agents 0.0.0-d72c6a2 → 0.0.0-d7a460e

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (81) hide show
  1. package/dist/ai-chat-agent.d.ts +16 -17
  2. package/dist/ai-chat-agent.js +532 -351
  3. package/dist/ai-chat-agent.js.map +1 -1
  4. package/dist/ai-chat-v5-migration-DBHGW4Hv.js +155 -0
  5. package/dist/ai-chat-v5-migration-DBHGW4Hv.js.map +1 -0
  6. package/dist/ai-chat-v5-migration.d.ts +7 -4
  7. package/dist/ai-chat-v5-migration.js +3 -19
  8. package/dist/ai-react.d.ts +20 -23
  9. package/dist/ai-react.js +259 -304
  10. package/dist/ai-react.js.map +1 -1
  11. package/dist/ai-types-B3aQaFv3.js +20 -0
  12. package/dist/ai-types-B3aQaFv3.js.map +1 -0
  13. package/dist/ai-types-D5YoPrBZ.d.ts +95 -0
  14. package/dist/ai-types.d.ts +6 -91
  15. package/dist/ai-types.js +3 -7
  16. package/dist/client-9Ld2_lnt.js +786 -0
  17. package/dist/client-9Ld2_lnt.js.map +1 -0
  18. package/dist/client-BfiZ3HQd.js +117 -0
  19. package/dist/client-BfiZ3HQd.js.map +1 -0
  20. package/dist/client-CbWe9FBd.d.ts +104 -0
  21. package/dist/client-Csp_m13H.d.ts +5315 -0
  22. package/dist/client.d.ts +11 -92
  23. package/dist/client.js +4 -12
  24. package/dist/codemode/ai.d.ts +27 -0
  25. package/dist/codemode/ai.js +151 -0
  26. package/dist/codemode/ai.js.map +1 -0
  27. package/dist/do-oauth-client-provider-CswoD5Lu.js +93 -0
  28. package/dist/do-oauth-client-provider-CswoD5Lu.js.map +1 -0
  29. package/dist/do-oauth-client-provider-DGc5pP0l.d.ts +55 -0
  30. package/dist/index-DFqsR7mb.d.ts +560 -0
  31. package/dist/index-DhJCaDWd.d.ts +58 -0
  32. package/dist/index.d.ts +56 -550
  33. package/dist/index.js +7 -31
  34. package/dist/mcp/client.d.ts +4 -11
  35. package/dist/mcp/client.js +3 -9
  36. package/dist/mcp/do-oauth-client-provider.d.ts +2 -42
  37. package/dist/mcp/do-oauth-client-provider.js +3 -7
  38. package/dist/mcp/index.d.ts +149 -92
  39. package/dist/mcp/index.js +1352 -1012
  40. package/dist/mcp/index.js.map +1 -1
  41. package/dist/mcp/x402.d.ts +34 -0
  42. package/dist/mcp/x402.js +194 -0
  43. package/dist/mcp/x402.js.map +1 -0
  44. package/dist/mcp-Dw5vDrY8.d.ts +61 -0
  45. package/dist/observability/index.d.ts +3 -46
  46. package/dist/observability/index.js +7 -11
  47. package/dist/react-NCPvtyCY.d.ts +115 -0
  48. package/dist/react.d.ts +10 -123
  49. package/dist/react.js +183 -112
  50. package/dist/react.js.map +1 -1
  51. package/dist/schedule.d.ts +13 -10
  52. package/dist/schedule.js +43 -31
  53. package/dist/schedule.js.map +1 -1
  54. package/dist/serializable-CymX8ovI.d.ts +39 -0
  55. package/dist/serializable.d.ts +7 -32
  56. package/dist/serializable.js +1 -1
  57. package/dist/src-Dz0H9hSU.js +1200 -0
  58. package/dist/src-Dz0H9hSU.js.map +1 -0
  59. package/package.json +36 -12
  60. package/dist/ai-chat-v5-migration.js.map +0 -1
  61. package/dist/ai-types.js.map +0 -1
  62. package/dist/chunk-AVYJQSLW.js +0 -17
  63. package/dist/chunk-AVYJQSLW.js.map +0 -1
  64. package/dist/chunk-LL2AFX7V.js +0 -109
  65. package/dist/chunk-LL2AFX7V.js.map +0 -1
  66. package/dist/chunk-MH46VMM4.js +0 -612
  67. package/dist/chunk-MH46VMM4.js.map +0 -1
  68. package/dist/chunk-QEVM4BVL.js +0 -116
  69. package/dist/chunk-QEVM4BVL.js.map +0 -1
  70. package/dist/chunk-UJVEAURM.js +0 -150
  71. package/dist/chunk-UJVEAURM.js.map +0 -1
  72. package/dist/chunk-YDUDMOL6.js +0 -1296
  73. package/dist/chunk-YDUDMOL6.js.map +0 -1
  74. package/dist/client-CvaJdLQA.d.ts +0 -5015
  75. package/dist/client.js.map +0 -1
  76. package/dist/index.js.map +0 -1
  77. package/dist/mcp/client.js.map +0 -1
  78. package/dist/mcp/do-oauth-client-provider.js.map +0 -1
  79. package/dist/observability/index.js.map +0 -1
  80. package/dist/serializable.js.map +0 -1
  81. package/src/index.ts +0 -1947
package/dist/mcp/index.js CHANGED
@@ -1,1029 +1,1369 @@
1
- import {
2
- Agent,
3
- getAgentByName
4
- } from "../chunk-YDUDMOL6.js";
5
- import {
6
- SSEEdgeClientTransport,
7
- StreamableHTTPEdgeClientTransport
8
- } from "../chunk-MH46VMM4.js";
9
- import "../chunk-LL2AFX7V.js";
10
- import "../chunk-QEVM4BVL.js";
11
- import "../chunk-AVYJQSLW.js";
1
+ import { t as MessageType } from "../ai-types-B3aQaFv3.js";
2
+ import "../client-BfiZ3HQd.js";
3
+ import { a as SSEEdgeClientTransport, i as StreamableHTTPEdgeClientTransport } from "../client-9Ld2_lnt.js";
4
+ import "../do-oauth-client-provider-CswoD5Lu.js";
5
+ import { c as getCurrentAgent, s as getAgentByName, t as Agent } from "../src-Dz0H9hSU.js";
6
+ import { AsyncLocalStorage } from "node:async_hooks";
7
+ import { ElicitRequestSchema, InitializeRequestSchema, JSONRPCMessageSchema, isInitializeRequest, isJSONRPCError, isJSONRPCNotification, isJSONRPCRequest, isJSONRPCResponse } from "@modelcontextprotocol/sdk/types.js";
12
8
 
13
- // src/mcp/index.ts
14
- import {
15
- JSONRPCMessageSchema as JSONRPCMessageSchema2,
16
- isJSONRPCError as isJSONRPCError3,
17
- isJSONRPCNotification as isJSONRPCNotification2,
18
- isJSONRPCRequest as isJSONRPCRequest2,
19
- isJSONRPCResponse as isJSONRPCResponse3
20
- } from "@modelcontextprotocol/sdk/types.js";
21
-
22
- // src/mcp/utils.ts
23
- import {
24
- JSONRPCMessageSchema,
25
- InitializeRequestSchema,
26
- isJSONRPCResponse,
27
- isJSONRPCError,
28
- isJSONRPCNotification,
29
- isJSONRPCRequest
30
- } from "@modelcontextprotocol/sdk/types.js";
31
- var STANDALONE_SSE_MARKER = "standalone-sse";
32
- var STANDALONE_SSE_METHOD = "cf/standalone_sse/attach";
33
- var MAXIMUM_MESSAGE_SIZE_BYTES = 4 * 1024 * 1024;
34
- var createStreamingHttpHandler = (basePath, namespace, corsOptions) => {
35
- let pathname = basePath;
36
- if (basePath === "/") pathname = "/*";
37
- const basePattern = new URLPattern({ pathname });
38
- return async (request, ctx) => {
39
- const url = new URL(request.url);
40
- if (basePattern.test(url)) {
41
- if (request.method === "POST") {
42
- const acceptHeader = request.headers.get("accept");
43
- if (!acceptHeader?.includes("application/json") || !acceptHeader.includes("text/event-stream")) {
44
- const body2 = JSON.stringify({
45
- error: {
46
- code: -32e3,
47
- message: "Not Acceptable: Client must accept both application/json and text/event-stream"
48
- },
49
- id: null,
50
- jsonrpc: "2.0"
51
- });
52
- return new Response(body2, { status: 406 });
53
- }
54
- const ct = request.headers.get("content-type");
55
- if (!ct || !ct.includes("application/json")) {
56
- const body2 = JSON.stringify({
57
- error: {
58
- code: -32e3,
59
- message: "Unsupported Media Type: Content-Type must be application/json"
60
- },
61
- id: null,
62
- jsonrpc: "2.0"
63
- });
64
- return new Response(body2, { status: 415 });
65
- }
66
- const contentLength = Number.parseInt(
67
- request.headers.get("content-length") ?? "0",
68
- 10
69
- );
70
- if (contentLength > MAXIMUM_MESSAGE_SIZE_BYTES) {
71
- const body2 = JSON.stringify({
72
- error: {
73
- code: -32e3,
74
- message: `Request body too large. Maximum size is ${MAXIMUM_MESSAGE_SIZE_BYTES} bytes`
75
- },
76
- id: null,
77
- jsonrpc: "2.0"
78
- });
79
- return new Response(body2, { status: 413 });
80
- }
81
- let sessionId = request.headers.get("mcp-session-id");
82
- let rawMessage;
83
- try {
84
- rawMessage = await request.json();
85
- } catch (_error) {
86
- const body2 = JSON.stringify({
87
- error: {
88
- code: -32700,
89
- message: "Parse error: Invalid JSON"
90
- },
91
- id: null,
92
- jsonrpc: "2.0"
93
- });
94
- return new Response(body2, { status: 400 });
95
- }
96
- let arrayMessage;
97
- if (Array.isArray(rawMessage)) {
98
- arrayMessage = rawMessage;
99
- } else {
100
- arrayMessage = [rawMessage];
101
- }
102
- let messages = [];
103
- for (const msg of arrayMessage) {
104
- if (!JSONRPCMessageSchema.safeParse(msg).success) {
105
- const body2 = JSON.stringify({
106
- error: {
107
- code: -32700,
108
- message: "Parse error: Invalid JSON-RPC message"
109
- },
110
- id: null,
111
- jsonrpc: "2.0"
112
- });
113
- return new Response(body2, { status: 400 });
114
- }
115
- }
116
- messages = arrayMessage.map((msg) => JSONRPCMessageSchema.parse(msg));
117
- const maybeInitializeRequest = messages.find(
118
- (msg) => InitializeRequestSchema.safeParse(msg).success
119
- );
120
- if (!!maybeInitializeRequest && sessionId) {
121
- const body2 = JSON.stringify({
122
- error: {
123
- code: -32600,
124
- message: "Invalid Request: Initialization requests must not include a sessionId"
125
- },
126
- id: null,
127
- jsonrpc: "2.0"
128
- });
129
- return new Response(body2, { status: 400 });
130
- }
131
- if (!!maybeInitializeRequest && messages.length > 1) {
132
- const body2 = JSON.stringify({
133
- error: {
134
- code: -32600,
135
- message: "Invalid Request: Only one initialization request is allowed"
136
- },
137
- id: null,
138
- jsonrpc: "2.0"
139
- });
140
- return new Response(body2, { status: 400 });
141
- }
142
- if (!maybeInitializeRequest && !sessionId) {
143
- const body2 = JSON.stringify({
144
- error: {
145
- code: -32e3,
146
- message: "Bad Request: Mcp-Session-Id header is required"
147
- },
148
- id: null,
149
- jsonrpc: "2.0"
150
- });
151
- return new Response(body2, { status: 400 });
152
- }
153
- sessionId = sessionId ?? namespace.newUniqueId().toString();
154
- const agent = await getAgentByName(
155
- namespace,
156
- `streamable-http:${sessionId}`,
157
- { props: ctx.props }
158
- );
159
- const isInitialized = await agent.getInitializeRequest();
160
- if (maybeInitializeRequest) {
161
- await agent.setInitializeRequest(maybeInitializeRequest);
162
- } else if (!isInitialized) {
163
- const body2 = JSON.stringify({
164
- error: {
165
- code: -32001,
166
- message: "Session not found"
167
- },
168
- id: null,
169
- jsonrpc: "2.0"
170
- });
171
- return new Response(body2, { status: 404 });
172
- }
173
- const { readable, writable } = new TransformStream();
174
- const writer = writable.getWriter();
175
- const encoder = new TextEncoder();
176
- const existingHeaders = {};
177
- request.headers.forEach((value, key) => {
178
- existingHeaders[key] = value;
179
- });
180
- const req = new Request(request.url, {
181
- headers: {
182
- ...existingHeaders,
183
- Upgrade: "websocket"
184
- }
185
- });
186
- if (ctx.props) agent.updateProps(ctx.props);
187
- const response = await agent.fetch(req);
188
- const ws = response.webSocket;
189
- if (!ws) {
190
- console.error("Failed to establish WebSocket connection");
191
- await writer.close();
192
- const body2 = JSON.stringify({
193
- error: {
194
- code: -32001,
195
- message: "Failed to establish WebSocket connection"
196
- },
197
- id: null,
198
- jsonrpc: "2.0"
199
- });
200
- return new Response(body2, { status: 500 });
201
- }
202
- const requestIds = /* @__PURE__ */ new Set();
203
- ws.accept();
204
- ws.addEventListener("message", (event) => {
205
- async function onMessage(event2) {
206
- try {
207
- const data = typeof event2.data === "string" ? event2.data : new TextDecoder().decode(event2.data);
208
- const message = JSON.parse(data);
209
- const result = JSONRPCMessageSchema.safeParse(message);
210
- if (!result.success) {
211
- return;
212
- }
213
- if (isJSONRPCResponse(result.data) || isJSONRPCError(result.data)) {
214
- requestIds.delete(result.data.id);
215
- }
216
- const messageText = `event: message
217
- data: ${JSON.stringify(result.data)}
218
-
219
- `;
220
- await writer.write(encoder.encode(messageText));
221
- if (requestIds.size === 0) {
222
- ws?.close();
223
- await writer.close().catch(() => {
224
- });
225
- }
226
- } catch (error) {
227
- console.error("Error forwarding message to SSE:", error);
228
- }
229
- }
230
- onMessage(event).catch(console.error);
231
- });
232
- ws.addEventListener("error", (error) => {
233
- async function onError(_error) {
234
- await writer.close().catch(() => {
235
- });
236
- }
237
- onError(error).catch(console.error);
238
- });
239
- ws.addEventListener("close", () => {
240
- async function onClose() {
241
- await writer.close().catch(() => {
242
- });
243
- }
244
- onClose().catch(console.error);
245
- });
246
- const hasOnlyNotificationsOrResponses = messages.every(
247
- (msg) => isJSONRPCNotification(msg) || isJSONRPCResponse(msg)
248
- );
249
- if (hasOnlyNotificationsOrResponses) {
250
- for (const message of messages) {
251
- ws.send(JSON.stringify(message));
252
- }
253
- ws.close();
254
- return new Response(null, {
255
- headers: corsHeaders(request, corsOptions),
256
- status: 202
257
- });
258
- }
259
- for (const message of messages) {
260
- if (isJSONRPCRequest(message)) {
261
- requestIds.add(message.id);
262
- }
263
- ws.send(JSON.stringify(message));
264
- }
265
- return new Response(readable, {
266
- headers: {
267
- "Cache-Control": "no-cache",
268
- Connection: "keep-alive",
269
- "Content-Type": "text/event-stream",
270
- "mcp-session-id": sessionId,
271
- ...corsHeaders(request, corsOptions)
272
- },
273
- status: 200
274
- });
275
- } else if (request.method === "GET") {
276
- const acceptHeader = request.headers.get("accept");
277
- if (!acceptHeader?.includes("text/event-stream")) {
278
- const body2 = JSON.stringify({
279
- jsonrpc: "2.0",
280
- error: {
281
- code: -32e3,
282
- message: "Not Acceptable: Client must accept text/event-stream"
283
- },
284
- id: null
285
- });
286
- return new Response(body2, { status: 406 });
287
- }
288
- const sessionId = request.headers.get("mcp-session-id");
289
- if (!sessionId)
290
- return new Response("Missing sessionId", { status: 400 });
291
- const { readable, writable } = new TransformStream();
292
- const writer = writable.getWriter();
293
- const encoder = new TextEncoder();
294
- const agent = await getAgentByName(
295
- namespace,
296
- `streamable-http:${sessionId}`,
297
- { props: ctx.props }
298
- );
299
- const isInitialized = await agent.getInitializeRequest();
300
- if (!isInitialized) {
301
- return new Response(
302
- JSON.stringify({
303
- jsonrpc: "2.0",
304
- error: { code: -32001, message: "Session not found" },
305
- id: null
306
- }),
307
- { status: 404 }
308
- );
309
- }
310
- const existingHeaders = {};
311
- request.headers.forEach((v, k) => {
312
- existingHeaders[k] = v;
313
- });
314
- if (ctx.props) agent.updateProps(ctx.props);
315
- const response = await agent.fetch(
316
- new Request(request.url, {
317
- headers: {
318
- ...existingHeaders,
319
- Upgrade: "websocket"
320
- }
321
- })
322
- );
323
- const ws = response.webSocket;
324
- if (!ws) {
325
- await writer.close();
326
- return new Response("Failed to establish WS to DO", {
327
- status: 500
328
- });
329
- }
330
- ws.accept();
331
- ws.send(
332
- JSON.stringify({
333
- jsonrpc: "2.0",
334
- method: STANDALONE_SSE_METHOD,
335
- params: {}
336
- })
337
- );
338
- ws.addEventListener("message", (event) => {
339
- try {
340
- async function onMessage(ev) {
341
- const data = typeof ev.data === "string" ? ev.data : new TextDecoder().decode(ev.data);
342
- const parsed = JSONRPCMessageSchema.safeParse(JSON.parse(data));
343
- if (!parsed.success) return;
344
- const frame = `event: message
345
- data: ${JSON.stringify(parsed.data)}
346
-
347
- `;
348
- await writer.write(encoder.encode(frame));
349
- }
350
- onMessage(event).catch(console.error);
351
- } catch (e) {
352
- console.error("Error forwarding message to SSE:", e);
353
- }
354
- });
355
- ws.addEventListener("error", () => {
356
- writer.close().catch(() => {
357
- });
358
- });
359
- ws.addEventListener("close", () => {
360
- writer.close().catch(() => {
361
- });
362
- });
363
- return new Response(readable, {
364
- headers: {
365
- "Cache-Control": "no-cache",
366
- Connection: "keep-alive",
367
- "Content-Type": "text/event-stream",
368
- "mcp-session-id": sessionId,
369
- ...corsHeaders(request, corsOptions)
370
- },
371
- status: 200
372
- });
373
- } else if (request.method === "DELETE") {
374
- const sessionId = request.headers.get("mcp-session-id");
375
- if (!sessionId) {
376
- return new Response(
377
- JSON.stringify({
378
- jsonrpc: "2.0",
379
- error: {
380
- code: -32e3,
381
- message: "Bad Request: Mcp-Session-Id header is required"
382
- },
383
- id: null
384
- }),
385
- { status: 400, headers: corsHeaders(request, corsOptions) }
386
- );
387
- }
388
- const agent = await getAgentByName(
389
- namespace,
390
- `streamable-http:${sessionId}`
391
- );
392
- const isInitialized = await agent.getInitializeRequest();
393
- if (!isInitialized) {
394
- return new Response(
395
- JSON.stringify({
396
- jsonrpc: "2.0",
397
- error: { code: -32001, message: "Session not found" },
398
- id: null
399
- }),
400
- { status: 404, headers: corsHeaders(request, corsOptions) }
401
- );
402
- }
403
- ctx.waitUntil(
404
- agent.destroy().catch(() => {
405
- })
406
- );
407
- return new Response(null, {
408
- status: 204,
409
- headers: corsHeaders(request, corsOptions)
410
- });
411
- }
412
- }
413
- const body = JSON.stringify({
414
- error: {
415
- code: -32e3,
416
- message: "Not found"
417
- },
418
- id: null,
419
- jsonrpc: "2.0"
420
- });
421
- return new Response(body, { status: 404 });
422
- };
9
+ //#region src/mcp/utils.ts
10
+ /**
11
+ * Since we use WebSockets to bridge the client to the
12
+ * MCP transport in the Agent, we use this header to signal
13
+ * the method of the original request the user made, while
14
+ * leaving the WS Upgrade request as GET.
15
+ */
16
+ const MCP_HTTP_METHOD_HEADER = "cf-mcp-method";
17
+ /**
18
+ * Since we use WebSockets to bridge the client to the
19
+ * MCP transport in the Agent, we use this header to include
20
+ * the original request body.
21
+ */
22
+ const MCP_MESSAGE_HEADER = "cf-mcp-message";
23
+ const MAXIMUM_MESSAGE_SIZE_BYTES = 4 * 1024 * 1024;
24
+ const createStreamingHttpHandler = (basePath, namespace, options = {}) => {
25
+ let pathname = basePath;
26
+ if (basePath === "/") pathname = "/*";
27
+ const basePattern = new URLPattern({ pathname });
28
+ return async (request, ctx) => {
29
+ const url = new URL(request.url);
30
+ if (basePattern.test(url)) {
31
+ if (request.method === "POST") {
32
+ const acceptHeader = request.headers.get("accept");
33
+ if (!acceptHeader?.includes("application/json") || !acceptHeader.includes("text/event-stream")) {
34
+ const body$1 = JSON.stringify({
35
+ error: {
36
+ code: -32e3,
37
+ message: "Not Acceptable: Client must accept both application/json and text/event-stream"
38
+ },
39
+ id: null,
40
+ jsonrpc: "2.0"
41
+ });
42
+ return new Response(body$1, { status: 406 });
43
+ }
44
+ const ct = request.headers.get("content-type");
45
+ if (!ct || !ct.includes("application/json")) {
46
+ const body$1 = JSON.stringify({
47
+ error: {
48
+ code: -32e3,
49
+ message: "Unsupported Media Type: Content-Type must be application/json"
50
+ },
51
+ id: null,
52
+ jsonrpc: "2.0"
53
+ });
54
+ return new Response(body$1, { status: 415 });
55
+ }
56
+ if (Number.parseInt(request.headers.get("content-length") ?? "0", 10) > MAXIMUM_MESSAGE_SIZE_BYTES) {
57
+ const body$1 = JSON.stringify({
58
+ error: {
59
+ code: -32e3,
60
+ message: `Request body too large. Maximum size is ${MAXIMUM_MESSAGE_SIZE_BYTES} bytes`
61
+ },
62
+ id: null,
63
+ jsonrpc: "2.0"
64
+ });
65
+ return new Response(body$1, { status: 413 });
66
+ }
67
+ let sessionId = request.headers.get("mcp-session-id");
68
+ let rawMessage;
69
+ try {
70
+ rawMessage = await request.json();
71
+ } catch (_error) {
72
+ const body$1 = JSON.stringify({
73
+ error: {
74
+ code: -32700,
75
+ message: "Parse error: Invalid JSON"
76
+ },
77
+ id: null,
78
+ jsonrpc: "2.0"
79
+ });
80
+ return new Response(body$1, { status: 400 });
81
+ }
82
+ let arrayMessage;
83
+ if (Array.isArray(rawMessage)) arrayMessage = rawMessage;
84
+ else arrayMessage = [rawMessage];
85
+ let messages = [];
86
+ for (const msg of arrayMessage) if (!JSONRPCMessageSchema.safeParse(msg).success) {
87
+ const body$1 = JSON.stringify({
88
+ error: {
89
+ code: -32700,
90
+ message: "Parse error: Invalid JSON-RPC message"
91
+ },
92
+ id: null,
93
+ jsonrpc: "2.0"
94
+ });
95
+ return new Response(body$1, { status: 400 });
96
+ }
97
+ messages = arrayMessage.map((msg) => JSONRPCMessageSchema.parse(msg));
98
+ const maybeInitializeRequest = messages.find((msg) => InitializeRequestSchema.safeParse(msg).success);
99
+ if (!!maybeInitializeRequest && sessionId) {
100
+ const body$1 = JSON.stringify({
101
+ error: {
102
+ code: -32600,
103
+ message: "Invalid Request: Initialization requests must not include a sessionId"
104
+ },
105
+ id: null,
106
+ jsonrpc: "2.0"
107
+ });
108
+ return new Response(body$1, { status: 400 });
109
+ }
110
+ if (!!maybeInitializeRequest && messages.length > 1) {
111
+ const body$1 = JSON.stringify({
112
+ error: {
113
+ code: -32600,
114
+ message: "Invalid Request: Only one initialization request is allowed"
115
+ },
116
+ id: null,
117
+ jsonrpc: "2.0"
118
+ });
119
+ return new Response(body$1, { status: 400 });
120
+ }
121
+ if (!maybeInitializeRequest && !sessionId) {
122
+ const body$1 = JSON.stringify({
123
+ error: {
124
+ code: -32e3,
125
+ message: "Bad Request: Mcp-Session-Id header is required"
126
+ },
127
+ id: null,
128
+ jsonrpc: "2.0"
129
+ });
130
+ return new Response(body$1, { status: 400 });
131
+ }
132
+ sessionId = sessionId ?? namespace.newUniqueId().toString();
133
+ const agent = await getAgentByName(namespace, `streamable-http:${sessionId}`, {
134
+ props: ctx.props,
135
+ jurisdiction: options.jurisdiction
136
+ });
137
+ const isInitialized = await agent.getInitializeRequest();
138
+ if (maybeInitializeRequest) await agent.setInitializeRequest(maybeInitializeRequest);
139
+ else if (!isInitialized) {
140
+ const body$1 = JSON.stringify({
141
+ error: {
142
+ code: -32001,
143
+ message: "Session not found"
144
+ },
145
+ id: null,
146
+ jsonrpc: "2.0"
147
+ });
148
+ return new Response(body$1, { status: 404 });
149
+ }
150
+ const { readable, writable } = new TransformStream();
151
+ const writer = writable.getWriter();
152
+ const encoder = new TextEncoder();
153
+ const existingHeaders = {};
154
+ request.headers.forEach((value, key) => {
155
+ existingHeaders[key] = value;
156
+ });
157
+ const req = new Request(request.url, { headers: {
158
+ ...existingHeaders,
159
+ [MCP_HTTP_METHOD_HEADER]: "POST",
160
+ [MCP_MESSAGE_HEADER]: Buffer.from(JSON.stringify(messages)).toString("base64"),
161
+ Upgrade: "websocket"
162
+ } });
163
+ if (ctx.props) agent.updateProps(ctx.props);
164
+ const ws = (await agent.fetch(req)).webSocket;
165
+ if (!ws) {
166
+ console.error("Failed to establish WebSocket connection");
167
+ await writer.close();
168
+ const body$1 = JSON.stringify({
169
+ error: {
170
+ code: -32001,
171
+ message: "Failed to establish WebSocket connection"
172
+ },
173
+ id: null,
174
+ jsonrpc: "2.0"
175
+ });
176
+ return new Response(body$1, { status: 500 });
177
+ }
178
+ ws.accept();
179
+ ws.addEventListener("message", (event) => {
180
+ async function onMessage(event$1) {
181
+ try {
182
+ const data = typeof event$1.data === "string" ? event$1.data : new TextDecoder().decode(event$1.data);
183
+ const message = JSON.parse(data);
184
+ if (message.type !== MessageType.CF_MCP_AGENT_EVENT) return;
185
+ await writer.write(encoder.encode(message.event));
186
+ if (message.close) {
187
+ ws?.close();
188
+ await writer.close().catch(() => {});
189
+ }
190
+ } catch (error) {
191
+ console.error("Error forwarding message to SSE:", error);
192
+ }
193
+ }
194
+ onMessage(event).catch(console.error);
195
+ });
196
+ ws.addEventListener("error", (error) => {
197
+ async function onError(_error) {
198
+ await writer.close().catch(() => {});
199
+ }
200
+ onError(error).catch(console.error);
201
+ });
202
+ ws.addEventListener("close", () => {
203
+ async function onClose() {
204
+ await writer.close().catch(() => {});
205
+ }
206
+ onClose().catch(console.error);
207
+ });
208
+ if (messages.every((msg) => isJSONRPCNotification(msg) || isJSONRPCResponse(msg))) {
209
+ ws.close();
210
+ return new Response(null, {
211
+ headers: corsHeaders(request, options.corsOptions),
212
+ status: 202
213
+ });
214
+ }
215
+ return new Response(readable, {
216
+ headers: {
217
+ "Cache-Control": "no-cache",
218
+ Connection: "keep-alive",
219
+ "Content-Type": "text/event-stream",
220
+ "mcp-session-id": sessionId,
221
+ ...corsHeaders(request, options.corsOptions)
222
+ },
223
+ status: 200
224
+ });
225
+ } else if (request.method === "GET") {
226
+ if (!request.headers.get("accept")?.includes("text/event-stream")) {
227
+ const body$1 = JSON.stringify({
228
+ jsonrpc: "2.0",
229
+ error: {
230
+ code: -32e3,
231
+ message: "Not Acceptable: Client must accept text/event-stream"
232
+ },
233
+ id: null
234
+ });
235
+ return new Response(body$1, { status: 406 });
236
+ }
237
+ const sessionId = request.headers.get("mcp-session-id");
238
+ if (!sessionId) return new Response(JSON.stringify({
239
+ error: {
240
+ code: -32e3,
241
+ message: "Bad Request: Mcp-Session-Id header is required"
242
+ },
243
+ id: null,
244
+ jsonrpc: "2.0"
245
+ }), { status: 400 });
246
+ const { readable, writable } = new TransformStream();
247
+ const writer = writable.getWriter();
248
+ const encoder = new TextEncoder();
249
+ const agent = await getAgentByName(namespace, `streamable-http:${sessionId}`, {
250
+ props: ctx.props,
251
+ jurisdiction: options.jurisdiction
252
+ });
253
+ if (!await agent.getInitializeRequest()) return new Response(JSON.stringify({
254
+ jsonrpc: "2.0",
255
+ error: {
256
+ code: -32001,
257
+ message: "Session not found"
258
+ },
259
+ id: null
260
+ }), { status: 404 });
261
+ const existingHeaders = {};
262
+ request.headers.forEach((v, k) => {
263
+ existingHeaders[k] = v;
264
+ });
265
+ if (ctx.props) agent.updateProps(ctx.props);
266
+ const ws = (await agent.fetch(new Request(request.url, { headers: {
267
+ ...existingHeaders,
268
+ [MCP_HTTP_METHOD_HEADER]: "GET",
269
+ Upgrade: "websocket"
270
+ } }))).webSocket;
271
+ if (!ws) {
272
+ await writer.close();
273
+ return new Response("Failed to establish WS to DO", { status: 500 });
274
+ }
275
+ ws.accept();
276
+ ws.addEventListener("message", (event) => {
277
+ try {
278
+ async function onMessage(ev) {
279
+ const data = typeof ev.data === "string" ? ev.data : new TextDecoder().decode(ev.data);
280
+ const message = JSON.parse(data);
281
+ if (message.type !== MessageType.CF_MCP_AGENT_EVENT) return;
282
+ await writer.write(encoder.encode(message.event));
283
+ }
284
+ onMessage(event).catch(console.error);
285
+ } catch (e) {
286
+ console.error("Error forwarding message to SSE:", e);
287
+ }
288
+ });
289
+ ws.addEventListener("error", () => {
290
+ writer.close().catch(() => {});
291
+ });
292
+ ws.addEventListener("close", () => {
293
+ writer.close().catch(() => {});
294
+ });
295
+ return new Response(readable, {
296
+ headers: {
297
+ "Cache-Control": "no-cache",
298
+ Connection: "keep-alive",
299
+ "Content-Type": "text/event-stream",
300
+ "mcp-session-id": sessionId,
301
+ ...corsHeaders(request, options.corsOptions)
302
+ },
303
+ status: 200
304
+ });
305
+ } else if (request.method === "DELETE") {
306
+ const sessionId = request.headers.get("mcp-session-id");
307
+ if (!sessionId) return new Response(JSON.stringify({
308
+ jsonrpc: "2.0",
309
+ error: {
310
+ code: -32e3,
311
+ message: "Bad Request: Mcp-Session-Id header is required"
312
+ },
313
+ id: null
314
+ }), {
315
+ status: 400,
316
+ headers: corsHeaders(request, options.corsOptions)
317
+ });
318
+ const agent = await getAgentByName(namespace, `streamable-http:${sessionId}`, { jurisdiction: options.jurisdiction });
319
+ if (!await agent.getInitializeRequest()) return new Response(JSON.stringify({
320
+ jsonrpc: "2.0",
321
+ error: {
322
+ code: -32001,
323
+ message: "Session not found"
324
+ },
325
+ id: null
326
+ }), {
327
+ status: 404,
328
+ headers: corsHeaders(request, options.corsOptions)
329
+ });
330
+ ctx.waitUntil(agent.destroy().catch(() => {}));
331
+ return new Response(null, {
332
+ status: 204,
333
+ headers: corsHeaders(request, options.corsOptions)
334
+ });
335
+ }
336
+ }
337
+ const body = JSON.stringify({
338
+ error: {
339
+ code: -32e3,
340
+ message: "Not found"
341
+ },
342
+ id: null,
343
+ jsonrpc: "2.0"
344
+ });
345
+ return new Response(body, { status: 404 });
346
+ };
423
347
  };
424
- var createLegacySseHandler = (basePath, namespace, corsOptions) => {
425
- let pathname = basePath;
426
- if (basePath === "/") pathname = "/*";
427
- const basePattern = new URLPattern({ pathname });
428
- const messagePattern = new URLPattern({ pathname: `${basePath}/message` });
429
- return async (request, ctx) => {
430
- const url = new URL(request.url);
431
- if (request.method === "GET" && basePattern.test(url)) {
432
- const sessionId = url.searchParams.get("sessionId") || namespace.newUniqueId().toString();
433
- const { readable, writable } = new TransformStream();
434
- const writer = writable.getWriter();
435
- const encoder = new TextEncoder();
436
- const endpointUrl = new URL(request.url);
437
- endpointUrl.pathname = encodeURI(`${basePath}/message`);
438
- endpointUrl.searchParams.set("sessionId", sessionId);
439
- const relativeUrlWithSession = endpointUrl.pathname + endpointUrl.search + endpointUrl.hash;
440
- const endpointMessage = `event: endpoint
441
- data: ${relativeUrlWithSession}
442
-
443
- `;
444
- writer.write(encoder.encode(endpointMessage));
445
- const agent = await getAgentByName(namespace, `sse:${sessionId}`, {
446
- props: ctx.props
447
- });
448
- const existingHeaders = {};
449
- request.headers.forEach((value, key) => {
450
- existingHeaders[key] = value;
451
- });
452
- if (ctx.props) agent.updateProps(ctx.props);
453
- const response = await agent.fetch(
454
- new Request(request.url, {
455
- headers: {
456
- ...existingHeaders,
457
- Upgrade: "websocket"
458
- }
459
- })
460
- );
461
- const ws = response.webSocket;
462
- if (!ws) {
463
- console.error("Failed to establish WebSocket connection");
464
- await writer.close();
465
- return new Response("Failed to establish WebSocket connection", {
466
- status: 500
467
- });
468
- }
469
- ws.accept();
470
- ws.addEventListener("message", (event) => {
471
- async function onMessage(event2) {
472
- try {
473
- const message = JSON.parse(event2.data);
474
- const result = JSONRPCMessageSchema.safeParse(message);
475
- if (!result.success) {
476
- return;
477
- }
478
- const messageText = `event: message
479
- data: ${JSON.stringify(result.data)}
480
-
481
- `;
482
- await writer.write(encoder.encode(messageText));
483
- } catch (error) {
484
- console.error("Error forwarding message to SSE:", error);
485
- }
486
- }
487
- onMessage(event).catch(console.error);
488
- });
489
- ws.addEventListener("error", (error) => {
490
- async function onError(_error) {
491
- try {
492
- await writer.close();
493
- } catch (_e) {
494
- }
495
- }
496
- onError(error).catch(console.error);
497
- });
498
- ws.addEventListener("close", () => {
499
- async function onClose() {
500
- try {
501
- await writer.close();
502
- } catch (error) {
503
- console.error("Error closing SSE connection:", error);
504
- }
505
- }
506
- onClose().catch(console.error);
507
- });
508
- return new Response(readable, {
509
- headers: {
510
- "Cache-Control": "no-cache",
511
- Connection: "keep-alive",
512
- "Content-Type": "text/event-stream",
513
- ...corsHeaders(request, corsOptions)
514
- }
515
- });
516
- }
517
- if (request.method === "POST" && messagePattern.test(url)) {
518
- const sessionId = url.searchParams.get("sessionId");
519
- if (!sessionId) {
520
- return new Response(
521
- `Missing sessionId. Expected POST to ${basePath} to initiate new one`,
522
- { status: 400 }
523
- );
524
- }
525
- const contentType = request.headers.get("content-type") || "";
526
- if (!contentType.includes("application/json")) {
527
- return new Response(`Unsupported content-type: ${contentType}`, {
528
- status: 400
529
- });
530
- }
531
- const contentLength = Number.parseInt(
532
- request.headers.get("content-length") || "0",
533
- 10
534
- );
535
- if (contentLength > MAXIMUM_MESSAGE_SIZE_BYTES) {
536
- return new Response(`Request body too large: ${contentLength} bytes`, {
537
- status: 400
538
- });
539
- }
540
- const agent = await getAgentByName(namespace, `sse:${sessionId}`, {
541
- props: ctx.props
542
- });
543
- const messageBody = await request.json();
544
- const error = await agent.onSSEMcpMessage(sessionId, messageBody);
545
- if (error) {
546
- return new Response(error.message, {
547
- headers: {
548
- "Cache-Control": "no-cache",
549
- Connection: "keep-alive",
550
- "Content-Type": "text/event-stream",
551
- ...corsHeaders(request, corsOptions)
552
- },
553
- status: 400
554
- });
555
- }
556
- return new Response("Accepted", {
557
- headers: {
558
- "Cache-Control": "no-cache",
559
- Connection: "keep-alive",
560
- "Content-Type": "text/event-stream",
561
- ...corsHeaders(request, corsOptions)
562
- },
563
- status: 202
564
- });
565
- }
566
- return new Response("Not Found", { status: 404 });
567
- };
348
+ const createLegacySseHandler = (basePath, namespace, options = {}) => {
349
+ let pathname = basePath;
350
+ if (basePath === "/") pathname = "/*";
351
+ const basePattern = new URLPattern({ pathname });
352
+ const messagePattern = new URLPattern({ pathname: `${basePath}/message` });
353
+ return async (request, ctx) => {
354
+ const url = new URL(request.url);
355
+ if (request.method === "GET" && basePattern.test(url)) {
356
+ const sessionId = url.searchParams.get("sessionId") || namespace.newUniqueId().toString();
357
+ const { readable, writable } = new TransformStream();
358
+ const writer = writable.getWriter();
359
+ const encoder = new TextEncoder();
360
+ const endpointUrl = new URL(request.url);
361
+ endpointUrl.pathname = encodeURI(`${basePath}/message`);
362
+ endpointUrl.searchParams.set("sessionId", sessionId);
363
+ const endpointMessage = `event: endpoint\ndata: ${endpointUrl.pathname + endpointUrl.search + endpointUrl.hash}\n\n`;
364
+ writer.write(encoder.encode(endpointMessage));
365
+ const agent = await getAgentByName(namespace, `sse:${sessionId}`, {
366
+ props: ctx.props,
367
+ jurisdiction: options.jurisdiction
368
+ });
369
+ const existingHeaders = {};
370
+ request.headers.forEach((value, key) => {
371
+ existingHeaders[key] = value;
372
+ });
373
+ if (ctx.props) agent.updateProps(ctx.props);
374
+ const ws = (await agent.fetch(new Request(request.url, { headers: {
375
+ ...existingHeaders,
376
+ Upgrade: "websocket"
377
+ } }))).webSocket;
378
+ if (!ws) {
379
+ console.error("Failed to establish WebSocket connection");
380
+ await writer.close();
381
+ return new Response("Failed to establish WebSocket connection", { status: 500 });
382
+ }
383
+ ws.accept();
384
+ ws.addEventListener("message", (event) => {
385
+ async function onMessage(event$1) {
386
+ try {
387
+ const message = JSON.parse(event$1.data);
388
+ const result = JSONRPCMessageSchema.safeParse(message);
389
+ if (!result.success) return;
390
+ const messageText = `event: message\ndata: ${JSON.stringify(result.data)}\n\n`;
391
+ await writer.write(encoder.encode(messageText));
392
+ } catch (error) {
393
+ console.error("Error forwarding message to SSE:", error);
394
+ }
395
+ }
396
+ onMessage(event).catch(console.error);
397
+ });
398
+ ws.addEventListener("error", (error) => {
399
+ async function onError(_error) {
400
+ try {
401
+ await writer.close();
402
+ } catch (_e) {}
403
+ }
404
+ onError(error).catch(console.error);
405
+ });
406
+ ws.addEventListener("close", () => {
407
+ async function onClose() {
408
+ try {
409
+ await writer.close();
410
+ } catch (error) {
411
+ console.error("Error closing SSE connection:", error);
412
+ }
413
+ }
414
+ onClose().catch(console.error);
415
+ });
416
+ return new Response(readable, { headers: {
417
+ "Cache-Control": "no-cache",
418
+ Connection: "keep-alive",
419
+ "Content-Type": "text/event-stream",
420
+ ...corsHeaders(request, options.corsOptions)
421
+ } });
422
+ }
423
+ if (request.method === "POST" && messagePattern.test(url)) {
424
+ const sessionId = url.searchParams.get("sessionId");
425
+ if (!sessionId) return new Response(`Missing sessionId. Expected POST to ${basePath} to initiate new one`, { status: 400 });
426
+ const contentType = request.headers.get("content-type") || "";
427
+ if (!contentType.includes("application/json")) return new Response(`Unsupported content-type: ${contentType}`, { status: 400 });
428
+ const contentLength = Number.parseInt(request.headers.get("content-length") || "0", 10);
429
+ if (contentLength > MAXIMUM_MESSAGE_SIZE_BYTES) return new Response(`Request body too large: ${contentLength} bytes`, { status: 400 });
430
+ const agent = await getAgentByName(namespace, `sse:${sessionId}`, {
431
+ props: ctx.props,
432
+ jurisdiction: options.jurisdiction
433
+ });
434
+ const messageBody = await request.json();
435
+ const error = await agent.onSSEMcpMessage(sessionId, messageBody);
436
+ if (error) return new Response(error.message, {
437
+ headers: {
438
+ "Cache-Control": "no-cache",
439
+ Connection: "keep-alive",
440
+ "Content-Type": "text/event-stream",
441
+ ...corsHeaders(request, options.corsOptions)
442
+ },
443
+ status: 400
444
+ });
445
+ return new Response("Accepted", {
446
+ headers: {
447
+ "Cache-Control": "no-cache",
448
+ Connection: "keep-alive",
449
+ "Content-Type": "text/event-stream",
450
+ ...corsHeaders(request, options.corsOptions)
451
+ },
452
+ status: 202
453
+ });
454
+ }
455
+ return new Response("Not Found", { status: 404 });
456
+ };
568
457
  };
569
458
  function corsHeaders(_request, corsOptions = {}) {
570
- const origin = "*";
571
- return {
572
- "Access-Control-Allow-Headers": corsOptions.headers || "Content-Type, Accept, mcp-session-id, mcp-protocol-version",
573
- "Access-Control-Allow-Methods": corsOptions.methods || "GET, POST, DELETE, OPTIONS",
574
- "Access-Control-Allow-Origin": corsOptions.origin || origin,
575
- "Access-Control-Expose-Headers": corsOptions.exposeHeaders || "mcp-session-id",
576
- "Access-Control-Max-Age": (corsOptions.maxAge || 86400).toString()
577
- };
459
+ const origin = "*";
460
+ return {
461
+ "Access-Control-Allow-Headers": corsOptions.headers || "Content-Type, Accept, mcp-session-id, mcp-protocol-version",
462
+ "Access-Control-Allow-Methods": corsOptions.methods || "GET, POST, DELETE, OPTIONS",
463
+ "Access-Control-Allow-Origin": corsOptions.origin || origin,
464
+ "Access-Control-Expose-Headers": corsOptions.exposeHeaders || "mcp-session-id",
465
+ "Access-Control-Max-Age": (corsOptions.maxAge || 86400).toString()
466
+ };
578
467
  }
579
468
  function handleCORS(request, corsOptions) {
580
- if (request.method === "OPTIONS") {
581
- return new Response(null, { headers: corsHeaders(request, corsOptions) });
582
- }
583
- return null;
469
+ if (request.method === "OPTIONS") return new Response(null, { headers: corsHeaders(request, corsOptions) });
470
+ return null;
584
471
  }
585
472
  function isDurableObjectNamespace(namespace) {
586
- return typeof namespace === "object" && namespace !== null && "newUniqueId" in namespace && typeof namespace.newUniqueId === "function" && "idFromName" in namespace && typeof namespace.idFromName === "function";
473
+ return typeof namespace === "object" && namespace !== null && "newUniqueId" in namespace && typeof namespace.newUniqueId === "function" && "idFromName" in namespace && typeof namespace.idFromName === "function";
587
474
  }
588
475
 
589
- // src/mcp/transport.ts
590
- import {
591
- isJSONRPCError as isJSONRPCError2,
592
- isJSONRPCResponse as isJSONRPCResponse2
593
- } from "@modelcontextprotocol/sdk/types.js";
476
+ //#endregion
477
+ //#region src/mcp/transport.ts
594
478
  var McpSSETransport = class {
595
- constructor(getWebSocket) {
596
- this._started = false;
597
- this._getWebSocket = getWebSocket;
598
- }
599
- async start() {
600
- if (this._started) {
601
- throw new Error("Transport already started");
602
- }
603
- this._started = true;
604
- }
605
- async send(message) {
606
- if (!this._started) {
607
- throw new Error("Transport not started");
608
- }
609
- const websocket = this._getWebSocket();
610
- if (!websocket) {
611
- throw new Error("WebSocket not connected");
612
- }
613
- try {
614
- websocket.send(JSON.stringify(message));
615
- } catch (error) {
616
- this.onerror?.(error);
617
- }
618
- }
619
- async close() {
620
- this.onclose?.();
621
- }
479
+ constructor(getWebSocket) {
480
+ this._started = false;
481
+ this._getWebSocket = getWebSocket;
482
+ }
483
+ async start() {
484
+ if (this._started) throw new Error("Transport already started");
485
+ this._started = true;
486
+ }
487
+ async send(message) {
488
+ if (!this._started) throw new Error("Transport not started");
489
+ const websocket = this._getWebSocket();
490
+ if (!websocket) throw new Error("WebSocket not connected");
491
+ try {
492
+ websocket.send(JSON.stringify(message));
493
+ } catch (error) {
494
+ this.onerror?.(error);
495
+ }
496
+ }
497
+ async close() {
498
+ this.onclose?.();
499
+ }
622
500
  };
623
- var McpStreamableHttpTransport = class {
624
- constructor(getWebSocketForMessageID, notifyResponseIdSent, getWebSocketForStandaloneSse) {
625
- this._started = false;
626
- this._getWebSocketForMessageID = getWebSocketForMessageID;
627
- this._notifyResponseIdSent = notifyResponseIdSent;
628
- this._getWebSocketForStandaloneSse = getWebSocketForStandaloneSse;
629
- }
630
- async start() {
631
- if (this._started) {
632
- throw new Error("Transport already started");
633
- }
634
- this._started = true;
635
- }
636
- async send(message, options) {
637
- if (!this._started) {
638
- throw new Error("Transport not started");
639
- }
640
- let requestId = options?.relatedRequestId;
641
- if (isJSONRPCResponse2(message) || isJSONRPCError2(message)) {
642
- requestId = message.id;
643
- }
644
- if (requestId === void 0) {
645
- if (isJSONRPCResponse2(message) || isJSONRPCError2(message)) {
646
- throw new Error(
647
- "Cannot send a response on a standalone SSE stream unless resuming a previous client request"
648
- );
649
- }
650
- const standaloneSseSocket = this._getWebSocketForStandaloneSse();
651
- if (!standaloneSseSocket) {
652
- return;
653
- }
654
- try {
655
- standaloneSseSocket?.send(JSON.stringify(message));
656
- } catch (error) {
657
- this.onerror?.(error);
658
- }
659
- return;
660
- }
661
- const websocket = this._getWebSocketForMessageID(requestId.toString());
662
- if (!websocket) {
663
- throw new Error(`Could not find WebSocket for message id: ${requestId}`);
664
- }
665
- try {
666
- websocket?.send(JSON.stringify(message));
667
- if (isJSONRPCResponse2(message) || isJSONRPCError2(message)) {
668
- this._notifyResponseIdSent(message.id.toString());
669
- }
670
- } catch (error) {
671
- this.onerror?.(error);
672
- }
673
- }
674
- async close() {
675
- this.onclose?.();
676
- }
501
+ /**
502
+ * Adapted from: https://github.com/modelcontextprotocol/typescript-sdk/blob/main/src/client/streamableHttp.ts
503
+ * - Validation and initialization are removed as they're handled in `McpAgent.serve()` handler.
504
+ * - Replaces the Node-style `req`/`res` with Worker's `Request`.
505
+ * - Writes events as WS messages that the Worker forwards to the client as SSE events.
506
+ * - Replaces the in-memory maps that track requestID/stream by using `connection.setState()` and `agent.getConnections()`.
507
+ *
508
+ * Besides these points, the implementation is the same and should be updated to match the original as new features are added.
509
+ */
510
+ var StreamableHTTPServerTransport = class {
511
+ constructor(options) {
512
+ this._started = false;
513
+ this._requestResponseMap = /* @__PURE__ */ new Map();
514
+ const { agent } = getCurrentAgent();
515
+ if (!agent) throw new Error("McpAgent was not found in Transport constructor");
516
+ this.sessionId = agent.getSessionId();
517
+ this._eventStore = options.eventStore;
518
+ }
519
+ /**
520
+ * Starts the transport. This is required by the Transport interface but is a no-op
521
+ * for the Streamable HTTP transport as connections are managed per-request.
522
+ */
523
+ async start() {
524
+ if (this._started) throw new Error("Transport already started");
525
+ this._started = true;
526
+ }
527
+ /**
528
+ * Handles GET requests for SSE stream
529
+ */
530
+ async handleGetRequest(req) {
531
+ const { connection } = getCurrentAgent();
532
+ if (!connection) throw new Error("Connection was not found in handleGetRequest");
533
+ if (this._eventStore) {
534
+ const lastEventId = req.headers.get("last-event-id");
535
+ if (lastEventId) {
536
+ await this.replayEvents(lastEventId);
537
+ return;
538
+ }
539
+ }
540
+ connection.setState({ _standaloneSse: true });
541
+ }
542
+ /**
543
+ * Replays events that would have been sent after the specified event ID
544
+ * Only used when resumability is enabled
545
+ */
546
+ async replayEvents(lastEventId) {
547
+ if (!this._eventStore) return;
548
+ const { connection } = getCurrentAgent();
549
+ if (!connection) throw new Error("Connection was not available in replayEvents");
550
+ try {
551
+ await this._eventStore?.replayEventsAfter(lastEventId, { send: async (eventId, message) => {
552
+ try {
553
+ this.writeSSEEvent(connection, message, eventId);
554
+ } catch (error) {
555
+ this.onerror?.(error);
556
+ }
557
+ } });
558
+ } catch (error) {
559
+ this.onerror?.(error);
560
+ }
561
+ }
562
+ /**
563
+ * Writes an event to the SSE stream with proper formatting
564
+ */
565
+ writeSSEEvent(connection, message, eventId, close) {
566
+ let eventData = "event: message\n";
567
+ if (eventId) eventData += `id: ${eventId}\n`;
568
+ eventData += `data: ${JSON.stringify(message)}\n\n`;
569
+ return connection.send(JSON.stringify({
570
+ type: MessageType.CF_MCP_AGENT_EVENT,
571
+ event: eventData,
572
+ close
573
+ }));
574
+ }
575
+ /**
576
+ * Handles POST requests containing JSON-RPC messages
577
+ */
578
+ async handlePostRequest(req, parsedBody) {
579
+ const authInfo = req.auth;
580
+ const requestInfo = { headers: Object.fromEntries(req.headers.entries()) };
581
+ delete requestInfo.headers[MCP_HTTP_METHOD_HEADER];
582
+ delete requestInfo.headers[MCP_MESSAGE_HEADER];
583
+ delete requestInfo.headers.upgrade;
584
+ const rawMessage = parsedBody;
585
+ let messages;
586
+ if (Array.isArray(rawMessage)) messages = rawMessage.map((msg) => JSONRPCMessageSchema.parse(msg));
587
+ else messages = [JSONRPCMessageSchema.parse(rawMessage)];
588
+ const hasRequests = messages.some(isJSONRPCRequest);
589
+ if (!hasRequests) for (const message of messages) this.onmessage?.(message, {
590
+ authInfo,
591
+ requestInfo
592
+ });
593
+ else if (hasRequests) {
594
+ const { connection } = getCurrentAgent();
595
+ if (!connection) throw new Error("Connection was not found in handlePostRequest");
596
+ const requestIds = messages.filter(isJSONRPCRequest).map((message) => message.id);
597
+ connection.setState({ requestIds });
598
+ for (const message of messages) this.onmessage?.(message, {
599
+ authInfo,
600
+ requestInfo
601
+ });
602
+ }
603
+ }
604
+ async close() {
605
+ const { agent } = getCurrentAgent();
606
+ if (!agent) throw new Error("Agent was not found in close");
607
+ for (const conn of agent.getConnections()) conn.close(1e3, "Session closed");
608
+ this.onclose?.();
609
+ }
610
+ async send(message, options) {
611
+ const { agent } = getCurrentAgent();
612
+ if (!agent) throw new Error("Agent was not found in send");
613
+ let requestId = options?.relatedRequestId;
614
+ if (isJSONRPCResponse(message) || isJSONRPCError(message)) requestId = message.id;
615
+ if (requestId === void 0) {
616
+ if (isJSONRPCResponse(message) || isJSONRPCError(message)) throw new Error("Cannot send a response on a standalone SSE stream unless resuming a previous client request");
617
+ let standaloneConnection;
618
+ for (const conn of agent.getConnections()) if (conn.state?._standaloneSse) standaloneConnection = conn;
619
+ if (standaloneConnection === void 0) return;
620
+ let eventId$1;
621
+ if (this._eventStore) eventId$1 = await this._eventStore.storeEvent(standaloneConnection.id, message);
622
+ this.writeSSEEvent(standaloneConnection, message, eventId$1);
623
+ return;
624
+ }
625
+ const connection = Array.from(agent.getConnections()).find((conn) => conn.state?.requestIds?.includes(requestId));
626
+ if (!connection) throw new Error(`No connection established for request ID: ${String(requestId)}`);
627
+ let eventId;
628
+ if (this._eventStore) eventId = await this._eventStore.storeEvent(connection.id, message);
629
+ let shouldClose = false;
630
+ if (isJSONRPCResponse(message) || isJSONRPCError(message)) {
631
+ this._requestResponseMap.set(requestId, message);
632
+ const relatedIds = connection.state?.requestIds ?? [];
633
+ shouldClose = relatedIds.every((id) => this._requestResponseMap.has(id));
634
+ if (shouldClose) for (const id of relatedIds) this._requestResponseMap.delete(id);
635
+ }
636
+ this.writeSSEEvent(connection, message, eventId, shouldClose);
637
+ }
677
638
  };
678
639
 
679
- // src/mcp/index.ts
680
- import {
681
- ElicitRequestSchema
682
- } from "@modelcontextprotocol/sdk/types.js";
683
- var McpAgent = class _McpAgent extends Agent {
684
- constructor(ctx, env) {
685
- super(ctx, env);
686
- this._requestIdToConnectionId = /* @__PURE__ */ new Map();
687
- for (const connection of this.getConnections()) {
688
- const meta = connection.state;
689
- if (meta?.role === STANDALONE_SSE_MARKER) {
690
- this._standaloneSseConnectionId = connection.id;
691
- return;
692
- }
693
- }
694
- }
695
- /*
696
- * Helpers
697
- */
698
- async setInitializeRequest(initializeRequest) {
699
- await this.ctx.storage.put("initializeRequest", initializeRequest);
700
- }
701
- async getInitializeRequest() {
702
- return this.ctx.storage.get("initializeRequest");
703
- }
704
- /** Read the transport type for this agent.
705
- * This relies on the naming scheme being `sse:${sessionId}`
706
- * or `streamable-http:${sessionId}`.
707
- */
708
- getTransportType() {
709
- const [t, ..._] = this.name.split(":");
710
- switch (t) {
711
- case "sse":
712
- return "sse";
713
- case "streamable-http":
714
- return "streamable-http";
715
- default:
716
- throw new Error(
717
- "Invalid transport type. McpAgent must be addressed with a valid protocol."
718
- );
719
- }
720
- }
721
- /** Get the WebSocket for the standalone SSE if any. Streamable HTTP only. */
722
- getWebSocketForStandaloneSse() {
723
- if (!this._standaloneSseConnectionId) return null;
724
- return this.getConnection(this._standaloneSseConnectionId) ?? null;
725
- }
726
- /** Get the unique WebSocket. SSE transport only. */
727
- getWebSocket() {
728
- const websockets = Array.from(this.getConnections());
729
- if (websockets.length === 0) {
730
- return null;
731
- }
732
- return websockets[0];
733
- }
734
- /** Get the corresponding WebSocket for a responseId. Streamable HTTP only. */
735
- getWebSocketForResponseID(id) {
736
- const connectionId = this._requestIdToConnectionId.get(id);
737
- if (connectionId === void 0) {
738
- return null;
739
- }
740
- return this.getConnection(connectionId) ?? null;
741
- }
742
- /** Returns a new transport matching the type of the Agent. */
743
- initTransport() {
744
- switch (this.getTransportType()) {
745
- case "sse": {
746
- return new McpSSETransport(() => this.getWebSocket());
747
- }
748
- case "streamable-http": {
749
- return new McpStreamableHttpTransport(
750
- (id) => this.getWebSocketForResponseID(id),
751
- (id) => this._requestIdToConnectionId.delete(id),
752
- () => this.getWebSocketForStandaloneSse()
753
- );
754
- }
755
- }
756
- }
757
- /** Update and store the props */
758
- async updateProps(props) {
759
- await this.ctx.storage.put("props", props ?? {});
760
- this.props = props;
761
- }
762
- /*
763
- * Base Agent / Parykit Server overrides
764
- */
765
- /** Sets up the MCP transport and server every time the Agent is started.*/
766
- async onStart(props) {
767
- if (props) await this.updateProps(props);
768
- this.props = await this.ctx.storage.get("props");
769
- await this.init();
770
- const server = await this.server;
771
- this._transport = this.initTransport();
772
- await server.connect(this._transport);
773
- const initializeRequest = await this.getInitializeRequest();
774
- if (initializeRequest) {
775
- this._transport.onmessage?.(initializeRequest);
776
- }
777
- }
778
- /** Validates new WebSocket connections. */
779
- async onConnect(conn, _) {
780
- switch (this.getTransportType()) {
781
- case "sse": {
782
- const websockets = Array.from(this.getConnections());
783
- if (websockets.length > 1) {
784
- conn.close(1008, "Websocket already connected");
785
- return;
786
- }
787
- break;
788
- }
789
- case "streamable-http":
790
- break;
791
- }
792
- }
793
- /** Handles MCP Messages for Streamable HTTP. */
794
- async onMessage(connection, event) {
795
- if (this.getTransportType() !== "streamable-http") {
796
- const err = new Error(
797
- "Internal Server Error: Expected streamable-http protocol"
798
- );
799
- this._transport?.onerror?.(err);
800
- return;
801
- }
802
- let message;
803
- try {
804
- const data = typeof event === "string" ? event : new TextDecoder().decode(event);
805
- message = JSONRPCMessageSchema2.parse(JSON.parse(data));
806
- } catch (error) {
807
- this._transport?.onerror?.(error);
808
- return;
809
- }
810
- if (isJSONRPCNotification2(message) && message.method === STANDALONE_SSE_METHOD) {
811
- if (this._standaloneSseConnectionId && this._standaloneSseConnectionId !== connection.id) {
812
- const standaloneSseSocket = this.getConnection(
813
- this._standaloneSseConnectionId
814
- );
815
- standaloneSseSocket?.close(1e3, "replaced");
816
- }
817
- connection.setState({
818
- role: STANDALONE_SSE_MARKER
819
- });
820
- this._standaloneSseConnectionId = connection.id;
821
- return;
822
- }
823
- if (await this._handleElicitationResponse(message)) {
824
- return;
825
- }
826
- if (isJSONRPCRequest2(message)) {
827
- this._requestIdToConnectionId.set(message.id.toString(), connection.id);
828
- }
829
- this._transport?.onmessage?.(message);
830
- }
831
- /** Remove clients from our cache when they disconnect */
832
- async onClose(conn, _code, _reason, _wasClean) {
833
- for (const [reqId, connId] of this._requestIdToConnectionId) {
834
- if (connId === conn.id) this._requestIdToConnectionId.delete(reqId);
835
- }
836
- if (this._standaloneSseConnectionId === conn.id) {
837
- this._standaloneSseConnectionId = void 0;
838
- }
839
- }
840
- /*
841
- * Transport ingress and routing
842
- */
843
- /** Handles MCP Messages for the legacy SSE transport. */
844
- async onSSEMcpMessage(_sessionId, messageBody) {
845
- if (this.getTransportType() !== "sse") {
846
- return new Error("Internal Server Error: Expected SSE transport");
847
- }
848
- try {
849
- let parsedMessage;
850
- try {
851
- parsedMessage = JSONRPCMessageSchema2.parse(messageBody);
852
- } catch (error) {
853
- this._transport?.onerror?.(error);
854
- throw error;
855
- }
856
- if (await this._handleElicitationResponse(parsedMessage)) {
857
- return null;
858
- }
859
- this._transport?.onmessage?.(parsedMessage);
860
- return null;
861
- } catch (error) {
862
- console.error("Error forwarding message to SSE:", error);
863
- this._transport?.onerror?.(error);
864
- return error;
865
- }
866
- }
867
- /** Elicit user input with a message and schema */
868
- async elicitInput(params) {
869
- const requestId = `elicit_${Math.random().toString(36).substring(2, 11)}`;
870
- await this.ctx.storage.put(`elicitation:${requestId}`, {
871
- message: params.message,
872
- requestedSchema: params.requestedSchema,
873
- timestamp: Date.now()
874
- });
875
- const elicitRequest = {
876
- jsonrpc: "2.0",
877
- id: requestId,
878
- method: "elicitation/create",
879
- params: {
880
- message: params.message,
881
- requestedSchema: params.requestedSchema
882
- }
883
- };
884
- if (this._transport) {
885
- await this._transport.send(elicitRequest);
886
- } else {
887
- const connections = this.getConnections();
888
- if (!connections || Array.from(connections).length === 0) {
889
- await this.ctx.storage.delete(`elicitation:${requestId}`);
890
- throw new Error("No active connections available for elicitation");
891
- }
892
- const connectionList = Array.from(connections);
893
- for (const connection of connectionList) {
894
- try {
895
- connection.send(JSON.stringify(elicitRequest));
896
- } catch (error) {
897
- console.error("Failed to send elicitation request:", error);
898
- }
899
- }
900
- }
901
- return this._waitForElicitationResponse(requestId);
902
- }
903
- /** Wait for elicitation response through storage polling */
904
- async _waitForElicitationResponse(requestId) {
905
- const startTime = Date.now();
906
- const timeout = 6e4;
907
- try {
908
- while (Date.now() - startTime < timeout) {
909
- const response = await this.ctx.storage.get(
910
- `elicitation:response:${requestId}`
911
- );
912
- if (response) {
913
- await this.ctx.storage.delete(`elicitation:${requestId}`);
914
- await this.ctx.storage.delete(`elicitation:response:${requestId}`);
915
- return response;
916
- }
917
- await new Promise((resolve) => setTimeout(resolve, 100));
918
- }
919
- throw new Error("Elicitation request timed out");
920
- } finally {
921
- await this.ctx.storage.delete(`elicitation:${requestId}`);
922
- await this.ctx.storage.delete(`elicitation:response:${requestId}`);
923
- }
924
- }
925
- /** Handle elicitation responses */
926
- async _handleElicitationResponse(message) {
927
- if (isJSONRPCResponse3(message) && message.result) {
928
- const requestId = message.id?.toString();
929
- if (!requestId || !requestId.startsWith("elicit_")) return false;
930
- const pendingRequest = await this.ctx.storage.get(
931
- `elicitation:${requestId}`
932
- );
933
- if (!pendingRequest) return false;
934
- await this.ctx.storage.put(
935
- `elicitation:response:${requestId}`,
936
- message.result
937
- );
938
- return true;
939
- }
940
- if (isJSONRPCError3(message)) {
941
- const requestId = message.id?.toString();
942
- if (!requestId || !requestId.startsWith("elicit_")) return false;
943
- const pendingRequest = await this.ctx.storage.get(
944
- `elicitation:${requestId}`
945
- );
946
- if (!pendingRequest) return false;
947
- const errorResult = {
948
- action: "cancel",
949
- content: {
950
- error: message.error.message || "Elicitation request failed"
951
- }
952
- };
953
- await this.ctx.storage.put(
954
- `elicitation:response:${requestId}`,
955
- errorResult
956
- );
957
- return true;
958
- }
959
- return false;
960
- }
961
- /** Return a handler for the given path for this MCP.
962
- * Defaults to Streamable HTTP transport.
963
- */
964
- static serve(path, {
965
- binding = "MCP_OBJECT",
966
- corsOptions,
967
- transport = "streamable-http"
968
- } = {}) {
969
- return {
970
- async fetch(request, env, ctx) {
971
- const corsResponse = handleCORS(request, corsOptions);
972
- if (corsResponse) {
973
- return corsResponse;
974
- }
975
- const bindingValue = env[binding];
976
- if (bindingValue == null || typeof bindingValue !== "object") {
977
- throw new Error(
978
- `Could not find McpAgent binding for ${binding}. Did you update your wrangler configuration?`
979
- );
980
- }
981
- if (!isDurableObjectNamespace(bindingValue)) {
982
- throw new Error(
983
- `Invalid McpAgent binding for ${binding}. Make sure it's a Durable Object binding.`
984
- );
985
- }
986
- const namespace = bindingValue;
987
- switch (transport) {
988
- case "streamable-http": {
989
- const handleStreamableHttp = createStreamingHttpHandler(
990
- path,
991
- namespace,
992
- corsOptions
993
- );
994
- return handleStreamableHttp(request, ctx);
995
- }
996
- case "sse": {
997
- const handleLegacySse = createLegacySseHandler(
998
- path,
999
- namespace,
1000
- corsOptions
1001
- );
1002
- return handleLegacySse(request, ctx);
1003
- }
1004
- default:
1005
- return new Response(
1006
- "Invalid MCP transport mode. Only `streamable-http` or `sse` are allowed.",
1007
- { status: 500 }
1008
- );
1009
- }
1010
- }
1011
- };
1012
- }
1013
- /**
1014
- * Legacy api
1015
- **/
1016
- static mount(path, opts = {}) {
1017
- return _McpAgent.serveSSE(path, opts);
1018
- }
1019
- static serveSSE(path, opts = {}) {
1020
- return _McpAgent.serve(path, { ...opts, transport: "sse" });
1021
- }
640
+ //#endregion
641
+ //#region src/mcp/worker-transport.ts
642
+ const SUPPORTED_PROTOCOL_VERSIONS = ["2025-03-26", "2025-06-18"];
643
+ const DEFAULT_PROTOCOL_VERSION = "2025-03-26";
644
+ const MCP_PROTOCOL_VERSION_HEADER = "MCP-Protocol-Version";
645
+ var WorkerTransport = class {
646
+ constructor(options) {
647
+ this.started = false;
648
+ this.initialized = false;
649
+ this.enableJsonResponse = false;
650
+ this.standaloneSseStreamId = "_GET_stream";
651
+ this.streamMapping = /* @__PURE__ */ new Map();
652
+ this.requestToStreamMapping = /* @__PURE__ */ new Map();
653
+ this.requestResponseMap = /* @__PURE__ */ new Map();
654
+ this.sessionIdGenerator = options?.sessionIdGenerator;
655
+ this.enableJsonResponse = options?.enableJsonResponse ?? false;
656
+ this.onsessioninitialized = options?.onsessioninitialized;
657
+ this.corsOptions = options?.corsOptions;
658
+ }
659
+ async start() {
660
+ if (this.started) throw new Error("Transport already started");
661
+ this.started = true;
662
+ }
663
+ validateProtocolVersion(request) {
664
+ const versionHeader = request.headers.get(MCP_PROTOCOL_VERSION_HEADER);
665
+ if (!versionHeader) {
666
+ if (!this.protocolVersion || this.protocolVersion === DEFAULT_PROTOCOL_VERSION) return;
667
+ return new Response(JSON.stringify({
668
+ jsonrpc: "2.0",
669
+ error: {
670
+ code: -32e3,
671
+ message: `Bad Request: ${MCP_PROTOCOL_VERSION_HEADER} header is required`
672
+ },
673
+ id: null
674
+ }), {
675
+ status: 400,
676
+ headers: {
677
+ "Content-Type": "application/json",
678
+ ...this.getHeaders()
679
+ }
680
+ });
681
+ }
682
+ if (!SUPPORTED_PROTOCOL_VERSIONS.includes(versionHeader)) return new Response(JSON.stringify({
683
+ jsonrpc: "2.0",
684
+ error: {
685
+ code: -32e3,
686
+ message: `Bad Request: Unsupported ${MCP_PROTOCOL_VERSION_HEADER}: ${versionHeader}. Supported versions: ${SUPPORTED_PROTOCOL_VERSIONS.join(", ")}`
687
+ },
688
+ id: null
689
+ }), {
690
+ status: 400,
691
+ headers: {
692
+ "Content-Type": "application/json",
693
+ ...this.getHeaders()
694
+ }
695
+ });
696
+ if (this.protocolVersion && versionHeader !== this.protocolVersion) return new Response(JSON.stringify({
697
+ jsonrpc: "2.0",
698
+ error: {
699
+ code: -32e3,
700
+ message: `Bad Request: ${MCP_PROTOCOL_VERSION_HEADER} mismatch. Expected: ${this.protocolVersion}, Got: ${versionHeader}`
701
+ },
702
+ id: null
703
+ }), {
704
+ status: 400,
705
+ headers: {
706
+ "Content-Type": "application/json",
707
+ ...this.getHeaders()
708
+ }
709
+ });
710
+ }
711
+ getHeaders({ forPreflight } = {}) {
712
+ const options = {
713
+ origin: "*",
714
+ headers: "Content-Type, Accept, Authorization, mcp-session-id, MCP-Protocol-Version",
715
+ methods: "GET, POST, DELETE, OPTIONS",
716
+ exposeHeaders: "mcp-session-id",
717
+ maxAge: 86400,
718
+ ...this.corsOptions
719
+ };
720
+ if (forPreflight) return {
721
+ "Access-Control-Allow-Origin": options.origin,
722
+ "Access-Control-Allow-Headers": options.headers,
723
+ "Access-Control-Allow-Methods": options.methods,
724
+ "Access-Control-Max-Age": options.maxAge.toString()
725
+ };
726
+ return {
727
+ "Access-Control-Allow-Origin": options.origin,
728
+ "Access-Control-Expose-Headers": options.exposeHeaders
729
+ };
730
+ }
731
+ async handleRequest(request, parsedBody) {
732
+ switch (request.method) {
733
+ case "OPTIONS": return this.handleOptionsRequest(request);
734
+ case "GET": return this.handleGetRequest(request);
735
+ case "POST": return this.handlePostRequest(request, parsedBody);
736
+ case "DELETE": return this.handleDeleteRequest(request);
737
+ default: return this.handleUnsupportedRequest();
738
+ }
739
+ }
740
+ async handleGetRequest(request) {
741
+ if (!request.headers.get("Accept")?.includes("text/event-stream")) return new Response(JSON.stringify({
742
+ jsonrpc: "2.0",
743
+ error: {
744
+ code: -32e3,
745
+ message: "Not Acceptable: Client must accept text/event-stream"
746
+ },
747
+ id: null
748
+ }), {
749
+ status: 406,
750
+ headers: {
751
+ "Content-Type": "application/json",
752
+ ...this.getHeaders()
753
+ }
754
+ });
755
+ const sessionError = this.validateSession(request);
756
+ if (sessionError) return sessionError;
757
+ const versionError = this.validateProtocolVersion(request);
758
+ if (versionError) return versionError;
759
+ const streamId = this.standaloneSseStreamId;
760
+ if (this.streamMapping.get(streamId) !== void 0) return new Response(JSON.stringify({
761
+ jsonrpc: "2.0",
762
+ error: {
763
+ code: -32e3,
764
+ message: "Conflict: Only one SSE stream is allowed per session"
765
+ },
766
+ id: null
767
+ }), {
768
+ status: 409,
769
+ headers: {
770
+ "Content-Type": "application/json",
771
+ ...this.getHeaders()
772
+ }
773
+ });
774
+ const { readable, writable } = new TransformStream();
775
+ const writer = writable.getWriter();
776
+ const encoder = new TextEncoder();
777
+ const headers = new Headers({
778
+ "Content-Type": "text/event-stream",
779
+ "Cache-Control": "no-cache",
780
+ Connection: "keep-alive",
781
+ ...this.getHeaders()
782
+ });
783
+ if (this.sessionId !== void 0) headers.set("mcp-session-id", this.sessionId);
784
+ const keepAlive = setInterval(() => {
785
+ try {
786
+ writer.write(encoder.encode("event: ping\ndata: \n\n"));
787
+ } catch {
788
+ clearInterval(keepAlive);
789
+ }
790
+ }, 3e4);
791
+ this.streamMapping.set(streamId, {
792
+ writer,
793
+ encoder,
794
+ cleanup: () => {
795
+ clearInterval(keepAlive);
796
+ this.streamMapping.delete(streamId);
797
+ writer.close().catch(() => {});
798
+ }
799
+ });
800
+ return new Response(readable, { headers });
801
+ }
802
+ async handlePostRequest(request, parsedBody) {
803
+ const acceptHeader = request.headers.get("Accept");
804
+ if (!acceptHeader?.includes("application/json") || !acceptHeader.includes("text/event-stream")) return new Response(JSON.stringify({
805
+ jsonrpc: "2.0",
806
+ error: {
807
+ code: -32e3,
808
+ message: "Not Acceptable: Client must accept both application/json and text/event-stream"
809
+ },
810
+ id: null
811
+ }), {
812
+ status: 406,
813
+ headers: {
814
+ "Content-Type": "application/json",
815
+ ...this.getHeaders()
816
+ }
817
+ });
818
+ if (!request.headers.get("Content-Type")?.includes("application/json")) return new Response(JSON.stringify({
819
+ jsonrpc: "2.0",
820
+ error: {
821
+ code: -32e3,
822
+ message: "Unsupported Media Type: Content-Type must be application/json"
823
+ },
824
+ id: null
825
+ }), {
826
+ status: 415,
827
+ headers: {
828
+ "Content-Type": "application/json",
829
+ ...this.getHeaders()
830
+ }
831
+ });
832
+ let rawMessage = parsedBody;
833
+ if (rawMessage === void 0) try {
834
+ rawMessage = await request.json();
835
+ } catch {
836
+ return new Response(JSON.stringify({
837
+ jsonrpc: "2.0",
838
+ error: {
839
+ code: -32700,
840
+ message: "Parse error: Invalid JSON"
841
+ },
842
+ id: null
843
+ }), {
844
+ status: 400,
845
+ headers: {
846
+ "Content-Type": "application/json",
847
+ ...this.getHeaders()
848
+ }
849
+ });
850
+ }
851
+ let messages;
852
+ try {
853
+ if (Array.isArray(rawMessage)) messages = rawMessage.map((msg) => JSONRPCMessageSchema.parse(msg));
854
+ else messages = [JSONRPCMessageSchema.parse(rawMessage)];
855
+ } catch {
856
+ return new Response(JSON.stringify({
857
+ jsonrpc: "2.0",
858
+ error: {
859
+ code: -32700,
860
+ message: "Parse error: Invalid JSON-RPC message"
861
+ },
862
+ id: null
863
+ }), {
864
+ status: 400,
865
+ headers: {
866
+ "Content-Type": "application/json",
867
+ ...this.getHeaders()
868
+ }
869
+ });
870
+ }
871
+ const isInitializationRequest = messages.some(isInitializeRequest);
872
+ if (isInitializationRequest) {
873
+ if (this.initialized && this.sessionId !== void 0) return new Response(JSON.stringify({
874
+ jsonrpc: "2.0",
875
+ error: {
876
+ code: -32600,
877
+ message: "Invalid Request: Server already initialized"
878
+ },
879
+ id: null
880
+ }), {
881
+ status: 400,
882
+ headers: {
883
+ "Content-Type": "application/json",
884
+ ...this.getHeaders()
885
+ }
886
+ });
887
+ if (messages.length > 1) return new Response(JSON.stringify({
888
+ jsonrpc: "2.0",
889
+ error: {
890
+ code: -32600,
891
+ message: "Invalid Request: Only one initialization request is allowed"
892
+ },
893
+ id: null
894
+ }), {
895
+ status: 400,
896
+ headers: {
897
+ "Content-Type": "application/json",
898
+ ...this.getHeaders()
899
+ }
900
+ });
901
+ const initRequest = messages.find(isInitializeRequest);
902
+ if (initRequest?.params) {
903
+ const version = initRequest.params.protocolVersion;
904
+ if (version && SUPPORTED_PROTOCOL_VERSIONS.includes(version)) this.protocolVersion = version;
905
+ else this.protocolVersion = DEFAULT_PROTOCOL_VERSION;
906
+ }
907
+ this.sessionId = this.sessionIdGenerator?.();
908
+ this.initialized = true;
909
+ if (this.sessionId && this.onsessioninitialized) this.onsessioninitialized(this.sessionId);
910
+ }
911
+ if (!isInitializationRequest) {
912
+ const sessionError = this.validateSession(request);
913
+ if (sessionError) return sessionError;
914
+ const versionError = this.validateProtocolVersion(request);
915
+ if (versionError) return versionError;
916
+ }
917
+ if (!messages.some(isJSONRPCRequest)) {
918
+ for (const message of messages) this.onmessage?.(message);
919
+ return new Response(null, {
920
+ status: 202,
921
+ headers: { ...this.getHeaders() }
922
+ });
923
+ }
924
+ const streamId = crypto.randomUUID();
925
+ if (this.enableJsonResponse) return new Promise((resolve) => {
926
+ this.streamMapping.set(streamId, {
927
+ resolveJson: resolve,
928
+ cleanup: () => {
929
+ this.streamMapping.delete(streamId);
930
+ }
931
+ });
932
+ for (const message of messages) if (isJSONRPCRequest(message)) this.requestToStreamMapping.set(message.id, streamId);
933
+ for (const message of messages) this.onmessage?.(message);
934
+ });
935
+ const { readable, writable } = new TransformStream();
936
+ const writer = writable.getWriter();
937
+ const encoder = new TextEncoder();
938
+ const headers = new Headers({
939
+ "Content-Type": "text/event-stream",
940
+ "Cache-Control": "no-cache",
941
+ Connection: "keep-alive",
942
+ ...this.getHeaders()
943
+ });
944
+ if (this.sessionId !== void 0) headers.set("mcp-session-id", this.sessionId);
945
+ this.streamMapping.set(streamId, {
946
+ writer,
947
+ encoder,
948
+ cleanup: () => {
949
+ this.streamMapping.delete(streamId);
950
+ writer.close().catch(() => {});
951
+ }
952
+ });
953
+ for (const message of messages) if (isJSONRPCRequest(message)) this.requestToStreamMapping.set(message.id, streamId);
954
+ for (const message of messages) this.onmessage?.(message);
955
+ return new Response(readable, { headers });
956
+ }
957
+ async handleDeleteRequest(request) {
958
+ const sessionError = this.validateSession(request);
959
+ if (sessionError) return sessionError;
960
+ const versionError = this.validateProtocolVersion(request);
961
+ if (versionError) return versionError;
962
+ await this.close();
963
+ return new Response(null, {
964
+ status: 200,
965
+ headers: { ...this.getHeaders() }
966
+ });
967
+ }
968
+ handleOptionsRequest(_request) {
969
+ return new Response(null, {
970
+ status: 200,
971
+ headers: { ...this.getHeaders({ forPreflight: true }) }
972
+ });
973
+ }
974
+ handleUnsupportedRequest() {
975
+ return new Response(JSON.stringify({
976
+ jsonrpc: "2.0",
977
+ error: {
978
+ code: -32e3,
979
+ message: "Method not allowed."
980
+ },
981
+ id: null
982
+ }), {
983
+ status: 405,
984
+ headers: {
985
+ Allow: "GET, POST, DELETE, OPTIONS",
986
+ "Content-Type": "application/json"
987
+ }
988
+ });
989
+ }
990
+ validateSession(request) {
991
+ if (this.sessionIdGenerator === void 0) return;
992
+ if (!this.initialized) return new Response(JSON.stringify({
993
+ jsonrpc: "2.0",
994
+ error: {
995
+ code: -32e3,
996
+ message: "Bad Request: Server not initialized"
997
+ },
998
+ id: null
999
+ }), {
1000
+ status: 400,
1001
+ headers: {
1002
+ "Content-Type": "application/json",
1003
+ ...this.getHeaders()
1004
+ }
1005
+ });
1006
+ const sessionId = request.headers.get("mcp-session-id");
1007
+ if (!sessionId) return new Response(JSON.stringify({
1008
+ jsonrpc: "2.0",
1009
+ error: {
1010
+ code: -32e3,
1011
+ message: "Bad Request: Mcp-Session-Id header is required"
1012
+ },
1013
+ id: null
1014
+ }), {
1015
+ status: 400,
1016
+ headers: {
1017
+ "Content-Type": "application/json",
1018
+ ...this.getHeaders()
1019
+ }
1020
+ });
1021
+ if (sessionId !== this.sessionId) return new Response(JSON.stringify({
1022
+ jsonrpc: "2.0",
1023
+ error: {
1024
+ code: -32001,
1025
+ message: "Session not found"
1026
+ },
1027
+ id: null
1028
+ }), {
1029
+ status: 404,
1030
+ headers: {
1031
+ "Content-Type": "application/json",
1032
+ ...this.getHeaders()
1033
+ }
1034
+ });
1035
+ }
1036
+ async close() {
1037
+ for (const { cleanup } of this.streamMapping.values()) cleanup();
1038
+ this.streamMapping.clear();
1039
+ this.requestResponseMap.clear();
1040
+ this.onclose?.();
1041
+ }
1042
+ async send(message) {
1043
+ let requestId;
1044
+ if (isJSONRPCResponse(message) || isJSONRPCError(message)) requestId = message.id;
1045
+ if (requestId === void 0) {
1046
+ if (isJSONRPCResponse(message) || isJSONRPCError(message)) throw new Error("Cannot send a response on a standalone SSE stream unless resuming a previous client request");
1047
+ const standaloneSse = this.streamMapping.get(this.standaloneSseStreamId);
1048
+ if (standaloneSse === void 0) return;
1049
+ if (standaloneSse.writer && standaloneSse.encoder) {
1050
+ const data = `event: message\ndata: ${JSON.stringify(message)}\n\n`;
1051
+ await standaloneSse.writer.write(standaloneSse.encoder.encode(data));
1052
+ }
1053
+ return;
1054
+ }
1055
+ const streamId = this.requestToStreamMapping.get(requestId);
1056
+ if (!streamId) throw new Error(`No connection established for request ID: ${String(requestId)}`);
1057
+ const response = this.streamMapping.get(streamId);
1058
+ if (!response) throw new Error(`No connection established for request ID: ${String(requestId)}`);
1059
+ if (!this.enableJsonResponse) {
1060
+ if (response.writer && response.encoder) {
1061
+ const data = `event: message\ndata: ${JSON.stringify(message)}\n\n`;
1062
+ await response.writer.write(response.encoder.encode(data));
1063
+ }
1064
+ }
1065
+ if (isJSONRPCResponse(message) || isJSONRPCError(message)) {
1066
+ this.requestResponseMap.set(requestId, message);
1067
+ const relatedIds = Array.from(this.requestToStreamMapping.entries()).filter(([, sid]) => sid === streamId).map(([id]) => id);
1068
+ if (relatedIds.every((id) => this.requestResponseMap.has(id))) {
1069
+ if (this.enableJsonResponse && response.resolveJson) {
1070
+ const responses = relatedIds.map((id) => this.requestResponseMap.get(id));
1071
+ const headers = new Headers({
1072
+ "Content-Type": "application/json",
1073
+ ...this.getHeaders()
1074
+ });
1075
+ if (this.sessionId !== void 0) headers.set("mcp-session-id", this.sessionId);
1076
+ const body = responses.length === 1 ? responses[0] : responses;
1077
+ response.resolveJson(new Response(JSON.stringify(body), { headers }));
1078
+ } else response.cleanup();
1079
+ for (const id of relatedIds) {
1080
+ this.requestResponseMap.delete(id);
1081
+ this.requestToStreamMapping.delete(id);
1082
+ }
1083
+ }
1084
+ }
1085
+ }
1022
1086
  };
1023
- export {
1024
- ElicitRequestSchema,
1025
- McpAgent,
1026
- SSEEdgeClientTransport,
1027
- StreamableHTTPEdgeClientTransport
1087
+
1088
+ //#endregion
1089
+ //#region src/mcp/auth-context.ts
1090
+ const authContextStorage = new AsyncLocalStorage();
1091
+ function getMcpAuthContext() {
1092
+ return authContextStorage.getStore();
1093
+ }
1094
+ function runWithAuthContext(context, fn) {
1095
+ return authContextStorage.run(context, fn);
1096
+ }
1097
+
1098
+ //#endregion
1099
+ //#region src/mcp/handler.ts
1100
+ function createMcpHandler(server, options = {}) {
1101
+ const route = options.route ?? "/mcp";
1102
+ return async (request, _env, ctx) => {
1103
+ const url = new URL(request.url);
1104
+ if (route && url.pathname !== route) return new Response("Not Found", { status: 404 });
1105
+ const oauthCtx = ctx;
1106
+ const authContext = oauthCtx.props ? { props: oauthCtx.props } : void 0;
1107
+ const transport = new WorkerTransport(options);
1108
+ await server.connect(transport);
1109
+ const handleRequest = async () => {
1110
+ return await transport.handleRequest(request);
1111
+ };
1112
+ try {
1113
+ if (authContext) return await runWithAuthContext(authContext, handleRequest);
1114
+ else return await handleRequest();
1115
+ } catch (error) {
1116
+ console.error("MCP handler error:", error);
1117
+ return new Response(JSON.stringify({
1118
+ jsonrpc: "2.0",
1119
+ error: {
1120
+ code: -32603,
1121
+ message: error instanceof Error ? error.message : "Internal server error"
1122
+ },
1123
+ id: null
1124
+ }), {
1125
+ status: 500,
1126
+ headers: { "Content-Type": "application/json" }
1127
+ });
1128
+ }
1129
+ };
1130
+ }
1131
+ let didWarnAboutExperimentalCreateMcpHandler = false;
1132
+ /**
1133
+ * @deprecated This has been renamed to createMcpHandler, and experimental_createMcpHandler will be removed in the next major version
1134
+ */
1135
+ function experimental_createMcpHandler(server, options = {}) {
1136
+ if (!didWarnAboutExperimentalCreateMcpHandler) {
1137
+ didWarnAboutExperimentalCreateMcpHandler = true;
1138
+ console.warn("experimental_createMcpHandler is deprecated, use createMcpHandler instead. experimental_createMcpHandler will be removed in the next major version.");
1139
+ }
1140
+ return createMcpHandler(server, options);
1141
+ }
1142
+
1143
+ //#endregion
1144
+ //#region src/mcp/index.ts
1145
+ var McpAgent = class McpAgent extends Agent {
1146
+ async setInitializeRequest(initializeRequest) {
1147
+ await this.ctx.storage.put("initializeRequest", initializeRequest);
1148
+ }
1149
+ async getInitializeRequest() {
1150
+ return this.ctx.storage.get("initializeRequest");
1151
+ }
1152
+ /** Read the transport type for this agent.
1153
+ * This relies on the naming scheme being `sse:${sessionId}`
1154
+ * or `streamable-http:${sessionId}`.
1155
+ */
1156
+ getTransportType() {
1157
+ const [t, ..._] = this.name.split(":");
1158
+ switch (t) {
1159
+ case "sse": return "sse";
1160
+ case "streamable-http": return "streamable-http";
1161
+ default: throw new Error("Invalid transport type. McpAgent must be addressed with a valid protocol.");
1162
+ }
1163
+ }
1164
+ /** Read the sessionId for this agent.
1165
+ * This relies on the naming scheme being `sse:${sessionId}`
1166
+ * or `streamable-http:${sessionId}`.
1167
+ */
1168
+ getSessionId() {
1169
+ const [_, sessionId] = this.name.split(":");
1170
+ if (!sessionId) throw new Error("Invalid session id. McpAgent must be addressed with a valid session id.");
1171
+ return sessionId;
1172
+ }
1173
+ /** Get the unique WebSocket. SSE transport only. */
1174
+ getWebSocket() {
1175
+ const websockets = Array.from(this.getConnections());
1176
+ if (websockets.length === 0) return null;
1177
+ return websockets[0];
1178
+ }
1179
+ /** Returns a new transport matching the type of the Agent. */
1180
+ initTransport() {
1181
+ switch (this.getTransportType()) {
1182
+ case "sse": return new McpSSETransport(() => this.getWebSocket());
1183
+ case "streamable-http": return new StreamableHTTPServerTransport({});
1184
+ }
1185
+ }
1186
+ /** Update and store the props */
1187
+ async updateProps(props) {
1188
+ await this.ctx.storage.put("props", props ?? {});
1189
+ this.props = props;
1190
+ }
1191
+ async reinitializeServer() {
1192
+ const initializeRequest = await this.getInitializeRequest();
1193
+ if (initializeRequest) this._transport?.onmessage?.(initializeRequest);
1194
+ }
1195
+ /** Sets up the MCP transport and server every time the Agent is started.*/
1196
+ async onStart(props) {
1197
+ if (props) await this.updateProps(props);
1198
+ this.props = await this.ctx.storage.get("props");
1199
+ await this.init();
1200
+ const server = await this.server;
1201
+ this._transport = this.initTransport();
1202
+ await server.connect(this._transport);
1203
+ await this.reinitializeServer();
1204
+ }
1205
+ /** Validates new WebSocket connections. */
1206
+ async onConnect(conn, { request: req }) {
1207
+ switch (this.getTransportType()) {
1208
+ case "sse":
1209
+ if (Array.from(this.getConnections()).length > 1) {
1210
+ conn.close(1008, "Websocket already connected");
1211
+ return;
1212
+ }
1213
+ break;
1214
+ case "streamable-http": if (this._transport instanceof StreamableHTTPServerTransport) switch (req.headers.get(MCP_HTTP_METHOD_HEADER)) {
1215
+ case "POST": {
1216
+ const payloadHeader = req.headers.get(MCP_MESSAGE_HEADER);
1217
+ let rawPayload;
1218
+ if (!payloadHeader) rawPayload = "{}";
1219
+ else try {
1220
+ rawPayload = Buffer.from(payloadHeader, "base64").toString("utf-8");
1221
+ } catch (_error) {
1222
+ throw new Error("Internal Server Error: Failed to decode MCP message header");
1223
+ }
1224
+ const parsedBody = JSON.parse(rawPayload);
1225
+ this._transport?.handlePostRequest(req, parsedBody);
1226
+ break;
1227
+ }
1228
+ case "GET":
1229
+ this._transport?.handleGetRequest(req);
1230
+ break;
1231
+ }
1232
+ }
1233
+ }
1234
+ /** Handles MCP Messages for the legacy SSE transport. */
1235
+ async onSSEMcpMessage(_sessionId, messageBody) {
1236
+ if (this.getTransportType() !== "sse") return /* @__PURE__ */ new Error("Internal Server Error: Expected SSE transport");
1237
+ try {
1238
+ let parsedMessage;
1239
+ try {
1240
+ parsedMessage = JSONRPCMessageSchema.parse(messageBody);
1241
+ } catch (error) {
1242
+ this._transport?.onerror?.(error);
1243
+ throw error;
1244
+ }
1245
+ if (await this._handleElicitationResponse(parsedMessage)) return null;
1246
+ this._transport?.onmessage?.(parsedMessage);
1247
+ return null;
1248
+ } catch (error) {
1249
+ console.error("Error forwarding message to SSE:", error);
1250
+ this._transport?.onerror?.(error);
1251
+ return error;
1252
+ }
1253
+ }
1254
+ /** Elicit user input with a message and schema */
1255
+ async elicitInput(params) {
1256
+ const requestId = `elicit_${Math.random().toString(36).substring(2, 11)}`;
1257
+ await this.ctx.storage.put(`elicitation:${requestId}`, {
1258
+ message: params.message,
1259
+ requestedSchema: params.requestedSchema,
1260
+ timestamp: Date.now()
1261
+ });
1262
+ const elicitRequest = {
1263
+ jsonrpc: "2.0",
1264
+ id: requestId,
1265
+ method: "elicitation/create",
1266
+ params: {
1267
+ message: params.message,
1268
+ requestedSchema: params.requestedSchema
1269
+ }
1270
+ };
1271
+ if (this._transport) await this._transport.send(elicitRequest);
1272
+ else {
1273
+ const connections = this.getConnections();
1274
+ if (!connections || Array.from(connections).length === 0) {
1275
+ await this.ctx.storage.delete(`elicitation:${requestId}`);
1276
+ throw new Error("No active connections available for elicitation");
1277
+ }
1278
+ const connectionList = Array.from(connections);
1279
+ for (const connection of connectionList) try {
1280
+ connection.send(JSON.stringify(elicitRequest));
1281
+ } catch (error) {
1282
+ console.error("Failed to send elicitation request:", error);
1283
+ }
1284
+ }
1285
+ return this._waitForElicitationResponse(requestId);
1286
+ }
1287
+ /** Wait for elicitation response through storage polling */
1288
+ async _waitForElicitationResponse(requestId) {
1289
+ const startTime = Date.now();
1290
+ const timeout = 6e4;
1291
+ try {
1292
+ while (Date.now() - startTime < timeout) {
1293
+ const response = await this.ctx.storage.get(`elicitation:response:${requestId}`);
1294
+ if (response) {
1295
+ await this.ctx.storage.delete(`elicitation:${requestId}`);
1296
+ await this.ctx.storage.delete(`elicitation:response:${requestId}`);
1297
+ return response;
1298
+ }
1299
+ await new Promise((resolve) => setTimeout(resolve, 100));
1300
+ }
1301
+ throw new Error("Elicitation request timed out");
1302
+ } finally {
1303
+ await this.ctx.storage.delete(`elicitation:${requestId}`);
1304
+ await this.ctx.storage.delete(`elicitation:response:${requestId}`);
1305
+ }
1306
+ }
1307
+ /** Handle elicitation responses */
1308
+ async _handleElicitationResponse(message) {
1309
+ if (isJSONRPCResponse(message) && message.result) {
1310
+ const requestId = message.id?.toString();
1311
+ if (!requestId || !requestId.startsWith("elicit_")) return false;
1312
+ if (!await this.ctx.storage.get(`elicitation:${requestId}`)) return false;
1313
+ await this.ctx.storage.put(`elicitation:response:${requestId}`, message.result);
1314
+ return true;
1315
+ }
1316
+ if (isJSONRPCError(message)) {
1317
+ const requestId = message.id?.toString();
1318
+ if (!requestId || !requestId.startsWith("elicit_")) return false;
1319
+ if (!await this.ctx.storage.get(`elicitation:${requestId}`)) return false;
1320
+ const errorResult = {
1321
+ action: "cancel",
1322
+ content: { error: message.error.message || "Elicitation request failed" }
1323
+ };
1324
+ await this.ctx.storage.put(`elicitation:response:${requestId}`, errorResult);
1325
+ return true;
1326
+ }
1327
+ return false;
1328
+ }
1329
+ /** Return a handler for the given path for this MCP.
1330
+ * Defaults to Streamable HTTP transport.
1331
+ */
1332
+ static serve(path, { binding = "MCP_OBJECT", corsOptions, transport = "streamable-http", jurisdiction } = {}) {
1333
+ return { async fetch(request, env, ctx) {
1334
+ const corsResponse = handleCORS(request, corsOptions);
1335
+ if (corsResponse) return corsResponse;
1336
+ const bindingValue = env[binding];
1337
+ if (bindingValue == null || typeof bindingValue !== "object") throw new Error(`Could not find McpAgent binding for ${binding}. Did you update your wrangler configuration?`);
1338
+ if (!isDurableObjectNamespace(bindingValue)) throw new Error(`Invalid McpAgent binding for ${binding}. Make sure it's a Durable Object binding.`);
1339
+ const namespace = bindingValue;
1340
+ switch (transport) {
1341
+ case "streamable-http": return createStreamingHttpHandler(path, namespace, {
1342
+ corsOptions,
1343
+ jurisdiction
1344
+ })(request, ctx);
1345
+ case "sse": return createLegacySseHandler(path, namespace, {
1346
+ corsOptions,
1347
+ jurisdiction
1348
+ })(request, ctx);
1349
+ default: return new Response("Invalid MCP transport mode. Only `streamable-http` or `sse` are allowed.", { status: 500 });
1350
+ }
1351
+ } };
1352
+ }
1353
+ /**
1354
+ * Legacy api
1355
+ **/
1356
+ static mount(path, opts = {}) {
1357
+ return McpAgent.serveSSE(path, opts);
1358
+ }
1359
+ static serveSSE(path, opts = {}) {
1360
+ return McpAgent.serve(path, {
1361
+ ...opts,
1362
+ transport: "sse"
1363
+ });
1364
+ }
1028
1365
  };
1366
+
1367
+ //#endregion
1368
+ export { ElicitRequestSchema, McpAgent, SSEEdgeClientTransport, StreamableHTTPEdgeClientTransport, WorkerTransport, createMcpHandler, experimental_createMcpHandler, getMcpAuthContext };
1029
1369
  //# sourceMappingURL=index.js.map