hono-agents 0.0.0-e8f693b → 0.0.0-eaeb1b3

package/dist/index.js

@@ -1,17 +1,22 @@
+import { AsyncLocalStorage } from "node:async_hooks";
 import "partysocket";
 import { nanoid } from "nanoid";
+import { CfWorkerJsonSchemaValidator } from "@modelcontextprotocol/sdk/validation/cfworker-provider.js";
 import { Client } from "@modelcontextprotocol/sdk/client/index.js";
-import { ElicitRequestSchema, PromptListChangedNotificationSchema, ResourceListChangedNotificationSchema, ToolListChangedNotificationSchema } from "@modelcontextprotocol/sdk/types.js";
 import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
 import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
-import { AsyncLocalStorage } from "node:async_hooks";
+import { ElicitRequestSchema, PromptListChangedNotificationSchema, ResourceListChangedNotificationSchema, ToolListChangedNotificationSchema } from "@modelcontextprotocol/sdk/types.js";
 import { parseCronExpression } from "cron-schedule";
 import "cloudflare:email";
 import { Server, routePartykitRequest } from "partyserver";
 import { env } from "hono/adapter";
 import { createMiddleware } from "hono/factory";
 
-//#region ../agents/dist/ai-types-B3aQaFv3.js
+//#region ../agents/dist/context-BkKbAa1R.js
+const agentContext = new AsyncLocalStorage();
+
+//#endregion
+//#region ../agents/dist/ai-types-DEtF_8Km.js
 /**
 * Enum for message types to improve type safety and maintainability
 */
@@ -21,15 +26,23 @@ let MessageType = /* @__PURE__ */ function(MessageType$1) {
 	MessageType$1["CF_AGENT_USE_CHAT_RESPONSE"] = "cf_agent_use_chat_response";
 	MessageType$1["CF_AGENT_CHAT_CLEAR"] = "cf_agent_chat_clear";
 	MessageType$1["CF_AGENT_CHAT_REQUEST_CANCEL"] = "cf_agent_chat_request_cancel";
+	/** Sent by server when client connects and there's an active stream to resume */
+	MessageType$1["CF_AGENT_STREAM_RESUMING"] = "cf_agent_stream_resuming";
+	/** Sent by client to acknowledge stream resuming notification and request chunks */
+	MessageType$1["CF_AGENT_STREAM_RESUME_ACK"] = "cf_agent_stream_resume_ack";
 	MessageType$1["CF_AGENT_MCP_SERVERS"] = "cf_agent_mcp_servers";
 	MessageType$1["CF_MCP_AGENT_EVENT"] = "cf_mcp_agent_event";
 	MessageType$1["CF_AGENT_STATE"] = "cf_agent_state";
 	MessageType$1["RPC"] = "rpc";
+	/** Client sends tool result to server (for client-side tools) */
+	MessageType$1["CF_AGENT_TOOL_RESULT"] = "cf_agent_tool_result";
+	/** Server notifies client that a message was updated (e.g., tool result applied) */
+	MessageType$1["CF_AGENT_MESSAGE_UPDATED"] = "cf_agent_message_updated";
 	return MessageType$1;
 }({});
 
 //#endregion
-//#region ../agents/dist/client-BfiZ3HQd.js
+//#region ../agents/dist/client-DjTPRM8-.js
 /**
 * Convert a camelCase string to a kebab-case string
 * @param str The string to convert
@@ -43,7 +56,158 @@ function camelCaseToKebabCase(str) {
 }
 
 //#endregion
-//#region ../agents/dist/client-9Ld2_lnt.js
+//#region ../agents/dist/do-oauth-client-provider-B1fVIshX.js
+const STATE_EXPIRATION_MS = 600 * 1e3;
+var DurableObjectOAuthClientProvider = class {
+	constructor(storage, clientName, baseRedirectUrl) {
+		this.storage = storage;
+		this.clientName = clientName;
+		this.baseRedirectUrl = baseRedirectUrl;
+		if (!storage) throw new Error("DurableObjectOAuthClientProvider requires a valid DurableObjectStorage instance");
+	}
+	get clientMetadata() {
+		return {
+			client_name: this.clientName,
+			client_uri: this.clientUri,
+			grant_types: ["authorization_code", "refresh_token"],
+			redirect_uris: [this.redirectUrl],
+			response_types: ["code"],
+			token_endpoint_auth_method: "none"
+		};
+	}
+	get clientUri() {
+		return new URL(this.redirectUrl).origin;
+	}
+	get redirectUrl() {
+		return this.baseRedirectUrl;
+	}
+	get clientId() {
+		if (!this._clientId_) throw new Error("Trying to access clientId before it was set");
+		return this._clientId_;
+	}
+	set clientId(clientId_) {
+		this._clientId_ = clientId_;
+	}
+	get serverId() {
+		if (!this._serverId_) throw new Error("Trying to access serverId before it was set");
+		return this._serverId_;
+	}
+	set serverId(serverId_) {
+		this._serverId_ = serverId_;
+	}
+	keyPrefix(clientId) {
+		return `/${this.clientName}/${this.serverId}/${clientId}`;
+	}
+	clientInfoKey(clientId) {
+		return `${this.keyPrefix(clientId)}/client_info/`;
+	}
+	async clientInformation() {
+		if (!this._clientId_) return;
+		return await this.storage.get(this.clientInfoKey(this.clientId)) ?? void 0;
+	}
+	async saveClientInformation(clientInformation) {
+		await this.storage.put(this.clientInfoKey(clientInformation.client_id), clientInformation);
+		this.clientId = clientInformation.client_id;
+	}
+	tokenKey(clientId) {
+		return `${this.keyPrefix(clientId)}/token`;
+	}
+	async tokens() {
+		if (!this._clientId_) return;
+		return await this.storage.get(this.tokenKey(this.clientId)) ?? void 0;
+	}
+	async saveTokens(tokens) {
+		await this.storage.put(this.tokenKey(this.clientId), tokens);
+	}
+	get authUrl() {
+		return this._authUrl_;
+	}
+	stateKey(nonce) {
+		return `/${this.clientName}/${this.serverId}/state/${nonce}`;
+	}
+	async state() {
+		const nonce = nanoid();
+		const state = `${nonce}.${this.serverId}`;
+		const storedState = {
+			nonce,
+			serverId: this.serverId,
+			createdAt: Date.now()
+		};
+		await this.storage.put(this.stateKey(nonce), storedState);
+		return state;
+	}
+	async checkState(state) {
+		const parts = state.split(".");
+		if (parts.length !== 2) return {
+			valid: false,
+			error: "Invalid state format"
+		};
+		const [nonce, serverId] = parts;
+		const key = this.stateKey(nonce);
+		const storedState = await this.storage.get(key);
+		if (!storedState) return {
+			valid: false,
+			error: "State not found or already used"
+		};
+		if (storedState.serverId !== serverId) {
+			await this.storage.delete(key);
+			return {
+				valid: false,
+				error: "State serverId mismatch"
+			};
+		}
+		if (Date.now() - storedState.createdAt > STATE_EXPIRATION_MS) {
+			await this.storage.delete(key);
+			return {
+				valid: false,
+				error: "State expired"
+			};
+		}
+		return {
+			valid: true,
+			serverId
+		};
+	}
+	async consumeState(state) {
+		const parts = state.split(".");
+		if (parts.length !== 2) {
+			console.warn(`[OAuth] consumeState called with invalid state format: ${state.substring(0, 20)}...`);
+			return;
+		}
+		const [nonce] = parts;
+		await this.storage.delete(this.stateKey(nonce));
+	}
+	async redirectToAuthorization(authUrl) {
+		this._authUrl_ = authUrl.toString();
+	}
+	async invalidateCredentials(scope) {
+		if (!this._clientId_) return;
+		const deleteKeys = [];
+		if (scope === "all" || scope === "client") deleteKeys.push(this.clientInfoKey(this.clientId));
+		if (scope === "all" || scope === "tokens") deleteKeys.push(this.tokenKey(this.clientId));
+		if (scope === "all" || scope === "verifier") deleteKeys.push(this.codeVerifierKey(this.clientId));
+		if (deleteKeys.length > 0) await this.storage.delete(deleteKeys);
+	}
+	codeVerifierKey(clientId) {
+		return `${this.keyPrefix(clientId)}/code_verifier`;
+	}
+	async saveCodeVerifier(verifier) {
+		const key = this.codeVerifierKey(this.clientId);
+		if (await this.storage.get(key)) return;
+		await this.storage.put(key, verifier);
+	}
+	async codeVerifier() {
+		const codeVerifier = await this.storage.get(this.codeVerifierKey(this.clientId));
+		if (!codeVerifier) throw new Error("No code verifier found");
+		return codeVerifier;
+	}
+	async deleteCodeVerifier() {
+		await this.storage.delete(this.codeVerifierKey(this.clientId));
+	}
+};
+
+//#endregion
+//#region ../agents/dist/client-QZa2Rq0l.js
 function toDisposable(fn) {
 	return { dispose: fn };
 }
@@ -91,73 +255,21 @@ function isTransportNotImplemented(error) {
 	const msg = toErrorMessage(error);
 	return msg.includes("404") || msg.includes("405") || msg.includes("Not Implemented") || msg.includes("not implemented");
 }
-var SSEEdgeClientTransport = class extends SSEClientTransport {
-	/**
-	* Creates a new EdgeSSEClientTransport, which overrides fetch to be compatible with the CF workers environment
-	*/
-	constructor(url, options) {
-		const fetchOverride = async (fetchUrl, fetchInit = {}) => {
-			const headers = await this.authHeaders();
-			const workerOptions = {
-				...fetchInit,
-				headers: {
-					...options.requestInit?.headers,
-					...fetchInit?.headers,
-					...headers
-				}
-			};
-			delete workerOptions.mode;
-			return options.eventSourceInit?.fetch?.(fetchUrl, workerOptions) || fetch(fetchUrl, workerOptions);
-		};
-		super(url, {
-			...options,
-			eventSourceInit: {
-				...options.eventSourceInit,
-				fetch: fetchOverride
-			}
-		});
-		this.authProvider = options.authProvider;
-	}
-	async authHeaders() {
-		if (this.authProvider) {
-			const tokens = await this.authProvider.tokens();
-			if (tokens) return { Authorization: `Bearer ${tokens.access_token}` };
-		}
-	}
-};
-var StreamableHTTPEdgeClientTransport = class extends StreamableHTTPClientTransport {
-	/**
-	* Creates a new StreamableHTTPEdgeClientTransport, which overrides fetch to be compatible with the CF workers environment
-	*/
-	constructor(url, options) {
-		const fetchOverride = async (fetchUrl, fetchInit = {}) => {
-			const headers = await this.authHeaders();
-			const workerOptions = {
-				...fetchInit,
-				headers: {
-					...options.requestInit?.headers,
-					...fetchInit?.headers,
-					...headers
-				}
-			};
-			delete workerOptions.mode;
-			return options.requestInit?.fetch?.(fetchUrl, workerOptions) || fetch(fetchUrl, workerOptions);
-		};
-		super(url, {
-			...options,
-			requestInit: {
-				...options.requestInit,
-				fetch: fetchOverride
-			}
-		});
-		this.authProvider = options.authProvider;
-	}
-	async authHeaders() {
-		if (this.authProvider) {
-			const tokens = await this.authProvider.tokens();
-			if (tokens) return { Authorization: `Bearer ${tokens.access_token}` };
-		}
-	}
+/**
+* Connection state machine for MCP client connections.
+*
+* State transitions:
+* - Non-OAuth: init() → CONNECTING → DISCOVERING → READY
+* - OAuth: init() → AUTHENTICATING → (callback) → CONNECTING → DISCOVERING → READY
+* - Any state can transition to FAILED on error
+*/
+const MCPConnectionState = {
+	AUTHENTICATING: "authenticating",
+	CONNECTING: "connecting",
+	CONNECTED: "connected",
+	DISCOVERING: "discovering",
+	READY: "ready",
+	FAILED: "failed"
 };
 var MCPClientConnection = class {
 	constructor(url, info, options = {
@@ -166,7 +278,7 @@ var MCPClientConnection = class {
 	}) {
 		this.url = url;
 		this.options = options;
-		this.connectionState = "connecting";
+		this.connectionState = MCPConnectionState.CONNECTING;
 		this.tools = [];
 		this.prompts = [];
 		this.resources = [];
@@ -182,36 +294,49 @@ var MCPClientConnection = class {
 		});
 	}
 	/**
-	* Initialize a client connection
+	* Initialize a client connection, if authentication is required, the connection will be in the AUTHENTICATING state
+	* Sets connection state based on the result and emits observability events
 	*
-	* @returns
+	* @returns Error message if connection failed, undefined otherwise
 	*/
 	async init() {
 		const transportType = this.options.transport.type;
 		if (!transportType) throw new Error("Transport type must be specified");
-		try {
-			await this.tryConnect(transportType);
-		} catch (e) {
-			if (isUnauthorized(e)) {
-				this.connectionState = "authenticating";
-				return;
-			}
+		const res = await this.tryConnect(transportType);
+		this.connectionState = res.state;
+		if (res.state === MCPConnectionState.CONNECTED && res.transport) {
+			this.client.setRequestHandler(ElicitRequestSchema, async (request) => {
+				return await this.handleElicitationRequest(request);
+			});
+			this.lastConnectedTransport = res.transport;
+			this._onObservabilityEvent.fire({
+				type: "mcp:client:connect",
+				displayMessage: `Connected successfully using ${res.transport} transport for ${this.url.toString()}`,
+				payload: {
+					url: this.url.toString(),
+					transport: res.transport,
+					state: this.connectionState
+				},
+				timestamp: Date.now(),
+				id: nanoid()
+			});
+			return;
+		} else if (res.state === MCPConnectionState.FAILED && res.error) {
+			const errorMessage = toErrorMessage(res.error);
 			this._onObservabilityEvent.fire({
 				type: "mcp:client:connect",
-				displayMessage: `Connection initialization failed for ${this.url.toString()}`,
+				displayMessage: `Failed to connect to ${this.url.toString()}: ${errorMessage}`,
 				payload: {
 					url: this.url.toString(),
 					transport: transportType,
 					state: this.connectionState,
-					error: toErrorMessage(e)
+					error: errorMessage
 				},
 				timestamp: Date.now(),
 				id: nanoid()
 			});
-			this.connectionState = "failed";
-			return;
+			return errorMessage;
 		}
-		await this.discoverAndRegister();
 	}
 	/**
 	* Finish OAuth by probing transports based on configured type.
@@ -243,113 +368,189 @@ var MCPClientConnection = class {
 	* Complete OAuth authorization
 	*/
 	async completeAuthorization(code) {
-		if (this.connectionState !== "authenticating") throw new Error("Connection must be in authenticating state to complete authorization");
+		if (this.connectionState !== MCPConnectionState.AUTHENTICATING) throw new Error("Connection must be in authenticating state to complete authorization");
 		try {
 			await this.finishAuthProbe(code);
-			this.connectionState = "connecting";
+			this.connectionState = MCPConnectionState.CONNECTING;
 		} catch (error) {
-			this.connectionState = "failed";
+			this.connectionState = MCPConnectionState.FAILED;
 			throw error;
 		}
 	}
 	/**
-	* Establish connection after successful authorization
+	* Discover server capabilities and register tools, resources, prompts, and templates.
+	* This method does the work but does not manage connection state - that's handled by discover().
 	*/
-	async establishConnection() {
-		if (this.connectionState !== "connecting") throw new Error("Connection must be in connecting state to establish connection");
+	async discoverAndRegister() {
+		this.serverCapabilities = this.client.getServerCapabilities();
+		if (!this.serverCapabilities) throw new Error("The MCP Server failed to return server capabilities");
+		const operations = [];
+		const operationNames = [];
+		operations.push(Promise.resolve(this.client.getInstructions()));
+		operationNames.push("instructions");
+		if (this.serverCapabilities.tools) {
+			operations.push(this.registerTools());
+			operationNames.push("tools");
+		}
+		if (this.serverCapabilities.resources) {
+			operations.push(this.registerResources());
+			operationNames.push("resources");
+		}
+		if (this.serverCapabilities.prompts) {
+			operations.push(this.registerPrompts());
+			operationNames.push("prompts");
+		}
+		if (this.serverCapabilities.resources) {
+			operations.push(this.registerResourceTemplates());
+			operationNames.push("resource templates");
+		}
 		try {
-			const transportType = this.options.transport.type;
-			if (!transportType) throw new Error("Transport type must be specified");
-			await this.tryConnect(transportType);
-			await this.discoverAndRegister();
+			const results = await Promise.all(operations);
+			for (let i = 0; i < results.length; i++) {
+				const result = results[i];
+				switch (operationNames[i]) {
+					case "instructions":
+						this.instructions = result;
+						break;
+					case "tools":
+						this.tools = result;
+						break;
+					case "resources":
+						this.resources = result;
+						break;
+					case "prompts":
+						this.prompts = result;
+						break;
+					case "resource templates":
+						this.resourceTemplates = result;
+						break;
+				}
+			}
 		} catch (error) {
-			this.connectionState = "failed";
+			this._onObservabilityEvent.fire({
+				type: "mcp:client:discover",
+				displayMessage: `Failed to discover capabilities for ${this.url.toString()}: ${toErrorMessage(error)}`,
+				payload: {
+					url: this.url.toString(),
+					error: toErrorMessage(error)
+				},
+				timestamp: Date.now(),
+				id: nanoid()
+			});
 			throw error;
 		}
 	}
 	/**
-	* Discover server capabilities and register tools, resources, prompts, and templates
+	* Discover server capabilities with timeout and cancellation support.
+	* If called while a previous discovery is in-flight, the previous discovery will be aborted.
+	*
+	* @param options Optional configuration
+	* @param options.timeoutMs Timeout in milliseconds (default: 15000)
+	* @returns Result indicating success/failure with optional error message
 	*/
-	async discoverAndRegister() {
-		this.connectionState = "discovering";
-		this.serverCapabilities = this.client.getServerCapabilities();
-		if (!this.serverCapabilities) throw new Error("The MCP Server failed to return server capabilities");
-		const [instructionsResult, toolsResult, resourcesResult, promptsResult, resourceTemplatesResult] = await Promise.allSettled([
-			this.client.getInstructions(),
-			this.registerTools(),
-			this.registerResources(),
-			this.registerPrompts(),
-			this.registerResourceTemplates()
-		]);
-		const operations = [
-			{
-				name: "instructions",
-				result: instructionsResult
-			},
-			{
-				name: "tools",
-				result: toolsResult
-			},
-			{
-				name: "resources",
-				result: resourcesResult
-			},
-			{
-				name: "prompts",
-				result: promptsResult
-			},
-			{
-				name: "resource templates",
-				result: resourceTemplatesResult
-			}
-		];
-		for (const { name, result } of operations) if (result.status === "rejected") {
-			const url = this.url.toString();
+	async discover(options = {}) {
+		const { timeoutMs = 15e3 } = options;
+		if (this.connectionState !== MCPConnectionState.CONNECTED && this.connectionState !== MCPConnectionState.READY) {
 			this._onObservabilityEvent.fire({
 				type: "mcp:client:discover",
-				displayMessage: `Failed to discover ${name} for ${url}`,
+				displayMessage: `Discovery skipped for ${this.url.toString()}, state is ${this.connectionState}`,
 				payload: {
-					url,
-					capability: name,
-					error: result.reason
+					url: this.url.toString(),
+					state: this.connectionState
 				},
 				timestamp: Date.now(),
 				id: nanoid()
 			});
+			return {
+				success: false,
+				error: `Discovery skipped - connection in ${this.connectionState} state`
+			};
+		}
+		if (this._discoveryAbortController) {
+			this._discoveryAbortController.abort();
+			this._discoveryAbortController = void 0;
+		}
+		const abortController = new AbortController();
+		this._discoveryAbortController = abortController;
+		this.connectionState = MCPConnectionState.DISCOVERING;
+		let timeoutId;
+		try {
+			const timeoutPromise = new Promise((_, reject) => {
+				timeoutId = setTimeout(() => reject(/* @__PURE__ */ new Error(`Discovery timed out after ${timeoutMs}ms`)), timeoutMs);
+			});
+			if (abortController.signal.aborted) throw new Error("Discovery was cancelled");
+			const abortPromise = new Promise((_, reject) => {
+				abortController.signal.addEventListener("abort", () => {
+					reject(/* @__PURE__ */ new Error("Discovery was cancelled"));
+				});
+			});
+			await Promise.race([
+				this.discoverAndRegister(),
+				timeoutPromise,
+				abortPromise
+			]);
+			if (timeoutId !== void 0) clearTimeout(timeoutId);
+			this.connectionState = MCPConnectionState.READY;
+			this._onObservabilityEvent.fire({
+				type: "mcp:client:discover",
+				displayMessage: `Discovery completed for ${this.url.toString()}`,
+				payload: { url: this.url.toString() },
+				timestamp: Date.now(),
+				id: nanoid()
+			});
+			return { success: true };
+		} catch (e) {
+			if (timeoutId !== void 0) clearTimeout(timeoutId);
+			this.connectionState = MCPConnectionState.CONNECTED;
+			return {
+				success: false,
+				error: e instanceof Error ? e.message : String(e)
+			};
+		} finally {
+			this._discoveryAbortController = void 0;
+		}
+	}
+	/**
+	* Cancel any in-flight discovery operation.
+	* Called when closing the connection.
+	*/
+	cancelDiscovery() {
+		if (this._discoveryAbortController) {
+			this._discoveryAbortController.abort();
+			this._discoveryAbortController = void 0;
 		}
-		this.instructions = instructionsResult.status === "fulfilled" ? instructionsResult.value : void 0;
-		this.tools = toolsResult.status === "fulfilled" ? toolsResult.value : [];
-		this.resources = resourcesResult.status === "fulfilled" ? resourcesResult.value : [];
-		this.prompts = promptsResult.status === "fulfilled" ? promptsResult.value : [];
-		this.resourceTemplates = resourceTemplatesResult.status === "fulfilled" ? resourceTemplatesResult.value : [];
-		this.connectionState = "ready";
 	}
 	/**
-	* Notification handler registration
+	* Notification handler registration for tools
+	* Should only be called if serverCapabilities.tools exists
 	*/
 	async registerTools() {
-		if (!this.serverCapabilities || !this.serverCapabilities.tools) return [];
-		if (this.serverCapabilities.tools.listChanged) this.client.setNotificationHandler(ToolListChangedNotificationSchema, async (_notification) => {
+		if (this.serverCapabilities?.tools?.listChanged) this.client.setNotificationHandler(ToolListChangedNotificationSchema, async (_notification) => {
 			this.tools = await this.fetchTools();
 		});
 		return this.fetchTools();
 	}
+	/**
+	* Notification handler registration for resources
+	* Should only be called if serverCapabilities.resources exists
+	*/
 	async registerResources() {
-		if (!this.serverCapabilities || !this.serverCapabilities.resources) return [];
-		if (this.serverCapabilities.resources.listChanged) this.client.setNotificationHandler(ResourceListChangedNotificationSchema, async (_notification) => {
+		if (this.serverCapabilities?.resources?.listChanged) this.client.setNotificationHandler(ResourceListChangedNotificationSchema, async (_notification) => {
 			this.resources = await this.fetchResources();
 		});
 		return this.fetchResources();
 	}
+	/**
+	* Notification handler registration for prompts
+	* Should only be called if serverCapabilities.prompts exists
+	*/
 	async registerPrompts() {
-		if (!this.serverCapabilities || !this.serverCapabilities.prompts) return [];
-		if (this.serverCapabilities.prompts.listChanged) this.client.setNotificationHandler(PromptListChangedNotificationSchema, async (_notification) => {
+		if (this.serverCapabilities?.prompts?.listChanged) this.client.setNotificationHandler(PromptListChangedNotificationSchema, async (_notification) => {
 			this.prompts = await this.fetchPrompts();
 		});
 		return this.fetchPrompts();
 	}
 	async registerResourceTemplates() {
-		if (!this.serverCapabilities || !this.serverCapabilities.resources) return [];
 		return this.fetchResourceTemplates();
 	}
 	async fetchTools() {
@@ -402,8 +603,8 @@ var MCPClientConnection = class {
 	*/
 	getTransport(transportType) {
 		switch (transportType) {
-			case "streamable-http": return new StreamableHTTPEdgeClientTransport(this.url, this.options.transport);
-			case "sse": return new SSEEdgeClientTransport(this.url, this.options.transport);
+			case "streamable-http": return new StreamableHTTPClientTransport(this.url, this.options.transport);
+			case "sse": return new SSEClientTransport(this.url, this.options.transport);
 			default: throw new Error(`Unsupported transport type: ${transportType}`);
 		}
 	}
@@ -415,44 +616,24 @@ var MCPClientConnection = class {
 			const transport = this.getTransport(currentTransportType);
 			try {
 				await this.client.connect(transport);
-				this.lastConnectedTransport = currentTransportType;
-				const url = this.url.toString();
-				this._onObservabilityEvent.fire({
-					type: "mcp:client:connect",
-					displayMessage: `Connected successfully using ${currentTransportType} transport for ${url}`,
-					payload: {
-						url,
-						transport: currentTransportType,
-						state: this.connectionState
-					},
-					timestamp: Date.now(),
-					id: nanoid()
-				});
-				break;
+				return {
+					state: MCPConnectionState.CONNECTED,
+					transport: currentTransportType
+				};
 			} catch (e) {
 				const error = e instanceof Error ? e : new Error(String(e));
-				if (isUnauthorized(error)) throw e;
-				if (hasFallback && isTransportNotImplemented(error)) {
-					const url = this.url.toString();
-					this._onObservabilityEvent.fire({
-						type: "mcp:client:connect",
-						displayMessage: `${currentTransportType} transport not available, trying ${transports[transports.indexOf(currentTransportType) + 1]} for ${url}`,
-						payload: {
-							url,
-							transport: currentTransportType,
-							state: this.connectionState
-						},
-						timestamp: Date.now(),
-						id: nanoid()
-					});
-					continue;
-				}
-				throw e;
+				if (isUnauthorized(error)) return { state: MCPConnectionState.AUTHENTICATING };
+				if (isTransportNotImplemented(error) && hasFallback) continue;
+				return {
+					state: MCPConnectionState.FAILED,
+					error
+				};
 			}
 		}
-		this.client.setRequestHandler(ElicitRequestSchema, async (request) => {
-			return await this.handleElicitationRequest(request);
-		});
+		return {
+			state: MCPConnectionState.FAILED,
+			error: /* @__PURE__ */ new Error("No transports available")
+		};
 	}
 	_capabilityErrorHandler(empty, method) {
 		return (e) => {
@@ -475,6 +656,7 @@ var MCPClientConnection = class {
 		};
 	}
 };
+const defaultClientOptions = { jsonSchemaValidator: new CfWorkerJsonSchemaValidator() };
 /**
 * Utility class that aggregates multiple MCP clients into one
 */
@@ -482,26 +664,121 @@ var MCPClientManager = class {
 	/**
 	* @param _name Name of the MCP client
 	* @param _version Version of the MCP Client
-	* @param auth Auth paramters if being used to create a DurableObjectOAuthClientProvider
+	* @param options Storage adapter for persisting MCP server state
 	*/
-	constructor(_name, _version) {
+	constructor(_name, _version, options) {
 		this._name = _name;
 		this._version = _version;
 		this.mcpConnections = {};
-		this._callbackUrls = [];
 		this._didWarnAboutUnstableGetAITools = false;
 		this._connectionDisposables = /* @__PURE__ */ new Map();
+		this._isRestored = false;
 		this._onObservabilityEvent = new Emitter();
 		this.onObservabilityEvent = this._onObservabilityEvent.event;
-		this._onConnected = new Emitter();
-		this.onConnected = this._onConnected.event;
+		this._onServerStateChanged = new Emitter();
+		this.onServerStateChanged = this._onServerStateChanged.event;
+		if (!options.storage) throw new Error("MCPClientManager requires a valid DurableObjectStorage instance");
+		this._storage = options.storage;
+	}
+	sql(query, ...bindings) {
+		return [...this._storage.sql.exec(query, ...bindings)];
+	}
+	saveServerToStorage(server) {
+		this.sql(`INSERT OR REPLACE INTO cf_agents_mcp_servers (
+        id, name, server_url, client_id, auth_url, callback_url, server_options
+      ) VALUES (?, ?, ?, ?, ?, ?, ?)`, server.id, server.name, server.server_url, server.client_id ?? null, server.auth_url ?? null, server.callback_url, server.server_options ?? null);
+	}
+	removeServerFromStorage(serverId) {
+		this.sql("DELETE FROM cf_agents_mcp_servers WHERE id = ?", serverId);
+	}
+	getServersFromStorage() {
+		return this.sql("SELECT id, name, server_url, client_id, auth_url, callback_url, server_options FROM cf_agents_mcp_servers");
+	}
+	clearServerAuthUrl(serverId) {
+		this.sql("UPDATE cf_agents_mcp_servers SET auth_url = NULL WHERE id = ?", serverId);
+	}
+	/**
+	* Create an auth provider for a server
+	* @internal
+	*/
+	createAuthProvider(serverId, callbackUrl, clientName, clientId) {
+		if (!this._storage) throw new Error("Cannot create auth provider: storage is not initialized");
+		const authProvider = new DurableObjectOAuthClientProvider(this._storage, clientName, callbackUrl);
+		authProvider.serverId = serverId;
+		if (clientId) authProvider.clientId = clientId;
+		return authProvider;
+	}
+	/**
+	* Restore MCP server connections from storage
+	* This method is called on Agent initialization to restore previously connected servers
+	*
+	* @param clientName Name to use for OAuth client (typically the agent instance name)
+	*/
+	async restoreConnectionsFromStorage(clientName) {
+		if (this._isRestored) return;
+		const servers = this.getServersFromStorage();
+		if (!servers || servers.length === 0) {
+			this._isRestored = true;
+			return;
+		}
+		for (const server of servers) {
+			const existingConn = this.mcpConnections[server.id];
+			if (existingConn) {
+				if (existingConn.connectionState === MCPConnectionState.READY) {
+					console.warn(`[MCPClientManager] Server ${server.id} already has a ready connection. Skipping recreation.`);
+					continue;
+				}
+				if (existingConn.connectionState === MCPConnectionState.AUTHENTICATING || existingConn.connectionState === MCPConnectionState.CONNECTING || existingConn.connectionState === MCPConnectionState.DISCOVERING) continue;
+				if (existingConn.connectionState === MCPConnectionState.FAILED) {
+					try {
+						await existingConn.client.close();
+					} catch (error) {
+						console.warn(`[MCPClientManager] Error closing failed connection ${server.id}:`, error);
+					}
+					delete this.mcpConnections[server.id];
+					this._connectionDisposables.get(server.id)?.dispose();
+					this._connectionDisposables.delete(server.id);
+				}
+			}
+			const parsedOptions = server.server_options ? JSON.parse(server.server_options) : null;
+			const authProvider = this.createAuthProvider(server.id, server.callback_url, clientName, server.client_id ?? void 0);
+			const conn = this.createConnection(server.id, server.server_url, {
+				client: parsedOptions?.client ?? {},
+				transport: {
+					...parsedOptions?.transport ?? {},
+					type: parsedOptions?.transport?.type ?? "auto",
+					authProvider
+				}
+			});
+			if (server.auth_url) {
+				conn.connectionState = MCPConnectionState.AUTHENTICATING;
+				continue;
+			}
+			this._restoreServer(server.id);
+		}
+		this._isRestored = true;
+	}
+	/**
+	* Internal method to restore a single server connection and discovery
+	*/
+	async _restoreServer(serverId) {
+		if ((await this.connectToServer(serverId).catch((error) => {
+			console.error(`Error connecting to ${serverId}:`, error);
+			return null;
+		}))?.state === MCPConnectionState.CONNECTED) {
+			const discoverResult = await this.discoverIfConnected(serverId);
+			if (discoverResult && !discoverResult.success) console.error(`Error discovering ${serverId}:`, discoverResult.error);
+		}
 	}
 	/**
 	* Connect to and register an MCP server
 	*
-	* @param transportConfig Transport config
-	* @param clientConfig Client config
-	* @param capabilities Client capabilities (i.e. if the client supports roots/sampling)
+	* @deprecated This method is maintained for backward compatibility.
+	* For new code, use registerServer() and connectToServer() separately.
+	*
+	* @param url Server URL
+	* @param options Connection options
+	* @returns Object with server ID, auth URL (if OAuth), and client ID (if OAuth)
 	*/
 	async connect(url, options = {}) {
 		/**
@@ -511,10 +788,7 @@ var MCPClientManager = class {
 		* .connect() is called on at least one server.
 		* So it's safe to delay loading it until .connect() is called.
 		*/
-		if (!this.jsonSchema) {
-			const { jsonSchema } = await import("ai");
-			this.jsonSchema = jsonSchema;
-		}
+		await this.ensureJsonSchema();
 		const id = options.reconnect?.id ?? nanoid(8);
 		if (options.transport?.authProvider) {
 			options.transport.authProvider.serverId = id;
@@ -543,7 +817,7 @@ var MCPClientManager = class {
 		await this.mcpConnections[id].init();
 		if (options.reconnect?.oauthCode) try {
 			await this.mcpConnections[id].completeAuthorization(options.reconnect.oauthCode);
-			await this.mcpConnections[id].establishConnection();
+			await this.mcpConnections[id].init();
 		} catch (error) {
 			this._onObservabilityEvent.fire({
 				type: "mcp:client:connect",
@@ -560,57 +834,230 @@ var MCPClientManager = class {
 			throw error;
 		}
 		const authUrl = options.transport?.authProvider?.authUrl;
-		if (this.mcpConnections[id].connectionState === "authenticating" && authUrl && options.transport?.authProvider?.redirectUrl) {
-			this._callbackUrls.push(options.transport.authProvider.redirectUrl.toString());
-			return {
-				authUrl,
-				clientId: options.transport?.authProvider?.clientId,
-				id
+		if (this.mcpConnections[id].connectionState === MCPConnectionState.AUTHENTICATING && authUrl && options.transport?.authProvider?.redirectUrl) return {
+			authUrl,
+			clientId: options.transport?.authProvider?.clientId,
+			id
+		};
+		const discoverResult = await this.discoverIfConnected(id);
+		if (discoverResult && !discoverResult.success) throw new Error(`Failed to discover server capabilities: ${discoverResult.error}`);
+		return { id };
+	}
+	/**
+	* Create an in-memory connection object and set up observability
+	* Does NOT save to storage - use registerServer() for that
+	* @returns The connection object (existing or newly created)
+	*/
+	createConnection(id, url, options) {
+		if (this.mcpConnections[id]) return this.mcpConnections[id];
+		const normalizedTransport = {
+			...options.transport,
+			type: options.transport?.type ?? "auto"
+		};
+		this.mcpConnections[id] = new MCPClientConnection(new URL(url), {
+			name: this._name,
+			version: this._version
+		}, {
+			client: {
+				...defaultClientOptions,
+				...options.client
+			},
+			transport: normalizedTransport
+		});
+		const store = new DisposableStore();
+		const existing = this._connectionDisposables.get(id);
+		if (existing) existing.dispose();
+		this._connectionDisposables.set(id, store);
+		store.add(this.mcpConnections[id].onObservabilityEvent((event) => {
+			this._onObservabilityEvent.fire(event);
+		}));
+		return this.mcpConnections[id];
+	}
+	/**
+	* Register an MCP server connection without connecting
+	* Creates the connection object, sets up observability, and saves to storage
+	*
+	* @param id Server ID
+	* @param options Registration options including URL, name, callback URL, and connection config
+	* @returns Server ID
+	*/
+	async registerServer(id, options) {
+		this.createConnection(id, options.url, {
+			client: options.client,
+			transport: {
+				...options.transport,
+				type: options.transport?.type ?? "auto"
+			}
+		});
+		const { authProvider: _, ...transportWithoutAuth } = options.transport ?? {};
+		this.saveServerToStorage({
+			id,
+			name: options.name,
+			server_url: options.url,
+			callback_url: options.callbackUrl,
+			client_id: options.clientId ?? null,
+			auth_url: options.authUrl ?? null,
+			server_options: JSON.stringify({
+				client: options.client,
+				transport: transportWithoutAuth
+			})
+		});
+		this._onServerStateChanged.fire();
+		return id;
+	}
+	/**
+	* Connect to an already registered MCP server and initialize the connection.
+	*
+	* For OAuth servers, returns `{ state: "authenticating", authUrl, clientId? }`.
+	* The user must complete the OAuth flow via the authUrl, which triggers a
+	* callback handled by `handleCallbackRequest()`.
+	*
+	* For non-OAuth servers, establishes the transport connection and returns
+	* `{ state: "connected" }`. Call `discoverIfConnected()` afterwards to
+	* discover capabilities and transition to "ready" state.
+	*
+	* @param id Server ID (must be registered first via registerServer())
+	* @returns Connection result with current state and OAuth info (if applicable)
+	*/
+	async connectToServer(id) {
+		const conn = this.mcpConnections[id];
+		if (!conn) throw new Error(`Server ${id} is not registered. Call registerServer() first.`);
+		const error = await conn.init();
+		this._onServerStateChanged.fire();
+		switch (conn.connectionState) {
+			case MCPConnectionState.FAILED: return {
+				state: conn.connectionState,
+				error: error ?? "Unknown connection error"
+			};
+			case MCPConnectionState.AUTHENTICATING: {
+				const authUrl = conn.options.transport.authProvider?.authUrl;
+				const redirectUrl = conn.options.transport.authProvider?.redirectUrl;
+				if (!authUrl || !redirectUrl) return {
+					state: MCPConnectionState.FAILED,
+					error: `OAuth configuration incomplete: missing ${!authUrl ? "authUrl" : "redirectUrl"}`
+				};
+				const clientId = conn.options.transport.authProvider?.clientId;
+				const serverRow = this.getServersFromStorage().find((s) => s.id === id);
+				if (serverRow) {
+					this.saveServerToStorage({
+						...serverRow,
+						auth_url: authUrl,
+						client_id: clientId ?? null
+					});
+					this._onServerStateChanged.fire();
+				}
+				return {
+					state: conn.connectionState,
+					authUrl,
+					clientId
+				};
+			}
+			case MCPConnectionState.CONNECTED: return { state: conn.connectionState };
+			default: return {
+				state: MCPConnectionState.FAILED,
+				error: `Unexpected connection state after init: ${conn.connectionState}`
 			};
 		}
-		return { id };
+	}
+	extractServerIdFromState(state) {
+		if (!state) return null;
+		const parts = state.split(".");
+		return parts.length === 2 ? parts[1] : null;
 	}
 	isCallbackRequest(req) {
-		return req.method === "GET" && !!this._callbackUrls.find((url) => {
-			return req.url.startsWith(url);
-		});
+		if (req.method !== "GET") return false;
+		if (!req.url.includes("/callback")) return false;
+		const state = new URL(req.url).searchParams.get("state");
+		const serverId = this.extractServerIdFromState(state);
+		if (!serverId) return false;
+		return this.getServersFromStorage().some((server) => server.id === serverId);
 	}
 	async handleCallbackRequest(req) {
 		const url = new URL(req.url);
-		const urlMatch = this._callbackUrls.find((url$1) => {
-			return req.url.startsWith(url$1);
-		});
-		if (!urlMatch) throw new Error(`No callback URI match found for the request url: ${req.url}. Was the request matched with \`isCallbackRequest()\`?`);
 		const code = url.searchParams.get("code");
 		const state = url.searchParams.get("state");
-		const urlParams = urlMatch.split("/");
-		const serverId = urlParams[urlParams.length - 1];
-		if (!code) throw new Error("Unauthorized: no code provided");
+		const error = url.searchParams.get("error");
+		const errorDescription = url.searchParams.get("error_description");
 		if (!state) throw new Error("Unauthorized: no state provided");
+		const serverId = this.extractServerIdFromState(state);
+		if (!serverId) throw new Error("No serverId found in state parameter. Expected format: {nonce}.{serverId}");
+		if (!this.getServersFromStorage().some((server) => server.id === serverId)) throw new Error(`No server found with id "${serverId}". Was the request matched with \`isCallbackRequest()\`?`);
 		if (this.mcpConnections[serverId] === void 0) throw new Error(`Could not find serverId: ${serverId}`);
-		if (this.mcpConnections[serverId].connectionState !== "authenticating") throw new Error("Failed to authenticate: the client isn't in the `authenticating` state");
 		const conn = this.mcpConnections[serverId];
 		if (!conn.options.transport.authProvider) throw new Error("Trying to finalize authentication for a server connection without an authProvider");
-		const clientId = conn.options.transport.authProvider.clientId || state;
-		conn.options.transport.authProvider.clientId = clientId;
-		conn.options.transport.authProvider.serverId = serverId;
+		const authProvider = conn.options.transport.authProvider;
+		authProvider.serverId = serverId;
+		const stateValidation = await authProvider.checkState(state);
+		if (!stateValidation.valid) throw new Error(`Invalid state: ${stateValidation.error}`);
+		if (error) return {
+			serverId,
+			authSuccess: false,
+			authError: errorDescription || error
+		};
+		if (!code) throw new Error("Unauthorized: no code provided");
+		if (this.mcpConnections[serverId].connectionState === MCPConnectionState.READY || this.mcpConnections[serverId].connectionState === MCPConnectionState.CONNECTED) {
+			this.clearServerAuthUrl(serverId);
+			return {
+				serverId,
+				authSuccess: true
+			};
+		}
+		if (this.mcpConnections[serverId].connectionState !== MCPConnectionState.AUTHENTICATING) throw new Error(`Failed to authenticate: the client is in "${this.mcpConnections[serverId].connectionState}" state, expected "authenticating"`);
 		try {
+			await authProvider.consumeState(state);
 			await conn.completeAuthorization(code);
+			await authProvider.deleteCodeVerifier();
+			this.clearServerAuthUrl(serverId);
+			this._onServerStateChanged.fire();
 			return {
 				serverId,
 				authSuccess: true
 			};
-		} catch (error) {
+		} catch (authError) {
+			const errorMessage = authError instanceof Error ? authError.message : String(authError);
+			this._onServerStateChanged.fire();
 			return {
 				serverId,
 				authSuccess: false,
-				authError: error instanceof Error ? error.message : String(error)
+				authError: errorMessage
 			};
 		}
 	}
 	/**
+	* Discover server capabilities if connection is in CONNECTED or READY state.
+	* Transitions to DISCOVERING then READY (or CONNECTED on error).
+	* Can be called to refresh server capabilities (e.g., from a UI refresh button).
+	*
+	* If called while a previous discovery is in-flight for the same server,
+	* the previous discovery will be aborted.
+	*
+	* @param serverId The server ID to discover
+	* @param options Optional configuration
+	* @param options.timeoutMs Timeout in milliseconds (default: 30000)
+	* @returns Result with current state and optional error, or undefined if connection not found
+	*/
+	async discoverIfConnected(serverId, options = {}) {
+		const conn = this.mcpConnections[serverId];
+		if (!conn) {
+			this._onObservabilityEvent.fire({
+				type: "mcp:client:discover",
+				displayMessage: `Connection not found for ${serverId}`,
+				payload: {},
+				timestamp: Date.now(),
+				id: nanoid()
+			});
+			return;
+		}
+		const result = await conn.discover(options);
+		this._onServerStateChanged.fire();
+		return {
+			...result,
+			state: conn.connectionState
+		};
+	}
+	/**
 	* Establish connection in the background after OAuth completion
-	* This method is called asynchronously and doesn't block the OAuth callback response
+	* This method connects to the server and discovers its capabilities
 	* @param serverId The server ID to establish connection for
 	*/
 	async establishConnection(serverId) {
@@ -625,38 +1072,34 @@ var MCPClientManager = class {
 			});
 			return;
 		}
-		try {
-			await conn.establishConnection();
-			this._onConnected.fire(serverId);
-		} catch (error) {
-			const url = conn.url.toString();
+		if (conn.connectionState === MCPConnectionState.DISCOVERING || conn.connectionState === MCPConnectionState.READY) {
 			this._onObservabilityEvent.fire({
 				type: "mcp:client:connect",
-				displayMessage: `Failed to establish connection to server ${serverId} with url ${url}`,
+				displayMessage: `establishConnection skipped for ${serverId}, already in ${conn.connectionState} state`,
 				payload: {
-					url,
-					transport: conn.options.transport.type ?? "auto",
-					state: conn.connectionState,
-					error: toErrorMessage(error)
+					url: conn.url.toString(),
+					transport: conn.options.transport.type || "unknown",
+					state: conn.connectionState
 				},
 				timestamp: Date.now(),
 				id: nanoid()
 			});
+			return;
 		}
-	}
-	/**
-	* Register a callback URL for OAuth handling
-	* @param url The callback URL to register
-	*/
-	registerCallbackUrl(url) {
-		if (!this._callbackUrls.includes(url)) this._callbackUrls.push(url);
-	}
-	/**
-	* Unregister a callback URL
-	* @param serverId The server ID whose callback URL should be removed
-	*/
-	unregisterCallbackUrl(serverId) {
-		this._callbackUrls = this._callbackUrls.filter((url) => !url.endsWith(`/${serverId}`));
+		const connectResult = await this.connectToServer(serverId);
+		this._onServerStateChanged.fire();
+		if (connectResult.state === MCPConnectionState.CONNECTED) await this.discoverIfConnected(serverId);
+		this._onObservabilityEvent.fire({
+			type: "mcp:client:connect",
+			displayMessage: `establishConnection completed for ${serverId}, final state: ${conn.connectionState}`,
+			payload: {
+				url: conn.url.toString(),
+				transport: conn.options.transport.type || "unknown",
+				state: conn.connectionState
+			},
+			timestamp: Date.now(),
+			id: nanoid()
+		});
 	}
 	/**
 	* Configure OAuth callback handling
@@ -679,9 +1122,28 @@ var MCPClientManager = class {
 		return getNamespacedData(this.mcpConnections, "tools");
 	}
 	/**
+	* Lazy-loads the jsonSchema function from the AI SDK.
+	*
+	* This defers importing the "ai" package until it's actually needed, which helps reduce
+	* initial bundle size and startup time. The jsonSchema function is required for converting
+	* MCP tools into AI SDK tool definitions via getAITools().
+	*
+	* @internal This method is for internal use only. It's automatically called before operations
+	* that need jsonSchema (like getAITools() or OAuth flows). External consumers should not need
+	* to call this directly.
+	*/
+	async ensureJsonSchema() {
+		if (!this.jsonSchema) {
+			const { jsonSchema } = await import("ai");
+			this.jsonSchema = jsonSchema;
+		}
+	}
+	/**
 	* @returns a set of tools that you can use with the AI SDK
 	*/
 	getAITools() {
+		if (!this.jsonSchema) throw new Error("jsonSchema not initialized.");
+		for (const [id, conn] of Object.entries(this.mcpConnections)) if (conn.connectionState !== MCPConnectionState.READY && conn.connectionState !== MCPConnectionState.AUTHENTICATING) console.warn(`[getAITools] WARNING: Reading tools from connection ${id} in state "${conn.connectionState}". Tools may not be loaded yet.`);
 		return Object.fromEntries(getNamespacedData(this.mcpConnections, "tools").map((tool) => {
 			return [`tool_${tool.serverId.replace(/-/g, "")}_${tool.name}`, {
 				description: tool.description,
@@ -711,10 +1173,18 @@ var MCPClientManager = class {
 		return this.getAITools();
 	}
 	/**
-	* Closes all connections to MCP servers
+	* Closes all active in-memory connections to MCP servers.
+	*
+	* Note: This only closes the transport connections - it does NOT remove
+	* servers from storage. Servers will still be listed and their callback
+	* URLs will still match incoming OAuth requests.
+	*
+	* Use removeServer() instead if you want to fully clean up a server
+	* (closes connection AND removes from storage).
 	*/
 	async closeAllConnections() {
 		const ids = Object.keys(this.mcpConnections);
+		for (const id of ids) this.mcpConnections[id].cancelDiscovery();
 		await Promise.all(ids.map(async (id) => {
 			await this.mcpConnections[id].client.close();
 		}));
@@ -731,6 +1201,7 @@ var MCPClientManager = class {
 	*/
 	async closeConnection(id) {
 		if (!this.mcpConnections[id]) throw new Error(`Connection with id "${id}" does not exist.`);
+		this.mcpConnections[id].cancelDiscovery();
 		await this.mcpConnections[id].client.close();
 		delete this.mcpConnections[id];
 		const store = this._connectionDisposables.get(id);
@@ -738,13 +1209,29 @@ var MCPClientManager = class {
 		this._connectionDisposables.delete(id);
 	}
 	/**
+	* Remove an MCP server - closes connection if active and removes from storage.
+	*/
+	async removeServer(serverId) {
+		if (this.mcpConnections[serverId]) try {
+			await this.closeConnection(serverId);
+		} catch (_e) {}
+		this.removeServerFromStorage(serverId);
+		this._onServerStateChanged.fire();
+	}
+	/**
+	* List all MCP servers from storage
+	*/
+	listServers() {
+		return this.getServersFromStorage();
+	}
+	/**
 	* Dispose the manager and all resources.
 	*/
 	async dispose() {
 		try {
 			await this.closeAllConnections();
 		} finally {
-			this._onConnected.dispose();
+			this._onServerStateChanged.dispose();
 			this._onObservabilityEvent.dispose();
 		}
 	}
@@ -806,96 +1293,7 @@ function getNamespacedData(mcpClients, type) {
 }
 
 //#endregion
-//#region ../agents/dist/do-oauth-client-provider-CswoD5Lu.js
-var DurableObjectOAuthClientProvider = class {
-	constructor(storage, clientName, baseRedirectUrl) {
-		this.storage = storage;
-		this.clientName = clientName;
-		this.baseRedirectUrl = baseRedirectUrl;
-	}
-	get clientMetadata() {
-		return {
-			client_name: this.clientName,
-			client_uri: this.clientUri,
-			grant_types: ["authorization_code", "refresh_token"],
-			redirect_uris: [this.redirectUrl],
-			response_types: ["code"],
-			token_endpoint_auth_method: "none"
-		};
-	}
-	get clientUri() {
-		return new URL(this.redirectUrl).origin;
-	}
-	get redirectUrl() {
-		return `${this.baseRedirectUrl}/${this.serverId}`;
-	}
-	get clientId() {
-		if (!this._clientId_) throw new Error("Trying to access clientId before it was set");
-		return this._clientId_;
-	}
-	set clientId(clientId_) {
-		this._clientId_ = clientId_;
-	}
-	get serverId() {
-		if (!this._serverId_) throw new Error("Trying to access serverId before it was set");
-		return this._serverId_;
-	}
-	set serverId(serverId_) {
-		this._serverId_ = serverId_;
-	}
-	keyPrefix(clientId) {
-		return `/${this.clientName}/${this.serverId}/${clientId}`;
-	}
-	clientInfoKey(clientId) {
-		return `${this.keyPrefix(clientId)}/client_info/`;
-	}
-	async clientInformation() {
-		if (!this._clientId_) return;
-		return await this.storage.get(this.clientInfoKey(this.clientId)) ?? void 0;
-	}
-	async saveClientInformation(clientInformation) {
-		await this.storage.put(this.clientInfoKey(clientInformation.client_id), clientInformation);
-		this.clientId = clientInformation.client_id;
-	}
-	tokenKey(clientId) {
-		return `${this.keyPrefix(clientId)}/token`;
-	}
-	async tokens() {
-		if (!this._clientId_) return;
-		return await this.storage.get(this.tokenKey(this.clientId)) ?? void 0;
-	}
-	async saveTokens(tokens) {
-		await this.storage.put(this.tokenKey(this.clientId), tokens);
-	}
-	get authUrl() {
-		return this._authUrl_;
-	}
-	/**
-	* Because this operates on the server side (but we need browser auth), we send this url back to the user
-	* and require user interact to initiate the redirect flow
-	*/
-	async redirectToAuthorization(authUrl) {
-		const stateToken = nanoid();
-		authUrl.searchParams.set("state", stateToken);
-		this._authUrl_ = authUrl.toString();
-	}
-	codeVerifierKey(clientId) {
-		return `${this.keyPrefix(clientId)}/code_verifier`;
-	}
-	async saveCodeVerifier(verifier) {
-		const key = this.codeVerifierKey(this.clientId);
-		if (await this.storage.get(key)) return;
-		await this.storage.put(key, verifier);
-	}
-	async codeVerifier() {
-		const codeVerifier = await this.storage.get(this.codeVerifierKey(this.clientId));
-		if (!codeVerifier) throw new Error("No code verifier found");
-		return codeVerifier;
-	}
-};
-
-//#endregion
-//#region ../agents/dist/src-Dz0H9hSU.js
+//#region ../agents/dist/src-BZDh910Z.js
 /**
 * A generic observability implementation that logs events to the console.
 */
@@ -933,7 +1331,6 @@ function getNextCronTime(cron) {
 const STATE_ROW_ID = "cf_state_row_id";
 const STATE_WAS_CHANGED = "cf_state_was_changed";
 const DEFAULT_STATE = {};
-const agentContext = new AsyncLocalStorage();
 function getCurrentAgent() {
 	const store = agentContext.getStore();
 	if (!store) return {
@@ -1014,9 +1411,8 @@ var Agent = class Agent$1 extends Server {
 		super(ctx, env$1);
 		this._state = DEFAULT_STATE;
 		this._disposables = new DisposableStore();
-		this._mcpStateRestored = false;
+		this._destroyed = false;
 		this._ParentClass = Object.getPrototypeOf(this).constructor;
-		this.mcp = new MCPClientManager(this._ParentClass.name, "0.0.1");
 		this.initialState = DEFAULT_STATE;
 		this.observability = genericObservability;
 		this._flushingQueue = false;
@@ -1054,27 +1450,37 @@ var Agent = class Agent$1 extends Server {
 					}
 				});
 				if (row.type === "cron") {
+					if (this._destroyed) return;
 					const nextExecutionTime = getNextCronTime(row.cron);
 					const nextTimestamp = Math.floor(nextExecutionTime.getTime() / 1e3);
 					this.sql`
           UPDATE cf_agents_schedules SET time = ${nextTimestamp} WHERE id = ${row.id}
         `;
-				} else this.sql`
+				} else {
+					if (this._destroyed) return;
+					this.sql`
           DELETE FROM cf_agents_schedules WHERE id = ${row.id}
         `;
+				}
 			}
+			if (this._destroyed) return;
 			await this._scheduleNextAlarm();
 		};
 		if (!wrappedClasses.has(this.constructor)) {
 			this._autoWrapCustomMethods();
 			wrappedClasses.add(this.constructor);
 		}
-		this._disposables.add(this.mcp.onConnected(async () => {
-			this.broadcastMcpServers();
-		}));
-		this._disposables.add(this.mcp.onObservabilityEvent((event) => {
-			this.observability?.emit(event);
-		}));
+		this.sql`
+        CREATE TABLE IF NOT EXISTS cf_agents_mcp_servers (
+          id TEXT PRIMARY KEY NOT NULL,
+          name TEXT NOT NULL,
+          server_url TEXT NOT NULL,
+          callback_url TEXT NOT NULL,
+          client_id TEXT,
+          auth_url TEXT,
+          server_options TEXT
+        )
+      `;
 		this.sql`
       CREATE TABLE IF NOT EXISTS cf_agents_state (
         id TEXT PRIMARY KEY NOT NULL,
@@ -1089,34 +1495,25 @@ var Agent = class Agent$1 extends Server {
         created_at INTEGER DEFAULT (unixepoch())
       )
     `;
-		this.ctx.blockConcurrencyWhile(async () => {
-			return this._tryCatch(async () => {
-				this.sql`
-        CREATE TABLE IF NOT EXISTS cf_agents_schedules (
-          id TEXT PRIMARY KEY NOT NULL DEFAULT (randomblob(9)),
-          callback TEXT,
-          payload TEXT,
-          type TEXT NOT NULL CHECK(type IN ('scheduled', 'delayed', 'cron')),
-          time INTEGER,
-          delayInSeconds INTEGER,
-          cron TEXT,
-          created_at INTEGER DEFAULT (unixepoch())
-        )
-      `;
-				await this.alarm();
-			});
-		});
 		this.sql`
-      CREATE TABLE IF NOT EXISTS cf_agents_mcp_servers (
-        id TEXT PRIMARY KEY NOT NULL,
-        name TEXT NOT NULL,
-        server_url TEXT NOT NULL,
-        callback_url TEXT NOT NULL,
-        client_id TEXT,
-        auth_url TEXT,
-        server_options TEXT
+      CREATE TABLE IF NOT EXISTS cf_agents_schedules (
+        id TEXT PRIMARY KEY NOT NULL DEFAULT (randomblob(9)),
+        callback TEXT,
+        payload TEXT,
+        type TEXT NOT NULL CHECK(type IN ('scheduled', 'delayed', 'cron')),
+        time INTEGER,
+        delayInSeconds INTEGER,
+        cron TEXT,
+        created_at INTEGER DEFAULT (unixepoch())
       )
     `;
+		this.mcp = new MCPClientManager(this._ParentClass.name, "0.0.1", { storage: this.ctx.storage });
+		this._disposables.add(this.mcp.onServerStateChanged(async () => {
+			this.broadcastMcpServers();
+		}));
+		this._disposables.add(this.mcp.onObservabilityEvent((event) => {
+			this.observability?.emit(event);
+		}));
 		const _onRequest = this.onRequest.bind(this);
 		this.onRequest = (request) => {
 			return agentContext.run({
@@ -1125,17 +1522,9 @@ var Agent = class Agent$1 extends Server {
 				request,
 				email: void 0
 			}, async () => {
-				await this._ensureMcpStateRestored();
-				if (this.mcp.isCallbackRequest(request)) {
-					const result = await this.mcp.handleCallbackRequest(request);
-					this.broadcastMcpServers();
-					if (result.authSuccess) this.mcp.establishConnection(result.serverId).catch((error) => {
-						console.error("Background connection failed:", error);
-					}).finally(() => {
-						this.broadcastMcpServers();
-					});
-					return this.handleOAuthCallbackResponse(result, request);
-				}
+				await this.mcp.ensureJsonSchema();
+				const oauthResponse = await this.handleMcpOAuthCallback(request);
+				if (oauthResponse) return oauthResponse;
 				return this._tryCatch(() => _onRequest(request));
 			});
 		};
@@ -1147,6 +1536,7 @@ var Agent = class Agent$1 extends Server {
 				request: void 0,
 				email: void 0
 			}, async () => {
+				await this.mcp.ensureJsonSchema();
 				if (typeof message !== "string") return this._tryCatch(() => _onMessage(connection, message));
 				let parsed;
 				try {
@@ -1211,7 +1601,7 @@ var Agent = class Agent$1 extends Server {
 				connection,
 				request: ctx$1.request,
 				email: void 0
-			}, () => {
+			}, async () => {
 				if (this.state) connection.send(JSON.stringify({
 					state: this.state,
 					type: MessageType.CF_AGENT_STATE
@@ -1239,7 +1629,7 @@ var Agent = class Agent$1 extends Server {
 				email: void 0
 			}, async () => {
 				await this._tryCatch(async () => {
-					await this._ensureMcpStateRestored();
+					await this.mcp.restoreConnectionsFromStorage(this.name);
 					this.broadcastMcpServers();
 					return _onStart(props);
 				});
@@ -1585,10 +1975,7 @@ var Agent = class Agent$1 extends Server {
 		const result = this.sql`
       SELECT * FROM cf_agents_schedules WHERE id = ${id}
     `;
-		if (!result) {
-			console.error(`schedule ${id} not found`);
-			return;
-		}
+		if (!result || result.length === 0) return;
 		return {
 			...result[0],
 			payload: JSON.parse(result[0].payload)
@@ -1625,11 +2012,12 @@ var Agent = class Agent$1 extends Server {
 	/**
 	* Cancel a scheduled task
 	* @param id ID of the task to cancel
-	* @returns true if the task was cancelled, false otherwise
+	* @returns true if the task was cancelled, false if the task was not found
 	*/
 	async cancelSchedule(id) {
 		const schedule = await this.getSchedule(id);
-		if (schedule) this.observability?.emit({
+		if (!schedule) return false;
+		this.observability?.emit({
 			displayMessage: `Schedule ${id} cancelled`,
 			id: nanoid(),
 			payload: {
@@ -1646,7 +2034,7 @@ var Agent = class Agent$1 extends Server {
 	async _scheduleNextAlarm() {
 		const result = this.sql`
       SELECT time FROM cf_agents_schedules
-      WHERE time > ${Math.floor(Date.now() / 1e3)}
+      WHERE time >= ${Math.floor(Date.now() / 1e3)}
       ORDER BY time ASC
       LIMIT 1
     `;
@@ -1660,15 +2048,18 @@ var Agent = class Agent$1 extends Server {
 	* Destroy the Agent, removing all state and scheduled tasks
 	*/
 	async destroy() {
+		this.sql`DROP TABLE IF EXISTS cf_agents_mcp_servers`;
 		this.sql`DROP TABLE IF EXISTS cf_agents_state`;
 		this.sql`DROP TABLE IF EXISTS cf_agents_schedules`;
-		this.sql`DROP TABLE IF EXISTS cf_agents_mcp_servers`;
 		this.sql`DROP TABLE IF EXISTS cf_agents_queues`;
 		await this.ctx.storage.deleteAlarm();
 		await this.ctx.storage.deleteAll();
 		this._disposables.dispose();
-		await this.mcp.dispose?.();
-		this.ctx.abort("destroyed");
+		await this.mcp.dispose();
+		this._destroyed = true;
+		setTimeout(() => {
+			this.ctx.abort("destroyed");
+		}, 0);
 		this.observability?.emit({
 			displayMessage: "Agent destroyed",
 			id: nanoid(),
@@ -1684,43 +2075,6 @@ var Agent = class Agent$1 extends Server {
 	_isCallable(method) {
 		return callableMetadata.has(this[method]);
 	}
-	async _ensureMcpStateRestored() {
-		if (this._mcpStateRestored) return;
-		this._mcpStateRestored = true;
-		const servers = this.sql`
-        SELECT id, name, server_url, client_id, auth_url, callback_url, server_options
-        FROM cf_agents_mcp_servers
-      `;
-		if (!servers || !Array.isArray(servers) || servers.length === 0) return;
-		for (const server of servers) if (server.callback_url) this.mcp.registerCallbackUrl(`${server.callback_url}/${server.id}`);
-		for (const server of servers) if (!!server.auth_url) {
-			const authProvider = new DurableObjectOAuthClientProvider(this.ctx.storage, this.name, server.callback_url);
-			authProvider.serverId = server.id;
-			if (server.client_id) authProvider.clientId = server.client_id;
-			const parsedOptions = server.server_options ? JSON.parse(server.server_options) : void 0;
-			const conn = new MCPClientConnection(new URL(server.server_url), {
-				name: this.name,
-				version: "1.0.0"
-			}, {
-				client: parsedOptions?.client ?? {},
-				transport: {
-					...parsedOptions?.transport ?? {},
-					type: parsedOptions?.transport?.type ?? "auto",
-					authProvider
-				}
-			});
-			conn.connectionState = "authenticating";
-			this.mcp.mcpConnections[server.id] = conn;
-		} else {
-			const parsedOptions = server.server_options ? JSON.parse(server.server_options) : void 0;
-			this._connectToMcpServerInternal(server.name, server.server_url, server.callback_url, parsedOptions, {
-				id: server.id,
-				oauthClientId: server.client_id ?? void 0
-			}).catch((error) => {
-				console.error(`Error restoring ${server.id}:`, error);
-			});
-		}
-	}
 	/**
 	* Connect to a new MCP Server
 	*
@@ -1729,7 +2083,8 @@ var Agent = class Agent$1 extends Server {
 	* @param callbackHost Base host for the agent, used for the redirect URI. If not provided, will be derived from the current request.
 	* @param agentsPrefix agents routing prefix if not using `agents`
 	* @param options MCP client and transport options
-	* @returns authUrl
+	* @returns Server id and state - either "authenticating" with authUrl, or "ready"
+	* @throws If connection or discovery fails
 	*/
 	async addMcpServer(serverName, url, callbackHost, agentsPrefix = "agents", options) {
 		let resolvedCallbackHost = callbackHost;
@@ -1740,29 +2095,10 @@ var Agent = class Agent$1 extends Server {
 			resolvedCallbackHost = `${requestUrl.protocol}//${requestUrl.host}`;
 		}
 		const callbackUrl = `${resolvedCallbackHost}/${agentsPrefix}/${camelCaseToKebabCase(this._ParentClass.name)}/${this.name}/callback`;
-		const result = await this._connectToMcpServerInternal(serverName, url, callbackUrl, options);
-		this.sql`
-        INSERT
-        OR REPLACE INTO cf_agents_mcp_servers (id, name, server_url, client_id, auth_url, callback_url, server_options)
-      VALUES (
-        ${result.id},
-        ${serverName},
-        ${url},
-        ${result.clientId ?? null},
-        ${result.authUrl ?? null},
-        ${callbackUrl},
-        ${options ? JSON.stringify(options) : null}
-        );
-    `;
-		this.broadcastMcpServers();
-		return result;
-	}
-	async _connectToMcpServerInternal(_serverName, url, callbackUrl, options, reconnect) {
+		await this.mcp.ensureJsonSchema();
+		const id = nanoid(8);
 		const authProvider = new DurableObjectOAuthClientProvider(this.ctx.storage, this.name, callbackUrl);
-		if (reconnect) {
-			authProvider.serverId = reconnect.id;
-			if (reconnect.oauthClientId) authProvider.clientId = reconnect.oauthClientId;
-		}
+		authProvider.serverId = id;
 		const transportType = options?.transport?.type ?? "auto";
 		let headerTransportOpts = {};
 		if (options?.transport?.headers) headerTransportOpts = {
@@ -1772,28 +2108,33 @@ var Agent = class Agent$1 extends Server {
 			}) },
 			requestInit: { headers: options?.transport?.headers }
 		};
-		const { id, authUrl, clientId } = await this.mcp.connect(url, {
+		await this.mcp.registerServer(id, {
+			url,
+			name: serverName,
+			callbackUrl,
 			client: options?.client,
-			reconnect,
 			transport: {
 				...headerTransportOpts,
 				authProvider,
 				type: transportType
 			}
 		});
+		const result = await this.mcp.connectToServer(id);
+		if (result.state === MCPConnectionState.FAILED) throw new Error(`Failed to connect to MCP server at ${url}: ${result.error}`);
+		if (result.state === MCPConnectionState.AUTHENTICATING) return {
+			id,
+			state: result.state,
+			authUrl: result.authUrl
+		};
+		const discoverResult = await this.mcp.discoverIfConnected(id);
+		if (discoverResult && !discoverResult.success) throw new Error(`Failed to discover MCP server capabilities: ${discoverResult.error}`);
 		return {
-			authUrl,
-			clientId,
-			id
+			id,
+			state: MCPConnectionState.READY
 		};
 	}
 	async removeMcpServer(id) {
-		this.mcp.closeConnection(id);
-		this.mcp.unregisterCallbackUrl(id);
-		this.sql`
-      DELETE FROM cf_agents_mcp_servers WHERE id = ${id};
-    `;
-		this.broadcastMcpServers();
+		await this.mcp.removeServer(id);
 	}
 	getMcpServers() {
 		const mcpState = {
@@ -1802,18 +2143,18 @@ var Agent = class Agent$1 extends Server {
 			servers: {},
 			tools: this.mcp.listTools()
 		};
-		const servers = this.sql`
-      SELECT id, name, server_url, client_id, auth_url, callback_url, server_options FROM cf_agents_mcp_servers;
-    `;
+		const servers = this.mcp.listServers();
 		if (servers && Array.isArray(servers) && servers.length > 0) for (const server of servers) {
 			const serverConn = this.mcp.mcpConnections[server.id];
+			let defaultState = "not-connected";
+			if (!serverConn && server.auth_url) defaultState = "authenticating";
 			mcpState.servers[server.id] = {
 				auth_url: server.auth_url,
 				capabilities: serverConn?.serverCapabilities ?? null,
 				instructions: serverConn?.instructions ?? null,
 				name: server.name,
 				server_url: server.server_url,
-				state: serverConn?.connectionState ?? "authenticating"
+				state: serverConn?.connectionState ?? defaultState
 			};
 		}
 		return mcpState;
@@ -1825,6 +2166,28 @@ var Agent = class Agent$1 extends Server {
 		}));
 	}
 	/**
+	* Handle MCP OAuth callback request if it's an OAuth callback.
+	*
+	* This method encapsulates the entire OAuth callback flow:
+	* 1. Checks if the request is an MCP OAuth callback
+	* 2. Processes the OAuth code exchange
+	* 3. Establishes the connection if successful
+	* 4. Broadcasts MCP server state updates
+	* 5. Returns the appropriate HTTP response
+	*
+	* @param request The incoming HTTP request
+	* @returns Response if this was an OAuth callback, null otherwise
+	*/
+	async handleMcpOAuthCallback(request) {
+		if (!this.mcp.isCallbackRequest(request)) return null;
+		const result = await this.mcp.handleCallbackRequest(request);
+		if (result.authSuccess) this.mcp.establishConnection(result.serverId).catch((error) => {
+			console.error("[Agent handleMcpOAuthCallback] Connection establishment failed:", error);
+		});
+		this.broadcastMcpServers();
+		return this.handleOAuthCallbackResponse(result, request);
+	}
+	/**
 	* Handle OAuth callback response using MCPClientManager configuration
 	* @param result OAuth callback result
 	* @param request The original request (needed for base URL)
@@ -1833,10 +2196,21 @@ var Agent = class Agent$1 extends Server {
 	handleOAuthCallbackResponse(result, request) {
 		const config = this.mcp.getOAuthCallbackConfig();
 		if (config?.customHandler) return config.customHandler(result);
-		if (config?.successRedirect && result.authSuccess) return Response.redirect(config.successRedirect);
-		if (config?.errorRedirect && !result.authSuccess) return Response.redirect(`${config.errorRedirect}?error=${encodeURIComponent(result.authError || "Unknown error")}`);
-		const baseUrl = new URL(request.url).origin;
-		return Response.redirect(baseUrl);
+		const baseOrigin = new URL(request.url).origin;
+		if (config?.successRedirect && result.authSuccess) try {
+			return Response.redirect(new URL(config.successRedirect, baseOrigin).href);
+		} catch (e) {
+			console.error("Invalid successRedirect URL:", config.successRedirect, e);
+			return Response.redirect(baseOrigin);
+		}
+		if (config?.errorRedirect && !result.authSuccess) try {
+			const errorUrl = `${config.errorRedirect}?error=${encodeURIComponent(result.authError || "Unknown error")}`;
+			return Response.redirect(new URL(errorUrl, baseOrigin).href);
+		} catch (e) {
+			console.error("Invalid errorRedirect URL:", config.errorRedirect, e);
+			return Response.redirect(baseOrigin);
+		}
+		return Response.redirect(baseOrigin);
 	}
 };
 const wrappedClasses = /* @__PURE__ */ new Set();
@@ -1862,10 +2236,15 @@ async function routeAgentRequest(request, env$1, options) {
 		prefix: "agents",
 		...options
 	});
-	if (response && corsHeaders && request.headers.get("upgrade")?.toLowerCase() !== "websocket" && request.headers.get("Upgrade")?.toLowerCase() !== "websocket") response = new Response(response.body, { headers: {
-		...response.headers,
-		...corsHeaders
-	} });
+	if (response && corsHeaders && request.headers.get("upgrade")?.toLowerCase() !== "websocket" && request.headers.get("Upgrade")?.toLowerCase() !== "websocket") {
+		const newHeaders = new Headers(response.headers);
+		for (const [key, value] of Object.entries(corsHeaders)) newHeaders.set(key, value);
+		response = new Response(response.body, {
+			status: response.status,
+			statusText: response.statusText,
+			headers: newHeaders
+		});
+	}
 	return response;
 }
 /**