mcp-proxy 5.6.0 → 5.7.0

package/dist/index.d.ts

@@ -43,10 +43,12 @@ declare class InMemoryEventStore implements EventStore {
 //#region src/proxyServer.d.ts
 declare const proxyServer: ({
   client,
+  requestTimeout,
   server,
   serverCapabilities
 }: {
   client: Client;
+  requestTimeout?: number;
   server: Server;
   serverCapabilities: ServerCapabilities;
 }) => Promise<void>;

package/dist/index.js

@@ -1,7 +1,7 @@
-import { Client, InMemoryEventStore, JSONRPCMessageSchema, LATEST_PROTOCOL_VERSION, ReadBuffer, Server, anyType, arrayType, booleanType, isInitializedNotification, isJSONRPCRequest, isJSONRPCResponse, numberType, objectType, proxyServer, serializeMessage, startHTTPServer, stringType } from "./stdio-Cm2W-uxV.js";
+import { Client, InMemoryEventStore, JSONRPCMessageSchema, LATEST_PROTOCOL_VERSION, NEVER, ReadBuffer, Server, ZodIssueCode, anyType, arrayType, booleanType, isInitializedNotification, isJSONRPCRequest, isJSONRPCResponse, numberType, objectType, proxyServer, serializeMessage, startHTTPServer, stringType } from "./stdio-AohZZTMh.js";
 import process from "node:process";
 
-//#region node_modules/.pnpm/eventsource-parser@3.0.3/node_modules/eventsource-parser/dist/index.js
+//#region node_modules/.pnpm/eventsource-parser@3.0.6/node_modules/eventsource-parser/dist/index.js
 var ParseError = class extends Error {
 	constructor(message, options) {
 		super(message), this.name = "ParseError", this.type = options.type, this.field = options.field, this.value = options.value, this.line = options.line;
@@ -86,7 +86,7 @@ function splitLines(chunk) {
 		const crIndex = chunk.indexOf("\r", searchIndex), lfIndex = chunk.indexOf(`
 `, searchIndex);
 		let lineEnd = -1;
-		if (crIndex !== -1 && lfIndex !== -1 ? lineEnd = Math.min(crIndex, lfIndex) : crIndex !== -1 ? lineEnd = crIndex : lfIndex !== -1 && (lineEnd = lfIndex), lineEnd === -1) {
+		if (crIndex !== -1 && lfIndex !== -1 ? lineEnd = Math.min(crIndex, lfIndex) : crIndex !== -1 ? crIndex === chunk.length - 1 ? lineEnd = -1 : lineEnd = crIndex : lfIndex !== -1 && (lineEnd = lfIndex), lineEnd === -1) {
 			incompleteLine = chunk.slice(searchIndex);
 			break;
 		} else {
@@ -387,13 +387,29 @@ async function pkceChallenge(length) {
 }
 
 //#endregion
-//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.3/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/auth.js
+//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.18.1/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/auth.js
+/**
+* Reusable URL validation that disallows javascript: scheme
+*/
+const SafeUrlSchema = stringType().url().superRefine((val, ctx) => {
+	if (!URL.canParse(val)) {
+		ctx.addIssue({
+			code: ZodIssueCode.custom,
+			message: "URL must be parseable",
+			fatal: true
+		});
+		return NEVER;
+	}
+}).refine((url) => {
+	const u = new URL(url);
+	return u.protocol !== "javascript:" && u.protocol !== "data:" && u.protocol !== "vbscript:";
+}, { message: "URL cannot use javascript:, data:, or vbscript: scheme" });
 /**
 * RFC 9728 OAuth Protected Resource Metadata
 */
 const OAuthProtectedResourceMetadataSchema = objectType({
 	resource: stringType().url(),
-	authorization_servers: arrayType(stringType().url()).optional(),
+	authorization_servers: arrayType(SafeUrlSchema).optional(),
 	jwks_uri: stringType().url().optional(),
 	scopes_supported: arrayType(stringType()).optional(),
 	bearer_methods_supported: arrayType(stringType()).optional(),
@@ -412,17 +428,17 @@ const OAuthProtectedResourceMetadataSchema = objectType({
 */
 const OAuthMetadataSchema = objectType({
 	issuer: stringType(),
-	authorization_endpoint: stringType(),
-	token_endpoint: stringType(),
-	registration_endpoint: stringType().optional(),
+	authorization_endpoint: SafeUrlSchema,
+	token_endpoint: SafeUrlSchema,
+	registration_endpoint: SafeUrlSchema.optional(),
 	scopes_supported: arrayType(stringType()).optional(),
 	response_types_supported: arrayType(stringType()),
 	response_modes_supported: arrayType(stringType()).optional(),
 	grant_types_supported: arrayType(stringType()).optional(),
 	token_endpoint_auth_methods_supported: arrayType(stringType()).optional(),
 	token_endpoint_auth_signing_alg_values_supported: arrayType(stringType()).optional(),
-	service_documentation: stringType().optional(),
-	revocation_endpoint: stringType().optional(),
+	service_documentation: SafeUrlSchema.optional(),
+	revocation_endpoint: SafeUrlSchema.optional(),
 	revocation_endpoint_auth_methods_supported: arrayType(stringType()).optional(),
 	revocation_endpoint_auth_signing_alg_values_supported: arrayType(stringType()).optional(),
 	introspection_endpoint: stringType().optional(),
@@ -436,11 +452,11 @@ const OAuthMetadataSchema = objectType({
 */
 const OpenIdProviderMetadataSchema = objectType({
 	issuer: stringType(),
-	authorization_endpoint: stringType(),
-	token_endpoint: stringType(),
-	userinfo_endpoint: stringType().optional(),
-	jwks_uri: stringType(),
-	registration_endpoint: stringType().optional(),
+	authorization_endpoint: SafeUrlSchema,
+	token_endpoint: SafeUrlSchema,
+	userinfo_endpoint: SafeUrlSchema.optional(),
+	jwks_uri: SafeUrlSchema,
+	registration_endpoint: SafeUrlSchema.optional(),
 	scopes_supported: arrayType(stringType()).optional(),
 	response_types_supported: arrayType(stringType()),
 	response_modes_supported: arrayType(stringType()).optional(),
@@ -468,8 +484,8 @@ const OpenIdProviderMetadataSchema = objectType({
 	request_parameter_supported: booleanType().optional(),
 	request_uri_parameter_supported: booleanType().optional(),
 	require_request_uri_registration: booleanType().optional(),
-	op_policy_uri: stringType().optional(),
-	op_tos_uri: stringType().optional()
+	op_policy_uri: SafeUrlSchema.optional(),
+	op_tos_uri: SafeUrlSchema.optional()
 }).passthrough();
 /**
 * OpenID Connect Discovery metadata that may include OAuth 2.0 fields
@@ -500,18 +516,18 @@ const OAuthErrorResponseSchema = objectType({
 * RFC 7591 OAuth 2.0 Dynamic Client Registration metadata
 */
 const OAuthClientMetadataSchema = objectType({
-	redirect_uris: arrayType(stringType()).refine((uris) => uris.every((uri) => URL.canParse(uri)), { message: "redirect_uris must contain valid URLs" }),
+	redirect_uris: arrayType(SafeUrlSchema),
 	token_endpoint_auth_method: stringType().optional(),
 	grant_types: arrayType(stringType()).optional(),
 	response_types: arrayType(stringType()).optional(),
 	client_name: stringType().optional(),
-	client_uri: stringType().optional(),
-	logo_uri: stringType().optional(),
+	client_uri: SafeUrlSchema.optional(),
+	logo_uri: SafeUrlSchema.optional(),
 	scope: stringType().optional(),
 	contacts: arrayType(stringType()).optional(),
-	tos_uri: stringType().optional(),
+	tos_uri: SafeUrlSchema.optional(),
 	policy_uri: stringType().optional(),
-	jwks_uri: stringType().optional(),
+	jwks_uri: SafeUrlSchema.optional(),
 	jwks: anyType().optional(),
 	software_id: stringType().optional(),
 	software_version: stringType().optional(),
@@ -546,7 +562,7 @@ const OAuthTokenRevocationRequestSchema = objectType({
 }).strip();
 
 //#endregion
-//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.3/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/auth-utils.js
+//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.18.1/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/auth-utils.js
 /**
 * Utilities for handling OAuth resource URIs.
 */
@@ -580,7 +596,7 @@ function checkResourceAllowed({ requestedResource, configuredResource }) {
 }
 
 //#endregion
-//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.3/node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/errors.js
+//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.18.1/node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/errors.js
 /**
 * Base class for all OAuth errors
 */
@@ -724,7 +740,7 @@ const OAUTH_ERRORS = {
 };
 
 //#endregion
-//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.3/node_modules/@modelcontextprotocol/sdk/dist/esm/client/auth.js
+//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.18.1/node_modules/@modelcontextprotocol/sdk/dist/esm/client/auth.js
 var UnauthorizedError = class extends Error {
 	constructor(message) {
 		super(message !== null && message !== void 0 ? message : "Unauthorized");
@@ -815,10 +831,8 @@ async function parseErrorResponse(input) {
 	const statusCode = input instanceof Response ? input.status : void 0;
 	const body = input instanceof Response ? await input.text() : input;
 	try {
-		const result = OAuthErrorResponseSchema.parse(JSON.parse(body));
-		const { error, error_description, error_uri } = result;
-		const errorClass = OAUTH_ERRORS[error] || ServerError;
-		return new errorClass(error_description || "", error_uri);
+		const { error, error_description, error_uri } = OAuthErrorResponseSchema.parse(JSON.parse(body));
+		return new (OAUTH_ERRORS[error] || ServerError)(error_description || "", error_uri);
 	} catch (error) {
 		const errorMessage = `${statusCode ? `HTTP ${statusCode}: ` : ""}Invalid OAuth error response: ${error}. Raw body: ${body}`;
 		return new ServerError(errorMessage);
@@ -917,7 +931,7 @@ async function authInternal(provider, { serverUrl, authorizationCode, scope, res
 async function selectResourceURL(serverUrl, provider, resourceMetadata) {
 	const defaultResource = resourceUrlFromServerUrl(serverUrl);
 	if (provider.validateResourceURL) return await provider.validateResourceURL(defaultResource, resourceMetadata === null || resourceMetadata === void 0 ? void 0 : resourceMetadata.resource);
-	if (!resourceMetadata) return void 0;
+	if (!resourceMetadata) return;
 	if (!checkResourceAllowed({
 		requestedResource: defaultResource,
 		configuredResource: resourceMetadata.resource
@@ -929,16 +943,15 @@ async function selectResourceURL(serverUrl, provider, resourceMetadata) {
 */
 function extractResourceMetadataUrl(res) {
 	const authenticateHeader = res.headers.get("WWW-Authenticate");
-	if (!authenticateHeader) return void 0;
+	if (!authenticateHeader) return;
 	const [type, scheme] = authenticateHeader.split(" ");
-	if (type.toLowerCase() !== "bearer" || !scheme) return void 0;
-	const regex = /resource_metadata="([^"]*)"/;
-	const match = regex.exec(authenticateHeader);
-	if (!match) return void 0;
+	if (type.toLowerCase() !== "bearer" || !scheme) return;
+	const match = /resource_metadata="([^"]*)"/.exec(authenticateHeader);
+	if (!match) return;
 	try {
 		return new URL(match[1]);
 	} catch (_a) {
-		return void 0;
+		return;
 	}
 }
 /**
@@ -964,7 +977,7 @@ async function fetchWithCorsRetry(url, headers, fetchFn = fetch) {
 		return await fetchFn(url, { headers });
 	} catch (error) {
 		if (error instanceof TypeError) if (headers) return fetchWithCorsRetry(url, void 0, fetchFn);
-		else return void 0;
+		else return;
 		throw error;
 	}
 }
@@ -979,14 +992,13 @@ function buildWellKnownPath(wellKnownPrefix, pathname = "", options = {}) {
 * Tries to discover OAuth metadata at a specific URL
 */
 async function tryMetadataDiscovery(url, protocolVersion, fetchFn = fetch) {
-	const headers = { "MCP-Protocol-Version": protocolVersion };
-	return await fetchWithCorsRetry(url, headers, fetchFn);
+	return await fetchWithCorsRetry(url, { "MCP-Protocol-Version": protocolVersion }, fetchFn);
 }
 /**
 * Determines if fallback to root discovery should be attempted
 */
 function shouldAttemptFallback(response, pathname) {
-	return !response || response.status === 404 && pathname !== "/";
+	return !response || response.status >= 400 && response.status < 500 && pathname !== "/";
 }
 /**
 * Generic function for discovering OAuth metadata with fallback support
@@ -1090,7 +1102,6 @@ async function discoverAuthorizationServerMetadata(authorizationServerUrl, { fet
 			return metadata;
 		}
 	}
-	return void 0;
 }
 /**
 * Begins the authorization flow with the given server, by generating a PKCE challenge and constructing the authorization URL.
@@ -1225,7 +1236,7 @@ async function registerClient(authorizationServerUrl, { metadata, clientMetadata
 }
 
 //#endregion
-//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.3/node_modules/@modelcontextprotocol/sdk/dist/esm/client/sse.js
+//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.18.1/node_modules/@modelcontextprotocol/sdk/dist/esm/client/sse.js
 var SseError = class extends Error {
 	constructor(code, message, event) {
 		super(`SSE error: ${message}`);
@@ -1342,13 +1353,12 @@ var SSEClientTransport = class {
 	*/
 	async finishAuth(authorizationCode) {
 		if (!this._authProvider) throw new UnauthorizedError("No auth provider");
-		const result = await auth(this._authProvider, {
+		if (await auth(this._authProvider, {
 			serverUrl: this._url,
 			authorizationCode,
 			resourceMetadataUrl: this._resourceMetadataUrl,
 			fetchFn: this._fetch
-		});
-		if (result !== "AUTHORIZED") throw new UnauthorizedError("Failed to authorize");
+		}) !== "AUTHORIZED") throw new UnauthorizedError("Failed to authorize");
 	}
 	async close() {
 		var _a, _b, _c;
@@ -1373,12 +1383,11 @@ var SSEClientTransport = class {
 			if (!response.ok) {
 				if (response.status === 401 && this._authProvider) {
 					this._resourceMetadataUrl = extractResourceMetadataUrl(response);
-					const result = await auth(this._authProvider, {
+					if (await auth(this._authProvider, {
 						serverUrl: this._url,
 						resourceMetadataUrl: this._resourceMetadataUrl,
 						fetchFn: this._fetch
-					});
-					if (result !== "AUTHORIZED") throw new UnauthorizedError();
+					}) !== "AUTHORIZED") throw new UnauthorizedError();
 					return this.send(message);
 				}
 				const text = await response.text().catch(() => null);
@@ -1395,7 +1404,7 @@ var SSEClientTransport = class {
 };
 
 //#endregion
-//#region node_modules/.pnpm/eventsource-parser@3.0.3/node_modules/eventsource-parser/dist/stream.js
+//#region node_modules/.pnpm/eventsource-parser@3.0.6/node_modules/eventsource-parser/dist/stream.js
 var EventSourceParserStream = class extends TransformStream {
 	constructor({ onError, onRetry, onComment } = {}) {
 		let parser;
@@ -1420,7 +1429,7 @@ var EventSourceParserStream = class extends TransformStream {
 };
 
 //#endregion
-//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.3/node_modules/@modelcontextprotocol/sdk/dist/esm/client/streamableHttp.js
+//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.18.1/node_modules/@modelcontextprotocol/sdk/dist/esm/client/streamableHttp.js
 const DEFAULT_STREAMABLE_HTTP_RECONNECTION_OPTIONS = {
 	initialReconnectionDelay: 1e3,
 	maxReconnectionDelay: 3e4,
@@ -1591,13 +1600,12 @@ var StreamableHTTPClientTransport = class {
 	*/
 	async finishAuth(authorizationCode) {
 		if (!this._authProvider) throw new UnauthorizedError("No auth provider");
-		const result = await auth(this._authProvider, {
+		if (await auth(this._authProvider, {
 			serverUrl: this._url,
 			authorizationCode,
 			resourceMetadataUrl: this._resourceMetadataUrl,
 			fetchFn: this._fetch
-		});
-		if (result !== "AUTHORIZED") throw new UnauthorizedError("Failed to authorize");
+		}) !== "AUTHORIZED") throw new UnauthorizedError("Failed to authorize");
 	}
 	async close() {
 		var _a, _b;
@@ -1634,12 +1642,11 @@ var StreamableHTTPClientTransport = class {
 			if (!response.ok) {
 				if (response.status === 401 && this._authProvider) {
 					this._resourceMetadataUrl = extractResourceMetadataUrl(response);
-					const result = await auth(this._authProvider, {
+					if (await auth(this._authProvider, {
 						serverUrl: this._url,
 						resourceMetadataUrl: this._resourceMetadataUrl,
 						fetchFn: this._fetch
-					});
-					if (result !== "AUTHORIZED") throw new UnauthorizedError();
+					}) !== "AUTHORIZED") throw new UnauthorizedError();
 					return this.send(message);
 				}
 				const text = await response.text().catch(() => null);
@@ -1652,8 +1659,7 @@ var StreamableHTTPClientTransport = class {
 				});
 				return;
 			}
-			const messages = Array.isArray(message) ? message : [message];
-			const hasRequests = messages.filter((msg) => "method" in msg && "id" in msg && msg.id !== void 0).length > 0;
+			const hasRequests = (Array.isArray(message) ? message : [message]).filter((msg) => "method" in msg && "id" in msg && msg.id !== void 0).length > 0;
 			const contentType = response.headers.get("content-type");
 			if (hasRequests) if (contentType === null || contentType === void 0 ? void 0 : contentType.includes("text/event-stream")) this._handleSseStream(response.body, { onresumptiontoken }, false);
 			else if (contentType === null || contentType === void 0 ? void 0 : contentType.includes("application/json")) {
@@ -1708,7 +1714,7 @@ var StreamableHTTPClientTransport = class {
 };
 
 //#endregion
-//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.3/node_modules/@modelcontextprotocol/sdk/dist/esm/server/stdio.js
+//#region node_modules/.pnpm/@modelcontextprotocol+sdk@1.18.1/node_modules/@modelcontextprotocol/sdk/dist/esm/server/stdio.js
 /**
 * Server transport for stdio: this communicates with a MCP client by reading from the current process' stdin and writing to stdout.
 *
@@ -1752,8 +1758,7 @@ var StdioServerTransport = class {
 		var _a;
 		this._stdin.off("data", this._ondata);
 		this._stdin.off("error", this._onerror);
-		const remainingDataListeners = this._stdin.listenerCount("data");
-		if (remainingDataListeners === 0) this._stdin.pause();
+		if (this._stdin.listenerCount("data") === 0) this._stdin.pause();
 		this._readBuffer.clear();
 		(_a = this.onclose) === null || _a === void 0 || _a.call(this);
 	}