hono-agents 0.0.0-4dafe91 → 0.0.0-4e285b2

package/dist/index.js

@@ -1,9 +1,10 @@
 import "partysocket";
 import { nanoid } from "nanoid";
+import { CfWorkerJsonSchemaValidator } from "@modelcontextprotocol/sdk/validation/cfworker-provider.js";
 import { Client } from "@modelcontextprotocol/sdk/client/index.js";
-import { ElicitRequestSchema, PromptListChangedNotificationSchema, ResourceListChangedNotificationSchema, ToolListChangedNotificationSchema } from "@modelcontextprotocol/sdk/types.js";
 import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
 import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
+import { ElicitRequestSchema, PromptListChangedNotificationSchema, ResourceListChangedNotificationSchema, ToolListChangedNotificationSchema } from "@modelcontextprotocol/sdk/types.js";
 import { AsyncLocalStorage } from "node:async_hooks";
 import { parseCronExpression } from "cron-schedule";
 import "cloudflare:email";
@@ -43,7 +44,96 @@ function camelCaseToKebabCase(str) {
 }
 
 //#endregion
-//#region ../agents/dist/client-9Ld2_lnt.js
+//#region ../agents/dist/do-oauth-client-provider-D2P1lSft.js
+var DurableObjectOAuthClientProvider = class {
+	constructor(storage, clientName, baseRedirectUrl) {
+		this.storage = storage;
+		this.clientName = clientName;
+		this.baseRedirectUrl = baseRedirectUrl;
+	}
+	get clientMetadata() {
+		return {
+			client_name: this.clientName,
+			client_uri: this.clientUri,
+			grant_types: ["authorization_code", "refresh_token"],
+			redirect_uris: [this.redirectUrl],
+			response_types: ["code"],
+			token_endpoint_auth_method: "none"
+		};
+	}
+	get clientUri() {
+		return new URL(this.redirectUrl).origin;
+	}
+	get redirectUrl() {
+		return `${this.baseRedirectUrl}/${this.serverId}`;
+	}
+	get clientId() {
+		if (!this._clientId_) throw new Error("Trying to access clientId before it was set");
+		return this._clientId_;
+	}
+	set clientId(clientId_) {
+		this._clientId_ = clientId_;
+	}
+	get serverId() {
+		if (!this._serverId_) throw new Error("Trying to access serverId before it was set");
+		return this._serverId_;
+	}
+	set serverId(serverId_) {
+		this._serverId_ = serverId_;
+	}
+	keyPrefix(clientId) {
+		return `/${this.clientName}/${this.serverId}/${clientId}`;
+	}
+	clientInfoKey(clientId) {
+		return `${this.keyPrefix(clientId)}/client_info/`;
+	}
+	async clientInformation() {
+		if (!this._clientId_) return;
+		return await this.storage.get(this.clientInfoKey(this.clientId)) ?? void 0;
+	}
+	async saveClientInformation(clientInformation) {
+		await this.storage.put(this.clientInfoKey(clientInformation.client_id), clientInformation);
+		this.clientId = clientInformation.client_id;
+	}
+	tokenKey(clientId) {
+		return `${this.keyPrefix(clientId)}/token`;
+	}
+	async tokens() {
+		if (!this._clientId_) return;
+		return await this.storage.get(this.tokenKey(this.clientId)) ?? void 0;
+	}
+	async saveTokens(tokens) {
+		await this.storage.put(this.tokenKey(this.clientId), tokens);
+	}
+	get authUrl() {
+		return this._authUrl_;
+	}
+	/**
+	* Because this operates on the server side (but we need browser auth), we send this url back to the user
+	* and require user interact to initiate the redirect flow
+	*/
+	redirectToAuthorization(authUrl) {
+		const stateToken = nanoid();
+		authUrl.searchParams.set("state", stateToken);
+		this._authUrl_ = authUrl.toString();
+	}
+	codeVerifierKey(clientId) {
+		return `${this.keyPrefix(clientId)}/code_verifier`;
+	}
+	async saveCodeVerifier(verifier) {
+		const key = this.codeVerifierKey(this.clientId);
+		if (await this.storage.get(key)) return;
+		await this.storage.put(key, verifier);
+	}
+	async codeVerifier() {
+		const codeVerifier = await this.storage.get(this.codeVerifierKey(this.clientId));
+		if (!codeVerifier) throw new Error("No code verifier found");
+		return codeVerifier;
+	}
+};
+
+//#endregion
+//#region ../agents/dist/client-DpkZyXgJ.js
 function toDisposable(fn) {
 	return { dispose: fn };
 }
@@ -91,74 +181,6 @@ function isTransportNotImplemented(error) {
 	const msg = toErrorMessage(error);
 	return msg.includes("404") || msg.includes("405") || msg.includes("Not Implemented") || msg.includes("not implemented");
 }
-var SSEEdgeClientTransport = class extends SSEClientTransport {
-	/**
-	* Creates a new EdgeSSEClientTransport, which overrides fetch to be compatible with the CF workers environment
-	*/
-	constructor(url, options) {
-		const fetchOverride = async (fetchUrl, fetchInit = {}) => {
-			const headers = await this.authHeaders();
-			const workerOptions = {
-				...fetchInit,
-				headers: {
-					...options.requestInit?.headers,
-					...fetchInit?.headers,
-					...headers
-				}
-			};
-			delete workerOptions.mode;
-			return options.eventSourceInit?.fetch?.(fetchUrl, workerOptions) || fetch(fetchUrl, workerOptions);
-		};
-		super(url, {
-			...options,
-			eventSourceInit: {
-				...options.eventSourceInit,
-				fetch: fetchOverride
-			}
-		});
-		this.authProvider = options.authProvider;
-	}
-	async authHeaders() {
-		if (this.authProvider) {
-			const tokens = await this.authProvider.tokens();
-			if (tokens) return { Authorization: `Bearer ${tokens.access_token}` };
-		}
-	}
-};
-var StreamableHTTPEdgeClientTransport = class extends StreamableHTTPClientTransport {
-	/**
-	* Creates a new StreamableHTTPEdgeClientTransport, which overrides fetch to be compatible with the CF workers environment
-	*/
-	constructor(url, options) {
-		const fetchOverride = async (fetchUrl, fetchInit = {}) => {
-			const headers = await this.authHeaders();
-			const workerOptions = {
-				...fetchInit,
-				headers: {
-					...options.requestInit?.headers,
-					...fetchInit?.headers,
-					...headers
-				}
-			};
-			delete workerOptions.mode;
-			return options.requestInit?.fetch?.(fetchUrl, workerOptions) || fetch(fetchUrl, workerOptions);
-		};
-		super(url, {
-			...options,
-			requestInit: {
-				...options.requestInit,
-				fetch: fetchOverride
-			}
-		});
-		this.authProvider = options.authProvider;
-	}
-	async authHeaders() {
-		if (this.authProvider) {
-			const tokens = await this.authProvider.tokens();
-			if (tokens) return { Authorization: `Bearer ${tokens.access_token}` };
-		}
-	}
-};
 var MCPClientConnection = class {
 	constructor(url, info, options = {
 		client: {},
@@ -402,8 +424,8 @@ var MCPClientConnection = class {
 	*/
 	getTransport(transportType) {
 		switch (transportType) {
-			case "streamable-http": return new StreamableHTTPEdgeClientTransport(this.url, this.options.transport);
-			case "sse": return new SSEEdgeClientTransport(this.url, this.options.transport);
+			case "streamable-http": return new StreamableHTTPClientTransport(this.url, this.options.transport);
+			case "sse": return new SSEClientTransport(this.url, this.options.transport);
 			default: throw new Error(`Unsupported transport type: ${transportType}`);
 		}
 	}
@@ -475,6 +497,7 @@ var MCPClientConnection = class {
 		};
 	}
 };
+const defaultClientOptions = { jsonSchemaValidator: new CfWorkerJsonSchemaValidator() };
 /**
 * Utility class that aggregates multiple MCP clients into one
 */
@@ -482,26 +505,88 @@ var MCPClientManager = class {
 	/**
 	* @param _name Name of the MCP client
 	* @param _version Version of the MCP Client
-	* @param auth Auth paramters if being used to create a DurableObjectOAuthClientProvider
+	* @param options Storage adapter for persisting MCP server state
 	*/
-	constructor(_name, _version) {
+	constructor(_name, _version, options) {
 		this._name = _name;
 		this._version = _version;
 		this.mcpConnections = {};
-		this._callbackUrls = [];
 		this._didWarnAboutUnstableGetAITools = false;
 		this._connectionDisposables = /* @__PURE__ */ new Map();
+		this._isRestored = false;
 		this._onObservabilityEvent = new Emitter();
 		this.onObservabilityEvent = this._onObservabilityEvent.event;
-		this._onConnected = new Emitter();
-		this.onConnected = this._onConnected.event;
+		this._onServerStateChanged = new Emitter();
+		this.onServerStateChanged = this._onServerStateChanged.event;
+		this._storage = options.storage;
+	}
+	/**
+	* Create an auth provider for a server
+	* @internal
+	*/
+	createAuthProvider(serverId, callbackUrl, clientName, clientId) {
+		const authProvider = new DurableObjectOAuthClientProvider(this._storage, clientName, callbackUrl);
+		authProvider.serverId = serverId;
+		if (clientId) authProvider.clientId = clientId;
+		return authProvider;
+	}
+	/**
+	* Restore MCP server connections from storage
+	* This method is called on Agent initialization to restore previously connected servers
+	*
+	* @param clientName Name to use for OAuth client (typically the agent instance name)
+	*/
+	async restoreConnectionsFromStorage(clientName) {
+		if (this._isRestored) return;
+		const servers = await this._storage.listServers();
+		if (!servers || servers.length === 0) {
+			this._isRestored = true;
+			return;
+		}
+		for (const server of servers) {
+			const existingConn = this.mcpConnections[server.id];
+			if (existingConn) {
+				if (existingConn.connectionState === "ready") {
+					console.warn(`[MCPClientManager] Server ${server.id} already has a ready connection. Skipping recreation.`);
+					continue;
+				}
+				if (existingConn.connectionState === "authenticating" || existingConn.connectionState === "connecting" || existingConn.connectionState === "discovering") continue;
+				if (existingConn.connectionState === "failed") {
+					try {
+						await existingConn.client.close();
+					} catch (error) {
+						console.warn(`[MCPClientManager] Error closing failed connection ${server.id}:`, error);
+					}
+					delete this.mcpConnections[server.id];
+					this._connectionDisposables.get(server.id)?.dispose();
+					this._connectionDisposables.delete(server.id);
+				}
+			}
+			const parsedOptions = server.server_options ? JSON.parse(server.server_options) : null;
+			const authProvider = this.createAuthProvider(server.id, server.callback_url, clientName, server.client_id ?? void 0);
+			this.createConnection(server.id, server.server_url, {
+				client: parsedOptions?.client ?? {},
+				transport: {
+					...parsedOptions?.transport ?? {},
+					type: parsedOptions?.transport?.type ?? "auto",
+					authProvider
+				}
+			});
+			await this.connectToServer(server.id).catch((error) => {
+				console.error(`Error restoring ${server.id}:`, error);
+			});
+		}
+		this._isRestored = true;
 	}
 	/**
 	* Connect to and register an MCP server
 	*
-	* @param transportConfig Transport config
-	* @param clientConfig Client config
-	* @param capabilities Client capabilities (i.e. if the client supports roots/sampling)
+	* @deprecated This method is maintained for backward compatibility.
+	* For new code, use registerServer() and connectToServer() separately.
+	*
+	* @param url Server URL
+	* @param options Connection options
+	* @returns Object with server ID, auth URL (if OAuth), and client ID (if OAuth)
 	*/
 	async connect(url, options = {}) {
 		/**
@@ -511,10 +596,7 @@ var MCPClientManager = class {
 		* .connect() is called on at least one server.
 		* So it's safe to delay loading it until .connect() is called.
 		*/
-		if (!this.jsonSchema) {
-			const { jsonSchema } = await import("ai");
-			this.jsonSchema = jsonSchema;
-		}
+		await this.ensureJsonSchema();
 		const id = options.reconnect?.id ?? nanoid(8);
 		if (options.transport?.authProvider) {
 			options.transport.authProvider.serverId = id;
@@ -560,35 +642,139 @@ var MCPClientManager = class {
 			throw error;
 		}
 		const authUrl = options.transport?.authProvider?.authUrl;
-		if (this.mcpConnections[id].connectionState === "authenticating" && authUrl && options.transport?.authProvider?.redirectUrl) {
-			this._callbackUrls.push(options.transport.authProvider.redirectUrl.toString());
+		if (this.mcpConnections[id].connectionState === "authenticating" && authUrl && options.transport?.authProvider?.redirectUrl) return {
+			authUrl,
+			clientId: options.transport?.authProvider?.clientId,
+			id
+		};
+		return { id };
+	}
+	/**
+	* Create an in-memory connection object and set up observability
+	* Does NOT save to storage - use registerServer() for that
+	*/
+	createConnection(id, url, options) {
+		if (this.mcpConnections[id]) return;
+		const normalizedTransport = {
+			...options.transport,
+			type: options.transport?.type ?? "auto"
+		};
+		this.mcpConnections[id] = new MCPClientConnection(new URL(url), {
+			name: this._name,
+			version: this._version
+		}, {
+			client: {
+				...defaultClientOptions,
+				...options.client
+			},
+			transport: normalizedTransport
+		});
+		const store = new DisposableStore();
+		const existing = this._connectionDisposables.get(id);
+		if (existing) existing.dispose();
+		this._connectionDisposables.set(id, store);
+		store.add(this.mcpConnections[id].onObservabilityEvent((event) => {
+			this._onObservabilityEvent.fire(event);
+		}));
+	}
+	/**
+	* Register an MCP server connection without connecting
+	* Creates the connection object, sets up observability, and saves to storage
+	*
+	* @param id Server ID
+	* @param options Registration options including URL, name, callback URL, and connection config
+	* @returns Server ID
+	*/
+	async registerServer(id, options) {
+		this.createConnection(id, options.url, {
+			client: options.client,
+			transport: {
+				...options.transport,
+				type: options.transport?.type ?? "auto"
+			}
+		});
+		await this._storage.saveServer({
+			id,
+			name: options.name,
+			server_url: options.url,
+			callback_url: options.callbackUrl,
+			client_id: options.clientId ?? null,
+			auth_url: options.authUrl ?? null,
+			server_options: JSON.stringify({
+				client: options.client,
+				transport: options.transport
+			})
+		});
+		this._onServerStateChanged.fire();
+		return id;
+	}
+	/**
+	* Connect to an already registered MCP server and initialize the connection.
+	*
+	* For OAuth servers, this returns `{ state: "authenticating", authUrl, clientId? }`
+	* without establishing the connection. The user must complete the OAuth flow via
+	* the authUrl, which will trigger a callback handled by `handleCallbackRequest()`.
+	*
+	* For non-OAuth servers, this establishes the connection immediately and returns
+	* `{ state: "ready" }`.
+	*
+	* Updates storage with auth URL and client ID after connection.
+	*
+	* @param id Server ID (must be registered first via registerServer())
+	* @returns Connection result with current state and OAuth info (if applicable)
+	*/
+	async connectToServer(id) {
+		const conn = this.mcpConnections[id];
+		if (!conn) throw new Error(`Server ${id} is not registered. Call registerServer() first.`);
+		await conn.init();
+		const authUrl = conn.options.transport.authProvider?.authUrl;
+		if (conn.connectionState === "authenticating" && authUrl && conn.options.transport.authProvider?.redirectUrl) {
+			const clientId = conn.options.transport.authProvider?.clientId;
+			const serverRow = (await this._storage.listServers()).find((s) => s.id === id);
+			if (serverRow) await this._storage.saveServer({
+				...serverRow,
+				auth_url: authUrl,
+				client_id: clientId ?? null
+			});
+			this._onServerStateChanged.fire();
 			return {
+				state: "authenticating",
 				authUrl,
-				clientId: options.transport?.authProvider?.clientId,
-				id
+				clientId
 			};
 		}
-		return { id };
+		if (conn.connectionState === "ready") this._onServerStateChanged.fire();
+		return { state: "ready" };
 	}
-	isCallbackRequest(req) {
-		return req.method === "GET" && !!this._callbackUrls.find((url) => {
-			return req.url.startsWith(url);
-		});
+	async isCallbackRequest(req) {
+		if (req.method !== "GET") return false;
+		if (!req.url.includes("/callback")) return false;
+		return (await this._storage.listServers()).some((server) => server.callback_url && req.url.startsWith(server.callback_url));
 	}
 	async handleCallbackRequest(req) {
 		const url = new URL(req.url);
-		const urlMatch = this._callbackUrls.find((url$1) => {
-			return req.url.startsWith(url$1);
+		const matchingServer = (await this._storage.listServers()).find((server) => {
+			return server.callback_url && req.url.startsWith(server.callback_url);
 		});
-		if (!urlMatch) throw new Error(`No callback URI match found for the request url: ${req.url}. Was the request matched with \`isCallbackRequest()\`?`);
+		if (!matchingServer) throw new Error(`No callback URI match found for the request url: ${req.url}. Was the request matched with \`isCallbackRequest()\`?`);
+		const serverId = matchingServer.id;
 		const code = url.searchParams.get("code");
 		const state = url.searchParams.get("state");
-		const urlParams = urlMatch.split("/");
-		const serverId = urlParams[urlParams.length - 1];
+		const error = url.searchParams.get("error");
+		const errorDescription = url.searchParams.get("error_description");
+		if (error) return {
+			serverId,
+			authSuccess: false,
+			authError: errorDescription || error
+		};
 		if (!code) throw new Error("Unauthorized: no code provided");
 		if (!state) throw new Error("Unauthorized: no state provided");
 		if (this.mcpConnections[serverId] === void 0) throw new Error(`Could not find serverId: ${serverId}`);
-		if (this.mcpConnections[serverId].connectionState !== "authenticating") throw new Error("Failed to authenticate: the client isn't in the `authenticating` state");
+		if (this.mcpConnections[serverId].connectionState === "ready") return {
+			serverId,
+			authSuccess: true
+		};
+		if (this.mcpConnections[serverId].connectionState !== "authenticating") throw new Error(`Failed to authenticate: the client is in "${this.mcpConnections[serverId].connectionState}" state, expected "authenticating"`);
 		const conn = this.mcpConnections[serverId];
 		if (!conn.options.transport.authProvider) throw new Error("Trying to finalize authentication for a server connection without an authProvider");
 		const clientId = conn.options.transport.authProvider.clientId || state;
@@ -596,15 +782,19 @@ var MCPClientManager = class {
 		conn.options.transport.authProvider.serverId = serverId;
 		try {
 			await conn.completeAuthorization(code);
+			await this._storage.clearAuthUrl(serverId);
+			this._onServerStateChanged.fire();
 			return {
 				serverId,
 				authSuccess: true
 			};
-		} catch (error) {
+		} catch (error$1) {
+			const errorMessage = error$1 instanceof Error ? error$1.message : String(error$1);
+			this._onServerStateChanged.fire();
 			return {
 				serverId,
 				authSuccess: false,
-				authError: error instanceof Error ? error.message : String(error)
+				authError: errorMessage
 			};
 		}
 	}
@@ -627,7 +817,7 @@ var MCPClientManager = class {
 		}
 		try {
 			await conn.establishConnection();
-			this._onConnected.fire(serverId);
+			this._onServerStateChanged.fire();
 		} catch (error) {
 			const url = conn.url.toString();
 			this._onObservabilityEvent.fire({
@@ -642,23 +832,10 @@ var MCPClientManager = class {
 				timestamp: Date.now(),
 				id: nanoid()
 			});
+			this._onServerStateChanged.fire();
 		}
 	}
 	/**
-	* Register a callback URL for OAuth handling
-	* @param url The callback URL to register
-	*/
-	registerCallbackUrl(url) {
-		if (!this._callbackUrls.includes(url)) this._callbackUrls.push(url);
-	}
-	/**
-	* Unregister a callback URL
-	* @param serverId The server ID whose callback URL should be removed
-	*/
-	unregisterCallbackUrl(serverId) {
-		this._callbackUrls = this._callbackUrls.filter((url) => !url.endsWith(`/${serverId}`));
-	}
-	/**
 	* Configure OAuth callback handling
 	* @param config OAuth callback configuration
 	*/
@@ -679,9 +856,28 @@ var MCPClientManager = class {
 		return getNamespacedData(this.mcpConnections, "tools");
 	}
 	/**
+	* Lazy-loads the jsonSchema function from the AI SDK.
+	*
+	* This defers importing the "ai" package until it's actually needed, which helps reduce
+	* initial bundle size and startup time. The jsonSchema function is required for converting
+	* MCP tools into AI SDK tool definitions via getAITools().
+	*
+	* @internal This method is for internal use only. It's automatically called before operations
+	* that need jsonSchema (like getAITools() or OAuth flows). External consumers should not need
+	* to call this directly.
+	*/
+	async ensureJsonSchema() {
+		if (!this.jsonSchema) {
+			const { jsonSchema } = await import("ai");
+			this.jsonSchema = jsonSchema;
+		}
+	}
+	/**
 	* @returns a set of tools that you can use with the AI SDK
 	*/
 	getAITools() {
+		if (!this.jsonSchema) throw new Error("jsonSchema not initialized.");
+		for (const [id, conn] of Object.entries(this.mcpConnections)) if (conn.connectionState !== "ready" && conn.connectionState !== "authenticating") console.warn(`[getAITools] WARNING: Reading tools from connection ${id} in state "${conn.connectionState}". Tools may not be loaded yet.`);
 		return Object.fromEntries(getNamespacedData(this.mcpConnections, "tools").map((tool) => {
 			return [`tool_${tool.serverId.replace(/-/g, "")}_${tool.name}`, {
 				description: tool.description,
@@ -738,13 +934,26 @@ var MCPClientManager = class {
 		this._connectionDisposables.delete(id);
 	}
 	/**
+	* Remove an MCP server from storage
+	*/
+	async removeServer(serverId) {
+		await this._storage.removeServer(serverId);
+		this._onServerStateChanged.fire();
+	}
+	/**
+	* List all MCP servers from storage
+	*/
+	async listServers() {
+		return await this._storage.listServers();
+	}
+	/**
 	* Dispose the manager and all resources.
 	*/
 	async dispose() {
 		try {
 			await this.closeAllConnections();
 		} finally {
-			this._onConnected.dispose();
+			this._onServerStateChanged.dispose();
 			this._onObservabilityEvent.dispose();
 		}
 	}
@@ -806,96 +1015,72 @@ function getNamespacedData(mcpClients, type) {
 }
 
 //#endregion
-//#region ../agents/dist/do-oauth-client-provider-CswoD5Lu.js
-var DurableObjectOAuthClientProvider = class {
-	constructor(storage, clientName, baseRedirectUrl) {
-		this.storage = storage;
-		this.clientName = clientName;
-		this.baseRedirectUrl = baseRedirectUrl;
-	}
-	get clientMetadata() {
-		return {
-			client_name: this.clientName,
-			client_uri: this.clientUri,
-			grant_types: ["authorization_code", "refresh_token"],
-			redirect_uris: [this.redirectUrl],
-			response_types: ["code"],
-			token_endpoint_auth_method: "none"
-		};
-	}
-	get clientUri() {
-		return new URL(this.redirectUrl).origin;
-	}
-	get redirectUrl() {
-		return `${this.baseRedirectUrl}/${this.serverId}`;
-	}
-	get clientId() {
-		if (!this._clientId_) throw new Error("Trying to access clientId before it was set");
-		return this._clientId_;
-	}
-	set clientId(clientId_) {
-		this._clientId_ = clientId_;
-	}
-	get serverId() {
-		if (!this._serverId_) throw new Error("Trying to access serverId before it was set");
-		return this._serverId_;
-	}
-	set serverId(serverId_) {
-		this._serverId_ = serverId_;
-	}
-	keyPrefix(clientId) {
-		return `/${this.clientName}/${this.serverId}/${clientId}`;
-	}
-	clientInfoKey(clientId) {
-		return `${this.keyPrefix(clientId)}/client_info/`;
-	}
-	async clientInformation() {
-		if (!this._clientId_) return;
-		return await this.storage.get(this.clientInfoKey(this.clientId)) ?? void 0;
-	}
-	async saveClientInformation(clientInformation) {
-		await this.storage.put(this.clientInfoKey(clientInformation.client_id), clientInformation);
-		this.clientId = clientInformation.client_id;
-	}
-	tokenKey(clientId) {
-		return `${this.keyPrefix(clientId)}/token`;
+//#region ../agents/dist/src-Dk8lwxHf.js
+/**
+* SQL-based storage adapter that wraps SQL operations
+* Used by Agent class to provide SQL access to MCPClientManager
+*/
+var AgentMCPClientStorage = class {
+	constructor(sql, kv) {
+		this.sql = sql;
+		this.kv = kv;
 	}
-	async tokens() {
-		if (!this._clientId_) return;
-		return await this.storage.get(this.tokenKey(this.clientId)) ?? void 0;
+	async saveServer(server) {
+		this.sql`
+      INSERT OR REPLACE INTO cf_agents_mcp_servers (
+        id,
+        name,
+        server_url,
+        client_id,
+        auth_url,
+        callback_url,
+        server_options
+      )
+      VALUES (
+        ${server.id},
+        ${server.name},
+        ${server.server_url},
+        ${server.client_id ?? null},
+        ${server.auth_url ?? null},
+        ${server.callback_url},
+        ${server.server_options ?? null}
+      )
+    `;
 	}
-	async saveTokens(tokens) {
-		await this.storage.put(this.tokenKey(this.clientId), tokens);
+	async removeServer(serverId) {
+		this.sql`
+      DELETE FROM cf_agents_mcp_servers WHERE id = ${serverId}
+    `;
 	}
-	get authUrl() {
-		return this._authUrl_;
+	async listServers() {
+		return this.sql`
+      SELECT id, name, server_url, client_id, auth_url, callback_url, server_options
+      FROM cf_agents_mcp_servers
+    `;
 	}
-	/**
-	* Because this operates on the server side (but we need browser auth), we send this url back to the user
-	* and require user interact to initiate the redirect flow
-	*/
-	async redirectToAuthorization(authUrl) {
-		const stateToken = nanoid();
-		authUrl.searchParams.set("state", stateToken);
-		this._authUrl_ = authUrl.toString();
+	async getServerByCallbackUrl(callbackUrl) {
+		const results = this.sql`
+      SELECT id, name, server_url, client_id, auth_url, callback_url, server_options
+      FROM cf_agents_mcp_servers
+      WHERE callback_url = ${callbackUrl}
+      LIMIT 1
+    `;
+		return results.length > 0 ? results[0] : null;
 	}
-	codeVerifierKey(clientId) {
-		return `${this.keyPrefix(clientId)}/code_verifier`;
+	async clearAuthUrl(serverId) {
+		this.sql`
+      UPDATE cf_agents_mcp_servers
+      SET auth_url = NULL
+      WHERE id = ${serverId}
+    `;
 	}
-	async saveCodeVerifier(verifier) {
-		const key = this.codeVerifierKey(this.clientId);
-		if (await this.storage.get(key)) return;
-		await this.storage.put(key, verifier);
+	async get(key) {
+		return this.kv.get(key);
 	}
-	async codeVerifier() {
-		const codeVerifier = await this.storage.get(this.codeVerifierKey(this.clientId));
-		if (!codeVerifier) throw new Error("No code verifier found");
-		return codeVerifier;
+	async put(key, value) {
+		return this.kv.put(key, value);
 	}
 };
-
-//#endregion
-//#region ../agents/dist/src-Dz0H9hSU.js
 /**
 * A generic observability implementation that logs events to the console.
 */
@@ -1014,9 +1199,8 @@ var Agent = class Agent$1 extends Server {
 		super(ctx, env$1);
 		this._state = DEFAULT_STATE;
 		this._disposables = new DisposableStore();
-		this._mcpStateRestored = false;
+		this._destroyed = false;
 		this._ParentClass = Object.getPrototypeOf(this).constructor;
-		this.mcp = new MCPClientManager(this._ParentClass.name, "0.0.1");
 		this.initialState = DEFAULT_STATE;
 		this.observability = genericObservability;
 		this._flushingQueue = false;
@@ -1054,28 +1238,45 @@ var Agent = class Agent$1 extends Server {
 					}
 				});
 				if (row.type === "cron") {
+					if (this._destroyed) return;
 					const nextExecutionTime = getNextCronTime(row.cron);
 					const nextTimestamp = Math.floor(nextExecutionTime.getTime() / 1e3);
 					this.sql`
           UPDATE cf_agents_schedules SET time = ${nextTimestamp} WHERE id = ${row.id}
         `;
-				} else this.sql`
+				} else {
+					if (this._destroyed) return;
+					this.sql`
           DELETE FROM cf_agents_schedules WHERE id = ${row.id}
         `;
+				}
 			}
+			if (this._destroyed) return;
 			await this._scheduleNextAlarm();
 		};
+		this.mcp = new MCPClientManager(this._ParentClass.name, "0.0.1", { storage: new AgentMCPClientStorage(this.sql.bind(this), this.ctx.storage.kv) });
 		if (!wrappedClasses.has(this.constructor)) {
 			this._autoWrapCustomMethods();
 			wrappedClasses.add(this.constructor);
 		}
-		this._disposables.add(this.mcp.onConnected(async () => {
-			this.broadcastMcpServers();
+		this._disposables.add(this.mcp.onServerStateChanged(async () => {
+			await this.broadcastMcpServers();
 		}));
 		this._disposables.add(this.mcp.onObservabilityEvent((event) => {
 			this.observability?.emit(event);
 		}));
 		this.sql`
+        CREATE TABLE IF NOT EXISTS cf_agents_mcp_servers (
+          id TEXT PRIMARY KEY NOT NULL,
+          name TEXT NOT NULL,
+          server_url TEXT NOT NULL,
+          callback_url TEXT NOT NULL,
+          client_id TEXT,
+          auth_url TEXT,
+          server_options TEXT
+        )
+      `;
+		this.sql`
       CREATE TABLE IF NOT EXISTS cf_agents_state (
         id TEXT PRIMARY KEY NOT NULL,
         state TEXT
@@ -1089,32 +1290,16 @@ var Agent = class Agent$1 extends Server {
         created_at INTEGER DEFAULT (unixepoch())
       )
     `;
-		this.ctx.blockConcurrencyWhile(async () => {
-			return this._tryCatch(async () => {
-				this.sql`
-        CREATE TABLE IF NOT EXISTS cf_agents_schedules (
-          id TEXT PRIMARY KEY NOT NULL DEFAULT (randomblob(9)),
-          callback TEXT,
-          payload TEXT,
-          type TEXT NOT NULL CHECK(type IN ('scheduled', 'delayed', 'cron')),
-          time INTEGER,
-          delayInSeconds INTEGER,
-          cron TEXT,
-          created_at INTEGER DEFAULT (unixepoch())
-        )
-      `;
-				await this.alarm();
-			});
-		});
 		this.sql`
-      CREATE TABLE IF NOT EXISTS cf_agents_mcp_servers (
-        id TEXT PRIMARY KEY NOT NULL,
-        name TEXT NOT NULL,
-        server_url TEXT NOT NULL,
-        callback_url TEXT NOT NULL,
-        client_id TEXT,
-        auth_url TEXT,
-        server_options TEXT
+      CREATE TABLE IF NOT EXISTS cf_agents_schedules (
+        id TEXT PRIMARY KEY NOT NULL DEFAULT (randomblob(9)),
+        callback TEXT,
+        payload TEXT,
+        type TEXT NOT NULL CHECK(type IN ('scheduled', 'delayed', 'cron')),
+        time INTEGER,
+        delayInSeconds INTEGER,
+        cron TEXT,
+        created_at INTEGER DEFAULT (unixepoch())
       )
     `;
 		const _onRequest = this.onRequest.bind(this);
@@ -1125,17 +1310,9 @@ var Agent = class Agent$1 extends Server {
 				request,
 				email: void 0
 			}, async () => {
-				await this._ensureMcpStateRestored();
-				if (this.mcp.isCallbackRequest(request)) {
-					const result = await this.mcp.handleCallbackRequest(request);
-					this.broadcastMcpServers();
-					if (result.authSuccess) this.mcp.establishConnection(result.serverId).catch((error) => {
-						console.error("Background connection failed:", error);
-					}).finally(() => {
-						this.broadcastMcpServers();
-					});
-					return this.handleOAuthCallbackResponse(result, request);
-				}
+				await this.mcp.ensureJsonSchema();
+				const oauthResponse = await this.handleMcpOAuthCallback(request);
+				if (oauthResponse) return oauthResponse;
 				return this._tryCatch(() => _onRequest(request));
 			});
 		};
@@ -1147,6 +1324,7 @@ var Agent = class Agent$1 extends Server {
 				request: void 0,
 				email: void 0
 			}, async () => {
+				await this.mcp.ensureJsonSchema();
 				if (typeof message !== "string") return this._tryCatch(() => _onMessage(connection, message));
 				let parsed;
 				try {
@@ -1211,13 +1389,13 @@ var Agent = class Agent$1 extends Server {
 				connection,
 				request: ctx$1.request,
 				email: void 0
-			}, () => {
+			}, async () => {
 				if (this.state) connection.send(JSON.stringify({
 					state: this.state,
 					type: MessageType.CF_AGENT_STATE
 				}));
 				connection.send(JSON.stringify({
-					mcp: this.getMcpServers(),
+					mcp: await this.getMcpServers(),
 					type: MessageType.CF_AGENT_MCP_SERVERS
 				}));
 				this.observability?.emit({
@@ -1239,8 +1417,8 @@ var Agent = class Agent$1 extends Server {
 				email: void 0
 			}, async () => {
 				await this._tryCatch(async () => {
-					await this._ensureMcpStateRestored();
-					this.broadcastMcpServers();
+					await this.mcp.restoreConnectionsFromStorage(this.name);
+					await this.broadcastMcpServers();
 					return _onStart(props);
 				});
 			});
@@ -1646,7 +1824,7 @@ var Agent = class Agent$1 extends Server {
 	async _scheduleNextAlarm() {
 		const result = this.sql`
       SELECT time FROM cf_agents_schedules
-      WHERE time > ${Math.floor(Date.now() / 1e3)}
+      WHERE time >= ${Math.floor(Date.now() / 1e3)}
       ORDER BY time ASC
       LIMIT 1
     `;
@@ -1660,15 +1838,18 @@ var Agent = class Agent$1 extends Server {
 	* Destroy the Agent, removing all state and scheduled tasks
 	*/
 	async destroy() {
+		this.sql`DROP TABLE IF EXISTS cf_agents_mcp_servers`;
 		this.sql`DROP TABLE IF EXISTS cf_agents_state`;
 		this.sql`DROP TABLE IF EXISTS cf_agents_schedules`;
-		this.sql`DROP TABLE IF EXISTS cf_agents_mcp_servers`;
 		this.sql`DROP TABLE IF EXISTS cf_agents_queues`;
 		await this.ctx.storage.deleteAlarm();
 		await this.ctx.storage.deleteAll();
 		this._disposables.dispose();
-		await this.mcp.dispose?.();
-		this.ctx.abort("destroyed");
+		await this.mcp.dispose();
+		this._destroyed = true;
+		setTimeout(() => {
+			this.ctx.abort("destroyed");
+		}, 0);
 		this.observability?.emit({
 			displayMessage: "Agent destroyed",
 			id: nanoid(),
@@ -1684,43 +1865,6 @@ var Agent = class Agent$1 extends Server {
 	_isCallable(method) {
 		return callableMetadata.has(this[method]);
 	}
-	async _ensureMcpStateRestored() {
-		if (this._mcpStateRestored) return;
-		this._mcpStateRestored = true;
-		const servers = this.sql`
-        SELECT id, name, server_url, client_id, auth_url, callback_url, server_options
-        FROM cf_agents_mcp_servers
-      `;
-		if (!servers || !Array.isArray(servers) || servers.length === 0) return;
-		for (const server of servers) if (server.callback_url) this.mcp.registerCallbackUrl(`${server.callback_url}/${server.id}`);
-		for (const server of servers) if (!!server.auth_url) {
-			const authProvider = new DurableObjectOAuthClientProvider(this.ctx.storage, this.name, server.callback_url);
-			authProvider.serverId = server.id;
-			if (server.client_id) authProvider.clientId = server.client_id;
-			const parsedOptions = server.server_options ? JSON.parse(server.server_options) : void 0;
-			const conn = new MCPClientConnection(new URL(server.server_url), {
-				name: this.name,
-				version: "1.0.0"
-			}, {
-				client: parsedOptions?.client ?? {},
-				transport: {
-					...parsedOptions?.transport ?? {},
-					type: parsedOptions?.transport?.type ?? "auto",
-					authProvider
-				}
-			});
-			conn.connectionState = "authenticating";
-			this.mcp.mcpConnections[server.id] = conn;
-		} else {
-			const parsedOptions = server.server_options ? JSON.parse(server.server_options) : void 0;
-			this._connectToMcpServerInternal(server.name, server.server_url, server.callback_url, parsedOptions, {
-				id: server.id,
-				oauthClientId: server.client_id ?? void 0
-			}).catch((error) => {
-				console.error(`Error restoring ${server.id}:`, error);
-			});
-		}
-	}
 	/**
 	* Connect to a new MCP Server
 	*
@@ -1740,29 +1884,10 @@ var Agent = class Agent$1 extends Server {
 			resolvedCallbackHost = `${requestUrl.protocol}//${requestUrl.host}`;
 		}
 		const callbackUrl = `${resolvedCallbackHost}/${agentsPrefix}/${camelCaseToKebabCase(this._ParentClass.name)}/${this.name}/callback`;
-		const result = await this._connectToMcpServerInternal(serverName, url, callbackUrl, options);
-		this.sql`
-        INSERT
-        OR REPLACE INTO cf_agents_mcp_servers (id, name, server_url, client_id, auth_url, callback_url, server_options)
-      VALUES (
-        ${result.id},
-        ${serverName},
-        ${url},
-        ${result.clientId ?? null},
-        ${result.authUrl ?? null},
-        ${callbackUrl},
-        ${options ? JSON.stringify(options) : null}
-        );
-    `;
-		this.broadcastMcpServers();
-		return result;
-	}
-	async _connectToMcpServerInternal(_serverName, url, callbackUrl, options, reconnect) {
-		const authProvider = new DurableObjectOAuthClientProvider(this.ctx.storage, this.name, callbackUrl);
-		if (reconnect) {
-			authProvider.serverId = reconnect.id;
-			if (reconnect.oauthClientId) authProvider.clientId = reconnect.oauthClientId;
-		}
+		await this.mcp.ensureJsonSchema();
+		const id = nanoid(8);
+		const authProvider = new DurableObjectOAuthClientProvider(this.ctx.storage.kv, this.name, callbackUrl);
+		authProvider.serverId = id;
 		const transportType = options?.transport?.type ?? "auto";
 		let headerTransportOpts = {};
 		if (options?.transport?.headers) headerTransportOpts = {
@@ -1772,59 +1897,78 @@ var Agent = class Agent$1 extends Server {
 			}) },
 			requestInit: { headers: options?.transport?.headers }
 		};
-		const { id, authUrl, clientId } = await this.mcp.connect(url, {
+		await this.mcp.registerServer(id, {
+			url,
+			name: serverName,
+			callbackUrl,
 			client: options?.client,
-			reconnect,
 			transport: {
 				...headerTransportOpts,
 				authProvider,
 				type: transportType
 			}
 		});
+		const result = await this.mcp.connectToServer(id);
 		return {
-			authUrl,
-			clientId,
-			id
+			id,
+			authUrl: result.state === "authenticating" ? result.authUrl : void 0
 		};
 	}
 	async removeMcpServer(id) {
-		this.mcp.closeConnection(id);
-		this.mcp.unregisterCallbackUrl(id);
-		this.sql`
-      DELETE FROM cf_agents_mcp_servers WHERE id = ${id};
-    `;
-		this.broadcastMcpServers();
+		if (this.mcp.mcpConnections[id]) await this.mcp.closeConnection(id);
+		await this.mcp.removeServer(id);
 	}
-	getMcpServers() {
+	async getMcpServers() {
 		const mcpState = {
 			prompts: this.mcp.listPrompts(),
 			resources: this.mcp.listResources(),
 			servers: {},
 			tools: this.mcp.listTools()
 		};
-		const servers = this.sql`
-      SELECT id, name, server_url, client_id, auth_url, callback_url, server_options FROM cf_agents_mcp_servers;
-    `;
+		const servers = await this.mcp.listServers();
 		if (servers && Array.isArray(servers) && servers.length > 0) for (const server of servers) {
 			const serverConn = this.mcp.mcpConnections[server.id];
+			let defaultState = "not-connected";
+			if (!serverConn && server.auth_url) defaultState = "authenticating";
 			mcpState.servers[server.id] = {
 				auth_url: server.auth_url,
 				capabilities: serverConn?.serverCapabilities ?? null,
 				instructions: serverConn?.instructions ?? null,
 				name: server.name,
 				server_url: server.server_url,
-				state: serverConn?.connectionState ?? "authenticating"
+				state: serverConn?.connectionState ?? defaultState
 			};
 		}
 		return mcpState;
 	}
-	broadcastMcpServers() {
+	async broadcastMcpServers() {
 		this.broadcast(JSON.stringify({
-			mcp: this.getMcpServers(),
+			mcp: await this.getMcpServers(),
 			type: MessageType.CF_AGENT_MCP_SERVERS
 		}));
 	}
 	/**
+	* Handle MCP OAuth callback request if it's an OAuth callback.
+	*
+	* This method encapsulates the entire OAuth callback flow:
+	* 1. Checks if the request is an MCP OAuth callback
+	* 2. Processes the OAuth code exchange
+	* 3. Establishes the connection if successful
+	* 4. Broadcasts MCP server state updates
+	* 5. Returns the appropriate HTTP response
+	*
+	* @param request The incoming HTTP request
+	* @returns Response if this was an OAuth callback, null otherwise
+	*/
+	async handleMcpOAuthCallback(request) {
+		if (!await this.mcp.isCallbackRequest(request)) return null;
+		const result = await this.mcp.handleCallbackRequest(request);
+		if (result.authSuccess) this.mcp.establishConnection(result.serverId).catch((error) => {
+			console.error("[Agent handleMcpOAuthCallback] Background connection failed:", error);
+		});
+		return this.handleOAuthCallbackResponse(result, request);
+	}
+	/**
 	* Handle OAuth callback response using MCPClientManager configuration
 	* @param result OAuth callback result
 	* @param request The original request (needed for base URL)
@@ -1833,10 +1977,21 @@ var Agent = class Agent$1 extends Server {
 	handleOAuthCallbackResponse(result, request) {
 		const config = this.mcp.getOAuthCallbackConfig();
 		if (config?.customHandler) return config.customHandler(result);
-		if (config?.successRedirect && result.authSuccess) return Response.redirect(config.successRedirect);
-		if (config?.errorRedirect && !result.authSuccess) return Response.redirect(`${config.errorRedirect}?error=${encodeURIComponent(result.authError || "Unknown error")}`);
-		const baseUrl = new URL(request.url).origin;
-		return Response.redirect(baseUrl);
+		const baseOrigin = new URL(request.url).origin;
+		if (config?.successRedirect && result.authSuccess) try {
+			return Response.redirect(new URL(config.successRedirect, baseOrigin).href);
+		} catch (e) {
+			console.error("Invalid successRedirect URL:", config.successRedirect, e);
+			return Response.redirect(baseOrigin);
+		}
+		if (config?.errorRedirect && !result.authSuccess) try {
+			const errorUrl = `${config.errorRedirect}?error=${encodeURIComponent(result.authError || "Unknown error")}`;
+			return Response.redirect(new URL(errorUrl, baseOrigin).href);
+		} catch (e) {
+			console.error("Invalid errorRedirect URL:", config.errorRedirect, e);
+			return Response.redirect(baseOrigin);
+		}
+		return Response.redirect(baseOrigin);
 	}
 };
 const wrappedClasses = /* @__PURE__ */ new Set();
@@ -1862,10 +2017,15 @@ async function routeAgentRequest(request, env$1, options) {
 		prefix: "agents",
 		...options
 	});
-	if (response && corsHeaders && request.headers.get("upgrade")?.toLowerCase() !== "websocket" && request.headers.get("Upgrade")?.toLowerCase() !== "websocket") response = new Response(response.body, { headers: {
-		...response.headers,
-		...corsHeaders
-	} });
+	if (response && corsHeaders && request.headers.get("upgrade")?.toLowerCase() !== "websocket" && request.headers.get("Upgrade")?.toLowerCase() !== "websocket") {
+		const newHeaders = new Headers(response.headers);
+		for (const [key, value] of Object.entries(corsHeaders)) newHeaders.set(key, value);
+		response = new Response(response.body, {
+			status: response.status,
+			statusText: response.statusText,
+			headers: newHeaders
+		});
+	}
 	return response;
 }
 /**