fastmcp 4.0.2 → 4.2.0

package/README.md

@@ -566,6 +566,66 @@ When creating tools that don't require parameters, you have two options:
 >
 > Both approaches are fully compatible with all MCP clients, including Cursor. FastMCP automatically generates the proper schema in both cases.
 
+#### Structured Tool Output
+
+Tools can declare an `outputSchema` and return structured data. FastMCP exposes that value as MCP `structuredContent`, while also returning a JSON text fallback for clients that only render text content.
+
+```typescript
+server.addTool({
+  name: "get-weather",
+  description: "Get weather for a city",
+  parameters: z.object({
+    city: z.string(),
+  }),
+  outputSchema: z.object({
+    temperature: z.number(),
+    humidity: z.number(),
+  }),
+  execute: async ({ city }) => {
+    const weather = await getWeather(city);
+
+    return {
+      temperature: weather.temperature,
+      humidity: weather.humidity,
+    };
+  },
+});
+```
+
+You can also return explicit text content and structured content together:
+
+```typescript
+server.addTool({
+  name: "get-weather",
+  description: "Get weather for a city",
+  parameters: z.object({
+    city: z.string(),
+  }),
+  outputSchema: z.object({
+    temperature: z.number(),
+    humidity: z.number(),
+  }),
+  execute: async ({ city }) => {
+    const weather = await getWeather(city);
+
+    return {
+      content: [
+        {
+          type: "text",
+          text: `${city}: ${weather.temperature}F`,
+        },
+      ],
+      structuredContent: {
+        temperature: weather.temperature,
+        humidity: weather.humidity,
+      },
+    };
+  },
+});
+```
+
+When `outputSchema` is provided, FastMCP validates `structuredContent` before sending the tool result. Invalid structured output is returned to the client as a tool error instead of silently violating the advertised schema.
+
 #### Tool Authorization
 
 You can control which tools are available to authenticated users by adding an optional `canAccess` function to a tool's definition. This function receives the authentication context and should return `true` if the user is allowed to access the tool.

package/dist/FastMCP.cjs

@@ -7,7 +7,7 @@
 
 
 
-var _chunkEXZZ3NKLcjs = require('./chunk-EXZZ3NKL.cjs');
+var _chunkC3LTWBG3cjs = require('./chunk-C3LTWBG3.cjs');
 
 
 
@@ -20,7 +20,7 @@ var _chunkEXZZ3NKLcjs = require('./chunk-EXZZ3NKL.cjs');
 
 
 
-var _chunkOARN6YYKcjs = require('./chunk-OARN6YYK.cjs');
+var _chunkJFLKZGBGcjs = require('./chunk-JFLKZGBG.cjs');
 
 
 
@@ -41,5 +41,5 @@ var _chunkOARN6YYKcjs = require('./chunk-OARN6YYK.cjs');
 
 
 
-exports.AuthProvider = _chunkOARN6YYKcjs.AuthProvider; exports.AzureProvider = _chunkOARN6YYKcjs.AzureProvider; exports.DiscoveryDocumentCache = _chunkEXZZ3NKLcjs.DiscoveryDocumentCache; exports.FastMCP = _chunkEXZZ3NKLcjs.FastMCP; exports.FastMCPSession = _chunkEXZZ3NKLcjs.FastMCPSession; exports.GitHubProvider = _chunkOARN6YYKcjs.GitHubProvider; exports.GoogleProvider = _chunkOARN6YYKcjs.GoogleProvider; exports.OAuthProvider = _chunkOARN6YYKcjs.OAuthProvider; exports.ServerState = _chunkEXZZ3NKLcjs.ServerState; exports.UnexpectedStateError = _chunkEXZZ3NKLcjs.UnexpectedStateError; exports.UserError = _chunkEXZZ3NKLcjs.UserError; exports.audioContent = _chunkEXZZ3NKLcjs.audioContent; exports.getAuthSession = _chunkOARN6YYKcjs.getAuthSession; exports.imageContent = _chunkEXZZ3NKLcjs.imageContent; exports.requireAll = _chunkOARN6YYKcjs.requireAll; exports.requireAny = _chunkOARN6YYKcjs.requireAny; exports.requireAuth = _chunkOARN6YYKcjs.requireAuth; exports.requireRole = _chunkOARN6YYKcjs.requireRole; exports.requireScopes = _chunkOARN6YYKcjs.requireScopes;
+exports.AuthProvider = _chunkJFLKZGBGcjs.AuthProvider; exports.AzureProvider = _chunkJFLKZGBGcjs.AzureProvider; exports.DiscoveryDocumentCache = _chunkC3LTWBG3cjs.DiscoveryDocumentCache; exports.FastMCP = _chunkC3LTWBG3cjs.FastMCP; exports.FastMCPSession = _chunkC3LTWBG3cjs.FastMCPSession; exports.GitHubProvider = _chunkJFLKZGBGcjs.GitHubProvider; exports.GoogleProvider = _chunkJFLKZGBGcjs.GoogleProvider; exports.OAuthProvider = _chunkJFLKZGBGcjs.OAuthProvider; exports.ServerState = _chunkC3LTWBG3cjs.ServerState; exports.UnexpectedStateError = _chunkC3LTWBG3cjs.UnexpectedStateError; exports.UserError = _chunkC3LTWBG3cjs.UserError; exports.audioContent = _chunkC3LTWBG3cjs.audioContent; exports.getAuthSession = _chunkJFLKZGBGcjs.getAuthSession; exports.imageContent = _chunkC3LTWBG3cjs.imageContent; exports.requireAll = _chunkJFLKZGBGcjs.requireAll; exports.requireAny = _chunkJFLKZGBGcjs.requireAny; exports.requireAuth = _chunkJFLKZGBGcjs.requireAuth; exports.requireRole = _chunkJFLKZGBGcjs.requireRole; exports.requireScopes = _chunkJFLKZGBGcjs.requireScopes;
 //# sourceMappingURL=FastMCP.cjs.map

package/dist/FastMCP.d.cts

@@ -10,8 +10,8 @@ import { Hono } from 'hono';
 import http from 'http';
 import { StrictEventEmitter } from 'strict-event-emitter-types';
 import { z } from 'zod';
-import { A as AuthProvider, O as OAuthSession, a as OAuthProxy } from './OAuthProvider-BS7O-cik.cjs';
-export { j as AuthProviderConfig, b as AzureProvider, k as AzureProviderConfig, l as AzureSession, m as GenericOAuthProviderConfig, G as GitHubProvider, n as GitHubSession, c as GoogleProvider, o as GoogleSession, d as OAuthProvider, g as getAuthSession, r as requireAll, e as requireAny, f as requireAuth, h as requireRole, i as requireScopes } from './OAuthProvider-BS7O-cik.cjs';
+import { A as AuthProvider, O as OAuthSession, a as OAuthProxy } from './OAuthProvider-vyjR-9Z7.cjs';
+export { j as AuthProviderConfig, b as AzureProvider, k as AzureProviderConfig, l as AzureSession, m as GenericOAuthProviderConfig, G as GitHubProvider, n as GitHubSession, c as GoogleProvider, o as GoogleSession, d as OAuthProvider, g as getAuthSession, r as requireAll, e as requireAny, f as requireAuth, h as requireRole, i as requireScopes } from './OAuthProvider-vyjR-9Z7.cjs';
 import 'node:http';
 
 declare class DiscoveryDocumentCache {
@@ -168,6 +168,7 @@ type Content = AudioContent | ImageContent | ResourceContent | ResourceLink | Te
 type ContentResult = {
     content: Content[];
     isError?: boolean;
+    structuredContent?: Record<string, unknown>;
 };
 type Completion = {
     hasMore?: boolean;
@@ -603,7 +604,7 @@ type Tool<T extends FastMCPSessionAuth, Params extends ToolParameters = ToolPara
     } & ToolAnnotations;
     canAccess?: (auth: T) => boolean;
     description?: string;
-    execute: (args: StandardSchemaV1.InferOutput<Params>, context: Context<T>) => Promise<AudioContent | ContentResult | ImageContent | ResourceContent | ResourceLink | string | TextContent | void>;
+    execute: (args: StandardSchemaV1.InferOutput<Params>, context: Context<T>) => Promise<AudioContent | ContentResult | ImageContent | ResourceContent | ResourceLink | StandardSchemaV1.InferOutput<OutputParams> | string | TextContent | void>;
     name: string;
     outputSchema?: OutputParams;
     parameters?: Params;

package/dist/FastMCP.d.ts

@@ -10,8 +10,8 @@ import { Hono } from 'hono';
 import http from 'http';
 import { StrictEventEmitter } from 'strict-event-emitter-types';
 import { z } from 'zod';
-import { A as AuthProvider, O as OAuthSession, a as OAuthProxy } from './OAuthProvider-BS7O-cik.js';
-export { j as AuthProviderConfig, b as AzureProvider, k as AzureProviderConfig, l as AzureSession, m as GenericOAuthProviderConfig, G as GitHubProvider, n as GitHubSession, c as GoogleProvider, o as GoogleSession, d as OAuthProvider, g as getAuthSession, r as requireAll, e as requireAny, f as requireAuth, h as requireRole, i as requireScopes } from './OAuthProvider-BS7O-cik.js';
+import { A as AuthProvider, O as OAuthSession, a as OAuthProxy } from './OAuthProvider-vyjR-9Z7.js';
+export { j as AuthProviderConfig, b as AzureProvider, k as AzureProviderConfig, l as AzureSession, m as GenericOAuthProviderConfig, G as GitHubProvider, n as GitHubSession, c as GoogleProvider, o as GoogleSession, d as OAuthProvider, g as getAuthSession, r as requireAll, e as requireAny, f as requireAuth, h as requireRole, i as requireScopes } from './OAuthProvider-vyjR-9Z7.js';
 import 'node:http';
 
 declare class DiscoveryDocumentCache {
@@ -168,6 +168,7 @@ type Content = AudioContent | ImageContent | ResourceContent | ResourceLink | Te
 type ContentResult = {
     content: Content[];
     isError?: boolean;
+    structuredContent?: Record<string, unknown>;
 };
 type Completion = {
     hasMore?: boolean;
@@ -603,7 +604,7 @@ type Tool<T extends FastMCPSessionAuth, Params extends ToolParameters = ToolPara
     } & ToolAnnotations;
     canAccess?: (auth: T) => boolean;
     description?: string;
-    execute: (args: StandardSchemaV1.InferOutput<Params>, context: Context<T>) => Promise<AudioContent | ContentResult | ImageContent | ResourceContent | ResourceLink | string | TextContent | void>;
+    execute: (args: StandardSchemaV1.InferOutput<Params>, context: Context<T>) => Promise<AudioContent | ContentResult | ImageContent | ResourceContent | ResourceLink | StandardSchemaV1.InferOutput<OutputParams> | string | TextContent | void>;
     name: string;
     outputSchema?: OutputParams;
     parameters?: Params;

package/dist/FastMCP.js

@@ -7,7 +7,7 @@ import {
   UserError,
   audioContent,
   imageContent
-} from "./chunk-TNX4H4LB.js";
+} from "./chunk-DNGQLQWS.js";
 import {
   AuthProvider,
   AzureProvider,
@@ -20,7 +20,7 @@ import {
   requireAuth,
   requireRole,
   requireScopes
-} from "./chunk-HGUUOYR4.js";
+} from "./chunk-KHM5DJG7.js";
 export {
   AuthProvider,
   AzureProvider,

package/dist/{OAuthProvider-BS7O-cik.d.cts → OAuthProvider-vyjR-9Z7.d.cts}

@@ -226,6 +226,18 @@ interface OAuthProxyConfig {
     enableTokenSwap?: boolean;
     /** Encryption key for token storage (default: auto-generated). Set to false to disable encryption. */
     encryptionKey?: false | string;
+    /**
+     * Extra query parameters appended to the upstream authorization URL.
+     * Required by providers such as Google, which only issues a refresh_token
+     * when the authorization request carries `access_type=offline` (and
+     * re-issues it on re-auth with `prompt=consent`). Without these, access
+     * expires after the upstream token TTL and can never be renewed.
+     *
+     * Core OAuth parameters managed by the proxy (client_id, redirect_uri,
+     * response_type, state, scope, code_challenge, code_challenge_method)
+     * cannot be overridden — entries with those keys are ignored.
+     */
+    extraAuthorizationParams?: Record<string, string>;
     /** Forward client's PKCE to upstream (default: false) */
     forwardPkce?: boolean;
     /** Secret key for signing JWTs when token swap is enabled */

package/dist/{OAuthProvider-BS7O-cik.d.ts → OAuthProvider-vyjR-9Z7.d.ts}

@@ -226,6 +226,18 @@ interface OAuthProxyConfig {
     enableTokenSwap?: boolean;
     /** Encryption key for token storage (default: auto-generated). Set to false to disable encryption. */
     encryptionKey?: false | string;
+    /**
+     * Extra query parameters appended to the upstream authorization URL.
+     * Required by providers such as Google, which only issues a refresh_token
+     * when the authorization request carries `access_type=offline` (and
+     * re-issues it on re-auth with `prompt=consent`). Without these, access
+     * expires after the upstream token TTL and can never be renewed.
+     *
+     * Core OAuth parameters managed by the proxy (client_id, redirect_uri,
+     * response_type, state, scope, code_challenge, code_challenge_method)
+     * cannot be overridden — entries with those keys are ignored.
+     */
+    extraAuthorizationParams?: Record<string, string>;
     /** Forward client's PKCE to upstream (default: false) */
     forwardPkce?: boolean;
     /** Secret key for signing JWTs when token swap is enabled */

package/dist/auth/index.cjs

@@ -24,7 +24,7 @@
 
 
 
-var _chunkOARN6YYKcjs = require('../chunk-OARN6YYK.cjs');
+var _chunkJFLKZGBGcjs = require('../chunk-JFLKZGBG.cjs');
 
 
 
@@ -51,5 +51,5 @@ var _chunkOARN6YYKcjs = require('../chunk-OARN6YYK.cjs');
 
 
 
-exports.AuthProvider = _chunkOARN6YYKcjs.AuthProvider; exports.AzureProvider = _chunkOARN6YYKcjs.AzureProvider; exports.ConsentManager = _chunkOARN6YYKcjs.ConsentManager; exports.DEFAULT_ACCESS_TOKEN_TTL = _chunkOARN6YYKcjs.DEFAULT_ACCESS_TOKEN_TTL; exports.DEFAULT_ACCESS_TOKEN_TTL_NO_REFRESH = _chunkOARN6YYKcjs.DEFAULT_ACCESS_TOKEN_TTL_NO_REFRESH; exports.DEFAULT_AUTHORIZATION_CODE_TTL = _chunkOARN6YYKcjs.DEFAULT_AUTHORIZATION_CODE_TTL; exports.DEFAULT_REFRESH_TOKEN_TTL = _chunkOARN6YYKcjs.DEFAULT_REFRESH_TOKEN_TTL; exports.DEFAULT_TRANSACTION_TTL = _chunkOARN6YYKcjs.DEFAULT_TRANSACTION_TTL; exports.DiskStore = _chunkOARN6YYKcjs.DiskStore; exports.EncryptedTokenStorage = _chunkOARN6YYKcjs.EncryptedTokenStorage; exports.GitHubProvider = _chunkOARN6YYKcjs.GitHubProvider; exports.GoogleProvider = _chunkOARN6YYKcjs.GoogleProvider; exports.JWKSVerifier = _chunkOARN6YYKcjs.JWKSVerifier; exports.JWTIssuer = _chunkOARN6YYKcjs.JWTIssuer; exports.MemoryTokenStorage = _chunkOARN6YYKcjs.MemoryTokenStorage; exports.OAuthProvider = _chunkOARN6YYKcjs.OAuthProvider; exports.OAuthProxy = _chunkOARN6YYKcjs.OAuthProxy; exports.OAuthProxyError = _chunkOARN6YYKcjs.OAuthProxyError; exports.PKCEUtils = _chunkOARN6YYKcjs.PKCEUtils; exports.getAuthSession = _chunkOARN6YYKcjs.getAuthSession; exports.requireAll = _chunkOARN6YYKcjs.requireAll; exports.requireAny = _chunkOARN6YYKcjs.requireAny; exports.requireAuth = _chunkOARN6YYKcjs.requireAuth; exports.requireRole = _chunkOARN6YYKcjs.requireRole; exports.requireScopes = _chunkOARN6YYKcjs.requireScopes;
+exports.AuthProvider = _chunkJFLKZGBGcjs.AuthProvider; exports.AzureProvider = _chunkJFLKZGBGcjs.AzureProvider; exports.ConsentManager = _chunkJFLKZGBGcjs.ConsentManager; exports.DEFAULT_ACCESS_TOKEN_TTL = _chunkJFLKZGBGcjs.DEFAULT_ACCESS_TOKEN_TTL; exports.DEFAULT_ACCESS_TOKEN_TTL_NO_REFRESH = _chunkJFLKZGBGcjs.DEFAULT_ACCESS_TOKEN_TTL_NO_REFRESH; exports.DEFAULT_AUTHORIZATION_CODE_TTL = _chunkJFLKZGBGcjs.DEFAULT_AUTHORIZATION_CODE_TTL; exports.DEFAULT_REFRESH_TOKEN_TTL = _chunkJFLKZGBGcjs.DEFAULT_REFRESH_TOKEN_TTL; exports.DEFAULT_TRANSACTION_TTL = _chunkJFLKZGBGcjs.DEFAULT_TRANSACTION_TTL; exports.DiskStore = _chunkJFLKZGBGcjs.DiskStore; exports.EncryptedTokenStorage = _chunkJFLKZGBGcjs.EncryptedTokenStorage; exports.GitHubProvider = _chunkJFLKZGBGcjs.GitHubProvider; exports.GoogleProvider = _chunkJFLKZGBGcjs.GoogleProvider; exports.JWKSVerifier = _chunkJFLKZGBGcjs.JWKSVerifier; exports.JWTIssuer = _chunkJFLKZGBGcjs.JWTIssuer; exports.MemoryTokenStorage = _chunkJFLKZGBGcjs.MemoryTokenStorage; exports.OAuthProvider = _chunkJFLKZGBGcjs.OAuthProvider; exports.OAuthProxy = _chunkJFLKZGBGcjs.OAuthProxy; exports.OAuthProxyError = _chunkJFLKZGBGcjs.OAuthProxyError; exports.PKCEUtils = _chunkJFLKZGBGcjs.PKCEUtils; exports.getAuthSession = _chunkJFLKZGBGcjs.getAuthSession; exports.requireAll = _chunkJFLKZGBGcjs.requireAll; exports.requireAny = _chunkJFLKZGBGcjs.requireAny; exports.requireAuth = _chunkJFLKZGBGcjs.requireAuth; exports.requireRole = _chunkJFLKZGBGcjs.requireRole; exports.requireScopes = _chunkJFLKZGBGcjs.requireScopes;
 //# sourceMappingURL=index.cjs.map

package/dist/auth/index.d.cts

@@ -1,5 +1,5 @@
-import { p as OAuthTransaction, C as ConsentData, T as TokenStorage, q as TokenVerifier, s as TokenVerificationResult, P as PKCEPair } from '../OAuthProvider-BS7O-cik.cjs';
-export { A as AuthProvider, j as AuthProviderConfig, y as AuthorizationParams, b as AzureProvider, k as AzureProviderConfig, l as AzureSession, z as ClientCode, B as DCRClientMetadata, E as DCRRequest, F as DCRResponse, D as DEFAULT_ACCESS_TOKEN_TTL, u as DEFAULT_ACCESS_TOKEN_TTL_NO_REFRESH, v as DEFAULT_AUTHORIZATION_CODE_TTL, w as DEFAULT_REFRESH_TOKEN_TTL, x as DEFAULT_TRANSACTION_TTL, m as GenericOAuthProviderConfig, G as GitHubProvider, n as GitHubSession, c as GoogleProvider, o as GoogleSession, H as OAuthError, d as OAuthProvider, I as OAuthProviderConfig, a as OAuthProxy, J as OAuthProxyConfig, t as OAuthProxyError, O as OAuthSession, K as ProxyDCRClient, R as RefreshRequest, L as TokenMapping, M as TokenRequest, N as TokenResponse, U as UpstreamTokenSet, g as getAuthSession, r as requireAll, e as requireAny, f as requireAuth, h as requireRole, i as requireScopes } from '../OAuthProvider-BS7O-cik.cjs';
+import { p as OAuthTransaction, C as ConsentData, T as TokenStorage, q as TokenVerifier, s as TokenVerificationResult, P as PKCEPair } from '../OAuthProvider-vyjR-9Z7.cjs';
+export { A as AuthProvider, j as AuthProviderConfig, y as AuthorizationParams, b as AzureProvider, k as AzureProviderConfig, l as AzureSession, z as ClientCode, B as DCRClientMetadata, E as DCRRequest, F as DCRResponse, D as DEFAULT_ACCESS_TOKEN_TTL, u as DEFAULT_ACCESS_TOKEN_TTL_NO_REFRESH, v as DEFAULT_AUTHORIZATION_CODE_TTL, w as DEFAULT_REFRESH_TOKEN_TTL, x as DEFAULT_TRANSACTION_TTL, m as GenericOAuthProviderConfig, G as GitHubProvider, n as GitHubSession, c as GoogleProvider, o as GoogleSession, H as OAuthError, d as OAuthProvider, I as OAuthProviderConfig, a as OAuthProxy, J as OAuthProxyConfig, t as OAuthProxyError, O as OAuthSession, K as ProxyDCRClient, R as RefreshRequest, L as TokenMapping, M as TokenRequest, N as TokenResponse, U as UpstreamTokenSet, g as getAuthSession, r as requireAll, e as requireAny, f as requireAuth, h as requireRole, i as requireScopes } from '../OAuthProvider-vyjR-9Z7.cjs';
 import 'node:http';
 
 /**

package/dist/auth/index.d.ts

@@ -1,5 +1,5 @@
-import { p as OAuthTransaction, C as ConsentData, T as TokenStorage, q as TokenVerifier, s as TokenVerificationResult, P as PKCEPair } from '../OAuthProvider-BS7O-cik.js';
-export { A as AuthProvider, j as AuthProviderConfig, y as AuthorizationParams, b as AzureProvider, k as AzureProviderConfig, l as AzureSession, z as ClientCode, B as DCRClientMetadata, E as DCRRequest, F as DCRResponse, D as DEFAULT_ACCESS_TOKEN_TTL, u as DEFAULT_ACCESS_TOKEN_TTL_NO_REFRESH, v as DEFAULT_AUTHORIZATION_CODE_TTL, w as DEFAULT_REFRESH_TOKEN_TTL, x as DEFAULT_TRANSACTION_TTL, m as GenericOAuthProviderConfig, G as GitHubProvider, n as GitHubSession, c as GoogleProvider, o as GoogleSession, H as OAuthError, d as OAuthProvider, I as OAuthProviderConfig, a as OAuthProxy, J as OAuthProxyConfig, t as OAuthProxyError, O as OAuthSession, K as ProxyDCRClient, R as RefreshRequest, L as TokenMapping, M as TokenRequest, N as TokenResponse, U as UpstreamTokenSet, g as getAuthSession, r as requireAll, e as requireAny, f as requireAuth, h as requireRole, i as requireScopes } from '../OAuthProvider-BS7O-cik.js';
+import { p as OAuthTransaction, C as ConsentData, T as TokenStorage, q as TokenVerifier, s as TokenVerificationResult, P as PKCEPair } from '../OAuthProvider-vyjR-9Z7.js';
+export { A as AuthProvider, j as AuthProviderConfig, y as AuthorizationParams, b as AzureProvider, k as AzureProviderConfig, l as AzureSession, z as ClientCode, B as DCRClientMetadata, E as DCRRequest, F as DCRResponse, D as DEFAULT_ACCESS_TOKEN_TTL, u as DEFAULT_ACCESS_TOKEN_TTL_NO_REFRESH, v as DEFAULT_AUTHORIZATION_CODE_TTL, w as DEFAULT_REFRESH_TOKEN_TTL, x as DEFAULT_TRANSACTION_TTL, m as GenericOAuthProviderConfig, G as GitHubProvider, n as GitHubSession, c as GoogleProvider, o as GoogleSession, H as OAuthError, d as OAuthProvider, I as OAuthProviderConfig, a as OAuthProxy, J as OAuthProxyConfig, t as OAuthProxyError, O as OAuthSession, K as ProxyDCRClient, R as RefreshRequest, L as TokenMapping, M as TokenRequest, N as TokenResponse, U as UpstreamTokenSet, g as getAuthSession, r as requireAll, e as requireAny, f as requireAuth, h as requireRole, i as requireScopes } from '../OAuthProvider-vyjR-9Z7.js';
 import 'node:http';
 
 /**

package/dist/auth/index.js

@@ -24,7 +24,7 @@ import {
   requireAuth,
   requireRole,
   requireScopes
-} from "../chunk-HGUUOYR4.js";
+} from "../chunk-KHM5DJG7.js";
 export {
   AuthProvider,
   AzureProvider,

package/dist/{chunk-EXZZ3NKL.cjs → chunk-C3LTWBG3.cjs}

@@ -287,7 +287,8 @@ var ContentZodSchema = _zod.z.discriminatedUnion("type", [
 ]);
 var ContentResultZodSchema = _zod.z.object({
   content: ContentZodSchema.array(),
-  isError: _zod.z.boolean().optional()
+  isError: _zod.z.boolean().optional(),
+  structuredContent: _zod.z.record(_zod.z.string(), _zod.z.unknown()).optional()
 }).strict();
 var CompletionZodSchema = _zod.z.object({
   /**
@@ -598,6 +599,12 @@ ${error instanceof Error ? error.stack : JSON.stringify(error)}`
       });
     });
   }
+  #formatSchemaIssues(issues) {
+    return _optionalChain([this, 'access', _12 => _12.#utils, 'optionalAccess', _13 => _13.formatInvalidParamsErrorMessage]) ? this.#utils.formatInvalidParamsErrorMessage(issues) : issues.map((issue) => {
+      const path = _optionalChain([issue, 'access', _14 => _14.path, 'optionalAccess', _15 => _15.join, 'call', _16 => _16(".")]) || "root";
+      return `${path}: ${issue.message}`;
+    }).join(", ");
+  }
   #getPingConfig(transport) {
     const pingConfig = this.#pingConfig || {};
     let defaultEnabled = false;
@@ -612,6 +619,18 @@ ${error instanceof Error ? error.stack : JSON.stringify(error)}`
       logLevel: pingConfig.logLevel || "debug"
     };
   }
+  async #validateStructuredContent(tool, value, toolName) {
+    if (!tool.outputSchema) {
+      return value;
+    }
+    const parsed = await tool.outputSchema["~standard"].validate(value);
+    if (parsed.issues) {
+      throw new UserError(
+        `Tool '${toolName}' structured output validation failed: ${this.#formatSchemaIssues(parsed.issues)}. Please check the result matches the tool's outputSchema.`
+      );
+    }
+    return parsed.value;
+  }
   addPrompt(inputPrompt) {
     const completers = {};
     const enums = {};
@@ -929,7 +948,7 @@ ${error instanceof Error ? error.stack : JSON.stringify(error)}`
     );
   }
   setupRootsHandlers() {
-    if (_optionalChain([this, 'access', _12 => _12.#rootsConfig, 'optionalAccess', _13 => _13.enabled]) === false) {
+    if (_optionalChain([this, 'access', _17 => _17.#rootsConfig, 'optionalAccess', _18 => _18.enabled]) === false) {
       this.#logger.debug(
         "[FastMCP debug] roots capability explicitly disabled via config"
       );
@@ -1013,10 +1032,7 @@ ${error instanceof Error ? error.stack : JSON.stringify(error)}`
           request.params.arguments
         );
         if (parsed.issues) {
-          const friendlyErrors = _optionalChain([this, 'access', _14 => _14.#utils, 'optionalAccess', _15 => _15.formatInvalidParamsErrorMessage]) ? this.#utils.formatInvalidParamsErrorMessage(parsed.issues) : parsed.issues.map((issue) => {
-            const path = _optionalChain([issue, 'access', _16 => _16.path, 'optionalAccess', _17 => _17.join, 'call', _18 => _18(".")]) || "root";
-            return `${path}: ${issue.message}`;
-          }).join(", ");
+          const friendlyErrors = this.#formatSchemaIssues(parsed.issues);
           throw new (0, _typesjs.McpError)(
             _typesjs.ErrorCode.InvalidParams,
             `Tool '${request.params.name}' parameter validation failed: ${friendlyErrors}. Please check the parameter types and values according to the tool's schema.`
@@ -1150,6 +1166,30 @@ ${error instanceof Error ? error.stack : JSON.stringify(error)}`
           result = ContentResultZodSchema.parse({
             content: [maybeStringResult]
           });
+        } else if ("content" in maybeStringResult) {
+          result = ContentResultZodSchema.parse(maybeStringResult);
+          if (result.structuredContent !== void 0 && tool.outputSchema) {
+            result.structuredContent = await this.#validateStructuredContent(
+              tool,
+              result.structuredContent,
+              request.params.name
+            );
+          }
+        } else if (tool.outputSchema) {
+          const structuredContent = await this.#validateStructuredContent(
+            tool,
+            maybeStringResult,
+            request.params.name
+          );
+          result = ContentResultZodSchema.parse({
+            content: [
+              {
+                text: JSON.stringify(structuredContent),
+                type: "text"
+              }
+            ],
+            structuredContent
+          });
         } else {
           result = ContentResultZodSchema.parse(maybeStringResult);
         }
@@ -1745,13 +1785,15 @@ var FastMCP = class extends FastMCPEventEmitter {
       const path = _nullishCoalesce(healthConfig.path, () => ( "/health"));
       const url2 = new URL(req.url || "", `http://${host}`);
       try {
-        if (req.method === "GET" && url2.pathname === path) {
+        if ((req.method === "GET" || req.method === "HEAD") && url2.pathname === path) {
           res.writeHead(_nullishCoalesce(healthConfig.status, () => ( 200)), {
             "Content-Type": "text/plain"
-          }).end(_nullishCoalesce(healthConfig.message, () => ( "\u2713 Ok")));
+          }).end(
+            req.method === "HEAD" ? void 0 : _nullishCoalesce(healthConfig.message, () => ( "\u2713 Ok"))
+          );
           return;
         }
-        if (req.method === "GET" && url2.pathname === "/ready") {
+        if ((req.method === "GET" || req.method === "HEAD") && url2.pathname === "/ready") {
           if (isStateless) {
             const response = {
               mode: "stateless",
@@ -1761,7 +1803,9 @@ var FastMCP = class extends FastMCPEventEmitter {
             };
             res.writeHead(200, {
               "Content-Type": "application/json"
-            }).end(JSON.stringify(response));
+            }).end(
+              req.method === "HEAD" ? void 0 : JSON.stringify(response)
+            );
           } else {
             const readySessions = this.#sessions.filter(
               (s) => s.isReady
@@ -1775,7 +1819,9 @@ var FastMCP = class extends FastMCPEventEmitter {
             };
             res.writeHead(allReady ? 200 : 503, {
               "Content-Type": "application/json"
-            }).end(JSON.stringify(response));
+            }).end(
+              req.method === "HEAD" ? void 0 : JSON.stringify(response)
+            );
           }
           return;
         }
@@ -2120,4 +2166,4 @@ var FastMCP = class extends FastMCPEventEmitter {
 
 
 exports.DiscoveryDocumentCache = DiscoveryDocumentCache; exports.imageContent = imageContent; exports.audioContent = audioContent; exports.UnexpectedStateError = UnexpectedStateError; exports.UserError = UserError; exports.ServerState = ServerState; exports.FastMCPSession = FastMCPSession; exports.FastMCP = FastMCP;
-//# sourceMappingURL=chunk-EXZZ3NKL.cjs.map
+//# sourceMappingURL=chunk-C3LTWBG3.cjs.map