agents 0.7.4 → 0.7.5

package/dist/mcp/do-oauth-client-provider.d.ts

@@ -1,61 +1,2 @@
-import { OAuthClientProvider } from "@modelcontextprotocol/sdk/client/auth.js";
-import { OAuthClientInformation, OAuthClientInformationFull, OAuthClientMetadata, OAuthTokens } from "@modelcontextprotocol/sdk/shared/auth.js";
-
-//#region src/mcp/do-oauth-client-provider.d.ts
-interface AgentMcpOAuthProvider extends OAuthClientProvider {
-  authUrl: string | undefined;
-  clientId: string | undefined;
-  serverId: string | undefined;
-  checkState(state: string): Promise<{
-    valid: boolean;
-    serverId?: string;
-    error?: string;
-  }>;
-  consumeState(state: string): Promise<void>;
-  deleteCodeVerifier(): Promise<void>;
-}
-/**
- * @deprecated Use {@link AgentMcpOAuthProvider} instead.
- */
-type AgentsOAuthProvider = AgentMcpOAuthProvider;
-declare class DurableObjectOAuthClientProvider implements AgentMcpOAuthProvider {
-  storage: DurableObjectStorage;
-  clientName: string;
-  baseRedirectUrl: string;
-  private _authUrl_;
-  private _serverId_;
-  private _clientId_;
-  constructor(storage: DurableObjectStorage, clientName: string, baseRedirectUrl: string);
-  get clientMetadata(): OAuthClientMetadata;
-  get clientUri(): string;
-  get redirectUrl(): string;
-  get clientId(): string;
-  set clientId(clientId_: string);
-  get serverId(): string;
-  set serverId(serverId_: string);
-  keyPrefix(clientId: string): string;
-  clientInfoKey(clientId: string): string;
-  clientInformation(): Promise<OAuthClientInformation | undefined>;
-  saveClientInformation(clientInformation: OAuthClientInformationFull): Promise<void>;
-  tokenKey(clientId: string): string;
-  tokens(): Promise<OAuthTokens | undefined>;
-  saveTokens(tokens: OAuthTokens): Promise<void>;
-  get authUrl(): string | undefined;
-  stateKey(nonce: string): string;
-  state(): Promise<string>;
-  checkState(state: string): Promise<{
-    valid: boolean;
-    serverId?: string;
-    error?: string;
-  }>;
-  consumeState(state: string): Promise<void>;
-  redirectToAuthorization(authUrl: URL): Promise<void>;
-  invalidateCredentials(scope: "all" | "client" | "tokens" | "verifier"): Promise<void>;
-  codeVerifierKey(clientId: string): string;
-  saveCodeVerifier(verifier: string): Promise<void>;
-  codeVerifier(): Promise<string>;
-  deleteCodeVerifier(): Promise<void>;
-}
-//#endregion
-export { AgentMcpOAuthProvider, AgentsOAuthProvider, DurableObjectOAuthClientProvider };
-//# sourceMappingURL=do-oauth-client-provider.d.ts.map
+import { n as AgentsOAuthProvider, r as DurableObjectOAuthClientProvider, t as AgentMcpOAuthProvider } from "../do-oauth-client-provider-C2jurFjW.js";
+export { AgentMcpOAuthProvider, AgentsOAuthProvider, DurableObjectOAuthClientProvider };

package/dist/mcp/do-oauth-client-provider.js

@@ -1,5 +1,4 @@
 import { nanoid } from "nanoid";
-
 //#region src/mcp/do-oauth-client-provider.ts
 const STATE_EXPIRATION_MS = 600 * 1e3;
 var DurableObjectOAuthClientProvider = class {
@@ -149,7 +148,7 @@ var DurableObjectOAuthClientProvider = class {
 		await this.storage.delete(this.codeVerifierKey(this.clientId));
 	}
 };
-
 //#endregion
 export { DurableObjectOAuthClientProvider };
+
 //# sourceMappingURL=do-oauth-client-provider.js.map

package/dist/mcp/do-oauth-client-provider.js.map

@@ -1 +1 @@
-{"version":3,"file":"do-oauth-client-provider.js","names":[],"sources":["../../src/mcp/do-oauth-client-provider.ts"],"sourcesContent":["import type { OAuthClientProvider } from \"@modelcontextprotocol/sdk/client/auth.js\";\nimport type {\n  OAuthClientInformation,\n  OAuthClientInformationFull,\n  OAuthClientMetadata,\n  OAuthTokens\n} from \"@modelcontextprotocol/sdk/shared/auth.js\";\nimport { nanoid } from \"nanoid\";\n\nconst STATE_EXPIRATION_MS = 10 * 60 * 1000; // 10 minutes\n\ninterface StoredState {\n  nonce: string;\n  serverId: string;\n  createdAt: number;\n}\n\n// A slight extension to the standard OAuthClientProvider interface because `redirectToAuthorization` doesn't give us the interface we need\n// This allows us to track authentication for a specific server and associated dynamic client registration\nexport interface AgentMcpOAuthProvider extends OAuthClientProvider {\n  authUrl: string | undefined;\n  clientId: string | undefined;\n  serverId: string | undefined;\n  checkState(\n    state: string\n  ): Promise<{ valid: boolean; serverId?: string; error?: string }>;\n  consumeState(state: string): Promise<void>;\n  deleteCodeVerifier(): Promise<void>;\n}\n\n/**\n * @deprecated Use {@link AgentMcpOAuthProvider} instead.\n */\nexport type AgentsOAuthProvider = AgentMcpOAuthProvider;\n\nexport class DurableObjectOAuthClientProvider implements AgentMcpOAuthProvider {\n  private _authUrl_: string | undefined;\n  private _serverId_: string | undefined;\n  private _clientId_: string | undefined;\n\n  constructor(\n    public storage: DurableObjectStorage,\n    public clientName: string,\n    public baseRedirectUrl: string\n  ) {\n    if (!storage) {\n      throw new Error(\n        \"DurableObjectOAuthClientProvider requires a valid DurableObjectStorage instance\"\n      );\n    }\n  }\n\n  get clientMetadata(): OAuthClientMetadata {\n    return {\n      client_name: this.clientName,\n      client_uri: this.clientUri,\n      grant_types: [\"authorization_code\", \"refresh_token\"],\n      redirect_uris: [this.redirectUrl],\n      response_types: [\"code\"],\n      token_endpoint_auth_method: \"none\"\n    };\n  }\n\n  get clientUri() {\n    return new URL(this.redirectUrl).origin;\n  }\n\n  get redirectUrl() {\n    return this.baseRedirectUrl;\n  }\n\n  get clientId() {\n    if (!this._clientId_) {\n      throw new Error(\"Trying to access clientId before it was set\");\n    }\n    return this._clientId_;\n  }\n\n  set clientId(clientId_: string) {\n    this._clientId_ = clientId_;\n  }\n\n  get serverId() {\n    if (!this._serverId_) {\n      throw new Error(\"Trying to access serverId before it was set\");\n    }\n    return this._serverId_;\n  }\n\n  set serverId(serverId_: string) {\n    this._serverId_ = serverId_;\n  }\n\n  keyPrefix(clientId: string) {\n    return `/${this.clientName}/${this.serverId}/${clientId}`;\n  }\n\n  clientInfoKey(clientId: string) {\n    return `${this.keyPrefix(clientId)}/client_info/`;\n  }\n\n  async clientInformation(): Promise<OAuthClientInformation | undefined> {\n    if (!this._clientId_) {\n      return undefined;\n    }\n    return (\n      (await this.storage.get<OAuthClientInformation>(\n        this.clientInfoKey(this.clientId)\n      )) ?? undefined\n    );\n  }\n\n  async saveClientInformation(\n    clientInformation: OAuthClientInformationFull\n  ): Promise<void> {\n    await this.storage.put(\n      this.clientInfoKey(clientInformation.client_id),\n      clientInformation\n    );\n    this.clientId = clientInformation.client_id;\n  }\n\n  tokenKey(clientId: string) {\n    return `${this.keyPrefix(clientId)}/token`;\n  }\n\n  async tokens(): Promise<OAuthTokens | undefined> {\n    if (!this._clientId_) {\n      return undefined;\n    }\n    return (\n      (await this.storage.get<OAuthTokens>(this.tokenKey(this.clientId))) ??\n      undefined\n    );\n  }\n\n  async saveTokens(tokens: OAuthTokens): Promise<void> {\n    await this.storage.put(this.tokenKey(this.clientId), tokens);\n  }\n\n  get authUrl() {\n    return this._authUrl_;\n  }\n\n  stateKey(nonce: string) {\n    return `/${this.clientName}/${this.serverId}/state/${nonce}`;\n  }\n\n  async state(): Promise<string> {\n    const nonce = nanoid();\n    const state = `${nonce}.${this.serverId}`;\n    const storedState: StoredState = {\n      nonce,\n      serverId: this.serverId,\n      createdAt: Date.now()\n    };\n    await this.storage.put(this.stateKey(nonce), storedState);\n    return state;\n  }\n\n  async checkState(\n    state: string\n  ): Promise<{ valid: boolean; serverId?: string; error?: string }> {\n    const parts = state.split(\".\");\n    if (parts.length !== 2) {\n      return { valid: false, error: \"Invalid state format\" };\n    }\n\n    const [nonce, serverId] = parts;\n    const key = this.stateKey(nonce);\n    const storedState = await this.storage.get<StoredState>(key);\n\n    if (!storedState) {\n      return { valid: false, error: \"State not found or already used\" };\n    }\n\n    if (storedState.serverId !== serverId) {\n      await this.storage.delete(key);\n      return { valid: false, error: \"State serverId mismatch\" };\n    }\n\n    const age = Date.now() - storedState.createdAt;\n    if (age > STATE_EXPIRATION_MS) {\n      await this.storage.delete(key);\n      return { valid: false, error: \"State expired\" };\n    }\n\n    return { valid: true, serverId };\n  }\n\n  async consumeState(state: string): Promise<void> {\n    const parts = state.split(\".\");\n    if (parts.length !== 2) {\n      // This should never happen since checkState validates format first.\n      // Log for debugging but don't throw - state consumption is best-effort.\n      console.warn(`[OAuth] consumeState called with invalid state format`);\n      return;\n    }\n    const [nonce] = parts;\n    await this.storage.delete(this.stateKey(nonce));\n  }\n\n  async redirectToAuthorization(authUrl: URL): Promise<void> {\n    this._authUrl_ = authUrl.toString();\n  }\n\n  async invalidateCredentials(\n    scope: \"all\" | \"client\" | \"tokens\" | \"verifier\"\n  ): Promise<void> {\n    if (!this._clientId_) return;\n\n    const deleteKeys: string[] = [];\n\n    if (scope === \"all\" || scope === \"client\") {\n      deleteKeys.push(this.clientInfoKey(this.clientId));\n    }\n    if (scope === \"all\" || scope === \"tokens\") {\n      deleteKeys.push(this.tokenKey(this.clientId));\n    }\n    if (scope === \"all\" || scope === \"verifier\") {\n      deleteKeys.push(this.codeVerifierKey(this.clientId));\n    }\n\n    if (deleteKeys.length > 0) {\n      await this.storage.delete(deleteKeys);\n    }\n  }\n\n  codeVerifierKey(clientId: string) {\n    return `${this.keyPrefix(clientId)}/code_verifier`;\n  }\n\n  async saveCodeVerifier(verifier: string): Promise<void> {\n    const key = this.codeVerifierKey(this.clientId);\n\n    // Don't overwrite existing verifier to preserve first PKCE verifier\n    const existing = await this.storage.get<string>(key);\n    if (existing) {\n      return;\n    }\n\n    await this.storage.put(key, verifier);\n  }\n\n  async codeVerifier(): Promise<string> {\n    const codeVerifier = await this.storage.get<string>(\n      this.codeVerifierKey(this.clientId)\n    );\n    if (!codeVerifier) {\n      throw new Error(\"No code verifier found\");\n    }\n    return codeVerifier;\n  }\n\n  async deleteCodeVerifier(): Promise<void> {\n    await this.storage.delete(this.codeVerifierKey(this.clientId));\n  }\n}\n"],"mappings":";;;AASA,MAAM,sBAAsB,MAAU;AA0BtC,IAAa,mCAAb,MAA+E;CAK7E,YACE,AAAO,SACP,AAAO,YACP,AAAO,iBACP;EAHO;EACA;EACA;AAEP,MAAI,CAAC,QACH,OAAM,IAAI,MACR,kFACD;;CAIL,IAAI,iBAAsC;AACxC,SAAO;GACL,aAAa,KAAK;GAClB,YAAY,KAAK;GACjB,aAAa,CAAC,sBAAsB,gBAAgB;GACpD,eAAe,CAAC,KAAK,YAAY;GACjC,gBAAgB,CAAC,OAAO;GACxB,4BAA4B;GAC7B;;CAGH,IAAI,YAAY;AACd,SAAO,IAAI,IAAI,KAAK,YAAY,CAAC;;CAGnC,IAAI,cAAc;AAChB,SAAO,KAAK;;CAGd,IAAI,WAAW;AACb,MAAI,CAAC,KAAK,WACR,OAAM,IAAI,MAAM,8CAA8C;AAEhE,SAAO,KAAK;;CAGd,IAAI,SAAS,WAAmB;AAC9B,OAAK,aAAa;;CAGpB,IAAI,WAAW;AACb,MAAI,CAAC,KAAK,WACR,OAAM,IAAI,MAAM,8CAA8C;AAEhE,SAAO,KAAK;;CAGd,IAAI,SAAS,WAAmB;AAC9B,OAAK,aAAa;;CAGpB,UAAU,UAAkB;AAC1B,SAAO,IAAI,KAAK,WAAW,GAAG,KAAK,SAAS,GAAG;;CAGjD,cAAc,UAAkB;AAC9B,SAAO,GAAG,KAAK,UAAU,SAAS,CAAC;;CAGrC,MAAM,oBAAiE;AACrE,MAAI,CAAC,KAAK,WACR;AAEF,SACG,MAAM,KAAK,QAAQ,IAClB,KAAK,cAAc,KAAK,SAAS,CAClC,IAAK;;CAIV,MAAM,sBACJ,mBACe;AACf,QAAM,KAAK,QAAQ,IACjB,KAAK,cAAc,kBAAkB,UAAU,EAC/C,kBACD;AACD,OAAK,WAAW,kBAAkB;;CAGpC,SAAS,UAAkB;AACzB,SAAO,GAAG,KAAK,UAAU,SAAS,CAAC;;CAGrC,MAAM,SAA2C;AAC/C,MAAI,CAAC,KAAK,WACR;AAEF,SACG,MAAM,KAAK,QAAQ,IAAiB,KAAK,SAAS,KAAK,SAAS,CAAC,IAClE;;CAIJ,MAAM,WAAW,QAAoC;AACnD,QAAM,KAAK,QAAQ,IAAI,KAAK,SAAS,KAAK,SAAS,EAAE,OAAO;;CAG9D,IAAI,UAAU;AACZ,SAAO,KAAK;;CAGd,SAAS,OAAe;AACtB,SAAO,IAAI,KAAK,WAAW,GAAG,KAAK,SAAS,SAAS;;CAGvD,MAAM,QAAyB;EAC7B,MAAM,QAAQ,QAAQ;EACtB,MAAM,QAAQ,GAAG,MAAM,GAAG,KAAK;EAC/B,MAAM,cAA2B;GAC/B;GACA,UAAU,KAAK;GACf,WAAW,KAAK,KAAK;GACtB;AACD,QAAM,KAAK,QAAQ,IAAI,KAAK,SAAS,MAAM,EAAE,YAAY;AACzD,SAAO;;CAGT,MAAM,WACJ,OACgE;EAChE,MAAM,QAAQ,MAAM,MAAM,IAAI;AAC9B,MAAI,MAAM,WAAW,EACnB,QAAO;GAAE,OAAO;GAAO,OAAO;GAAwB;EAGxD,MAAM,CAAC,OAAO,YAAY;EAC1B,MAAM,MAAM,KAAK,SAAS,MAAM;EAChC,MAAM,cAAc,MAAM,KAAK,QAAQ,IAAiB,IAAI;AAE5D,MAAI,CAAC,YACH,QAAO;GAAE,OAAO;GAAO,OAAO;GAAmC;AAGnE,MAAI,YAAY,aAAa,UAAU;AACrC,SAAM,KAAK,QAAQ,OAAO,IAAI;AAC9B,UAAO;IAAE,OAAO;IAAO,OAAO;IAA2B;;AAI3D,MADY,KAAK,KAAK,GAAG,YAAY,YAC3B,qBAAqB;AAC7B,SAAM,KAAK,QAAQ,OAAO,IAAI;AAC9B,UAAO;IAAE,OAAO;IAAO,OAAO;IAAiB;;AAGjD,SAAO;GAAE,OAAO;GAAM;GAAU;;CAGlC,MAAM,aAAa,OAA8B;EAC/C,MAAM,QAAQ,MAAM,MAAM,IAAI;AAC9B,MAAI,MAAM,WAAW,GAAG;AAGtB,WAAQ,KAAK,wDAAwD;AACrE;;EAEF,MAAM,CAAC,SAAS;AAChB,QAAM,KAAK,QAAQ,OAAO,KAAK,SAAS,MAAM,CAAC;;CAGjD,MAAM,wBAAwB,SAA6B;AACzD,OAAK,YAAY,QAAQ,UAAU;;CAGrC,MAAM,sBACJ,OACe;AACf,MAAI,CAAC,KAAK,WAAY;EAEtB,MAAM,aAAuB,EAAE;AAE/B,MAAI,UAAU,SAAS,UAAU,SAC/B,YAAW,KAAK,KAAK,cAAc,KAAK,SAAS,CAAC;AAEpD,MAAI,UAAU,SAAS,UAAU,SAC/B,YAAW,KAAK,KAAK,SAAS,KAAK,SAAS,CAAC;AAE/C,MAAI,UAAU,SAAS,UAAU,WAC/B,YAAW,KAAK,KAAK,gBAAgB,KAAK,SAAS,CAAC;AAGtD,MAAI,WAAW,SAAS,EACtB,OAAM,KAAK,QAAQ,OAAO,WAAW;;CAIzC,gBAAgB,UAAkB;AAChC,SAAO,GAAG,KAAK,UAAU,SAAS,CAAC;;CAGrC,MAAM,iBAAiB,UAAiC;EACtD,MAAM,MAAM,KAAK,gBAAgB,KAAK,SAAS;AAI/C,MADiB,MAAM,KAAK,QAAQ,IAAY,IAAI,CAElD;AAGF,QAAM,KAAK,QAAQ,IAAI,KAAK,SAAS;;CAGvC,MAAM,eAAgC;EACpC,MAAM,eAAe,MAAM,KAAK,QAAQ,IACtC,KAAK,gBAAgB,KAAK,SAAS,CACpC;AACD,MAAI,CAAC,aACH,OAAM,IAAI,MAAM,yBAAyB;AAE3C,SAAO;;CAGT,MAAM,qBAAoC;AACxC,QAAM,KAAK,QAAQ,OAAO,KAAK,gBAAgB,KAAK,SAAS,CAAC"}
+{"version":3,"file":"do-oauth-client-provider.js","names":[],"sources":["../../src/mcp/do-oauth-client-provider.ts"],"sourcesContent":["import type { OAuthClientProvider } from \"@modelcontextprotocol/sdk/client/auth.js\";\nimport type {\n  OAuthClientInformation,\n  OAuthClientInformationFull,\n  OAuthClientMetadata,\n  OAuthTokens\n} from \"@modelcontextprotocol/sdk/shared/auth.js\";\nimport { nanoid } from \"nanoid\";\n\nconst STATE_EXPIRATION_MS = 10 * 60 * 1000; // 10 minutes\n\ninterface StoredState {\n  nonce: string;\n  serverId: string;\n  createdAt: number;\n}\n\n// A slight extension to the standard OAuthClientProvider interface because `redirectToAuthorization` doesn't give us the interface we need\n// This allows us to track authentication for a specific server and associated dynamic client registration\nexport interface AgentMcpOAuthProvider extends OAuthClientProvider {\n  authUrl: string | undefined;\n  clientId: string | undefined;\n  serverId: string | undefined;\n  checkState(\n    state: string\n  ): Promise<{ valid: boolean; serverId?: string; error?: string }>;\n  consumeState(state: string): Promise<void>;\n  deleteCodeVerifier(): Promise<void>;\n}\n\n/**\n * @deprecated Use {@link AgentMcpOAuthProvider} instead.\n */\nexport type AgentsOAuthProvider = AgentMcpOAuthProvider;\n\nexport class DurableObjectOAuthClientProvider implements AgentMcpOAuthProvider {\n  private _authUrl_: string | undefined;\n  private _serverId_: string | undefined;\n  private _clientId_: string | undefined;\n\n  constructor(\n    public storage: DurableObjectStorage,\n    public clientName: string,\n    public baseRedirectUrl: string\n  ) {\n    if (!storage) {\n      throw new Error(\n        \"DurableObjectOAuthClientProvider requires a valid DurableObjectStorage instance\"\n      );\n    }\n  }\n\n  get clientMetadata(): OAuthClientMetadata {\n    return {\n      client_name: this.clientName,\n      client_uri: this.clientUri,\n      grant_types: [\"authorization_code\", \"refresh_token\"],\n      redirect_uris: [this.redirectUrl],\n      response_types: [\"code\"],\n      token_endpoint_auth_method: \"none\"\n    };\n  }\n\n  get clientUri() {\n    return new URL(this.redirectUrl).origin;\n  }\n\n  get redirectUrl() {\n    return this.baseRedirectUrl;\n  }\n\n  get clientId() {\n    if (!this._clientId_) {\n      throw new Error(\"Trying to access clientId before it was set\");\n    }\n    return this._clientId_;\n  }\n\n  set clientId(clientId_: string) {\n    this._clientId_ = clientId_;\n  }\n\n  get serverId() {\n    if (!this._serverId_) {\n      throw new Error(\"Trying to access serverId before it was set\");\n    }\n    return this._serverId_;\n  }\n\n  set serverId(serverId_: string) {\n    this._serverId_ = serverId_;\n  }\n\n  keyPrefix(clientId: string) {\n    return `/${this.clientName}/${this.serverId}/${clientId}`;\n  }\n\n  clientInfoKey(clientId: string) {\n    return `${this.keyPrefix(clientId)}/client_info/`;\n  }\n\n  async clientInformation(): Promise<OAuthClientInformation | undefined> {\n    if (!this._clientId_) {\n      return undefined;\n    }\n    return (\n      (await this.storage.get<OAuthClientInformation>(\n        this.clientInfoKey(this.clientId)\n      )) ?? undefined\n    );\n  }\n\n  async saveClientInformation(\n    clientInformation: OAuthClientInformationFull\n  ): Promise<void> {\n    await this.storage.put(\n      this.clientInfoKey(clientInformation.client_id),\n      clientInformation\n    );\n    this.clientId = clientInformation.client_id;\n  }\n\n  tokenKey(clientId: string) {\n    return `${this.keyPrefix(clientId)}/token`;\n  }\n\n  async tokens(): Promise<OAuthTokens | undefined> {\n    if (!this._clientId_) {\n      return undefined;\n    }\n    return (\n      (await this.storage.get<OAuthTokens>(this.tokenKey(this.clientId))) ??\n      undefined\n    );\n  }\n\n  async saveTokens(tokens: OAuthTokens): Promise<void> {\n    await this.storage.put(this.tokenKey(this.clientId), tokens);\n  }\n\n  get authUrl() {\n    return this._authUrl_;\n  }\n\n  stateKey(nonce: string) {\n    return `/${this.clientName}/${this.serverId}/state/${nonce}`;\n  }\n\n  async state(): Promise<string> {\n    const nonce = nanoid();\n    const state = `${nonce}.${this.serverId}`;\n    const storedState: StoredState = {\n      nonce,\n      serverId: this.serverId,\n      createdAt: Date.now()\n    };\n    await this.storage.put(this.stateKey(nonce), storedState);\n    return state;\n  }\n\n  async checkState(\n    state: string\n  ): Promise<{ valid: boolean; serverId?: string; error?: string }> {\n    const parts = state.split(\".\");\n    if (parts.length !== 2) {\n      return { valid: false, error: \"Invalid state format\" };\n    }\n\n    const [nonce, serverId] = parts;\n    const key = this.stateKey(nonce);\n    const storedState = await this.storage.get<StoredState>(key);\n\n    if (!storedState) {\n      return { valid: false, error: \"State not found or already used\" };\n    }\n\n    if (storedState.serverId !== serverId) {\n      await this.storage.delete(key);\n      return { valid: false, error: \"State serverId mismatch\" };\n    }\n\n    const age = Date.now() - storedState.createdAt;\n    if (age > STATE_EXPIRATION_MS) {\n      await this.storage.delete(key);\n      return { valid: false, error: \"State expired\" };\n    }\n\n    return { valid: true, serverId };\n  }\n\n  async consumeState(state: string): Promise<void> {\n    const parts = state.split(\".\");\n    if (parts.length !== 2) {\n      // This should never happen since checkState validates format first.\n      // Log for debugging but don't throw - state consumption is best-effort.\n      console.warn(`[OAuth] consumeState called with invalid state format`);\n      return;\n    }\n    const [nonce] = parts;\n    await this.storage.delete(this.stateKey(nonce));\n  }\n\n  async redirectToAuthorization(authUrl: URL): Promise<void> {\n    this._authUrl_ = authUrl.toString();\n  }\n\n  async invalidateCredentials(\n    scope: \"all\" | \"client\" | \"tokens\" | \"verifier\"\n  ): Promise<void> {\n    if (!this._clientId_) return;\n\n    const deleteKeys: string[] = [];\n\n    if (scope === \"all\" || scope === \"client\") {\n      deleteKeys.push(this.clientInfoKey(this.clientId));\n    }\n    if (scope === \"all\" || scope === \"tokens\") {\n      deleteKeys.push(this.tokenKey(this.clientId));\n    }\n    if (scope === \"all\" || scope === \"verifier\") {\n      deleteKeys.push(this.codeVerifierKey(this.clientId));\n    }\n\n    if (deleteKeys.length > 0) {\n      await this.storage.delete(deleteKeys);\n    }\n  }\n\n  codeVerifierKey(clientId: string) {\n    return `${this.keyPrefix(clientId)}/code_verifier`;\n  }\n\n  async saveCodeVerifier(verifier: string): Promise<void> {\n    const key = this.codeVerifierKey(this.clientId);\n\n    // Don't overwrite existing verifier to preserve first PKCE verifier\n    const existing = await this.storage.get<string>(key);\n    if (existing) {\n      return;\n    }\n\n    await this.storage.put(key, verifier);\n  }\n\n  async codeVerifier(): Promise<string> {\n    const codeVerifier = await this.storage.get<string>(\n      this.codeVerifierKey(this.clientId)\n    );\n    if (!codeVerifier) {\n      throw new Error(\"No code verifier found\");\n    }\n    return codeVerifier;\n  }\n\n  async deleteCodeVerifier(): Promise<void> {\n    await this.storage.delete(this.codeVerifierKey(this.clientId));\n  }\n}\n"],"mappings":";;AASA,MAAM,sBAAsB,MAAU;AA0BtC,IAAa,mCAAb,MAA+E;CAK7E,YACE,SACA,YACA,iBACA;AAHO,OAAA,UAAA;AACA,OAAA,aAAA;AACA,OAAA,kBAAA;AAEP,MAAI,CAAC,QACH,OAAM,IAAI,MACR,kFACD;;CAIL,IAAI,iBAAsC;AACxC,SAAO;GACL,aAAa,KAAK;GAClB,YAAY,KAAK;GACjB,aAAa,CAAC,sBAAsB,gBAAgB;GACpD,eAAe,CAAC,KAAK,YAAY;GACjC,gBAAgB,CAAC,OAAO;GACxB,4BAA4B;GAC7B;;CAGH,IAAI,YAAY;AACd,SAAO,IAAI,IAAI,KAAK,YAAY,CAAC;;CAGnC,IAAI,cAAc;AAChB,SAAO,KAAK;;CAGd,IAAI,WAAW;AACb,MAAI,CAAC,KAAK,WACR,OAAM,IAAI,MAAM,8CAA8C;AAEhE,SAAO,KAAK;;CAGd,IAAI,SAAS,WAAmB;AAC9B,OAAK,aAAa;;CAGpB,IAAI,WAAW;AACb,MAAI,CAAC,KAAK,WACR,OAAM,IAAI,MAAM,8CAA8C;AAEhE,SAAO,KAAK;;CAGd,IAAI,SAAS,WAAmB;AAC9B,OAAK,aAAa;;CAGpB,UAAU,UAAkB;AAC1B,SAAO,IAAI,KAAK,WAAW,GAAG,KAAK,SAAS,GAAG;;CAGjD,cAAc,UAAkB;AAC9B,SAAO,GAAG,KAAK,UAAU,SAAS,CAAC;;CAGrC,MAAM,oBAAiE;AACrE,MAAI,CAAC,KAAK,WACR;AAEF,SACG,MAAM,KAAK,QAAQ,IAClB,KAAK,cAAc,KAAK,SAAS,CAClC,IAAK,KAAA;;CAIV,MAAM,sBACJ,mBACe;AACf,QAAM,KAAK,QAAQ,IACjB,KAAK,cAAc,kBAAkB,UAAU,EAC/C,kBACD;AACD,OAAK,WAAW,kBAAkB;;CAGpC,SAAS,UAAkB;AACzB,SAAO,GAAG,KAAK,UAAU,SAAS,CAAC;;CAGrC,MAAM,SAA2C;AAC/C,MAAI,CAAC,KAAK,WACR;AAEF,SACG,MAAM,KAAK,QAAQ,IAAiB,KAAK,SAAS,KAAK,SAAS,CAAC,IAClE,KAAA;;CAIJ,MAAM,WAAW,QAAoC;AACnD,QAAM,KAAK,QAAQ,IAAI,KAAK,SAAS,KAAK,SAAS,EAAE,OAAO;;CAG9D,IAAI,UAAU;AACZ,SAAO,KAAK;;CAGd,SAAS,OAAe;AACtB,SAAO,IAAI,KAAK,WAAW,GAAG,KAAK,SAAS,SAAS;;CAGvD,MAAM,QAAyB;EAC7B,MAAM,QAAQ,QAAQ;EACtB,MAAM,QAAQ,GAAG,MAAM,GAAG,KAAK;EAC/B,MAAM,cAA2B;GAC/B;GACA,UAAU,KAAK;GACf,WAAW,KAAK,KAAK;GACtB;AACD,QAAM,KAAK,QAAQ,IAAI,KAAK,SAAS,MAAM,EAAE,YAAY;AACzD,SAAO;;CAGT,MAAM,WACJ,OACgE;EAChE,MAAM,QAAQ,MAAM,MAAM,IAAI;AAC9B,MAAI,MAAM,WAAW,EACnB,QAAO;GAAE,OAAO;GAAO,OAAO;GAAwB;EAGxD,MAAM,CAAC,OAAO,YAAY;EAC1B,MAAM,MAAM,KAAK,SAAS,MAAM;EAChC,MAAM,cAAc,MAAM,KAAK,QAAQ,IAAiB,IAAI;AAE5D,MAAI,CAAC,YACH,QAAO;GAAE,OAAO;GAAO,OAAO;GAAmC;AAGnE,MAAI,YAAY,aAAa,UAAU;AACrC,SAAM,KAAK,QAAQ,OAAO,IAAI;AAC9B,UAAO;IAAE,OAAO;IAAO,OAAO;IAA2B;;AAI3D,MADY,KAAK,KAAK,GAAG,YAAY,YAC3B,qBAAqB;AAC7B,SAAM,KAAK,QAAQ,OAAO,IAAI;AAC9B,UAAO;IAAE,OAAO;IAAO,OAAO;IAAiB;;AAGjD,SAAO;GAAE,OAAO;GAAM;GAAU;;CAGlC,MAAM,aAAa,OAA8B;EAC/C,MAAM,QAAQ,MAAM,MAAM,IAAI;AAC9B,MAAI,MAAM,WAAW,GAAG;AAGtB,WAAQ,KAAK,wDAAwD;AACrE;;EAEF,MAAM,CAAC,SAAS;AAChB,QAAM,KAAK,QAAQ,OAAO,KAAK,SAAS,MAAM,CAAC;;CAGjD,MAAM,wBAAwB,SAA6B;AACzD,OAAK,YAAY,QAAQ,UAAU;;CAGrC,MAAM,sBACJ,OACe;AACf,MAAI,CAAC,KAAK,WAAY;EAEtB,MAAM,aAAuB,EAAE;AAE/B,MAAI,UAAU,SAAS,UAAU,SAC/B,YAAW,KAAK,KAAK,cAAc,KAAK,SAAS,CAAC;AAEpD,MAAI,UAAU,SAAS,UAAU,SAC/B,YAAW,KAAK,KAAK,SAAS,KAAK,SAAS,CAAC;AAE/C,MAAI,UAAU,SAAS,UAAU,WAC/B,YAAW,KAAK,KAAK,gBAAgB,KAAK,SAAS,CAAC;AAGtD,MAAI,WAAW,SAAS,EACtB,OAAM,KAAK,QAAQ,OAAO,WAAW;;CAIzC,gBAAgB,UAAkB;AAChC,SAAO,GAAG,KAAK,UAAU,SAAS,CAAC;;CAGrC,MAAM,iBAAiB,UAAiC;EACtD,MAAM,MAAM,KAAK,gBAAgB,KAAK,SAAS;AAI/C,MADiB,MAAM,KAAK,QAAQ,IAAY,IAAI,CAElD;AAGF,QAAM,KAAK,QAAQ,IAAI,KAAK,SAAS;;CAGvC,MAAM,eAAgC;EACpC,MAAM,eAAe,MAAM,KAAK,QAAQ,IACtC,KAAK,gBAAgB,KAAK,SAAS,CACpC;AACD,MAAI,CAAC,aACH,OAAM,IAAI,MAAM,yBAAyB;AAE3C,SAAO;;CAGT,MAAM,qBAAoC;AACxC,QAAM,KAAK,QAAQ,OAAO,KAAK,gBAAgB,KAAK,SAAS,CAAC"}

package/dist/mcp/index.d.ts

@@ -1,95 +1,2 @@
-import { C as ServeOptions, S as McpClientOptions, _ as WorkerTransportOptions, a as RPCClientTransport, b as BaseTransportType, c as RPCServerTransportOptions, d as createMcpHandler, f as experimental_createMcpHandler, g as WorkerTransport, h as TransportState, l as RPC_DO_PREFIX, m as getMcpAuthContext, o as RPCClientTransportOptions, p as McpAuthContext, s as RPCServerTransport, u as CreateMcpHandlerOptions, v as SSEEdgeClientTransport, x as MaybePromise, y as StreamableHTTPEdgeClientTransport } from "../client-storage-BPjfP_is.js";
-import { MCPClientOAuthCallbackConfig, MCPClientOAuthResult, MCPConnectionResult, MCPDiscoverResult, MCPServerOptions } from "./client.js";
-import { Agent, Connection, ConnectionContext } from "../index.js";
-import { ElicitRequest, ElicitRequestSchema, ElicitResult, ElicitResult as ElicitResult$1, JSONRPCMessage, MessageExtraInfo } from "@modelcontextprotocol/sdk/types.js";
-import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
-import { Server } from "@modelcontextprotocol/sdk/server/index.js";
-
-//#region src/mcp/index.d.ts
-declare abstract class McpAgent<Env extends Cloudflare.Env = Cloudflare.Env, State = unknown, Props extends Record<string, unknown> = Record<string, unknown>> extends Agent<Env, State, Props> {
-  private _transport?;
-  props?: Props;
-  shouldSendProtocolMessages(_connection: Connection, ctx: ConnectionContext): boolean;
-  abstract server: MaybePromise<McpServer | Server>;
-  abstract init(): Promise<void>;
-  setInitializeRequest(initializeRequest: JSONRPCMessage): Promise<void>;
-  getInitializeRequest(): Promise<JSONRPCMessage | undefined>;
-  /** Read the transport type for this agent.
-   * This relies on the naming scheme being `sse:${sessionId}`,
-   * `streamable-http:${sessionId}`, or `rpc:${sessionId}`.
-   */
-  getTransportType(): BaseTransportType;
-  /** Read the sessionId for this agent.
-   * This relies on the naming scheme being `sse:${sessionId}`
-   * or `streamable-http:${sessionId}`.
-   */
-  getSessionId(): string;
-  /** Get the unique WebSocket. SSE transport only. */
-  getWebSocket(): Connection<unknown> | null;
-  /**
-   * Returns options for configuring the RPC server transport.
-   * Override this method to customize RPC transport behavior (e.g., timeout).
-   *
-   * @example
-   * ```typescript
-   * class MyMCP extends McpAgent {
-   *   protected getRpcTransportOptions() {
-   *     return { timeout: 120000 }; // 2 minutes
-   *   }
-   * }
-   * ```
-   */
-  protected getRpcTransportOptions(): RPCServerTransportOptions;
-  /** Returns a new transport matching the type of the Agent. */
-  private initTransport;
-  /** Update and store the props */
-  updateProps(props?: Props): Promise<void>;
-  reinitializeServer(): Promise<void>;
-  /** Sets up the MCP transport and server every time the Agent is started.*/
-  onStart(props?: Props): Promise<void>;
-  /** Validates new WebSocket connections. */
-  onConnect(conn: Connection, {
-    request: req
-  }: ConnectionContext): Promise<void>;
-  /** Handles MCP Messages for the legacy SSE transport. */
-  onSSEMcpMessage(_sessionId: string, messageBody: unknown, extraInfo?: MessageExtraInfo): Promise<Error | null>;
-  /** Elicit user input with a message and schema */
-  elicitInput(params: {
-    message: string;
-    requestedSchema: unknown;
-  }): Promise<ElicitResult$1>;
-  /** Wait for elicitation response through storage polling */
-  private _waitForElicitationResponse;
-  /** Handle elicitation responses */
-  private _handleElicitationResponse;
-  /**
-   * Handle an RPC message for MCP
-   * This method is called by the RPC stub to process MCP messages
-   * @param message The JSON-RPC message(s) to handle
-   * @returns The response message(s) or undefined
-   */
-  handleMcpMessage(message: JSONRPCMessage | JSONRPCMessage[]): Promise<JSONRPCMessage | JSONRPCMessage[] | undefined>;
-  /** Return a handler for the given path for this MCP.
-   * Defaults to Streamable HTTP transport.
-   */
-  static serve(path: string, {
-    binding,
-    corsOptions,
-    transport,
-    jurisdiction
-  }?: ServeOptions): {
-    fetch<Env>(this: void, request: Request, env: Env, ctx: ExecutionContext): Promise<Response>;
-  };
-  /**
-   * Legacy api
-   **/
-  static mount(path: string, opts?: Omit<ServeOptions, "transport">): {
-    fetch<Env>(this: void, request: Request, env: Env, ctx: ExecutionContext): Promise<Response>;
-  };
-  static serveSSE(path: string, opts?: Omit<ServeOptions, "transport">): {
-    fetch<Env>(this: void, request: Request, env: Env, ctx: ExecutionContext): Promise<Response>;
-  };
-}
-//#endregion
-export { type CreateMcpHandlerOptions, type ElicitRequest, ElicitRequestSchema, type ElicitResult, type MCPClientOAuthCallbackConfig, type MCPClientOAuthResult, type MCPConnectionResult, type MCPDiscoverResult, type MCPServerOptions, McpAgent, type McpAuthContext, type McpClientOptions, RPCClientTransport, type RPCClientTransportOptions, RPCServerTransport, type RPCServerTransportOptions, RPC_DO_PREFIX, SSEEdgeClientTransport, StreamableHTTPEdgeClientTransport, type TransportState, WorkerTransport, type WorkerTransportOptions, createMcpHandler, experimental_createMcpHandler, getMcpAuthContext };
-//# sourceMappingURL=index.d.ts.map
+import { $ as getMcpAuthContext, B as RPCClientTransport, F as MCPDiscoverResult, G as ElicitRequest, H as RPCServerTransport, J as McpAgent, K as ElicitRequestSchema, L as MCPServerOptions, M as MCPClientOAuthCallbackConfig, N as MCPClientOAuthResult, P as MCPConnectionResult, Q as McpAuthContext, U as RPCServerTransportOptions, V as RPCClientTransportOptions, W as RPC_DO_PREFIX, X as createMcpHandler, Y as CreateMcpHandlerOptions, Z as experimental_createMcpHandler, at as McpClientOptions, et as TransportState, it as StreamableHTTPEdgeClientTransport, nt as WorkerTransportOptions, q as ElicitResult, rt as SSEEdgeClientTransport, tt as WorkerTransport } from "../index-p1XLNvwQ.js";
+export { CreateMcpHandlerOptions, ElicitRequest, ElicitRequestSchema, ElicitResult, MCPClientOAuthCallbackConfig, MCPClientOAuthResult, MCPConnectionResult, MCPDiscoverResult, MCPServerOptions, McpAgent, McpAuthContext, McpClientOptions, RPCClientTransport, RPCClientTransportOptions, RPCServerTransport, RPCServerTransportOptions, RPC_DO_PREFIX, SSEEdgeClientTransport, StreamableHTTPEdgeClientTransport, TransportState, WorkerTransport, WorkerTransportOptions, createMcpHandler, experimental_createMcpHandler, getMcpAuthContext };

package/dist/mcp/index.js

@@ -1,12 +1,11 @@
 import { MessageType } from "../types.js";
-import { a as RPC_DO_PREFIX, i as RPCServerTransport, r as RPCClientTransport } from "../client-connection-D3Wcd6Q6.js";
+import { a as RPCServerTransport, i as RPCClientTransport, o as RPC_DO_PREFIX } from "../client-CgXIwdcc.js";
 import { Agent, getAgentByName, getCurrentAgent } from "../index.js";
 import { AsyncLocalStorage } from "node:async_hooks";
 import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
 import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
 import { ElicitRequestSchema, InitializeRequestSchema, JSONRPCMessageSchema, SUPPORTED_PROTOCOL_VERSIONS, isInitializeRequest, isJSONRPCErrorResponse, isJSONRPCNotification, isJSONRPCRequest, isJSONRPCResultResponse } from "@modelcontextprotocol/sdk/types.js";
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
-
 //#region src/mcp/utils.ts
 /**
 * Since we use WebSockets to bridge the client to the
@@ -473,7 +472,6 @@ function handleCORS(request, corsOptions) {
 function isDurableObjectNamespace(namespace) {
 	return typeof namespace === "object" && namespace !== null && "newUniqueId" in namespace && typeof namespace.newUniqueId === "function" && "idFromName" in namespace && typeof namespace.idFromName === "function";
 }
-
 //#endregion
 //#region src/mcp/transport.ts
 var McpSSETransport = class {
@@ -656,7 +654,6 @@ var StreamableHTTPServerTransport = class {
 		this.writeSSEEvent(connection, message, eventId, shouldClose);
 	}
 };
-
 //#endregion
 //#region src/mcp/client-transports.ts
 /**
@@ -688,7 +685,6 @@ var StreamableHTTPEdgeClientTransport = class extends StreamableHTTPClientTransp
 		}
 	}
 };
-
 //#endregion
 //#region src/mcp/worker-transport.ts
 const MCP_PROTOCOL_VERSION_HEADER = "MCP-Protocol-Version";
@@ -1211,7 +1207,6 @@ var WorkerTransport = class {
 		}
 	}
 };
-
 //#endregion
 //#region src/mcp/auth-context.ts
 const authContextStorage = new AsyncLocalStorage();
@@ -1221,7 +1216,6 @@ function getMcpAuthContext() {
 function runWithAuthContext(context, fn) {
 	return authContextStorage.run(context, fn);
 }
-
 //#endregion
 //#region src/mcp/handler.ts
 function createMcpHandler(server, options = {}) {
@@ -1278,7 +1272,6 @@ function experimental_createMcpHandler(server, options = {}) {
 	}
 	return createMcpHandler(server, options);
 }
-
 //#endregion
 //#region src/mcp/index.ts
 var McpAgent = class McpAgent extends Agent {
@@ -1549,7 +1542,7 @@ var McpAgent = class McpAgent extends Agent {
 		});
 	}
 };
-
 //#endregion
 export { ElicitRequestSchema, McpAgent, RPCClientTransport, RPCServerTransport, RPC_DO_PREFIX, SSEEdgeClientTransport, StreamableHTTPEdgeClientTransport, WorkerTransport, createMcpHandler, experimental_createMcpHandler, getMcpAuthContext };
+
 //# sourceMappingURL=index.js.map