental_createMcpHandler is deprecated, use createMcpHandler instead. experimental_createMcpHandler will be removed in the next major version.");
+	}
+	return createMcpHandler(server, options);
+}
+
 //#endregion
 //#region src/mcp/index.ts
 var McpAgent = class McpAgent extends Agent {
@@ -663,8 +1246,14 @@ var McpAgent = class McpAgent extends Agent {
 	/** Returns a new transport matching the type of the Agent. */
 	initTransport() {
 		switch (this.getTransportType()) {
-			case "sse": return new McpSSETransport(() => this.getWebSocket());
-			case "streamable-http": return new StreamableHTTPServerTransport({});
+			case "sse": return new McpSSETransport();
+			case "streamable-http": {
+				const transport = new StreamableHTTPServerTransport({});
+				transport.messageInterceptor = async (message) => {
+					return this._handleElicitationResponse(message);
+				};
+				return transport;
+			}
 		}
 	}
 	/** Update and store the props */
@@ -716,7 +1305,7 @@ var McpAgent = class McpAgent extends Agent {
 		}
 	}
 	/** Handles MCP Messages for the legacy SSE transport. */
-	async onSSEMcpMessage(_sessionId, messageBody) {
+	async onSSEMcpMessage(_sessionId, messageBody, extraInfo) {
 		if (this.getTransportType() !== "sse") return /* @__PURE__ */ new Error("Internal Server Error: Expected SSE transport");
 		try {
 			let parsedMessage;
@@ -727,7 +1316,7 @@ var McpAgent = class McpAgent extends Agent {
 				throw error;
 			}
 			if (await this._handleElicitationResponse(parsedMessage)) return null;
-			this._transport?.onmessage?.(parsedMessage);
+			this._transport?.onmessage?.(parsedMessage, extraInfo);
 			return null;
 		} catch (error) {
 			console.error("Error forwarding message to SSE:", error);
@@ -813,7 +1402,7 @@ var McpAgent = class McpAgent extends Agent {
 	/** Return a handler for the given path for this MCP.
 	* Defaults to Streamable HTTP transport.
 	*/
-	static serve(path, { binding = "MCP_OBJECT", corsOptions, transport = "streamable-http" } = {}) {
+	static serve(path, { binding = "MCP_OBJECT", corsOptions, transport = "streamable-http", jurisdiction } = {}) {
 		return { async fetch(request, env, ctx) {
 			const corsResponse = handleCORS(request, corsOptions);
 			if (corsResponse) return corsResponse;
@@ -822,8 +1411,14 @@ var McpAgent = class McpAgent extends Agent {
 			if (!isDurableObjectNamespace(bindingValue)) throw new Error(`Invalid McpAgent binding for ${binding}. Make sure it's a Durable Object binding.`);
 			const namespace = bindingValue;
 			switch (transport) {
-				case "streamable-http": return createStreamingHttpHandler(path, namespace, corsOptions)(request, ctx);
-				case "sse": return createLegacySseHandler(path, namespace, corsOptions)(request, ctx);
+				case "streamable-http": return createStreamingHttpHandler(path, namespace, {
+					corsOptions,
+					jurisdiction
+				})(request, ctx);
+				case "sse": return createLegacySseHandler(path, namespace, {
+					corsOptions,
+					jurisdiction
+				})(request, ctx);
 				default: return new Response("Invalid MCP transport mode. Only `streamable-http` or `sse` are allowed.", { status: 500 });
 			}
 		} };
@@ -843,5 +1438,5 @@ var McpAgent = class McpAgent extends Agent {
 };
 
 //#endregion
-export { ElicitRequestSchema, McpAgent, SSEEdgeClientTransport, StreamableHTTPEdgeClientTransport };
+export { ElicitRequestSchema, McpAgent, SSEEdgeClientTransport, StreamableHTTPEdgeClientTransport, WorkerTransport, createMcpHandler, experimental_createMcpHandler, getMcpAuthContext };
 //# sourceMappingURL=index.js.map