agents 0.0.0-db5b372 → 0.0.0-dc7a99c

package/src/index.ts

@@ -1,20 +1,31 @@
+import { AsyncLocalStorage } from "node:async_hooks";
+import type { Client } from "@modelcontextprotocol/sdk/client/index.js";
+import type { SSEClientTransportOptions } from "@modelcontextprotocol/sdk/client/sse.js";
+
+import type {
+  Prompt,
+  Resource,
+  ServerCapabilities,
+  Tool,
+} from "@modelcontextprotocol/sdk/types.js";
+import { parseCronExpression } from "cron-schedule";
+import { nanoid } from "nanoid";
 import {
-  Server,
-  routePartykitRequest,
-  type PartyServerOptions,
-  getServerByName,
   type Connection,
   type ConnectionContext,
+  getServerByName,
+  type PartyServerOptions,
+  routePartykitRequest,
+  Server,
   type WSMessage,
 } from "partyserver";
-
-import { parseCronExpression } from "cron-schedule";
-import { nanoid } from "nanoid";
-
-import { AsyncLocalStorage } from "node:async_hooks";
+import { camelCaseToKebabCase } from "./client";
 import { MCPClientManager } from "./mcp/client";
+// import type { MCPClientConnection } from "./mcp/client-connection";
+import { DurableObjectOAuthClientProvider } from "./mcp/do-oauth-client-provider";
+import { genericObservability, type Observability } from "./observability";
 
-export type { Connection, WSMessage, ConnectionContext } from "partyserver";
+export type { Connection, ConnectionContext, WSMessage } from "partyserver";
 
 /**
  * RPC request message from client
@@ -98,7 +109,6 @@ export type CallableMetadata = {
   streaming?: boolean;
 };
 
-// biome-ignore lint/complexity/noBannedTypes: <explanation>
 const callableMetadata = new Map<Function, CallableMetadata>();
 
 /**
@@ -108,6 +118,7 @@ const callableMetadata = new Map<Function, CallableMetadata>();
 export function unstable_callable(metadata: CallableMetadata = {}) {
   return function callableDecorator<This, Args extends unknown[], Return>(
     target: (this: This, ...args: Args) => Return,
+    // biome-ignore lint/correctness/noUnusedFunctionParameters: later
     context: ClassMethodDecoratorContext
   ) {
     if (!callableMetadata.has(target)) {
@@ -159,29 +170,95 @@ function getNextCronTime(cron: string) {
   return interval.getNextDate();
 }
 
+/**
+ * MCP Server state update message from server -> Client
+ */
+export type MCPServerMessage = {
+  type: "cf_agent_mcp_servers";
+  mcp: MCPServersState;
+};
+
+export type MCPServersState = {
+  servers: {
+    [id: string]: MCPServer;
+  };
+  tools: Tool[];
+  prompts: Prompt[];
+  resources: Resource[];
+};
+
+export type MCPServer = {
+  name: string;
+  server_url: string;
+  auth_url: string | null;
+  // This state is specifically about the temporary process of getting a token (if needed).
+  // Scope outside of that can't be relied upon because when the DO sleeps, there's no way
+  // to communicate a change to a non-ready state.
+  state: "authenticating" | "connecting" | "ready" | "discovering" | "failed";
+  instructions: string | null;
+  capabilities: ServerCapabilities | null;
+};
+
+/**
+ * MCP Server data stored in DO SQL for resuming MCP Server connections
+ */
+type MCPServerRow = {
+  id: string;
+  name: string;
+  server_url: string;
+  client_id: string | null;
+  auth_url: string | null;
+  callback_url: string;
+  server_options: string;
+};
+
 const STATE_ROW_ID = "cf_state_row_id";
 const STATE_WAS_CHANGED = "cf_state_was_changed";
 
 const DEFAULT_STATE = {} as unknown;
 
-export const unstable_context = new AsyncLocalStorage<{
+const agentContext = new AsyncLocalStorage<{
   agent: Agent<unknown>;
   connection: Connection | undefined;
   request: Request | undefined;
 }>();
 
+export function getCurrentAgent<
+  T extends Agent<unknown, unknown> = Agent<unknown, unknown>,
+>(): {
+  agent: T | undefined;
+  connection: Connection | undefined;
+  request: Request<unknown, CfProperties<unknown>> | undefined;
+} {
+  const store = agentContext.getStore() as
+    | {
+        agent: T;
+        connection: Connection | undefined;
+        request: Request<unknown, CfProperties<unknown>> | undefined;
+      }
+    | undefined;
+  if (!store) {
+    return {
+      agent: undefined,
+      connection: undefined,
+      request: undefined,
+    };
+  }
+  return store;
+}
+
 /**
  * Base class for creating Agent implementations
  * @template Env Environment type containing bindings
  * @template State State type to store within the Agent
  */
 export class Agent<Env, State = unknown> extends Server<Env> {
-  #state = DEFAULT_STATE as State;
+  private _state = DEFAULT_STATE as State;
 
-  #ParentClass: typeof Agent<Env, State> =
+  private _ParentClass: typeof Agent<Env, State> =
     Object.getPrototypeOf(this).constructor;
 
-  mcp: MCPClientManager = new MCPClientManager(this.#ParentClass.name, "0.0.1");
+  mcp: MCPClientManager = new MCPClientManager(this._ParentClass.name, "0.0.1");
 
   /**
    * Initial state for the Agent
@@ -193,9 +270,9 @@ export class Agent<Env, State = unknown> extends Server<Env> {
    * Current state of the Agent
    */
   get state(): State {
-    if (this.#state !== DEFAULT_STATE) {
+    if (this._state !== DEFAULT_STATE) {
       // state was previously set, and populated internal state
-      return this.#state;
+      return this._state;
     }
     // looks like this is the first time the state is being accessed
     // check if the state was set in a previous life
@@ -215,8 +292,8 @@ export class Agent<Env, State = unknown> extends Server<Env> {
     ) {
       const state = result[0]?.state as string; // could be null?
 
-      this.#state = JSON.parse(state);
-      return this.#state;
+      this._state = JSON.parse(state);
+      return this._state;
     }
 
     // ok, this is the first time the state is being accessed
@@ -240,6 +317,11 @@ export class Agent<Env, State = unknown> extends Server<Env> {
     hibernate: true, // default to hibernate
   };
 
+  /**
+   * The observability implementation to use for the Agent
+   */
+  observability?: Observability = genericObservability;
+
   /**
    * Execute SQL queries against the Agent's database
    * @template T Type of the returned rows
@@ -277,7 +359,7 @@ export class Agent<Env, State = unknown> extends Server<Env> {
     `;
 
     void this.ctx.blockConcurrencyWhile(async () => {
-      return this.#tryCatch(async () => {
+      return this._tryCatch(async () => {
         // Create alarms table if it doesn't exist
         this.sql`
         CREATE TABLE IF NOT EXISTS cf_agents_schedules (
@@ -297,25 +379,65 @@ export class Agent<Env, State = unknown> extends Server<Env> {
       });
     });
 
+    this.sql`
+      CREATE TABLE IF NOT EXISTS cf_agents_mcp_servers (
+        id TEXT PRIMARY KEY NOT NULL,
+        name TEXT NOT NULL,
+        server_url TEXT NOT NULL,
+        callback_url TEXT NOT NULL,
+        client_id TEXT,
+        auth_url TEXT,
+        server_options TEXT
+      )
+    `;
+
+    const _onRequest = this.onRequest.bind(this);
+    this.onRequest = (request: Request) => {
+      return agentContext.run(
+        { agent: this, connection: undefined, request },
+        async () => {
+          if (this.mcp.isCallbackRequest(request)) {
+            await this.mcp.handleCallbackRequest(request);
+
+            // after the MCP connection handshake, we can send updated mcp state
+            this.broadcast(
+              JSON.stringify({
+                mcp: this.getMcpServers(),
+                type: "cf_agent_mcp_servers",
+              })
+            );
+
+            // We probably should let the user configure this response/redirect, but this is fine for now.
+            return new Response("<script>window.close();</script>", {
+              headers: { "content-type": "text/html" },
+              status: 200,
+            });
+          }
+
+          return this._tryCatch(() => _onRequest(request));
+        }
+      );
+    };
+
     const _onMessage = this.onMessage.bind(this);
     this.onMessage = async (connection: Connection, message: WSMessage) => {
-      return unstable_context.run(
+      return agentContext.run(
         { agent: this, connection, request: undefined },
         async () => {
           if (typeof message !== "string") {
-            return this.#tryCatch(() => _onMessage(connection, message));
+            return this._tryCatch(() => _onMessage(connection, message));
           }
 
           let parsed: unknown;
           try {
             parsed = JSON.parse(message);
-          } catch (e) {
+          } catch (_e) {
             // silently fail and let the onMessage handler handle it
-            return this.#tryCatch(() => _onMessage(connection, message));
+            return this._tryCatch(() => _onMessage(connection, message));
           }
 
           if (isStateUpdateMessage(parsed)) {
-            this.#setStateInternal(parsed.state as State, connection);
+            this._setStateInternal(parsed.state as State, connection);
             return;
           }
 
@@ -329,11 +451,10 @@ export class Agent<Env, State = unknown> extends Server<Env> {
                 throw new Error(`Method ${method} does not exist`);
               }
 
-              if (!this.#isCallable(method)) {
+              if (!this._isCallable(method)) {
                 throw new Error(`Method ${method} is not callable`);
               }
 
-              // biome-ignore lint/complexity/noBannedTypes: <explanation>
               const metadata = callableMetadata.get(methodFn as Function);
 
               // For streaming methods, pass a StreamingResponse object
@@ -345,22 +466,39 @@ export class Agent<Env, State = unknown> extends Server<Env> {
 
               // For regular methods, execute and send response
               const result = await methodFn.apply(this, args);
+
+              this.observability?.emit(
+                {
+                  displayMessage: `RPC call to ${method}`,
+                  id: nanoid(),
+                  payload: {
+                    args,
+                    method,
+                    streaming: metadata?.streaming,
+                    success: true,
+                  },
+                  timestamp: Date.now(),
+                  type: "rpc",
+                },
+                this.ctx
+              );
+
               const response: RPCResponse = {
-                type: "rpc",
+                done: true,
                 id,
-                success: true,
                 result,
-                done: true,
+                success: true,
+                type: "rpc",
               };
               connection.send(JSON.stringify(response));
             } catch (e) {
               // Send error response
               const response: RPCResponse = {
-                type: "rpc",
-                id: parsed.id,
-                success: false,
                 error:
                   e instanceof Error ? e.message : "Unknown error occurred",
+                id: parsed.id,
+                success: false,
+                type: "rpc",
               };
               connection.send(JSON.stringify(response));
               console.error("RPC error:", e);
@@ -368,7 +506,7 @@ export class Agent<Env, State = unknown> extends Server<Env> {
             return;
           }
 
-          return this.#tryCatch(() => _onMessage(connection, message));
+          return this._tryCatch(() => _onMessage(connection, message));
         }
       );
     };
@@ -377,27 +515,89 @@ export class Agent<Env, State = unknown> extends Server<Env> {
     this.onConnect = (connection: Connection, ctx: ConnectionContext) => {
       // TODO: This is a hack to ensure the state is sent after the connection is established
       // must fix this
-      return unstable_context.run(
+      return agentContext.run(
         { agent: this, connection, request: ctx.request },
         async () => {
           setTimeout(() => {
             if (this.state) {
               connection.send(
                 JSON.stringify({
-                  type: "cf_agent_state",
                   state: this.state,
+                  type: "cf_agent_state",
                 })
               );
             }
-            return this.#tryCatch(() => _onConnect(connection, ctx));
+
+            connection.send(
+              JSON.stringify({
+                mcp: this.getMcpServers(),
+                type: "cf_agent_mcp_servers",
+              })
+            );
+
+            this.observability?.emit(
+              {
+                displayMessage: "Connection established",
+                id: nanoid(),
+                payload: {
+                  connectionId: connection.id,
+                },
+                timestamp: Date.now(),
+                type: "connect",
+              },
+              this.ctx
+            );
+            return this._tryCatch(() => _onConnect(connection, ctx));
           }, 20);
         }
       );
     };
+
+    const _onStart = this.onStart.bind(this);
+    this.onStart = async () => {
+      return agentContext.run(
+        { agent: this, connection: undefined, request: undefined },
+        async () => {
+          const servers = this.sql<MCPServerRow>`
+            SELECT id, name, server_url, client_id, auth_url, callback_url, server_options FROM cf_agents_mcp_servers;
+          `;
+
+          // from DO storage, reconnect to all servers not currently in the oauth flow using our saved auth information
+          Promise.allSettled(
+            servers.map((server) => {
+              return this._connectToMcpServerInternal(
+                server.name,
+                server.server_url,
+                server.callback_url,
+                server.server_options
+                  ? JSON.parse(server.server_options)
+                  : undefined,
+                {
+                  id: server.id,
+                  oauthClientId: server.client_id ?? undefined,
+                }
+              );
+            })
+          ).then((_results) => {
+            this.broadcast(
+              JSON.stringify({
+                mcp: this.getMcpServers(),
+                type: "cf_agent_mcp_servers",
+              })
+            );
+          });
+          await this._tryCatch(() => _onStart());
+        }
+      );
+    };
   }
 
-  #setStateInternal(state: State, source: Connection | "server" = "server") {
-    this.#state = state;
+  private _setStateInternal(
+    state: State,
+    source: Connection | "server" = "server"
+  ) {
+    const previousState = this._state;
+    this._state = state;
     this.sql`
     INSERT OR REPLACE INTO cf_agents_state (id, state)
     VALUES (${STATE_ROW_ID}, ${JSON.stringify(state)})
@@ -408,16 +608,29 @@ export class Agent<Env, State = unknown> extends Server<Env> {
   `;
     this.broadcast(
       JSON.stringify({
-        type: "cf_agent_state",
         state: state,
+        type: "cf_agent_state",
       }),
       source !== "server" ? [source.id] : []
     );
-    return this.#tryCatch(() => {
-      const { connection, request } = unstable_context.getStore() || {};
-      return unstable_context.run(
+    return this._tryCatch(() => {
+      const { connection, request } = agentContext.getStore() || {};
+      return agentContext.run(
         { agent: this, connection, request },
         async () => {
+          this.observability?.emit(
+            {
+              displayMessage: "State updated",
+              id: nanoid(),
+              payload: {
+                previousState,
+                state,
+              },
+              timestamp: Date.now(),
+              type: "state:update",
+            },
+            this.ctx
+          );
           return this.onStateUpdate(state, source);
         }
       );
@@ -429,7 +642,7 @@ export class Agent<Env, State = unknown> extends Server<Env> {
    * @param state New state to set
    */
   setState(state: State) {
-    this.#setStateInternal(state, "server");
+    this._setStateInternal(state, "server");
   }
 
   /**
@@ -437,6 +650,7 @@ export class Agent<Env, State = unknown> extends Server<Env> {
    * @param state Updated state
    * @param source Source of the state update ("server" or a client connection)
    */
+  // biome-ignore lint/correctness/noUnusedFunctionParameters: overridden later
   onStateUpdate(state: State | undefined, source: Connection | "server") {
     // override this to handle state updates
   }
@@ -445,8 +659,9 @@ export class Agent<Env, State = unknown> extends Server<Env> {
    * Called when the Agent receives an email
    * @param email Email message to process
    */
+  // biome-ignore lint/correctness/noUnusedFunctionParameters: overridden later
   onEmail(email: ForwardableEmailMessage) {
-    return unstable_context.run(
+    return agentContext.run(
       { agent: this, connection: undefined, request: undefined },
       async () => {
         console.error("onEmail not implemented");
@@ -454,7 +669,7 @@ export class Agent<Env, State = unknown> extends Server<Env> {
     );
   }
 
-  async #tryCatch<T>(fn: () => T | Promise<T>) {
+  private async _tryCatch<T>(fn: () => T | Promise<T>) {
     try {
       return await fn();
     } catch (e) {
@@ -511,6 +726,18 @@ export class Agent<Env, State = unknown> extends Server<Env> {
   ): Promise<Schedule<T>> {
     const id = nanoid(9);
 
+    const emitScheduleCreate = (schedule: Schedule<T>) =>
+      this.observability?.emit(
+        {
+          displayMessage: `Schedule ${schedule.id} created`,
+          id: nanoid(),
+          payload: schedule,
+          timestamp: Date.now(),
+          type: "schedule:create",
+        },
+        this.ctx
+      );
+
     if (typeof callback !== "string") {
       throw new Error("Callback must be a string");
     }
@@ -528,15 +755,19 @@ export class Agent<Env, State = unknown> extends Server<Env> {
         )}, 'scheduled', ${timestamp})
       `;
 
-      await this.#scheduleNextAlarm();
+      await this._scheduleNextAlarm();
 
-      return {
-        id,
+      const schedule: Schedule<T> = {
         callback: callback,
+        id,
         payload: payload as T,
         time: timestamp,
         type: "scheduled",
       };
+
+      emitScheduleCreate(schedule);
+
+      return schedule;
     }
     if (typeof when === "number") {
       const time = new Date(Date.now() + when * 1000);
@@ -549,16 +780,20 @@ export class Agent<Env, State = unknown> extends Server<Env> {
         )}, 'delayed', ${when}, ${timestamp})
       `;
 
-      await this.#scheduleNextAlarm();
+      await this._scheduleNextAlarm();
 
-      return {
-        id,
+      const schedule: Schedule<T> = {
         callback: callback,
-        payload: payload as T,
         delayInSeconds: when,
+        id,
+        payload: payload as T,
         time: timestamp,
         type: "delayed",
       };
+
+      emitScheduleCreate(schedule);
+
+      return schedule;
     }
     if (typeof when === "string") {
       const nextExecutionTime = getNextCronTime(when);
@@ -571,16 +806,20 @@ export class Agent<Env, State = unknown> extends Server<Env> {
         )}, 'cron', ${when}, ${timestamp})
       `;
 
-      await this.#scheduleNextAlarm();
+      await this._scheduleNextAlarm();
 
-      return {
-        id,
+      const schedule: Schedule<T> = {
         callback: callback,
-        payload: payload as T,
         cron: when,
+        id,
+        payload: payload as T,
         time: timestamp,
         type: "cron",
       };
+
+      emitScheduleCreate(schedule);
+
+      return schedule;
     }
     throw new Error("Invalid schedule type");
   }
@@ -656,13 +895,26 @@ export class Agent<Env, State = unknown> extends Server<Env> {
    * @returns true if the task was cancelled, false otherwise
    */
   async cancelSchedule(id: string): Promise<boolean> {
+    const schedule = await this.getSchedule(id);
+    if (schedule) {
+      this.observability?.emit(
+        {
+          displayMessage: `Schedule ${id} cancelled`,
+          id: nanoid(),
+          payload: schedule,
+          timestamp: Date.now(),
+          type: "schedule:cancel",
+        },
+        this.ctx
+      );
+    }
     this.sql`DELETE FROM cf_agents_schedules WHERE id = ${id}`;
 
-    await this.#scheduleNextAlarm();
+    await this._scheduleNextAlarm();
     return true;
   }
 
-  async #scheduleNextAlarm() {
+  private async _scheduleNextAlarm() {
     // Find the next schedule that needs to be executed
     const result = this.sql`
       SELECT time FROM cf_agents_schedules 
@@ -679,10 +931,14 @@ export class Agent<Env, State = unknown> extends Server<Env> {
   }
 
   /**
-   * Method called when an alarm fires
-   * Executes any scheduled tasks that are due
+   * Method called when an alarm fires.
+   * Executes any scheduled tasks that are due.
+   *
+   * @remarks
+   * To schedule a task, please use the `this.schedule` method instead.
+   * See {@link https://developers.cloudflare.com/agents/api-reference/schedule-tasks/}
    */
-  async alarm() {
+  public readonly alarm = async () => {
     const now = Math.floor(Date.now() / 1000);
 
     // Get all schedules that should be executed now
@@ -696,10 +952,21 @@ export class Agent<Env, State = unknown> extends Server<Env> {
         console.error(`callback ${row.callback} not found`);
         continue;
       }
-      await unstable_context.run(
+      await agentContext.run(
         { agent: this, connection: undefined, request: undefined },
         async () => {
           try {
+            this.observability?.emit(
+              {
+                displayMessage: `Schedule ${row.id} executed`,
+                id: nanoid(),
+                payload: row,
+                timestamp: Date.now(),
+                type: "schedule:execute",
+              },
+              this.ctx
+            );
+
             await (
               callback as (
                 payload: unknown,
@@ -728,8 +995,8 @@ export class Agent<Env, State = unknown> extends Server<Env> {
     }
 
     // Schedule the next alarm
-    await this.#scheduleNextAlarm();
-  }
+    await this._scheduleNextAlarm();
+  };
 
   /**
    * Destroy the Agent, removing all state and scheduled tasks
@@ -738,20 +1005,200 @@ export class Agent<Env, State = unknown> extends Server<Env> {
     // drop all tables
     this.sql`DROP TABLE IF EXISTS cf_agents_state`;
     this.sql`DROP TABLE IF EXISTS cf_agents_schedules`;
+    this.sql`DROP TABLE IF EXISTS cf_agents_mcp_servers`;
 
     // delete all alarms
     await this.ctx.storage.deleteAlarm();
     await this.ctx.storage.deleteAll();
+    this.ctx.abort("destroyed"); // enforce that the agent is evicted
+
+    this.observability?.emit(
+      {
+        displayMessage: "Agent destroyed",
+        id: nanoid(),
+        payload: {},
+        timestamp: Date.now(),
+        type: "destroy",
+      },
+      this.ctx
+    );
   }
 
   /**
    * Get all methods marked as callable on this Agent
    * @returns A map of method names to their metadata
    */
-  #isCallable(method: string): boolean {
-    // biome-ignore lint/complexity/noBannedTypes: <explanation>
+  private _isCallable(method: string): boolean {
     return callableMetadata.has(this[method as keyof this] as Function);
   }
+
+  /**
+   * Connect to a new MCP Server
+   *
+   * @param url MCP Server SSE URL
+   * @param callbackHost Base host for the agent, used for the redirect URI.
+   * @param agentsPrefix agents routing prefix if not using `agents`
+   * @param options MCP client and transport (header) options
+   * @returns authUrl
+   */
+  async addMcpServer(
+    serverName: string,
+    url: string,
+    callbackHost: string,
+    agentsPrefix = "agents",
+    options?: {
+      client?: ConstructorParameters<typeof Client>[1];
+      transport?: {
+        headers: HeadersInit;
+      };
+    }
+  ): Promise<{ id: string; authUrl: string | undefined }> {
+    const callbackUrl = `${callbackHost}/${agentsPrefix}/${camelCaseToKebabCase(this._ParentClass.name)}/${this.name}/callback`;
+
+    const result = await this._connectToMcpServerInternal(
+      serverName,
+      url,
+      callbackUrl,
+      options
+    );
+    this.sql`
+        INSERT
+        OR REPLACE INTO cf_agents_mcp_servers (id, name, server_url, client_id, auth_url, callback_url, server_options)
+      VALUES (
+        ${result.id},
+        ${serverName},
+        ${url},
+        ${result.clientId ?? null},
+        ${result.authUrl ?? null},
+        ${callbackUrl},
+        ${options ? JSON.stringify(options) : null}
+        );
+    `;
+
+    this.broadcast(
+      JSON.stringify({
+        mcp: this.getMcpServers(),
+        type: "cf_agent_mcp_servers",
+      })
+    );
+
+    return result;
+  }
+
+  async _connectToMcpServerInternal(
+    _serverName: string,
+    url: string,
+    callbackUrl: string,
+    // it's important that any options here are serializable because we put them into our sqlite DB for reconnection purposes
+    options?: {
+      client?: ConstructorParameters<typeof Client>[1];
+      /**
+       * We don't expose the normal set of transport options because:
+       * 1) we can't serialize things like the auth provider or a fetch function into the DB for reconnection purposes
+       * 2) We probably want these options to be agnostic to the transport type (SSE vs Streamable)
+       *
+       * This has the limitation that you can't override fetch, but I think headers should handle nearly all cases needed (i.e. non-standard bearer auth).
+       */
+      transport?: {
+        headers?: HeadersInit;
+      };
+    },
+    reconnect?: {
+      id: string;
+      oauthClientId?: string;
+    }
+  ): Promise<{
+    id: string;
+    authUrl: string | undefined;
+    clientId: string | undefined;
+  }> {
+    const authProvider = new DurableObjectOAuthClientProvider(
+      this.ctx.storage,
+      this.name,
+      callbackUrl
+    );
+
+    if (reconnect) {
+      authProvider.serverId = reconnect.id;
+      if (reconnect.oauthClientId) {
+        authProvider.clientId = reconnect.oauthClientId;
+      }
+    }
+
+    // allows passing through transport headers if necessary
+    // this handles some non-standard bearer auth setups (i.e. MCP server behind CF access instead of OAuth)
+    let headerTransportOpts: SSEClientTransportOptions = {};
+    if (options?.transport?.headers) {
+      headerTransportOpts = {
+        eventSourceInit: {
+          fetch: (url, init) =>
+            fetch(url, {
+              ...init,
+              headers: options?.transport?.headers,
+            }),
+        },
+        requestInit: {
+          headers: options?.transport?.headers,
+        },
+      };
+    }
+
+    const { id, authUrl, clientId } = await this.mcp.connect(url, {
+      client: options?.client,
+      reconnect,
+      transport: {
+        ...headerTransportOpts,
+        authProvider,
+      },
+    });
+
+    return {
+      authUrl,
+      clientId,
+      id,
+    };
+  }
+
+  async removeMcpServer(id: string) {
+    this.mcp.closeConnection(id);
+    this.sql`
+      DELETE FROM cf_agents_mcp_servers WHERE id = ${id};
+    `;
+    this.broadcast(
+      JSON.stringify({
+        mcp: this.getMcpServers(),
+        type: "cf_agent_mcp_servers",
+      })
+    );
+  }
+
+  getMcpServers(): MCPServersState {
+    const mcpState: MCPServersState = {
+      prompts: this.mcp.listPrompts(),
+      resources: this.mcp.listResources(),
+      servers: {},
+      tools: this.mcp.listTools(),
+    };
+
+    const servers = this.sql<MCPServerRow>`
+      SELECT id, name, server_url, client_id, auth_url, callback_url, server_options FROM cf_agents_mcp_servers;
+    `;
+
+    for (const server of servers) {
+      const serverConn = this.mcp.mcpConnections[server.id];
+      mcpState.servers[server.id] = {
+        auth_url: server.auth_url,
+        capabilities: serverConn?.serverCapabilities ?? null,
+        instructions: serverConn?.instructions ?? null,
+        name: server.name,
+        server_url: server.server_url,
+        // mark as "authenticating" because the server isn't automatically connected, so it's pending authenticating
+        state: serverConn?.connectionState ?? "authenticating",
+      };
+    }
+
+    return mcpState;
+  }
 }
 
 /**
@@ -791,9 +1238,9 @@ export async function routeAgentRequest<Env>(
   const corsHeaders =
     options?.cors === true
       ? {
-          "Access-Control-Allow-Origin": "*",
-          "Access-Control-Allow-Methods": "GET, POST, HEAD, OPTIONS",
           "Access-Control-Allow-Credentials": "true",
+          "Access-Control-Allow-Methods": "GET, POST, HEAD, OPTIONS",
+          "Access-Control-Allow-Origin": "*",
           "Access-Control-Max-Age": "86400",
         }
       : options?.cors;
@@ -841,9 +1288,9 @@ export async function routeAgentRequest<Env>(
  * @param options Routing options
  */
 export async function routeAgentEmail<Env>(
-  email: ForwardableEmailMessage,
-  env: Env,
-  options?: AgentOptions<Env>
+  _email: ForwardableEmailMessage,
+  _env: Env,
+  _options?: AgentOptions<Env>
 ): Promise<void> {}
 
 /**
@@ -855,7 +1302,7 @@ export async function routeAgentEmail<Env>(
  * @param options Options for Agent creation
  * @returns Promise resolving to an Agent instance stub
  */
-export function getAgentByName<Env, T extends Agent<Env>>(
+export async function getAgentByName<Env, T extends Agent<Env>>(
   namespace: AgentNamespace<T>,
   name: string,
   options?: {
@@ -870,13 +1317,13 @@ export function getAgentByName<Env, T extends Agent<Env>>(
  * A wrapper for streaming responses in callable methods
  */
 export class StreamingResponse {
-  #connection: Connection;
-  #id: string;
-  #closed = false;
+  private _connection: Connection;
+  private _id: string;
+  private _closed = false;
 
   constructor(connection: Connection, id: string) {
-    this.#connection = connection;
-    this.#id = id;
+    this._connection = connection;
+    this._id = id;
   }
 
   /**
@@ -884,17 +1331,17 @@ export class StreamingResponse {
    * @param chunk The data to send
    */
   send(chunk: unknown) {
-    if (this.#closed) {
+    if (this._closed) {
       throw new Error("StreamingResponse is already closed");
     }
     const response: RPCResponse = {
-      type: "rpc",
-      id: this.#id,
-      success: true,
-      result: chunk,
       done: false,
+      id: this._id,
+      result: chunk,
+      success: true,
+      type: "rpc",
     };
-    this.#connection.send(JSON.stringify(response));
+    this._connection.send(JSON.stringify(response));
   }
 
   /**
@@ -902,17 +1349,17 @@ export class StreamingResponse {
    * @param finalChunk Optional final chunk of data to send
    */
   end(finalChunk?: unknown) {
-    if (this.#closed) {
+    if (this._closed) {
       throw new Error("StreamingResponse is already closed");
     }
-    this.#closed = true;
+    this._closed = true;
     const response: RPCResponse = {
-      type: "rpc",
-      id: this.#id,
-      success: true,
-      result: finalChunk,
       done: true,
+      id: this._id,
+      result: finalChunk,
+      success: true,
+      type: "rpc",
     };
-    this.#connection.send(JSON.stringify(response));
+    this._connection.send(JSON.stringify(response));
   }
 }