mcp-remote 0.1.17 → 0.1.19

package/dist/{chunk-S7ORXPZR.js → chunk-F6AJOQCP.js}

@@ -10301,10 +10301,11 @@ var z = /* @__PURE__ */ Object.freeze({
   ZodError
 });
 
-// node_modules/.pnpm/@modelcontextprotocol+sdk@https+++pkg.pr.new+geelen+typescript-sdk+@modelcontextprotocol+sdk@cdf3508/node_modules/@modelcontextprotocol/sdk/dist/esm/types.js
-var LATEST_PROTOCOL_VERSION = "2025-03-26";
+// node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.4/node_modules/@modelcontextprotocol/sdk/dist/esm/types.js
+var LATEST_PROTOCOL_VERSION = "2025-06-18";
 var SUPPORTED_PROTOCOL_VERSIONS = [
   LATEST_PROTOCOL_VERSION,
+  "2025-03-26",
   "2024-11-05",
   "2024-10-07"
 ];
@@ -10326,7 +10327,8 @@ var RequestSchema = z.object({
 });
 var BaseNotificationParamsSchema = z.object({
   /**
-   * This parameter name is reserved by MCP to allow clients and servers to attach additional metadata to their notifications.
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
    */
   _meta: z.optional(z.object({}).passthrough())
 }).passthrough();
@@ -10336,7 +10338,8 @@ var NotificationSchema = z.object({
 });
 var ResultSchema = z.object({
   /**
-   * This result property is reserved by the protocol to allow clients and servers to attach additional metadata to their responses.
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
    */
   _meta: z.optional(z.object({}).passthrough())
 }).passthrough();
@@ -10407,10 +10410,22 @@ var CancelledNotificationSchema = NotificationSchema.extend({
     reason: z.string().optional()
   })
 });
-var ImplementationSchema = z.object({
+var BaseMetadataSchema = z.object({
+  /** Intended for programmatic or logical use, but used as a display name in past specs or fallback */
   name: z.string(),
-  version: z.string()
+  /**
+  * Intended for UI and end-user contexts — optimized to be human-readable and easily understood,
+  * even by those unfamiliar with domain-specific terminology.
+  *
+  * If not provided, the name should be used for display (except for Tool,
+  * where `annotations.title` should be given precedence over using `name`,
+  * if present).
+  */
+  title: z.optional(z.string())
 }).passthrough();
+var ImplementationSchema = BaseMetadataSchema.extend({
+  version: z.string()
+});
 var ClientCapabilitiesSchema = z.object({
   /**
    * Experimental, non-standard capabilities that the client supports.
@@ -10420,6 +10435,10 @@ var ClientCapabilitiesSchema = z.object({
    * Present if the client supports sampling from an LLM.
    */
   sampling: z.optional(z.object({}).passthrough()),
+  /**
+   * Present if the client supports eliciting user input.
+   */
+  elicitation: z.optional(z.object({}).passthrough()),
   /**
    * Present if the client supports listing roots.
    */
@@ -10554,7 +10573,12 @@ var ResourceContentsSchema = z.object({
   /**
    * The MIME type of this resource, if known.
    */
-  mimeType: z.optional(z.string())
+  mimeType: z.optional(z.string()),
+  /**
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
+   */
+  _meta: z.optional(z.object({}).passthrough())
 }).passthrough();
 var TextResourceContentsSchema = ResourceContentsSchema.extend({
   /**
@@ -10562,23 +10586,25 @@ var TextResourceContentsSchema = ResourceContentsSchema.extend({
    */
   text: z.string()
 });
+var Base64Schema = z.string().refine((val) => {
+  try {
+    atob(val);
+    return true;
+  } catch (_a) {
+    return false;
+  }
+}, { message: "Invalid Base64 string" });
 var BlobResourceContentsSchema = ResourceContentsSchema.extend({
   /**
    * A base64-encoded string representing the binary data of the item.
    */
-  blob: z.string().base64()
+  blob: Base64Schema
 });
-var ResourceSchema = z.object({
+var ResourceSchema = BaseMetadataSchema.extend({
   /**
    * The URI of this resource.
    */
   uri: z.string(),
-  /**
-   * A human-readable name for this resource.
-   *
-   * This can be used by clients to populate UI elements.
-   */
-  name: z.string(),
   /**
    * A description of what this resource represents.
    *
@@ -10588,19 +10614,18 @@ var ResourceSchema = z.object({
   /**
    * The MIME type of this resource, if known.
    */
-  mimeType: z.optional(z.string())
-}).passthrough();
-var ResourceTemplateSchema = z.object({
+  mimeType: z.optional(z.string()),
   /**
-   * A URI template (according to RFC 6570) that can be used to construct resource URIs.
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
    */
-  uriTemplate: z.string(),
+  _meta: z.optional(z.object({}).passthrough())
+});
+var ResourceTemplateSchema = BaseMetadataSchema.extend({
   /**
-   * A human-readable name for the type of resource this template refers to.
-   *
-   * This can be used by clients to populate UI elements.
+   * A URI template (according to RFC 6570) that can be used to construct resource URIs.
    */
-  name: z.string(),
+  uriTemplate: z.string(),
   /**
    * A description of what this template is for.
    *
@@ -10610,8 +10635,13 @@ var ResourceTemplateSchema = z.object({
   /**
    * The MIME type for all resources that match this template. This should only be included if all resources matching this template have the same type.
    */
-  mimeType: z.optional(z.string())
-}).passthrough();
+  mimeType: z.optional(z.string()),
+  /**
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
+   */
+  _meta: z.optional(z.object({}).passthrough())
+});
 var ListResourcesRequestSchema = PaginatedRequestSchema.extend({
   method: z.literal("resources/list")
 });
@@ -10680,11 +10710,7 @@ var PromptArgumentSchema = z.object({
    */
   required: z.optional(z.boolean())
 }).passthrough();
-var PromptSchema = z.object({
-  /**
-   * The name of the prompt or prompt template.
-   */
-  name: z.string(),
+var PromptSchema = BaseMetadataSchema.extend({
   /**
    * An optional description of what this prompt provides
    */
@@ -10692,8 +10718,13 @@ var PromptSchema = z.object({
   /**
    * A list of arguments to use for templating the prompt.
    */
-  arguments: z.optional(z.array(PromptArgumentSchema))
-}).passthrough();
+  arguments: z.optional(z.array(PromptArgumentSchema)),
+  /**
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
+   */
+  _meta: z.optional(z.object({}).passthrough())
+});
 var ListPromptsRequestSchema = PaginatedRequestSchema.extend({
   method: z.literal("prompts/list")
 });
@@ -10718,42 +10749,67 @@ var TextContentSchema = z.object({
   /**
    * The text content of the message.
    */
-  text: z.string()
+  text: z.string(),
+  /**
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
+   */
+  _meta: z.optional(z.object({}).passthrough())
 }).passthrough();
 var ImageContentSchema = z.object({
   type: z.literal("image"),
   /**
    * The base64-encoded image data.
    */
-  data: z.string().base64(),
+  data: Base64Schema,
   /**
    * The MIME type of the image. Different providers may support different image types.
    */
-  mimeType: z.string()
+  mimeType: z.string(),
+  /**
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
+   */
+  _meta: z.optional(z.object({}).passthrough())
 }).passthrough();
 var AudioContentSchema = z.object({
   type: z.literal("audio"),
   /**
    * The base64-encoded audio data.
    */
-  data: z.string().base64(),
+  data: Base64Schema,
   /**
    * The MIME type of the audio. Different providers may support different audio types.
    */
-  mimeType: z.string()
+  mimeType: z.string(),
+  /**
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
+   */
+  _meta: z.optional(z.object({}).passthrough())
 }).passthrough();
 var EmbeddedResourceSchema = z.object({
   type: z.literal("resource"),
-  resource: z.union([TextResourceContentsSchema, BlobResourceContentsSchema])
+  resource: z.union([TextResourceContentsSchema, BlobResourceContentsSchema]),
+  /**
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
+   */
+  _meta: z.optional(z.object({}).passthrough())
 }).passthrough();
+var ResourceLinkSchema = ResourceSchema.extend({
+  type: z.literal("resource_link")
+});
+var ContentBlockSchema = z.union([
+  TextContentSchema,
+  ImageContentSchema,
+  AudioContentSchema,
+  ResourceLinkSchema,
+  EmbeddedResourceSchema
+]);
 var PromptMessageSchema = z.object({
   role: z.enum(["user", "assistant"]),
-  content: z.union([
-    TextContentSchema,
-    ImageContentSchema,
-    AudioContentSchema,
-    EmbeddedResourceSchema
-  ])
+  content: ContentBlockSchema
 }).passthrough();
 var GetPromptResultSchema = ResultSchema.extend({
   /**
@@ -10804,11 +10860,7 @@ var ToolAnnotationsSchema = z.object({
    */
   openWorldHint: z.optional(z.boolean())
 }).passthrough();
-var ToolSchema = z.object({
-  /**
-   * The name of the tool.
-   */
-  name: z.string(),
+var ToolSchema = BaseMetadataSchema.extend({
   /**
    * A human-readable description of the tool.
    */
@@ -10833,8 +10885,13 @@ var ToolSchema = z.object({
   /**
    * Optional additional tool information.
    */
-  annotations: z.optional(ToolAnnotationsSchema)
-}).passthrough();
+  annotations: z.optional(ToolAnnotationsSchema),
+  /**
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
+   */
+  _meta: z.optional(z.object({}).passthrough())
+});
 var ListToolsRequestSchema = PaginatedRequestSchema.extend({
   method: z.literal("tools/list")
 });
@@ -10848,12 +10905,7 @@ var CallToolResultSchema = ResultSchema.extend({
    * If the Tool does not define an outputSchema, this field MUST be present in the result.
    * For backwards compatibility, this field is always present, but it may be empty.
    */
-  content: z.array(z.union([
-    TextContentSchema,
-    ImageContentSchema,
-    AudioContentSchema,
-    EmbeddedResourceSchema
-  ])).default([]),
+  content: z.array(ContentBlockSchema).default([]),
   /**
    * An object containing structured tool output.
    *
@@ -10997,7 +11049,68 @@ var CreateMessageResultSchema = ResultSchema.extend({
     AudioContentSchema
   ])
 });
-var ResourceReferenceSchema = z.object({
+var BooleanSchemaSchema = z.object({
+  type: z.literal("boolean"),
+  title: z.optional(z.string()),
+  description: z.optional(z.string()),
+  default: z.optional(z.boolean())
+}).passthrough();
+var StringSchemaSchema = z.object({
+  type: z.literal("string"),
+  title: z.optional(z.string()),
+  description: z.optional(z.string()),
+  minLength: z.optional(z.number()),
+  maxLength: z.optional(z.number()),
+  format: z.optional(z.enum(["email", "uri", "date", "date-time"]))
+}).passthrough();
+var NumberSchemaSchema = z.object({
+  type: z.enum(["number", "integer"]),
+  title: z.optional(z.string()),
+  description: z.optional(z.string()),
+  minimum: z.optional(z.number()),
+  maximum: z.optional(z.number())
+}).passthrough();
+var EnumSchemaSchema = z.object({
+  type: z.literal("string"),
+  title: z.optional(z.string()),
+  description: z.optional(z.string()),
+  enum: z.array(z.string()),
+  enumNames: z.optional(z.array(z.string()))
+}).passthrough();
+var PrimitiveSchemaDefinitionSchema = z.union([
+  BooleanSchemaSchema,
+  StringSchemaSchema,
+  NumberSchemaSchema,
+  EnumSchemaSchema
+]);
+var ElicitRequestSchema = RequestSchema.extend({
+  method: z.literal("elicitation/create"),
+  params: BaseRequestParamsSchema.extend({
+    /**
+     * The message to present to the user.
+     */
+    message: z.string(),
+    /**
+     * The schema for the requested user input.
+     */
+    requestedSchema: z.object({
+      type: z.literal("object"),
+      properties: z.record(z.string(), PrimitiveSchemaDefinitionSchema),
+      required: z.optional(z.array(z.string()))
+    }).passthrough()
+  })
+});
+var ElicitResultSchema = ResultSchema.extend({
+  /**
+   * The user's response action.
+   */
+  action: z.enum(["accept", "decline", "cancel"]),
+  /**
+   * The collected user input content (only present if action is "accept").
+   */
+  content: z.optional(z.record(z.string(), z.unknown()))
+});
+var ResourceTemplateReferenceSchema = z.object({
   type: z.literal("ref/resource"),
   /**
    * The URI or URI template of the resource.
@@ -11014,7 +11127,7 @@ var PromptReferenceSchema = z.object({
 var CompleteRequestSchema = RequestSchema.extend({
   method: z.literal("completion/complete"),
   params: BaseRequestParamsSchema.extend({
-    ref: z.union([PromptReferenceSchema, ResourceReferenceSchema]),
+    ref: z.union([PromptReferenceSchema, ResourceTemplateReferenceSchema]),
     /**
      * The argument's information
      */
@@ -11027,7 +11140,13 @@ var CompleteRequestSchema = RequestSchema.extend({
        * The value of the argument to use for completion matching.
        */
       value: z.string()
-    }).passthrough()
+    }).passthrough(),
+    context: z.optional(z.object({
+      /**
+       * Previously-resolved variables in a URI template or prompt.
+       */
+      arguments: z.optional(z.record(z.string(), z.string()))
+    }))
   })
 });
 var CompleteResultSchema = ResultSchema.extend({
@@ -11054,7 +11173,12 @@ var RootSchema = z.object({
   /**
    * An optional name for the root.
    */
-  name: z.optional(z.string())
+  name: z.optional(z.string()),
+  /**
+   * See [MCP specification](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/47339c03c143bb4ec01a26e721a1b8fe66634ebe/docs/specification/draft/basic/index.mdx#general-fields)
+   * for notes on _meta usage.
+   */
+  _meta: z.optional(z.object({}).passthrough())
 }).passthrough();
 var ListRootsRequestSchema = RequestSchema.extend({
   method: z.literal("roots/list")
@@ -11089,11 +11213,13 @@ var ClientNotificationSchema = z.union([
 var ClientResultSchema = z.union([
   EmptyResultSchema,
   CreateMessageResultSchema,
+  ElicitResultSchema,
   ListRootsResultSchema
 ]);
 var ServerRequestSchema = z.union([
   PingRequestSchema,
   CreateMessageRequestSchema,
+  ElicitRequestSchema,
   ListRootsRequestSchema
 ]);
 var ServerNotificationSchema = z.union([
@@ -11126,7 +11252,7 @@ var McpError = class extends Error {
   }
 };
 
-// node_modules/.pnpm/@modelcontextprotocol+sdk@https+++pkg.pr.new+geelen+typescript-sdk+@modelcontextprotocol+sdk@cdf3508/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/protocol.js
+// node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.4/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/protocol.js
 var DEFAULT_REQUEST_TIMEOUT_MSEC = 6e4;
 var Protocol = class {
   constructor(_options) {
@@ -11138,6 +11264,7 @@ var Protocol = class {
     this._responseHandlers = /* @__PURE__ */ new Map();
     this._progressHandlers = /* @__PURE__ */ new Map();
     this._timeoutInfo = /* @__PURE__ */ new Map();
+    this._pendingDebouncedNotifications = /* @__PURE__ */ new Set();
     this.setNotificationHandler(CancelledNotificationSchema, (notification) => {
       const controller = this._requestHandlerAbortControllers.get(notification.params.requestId);
       controller === null || controller === void 0 ? void 0 : controller.abort(notification.params.reason);
@@ -11187,14 +11314,21 @@ var Protocol = class {
    * The Protocol object assumes ownership of the Transport, replacing any callbacks that have already been set, and expects that it is the only user of the Transport instance going forward.
    */
   async connect(transport) {
+    var _a, _b, _c;
     this._transport = transport;
+    const _onclose = (_a = this.transport) === null || _a === void 0 ? void 0 : _a.onclose;
     this._transport.onclose = () => {
+      _onclose === null || _onclose === void 0 ? void 0 : _onclose();
       this._onclose();
     };
+    const _onerror = (_b = this.transport) === null || _b === void 0 ? void 0 : _b.onerror;
     this._transport.onerror = (error) => {
+      _onerror === null || _onerror === void 0 ? void 0 : _onerror(error);
       this._onerror(error);
     };
+    const _onmessage = (_c = this._transport) === null || _c === void 0 ? void 0 : _c.onmessage;
     this._transport.onmessage = (message, extra) => {
+      _onmessage === null || _onmessage === void 0 ? void 0 : _onmessage(message, extra);
       if (isJSONRPCResponse(message) || isJSONRPCError(message)) {
         this._onresponse(message);
       } else if (isJSONRPCRequest(message)) {
@@ -11212,6 +11346,7 @@ var Protocol = class {
     const responseHandlers = this._responseHandlers;
     this._responseHandlers = /* @__PURE__ */ new Map();
     this._progressHandlers.clear();
+    this._pendingDebouncedNotifications.clear();
     this._transport = void 0;
     (_a = this.onclose) === null || _a === void 0 ? void 0 : _a.call(this);
     const error = new McpError(ErrorCode.ConnectionClosed, "Connection closed");
@@ -11232,10 +11367,11 @@ var Protocol = class {
     Promise.resolve().then(() => handler(notification)).catch((error) => this._onerror(new Error(`Uncaught error in notification handler: ${error}`)));
   }
   _onrequest(request, extra) {
-    var _a, _b, _c, _d;
+    var _a, _b;
     const handler = (_a = this._requestHandlers.get(request.method)) !== null && _a !== void 0 ? _a : this.fallbackRequestHandler;
+    const capturedTransport = this._transport;
     if (handler === void 0) {
-      (_b = this._transport) === null || _b === void 0 ? void 0 : _b.send({
+      capturedTransport === null || capturedTransport === void 0 ? void 0 : capturedTransport.send({
         jsonrpc: "2.0",
         id: request.id,
         error: {
@@ -11249,34 +11385,34 @@ var Protocol = class {
     this._requestHandlerAbortControllers.set(request.id, abortController);
     const fullExtra = {
       signal: abortController.signal,
-      sessionId: (_c = this._transport) === null || _c === void 0 ? void 0 : _c.sessionId,
-      _meta: (_d = request.params) === null || _d === void 0 ? void 0 : _d._meta,
+      sessionId: capturedTransport === null || capturedTransport === void 0 ? void 0 : capturedTransport.sessionId,
+      _meta: (_b = request.params) === null || _b === void 0 ? void 0 : _b._meta,
       sendNotification: (notification) => this.notification(notification, { relatedRequestId: request.id }),
       sendRequest: (r, resultSchema, options) => this.request(r, resultSchema, { ...options, relatedRequestId: request.id }),
       authInfo: extra === null || extra === void 0 ? void 0 : extra.authInfo,
-      requestId: request.id
+      requestId: request.id,
+      requestInfo: extra === null || extra === void 0 ? void 0 : extra.requestInfo
     };
     Promise.resolve().then(() => handler(request, fullExtra)).then((result) => {
-      var _a2;
       if (abortController.signal.aborted) {
         return;
       }
-      return (_a2 = this._transport) === null || _a2 === void 0 ? void 0 : _a2.send({
+      return capturedTransport === null || capturedTransport === void 0 ? void 0 : capturedTransport.send({
         result,
         jsonrpc: "2.0",
         id: request.id
       });
     }, (error) => {
-      var _a2, _b2;
+      var _a2;
       if (abortController.signal.aborted) {
         return;
       }
-      return (_a2 = this._transport) === null || _a2 === void 0 ? void 0 : _a2.send({
+      return capturedTransport === null || capturedTransport === void 0 ? void 0 : capturedTransport.send({
         jsonrpc: "2.0",
         id: request.id,
         error: {
           code: Number.isSafeInteger(error["code"]) ? error["code"] : ErrorCode.InternalError,
-          message: (_b2 = error.message) !== null && _b2 !== void 0 ? _b2 : "Internal error"
+          message: (_a2 = error.message) !== null && _a2 !== void 0 ? _a2 : "Internal error"
         }
       });
     }).catch((error) => this._onerror(new Error(`Failed to send response: ${error}`))).finally(() => {
@@ -11410,10 +11546,32 @@ var Protocol = class {
    * Emits a notification, which is a one-way message that does not expect a response.
    */
   async notification(notification, options) {
+    var _a, _b;
     if (!this._transport) {
       throw new Error("Not connected");
     }
     this.assertNotificationCapability(notification.method);
+    const debouncedMethods = (_b = (_a = this._options) === null || _a === void 0 ? void 0 : _a.debouncedNotificationMethods) !== null && _b !== void 0 ? _b : [];
+    const canDebounce = debouncedMethods.includes(notification.method) && !notification.params && !(options === null || options === void 0 ? void 0 : options.relatedRequestId);
+    if (canDebounce) {
+      if (this._pendingDebouncedNotifications.has(notification.method)) {
+        return;
+      }
+      this._pendingDebouncedNotifications.add(notification.method);
+      Promise.resolve().then(() => {
+        var _a2;
+        this._pendingDebouncedNotifications.delete(notification.method);
+        if (!this._transport) {
+          return;
+        }
+        const jsonrpcNotification2 = {
+          ...notification,
+          jsonrpc: "2.0"
+        };
+        (_a2 = this._transport) === null || _a2 === void 0 ? void 0 : _a2.send(jsonrpcNotification2, options).catch((error) => this._onerror(error));
+      });
+      return;
+    }
     const jsonrpcNotification = {
       ...notification,
       jsonrpc: "2.0"
@@ -11472,7 +11630,7 @@ function mergeCapabilities(base, additional) {
   }, { ...base });
 }
 
-// node_modules/.pnpm/@modelcontextprotocol+sdk@https+++pkg.pr.new+geelen+typescript-sdk+@modelcontextprotocol+sdk@cdf3508/node_modules/@modelcontextprotocol/sdk/dist/esm/client/index.js
+// node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.4/node_modules/@modelcontextprotocol/sdk/dist/esm/client/index.js
 var import_ajv = __toESM(require_ajv(), 1);
 var Client = class extends Protocol {
   /**
@@ -11525,6 +11683,9 @@ var Client = class extends Protocol {
       }
       this._serverCapabilities = result.capabilities;
       this._serverVersion = result.serverInfo;
+      if (transport.setProtocolVersion) {
+        transport.setProtocolVersion(result.protocolVersion);
+      }
       this._instructions = result.instructions;
       await this.notification({
         method: "notifications/initialized"
@@ -11618,6 +11779,11 @@ var Client = class extends Protocol {
           throw new Error(`Client does not support sampling capability (required for ${method})`);
         }
         break;
+      case "elicitation/create":
+        if (!this._capabilities.elicitation) {
+          throw new Error(`Client does not support elicitation capability (required for ${method})`);
+        }
+        break;
       case "roots/list":
         if (!this._capabilities.roots) {
           throw new Error(`Client does not support roots capability (required for ${method})`);
@@ -11687,8 +11853,7 @@ var Client = class extends Protocol {
         try {
           const validator = this._ajv.compile(tool.outputSchema);
           this._cachedToolOutputValidators.set(tool.name, validator);
-        } catch (error) {
-          console.warn(`Failed to compile output schema for tool ${tool.name}: ${error}`);
+        } catch (_a) {
         }
       }
     }
@@ -11707,7 +11872,7 @@ var Client = class extends Protocol {
 };
 
 // package.json
-var version = "0.1.17";
+var version = "0.1.19";
 
 // node_modules/.pnpm/pkce-challenge@5.0.0/node_modules/pkce-challenge/dist/index.node.js
 var crypto;
@@ -11748,10 +11913,23 @@ async function pkceChallenge(length) {
   };
 }
 
-// node_modules/.pnpm/@modelcontextprotocol+sdk@https+++pkg.pr.new+geelen+typescript-sdk+@modelcontextprotocol+sdk@cdf3508/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/auth.js
+// node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.4/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/auth.js
+var SafeUrlSchema = z.string().url().superRefine((val, ctx) => {
+  if (!URL.canParse(val)) {
+    ctx.addIssue({
+      code: z.ZodIssueCode.custom,
+      message: "URL must be parseable",
+      fatal: true
+    });
+    return z.NEVER;
+  }
+}).refine((url) => {
+  const u = new URL(url);
+  return u.protocol !== "javascript:" && u.protocol !== "data:" && u.protocol !== "vbscript:";
+}, { message: "URL cannot use javascript:, data:, or vbscript: scheme" });
 var OAuthProtectedResourceMetadataSchema = z.object({
   resource: z.string().url(),
-  authorization_servers: z.array(z.string().url()).optional(),
+  authorization_servers: z.array(SafeUrlSchema).optional(),
   jwks_uri: z.string().url().optional(),
   scopes_supported: z.array(z.string()).optional(),
   bearer_methods_supported: z.array(z.string()).optional(),
@@ -11767,17 +11945,17 @@ var OAuthProtectedResourceMetadataSchema = z.object({
 }).passthrough();
 var OAuthMetadataSchema = z.object({
   issuer: z.string(),
-  authorization_endpoint: z.string(),
-  token_endpoint: z.string(),
-  registration_endpoint: z.string().optional(),
+  authorization_endpoint: SafeUrlSchema,
+  token_endpoint: SafeUrlSchema,
+  registration_endpoint: SafeUrlSchema.optional(),
   scopes_supported: z.array(z.string()).optional(),
   response_types_supported: z.array(z.string()),
   response_modes_supported: z.array(z.string()).optional(),
   grant_types_supported: z.array(z.string()).optional(),
   token_endpoint_auth_methods_supported: z.array(z.string()).optional(),
   token_endpoint_auth_signing_alg_values_supported: z.array(z.string()).optional(),
-  service_documentation: z.string().optional(),
-  revocation_endpoint: z.string().optional(),
+  service_documentation: SafeUrlSchema.optional(),
+  revocation_endpoint: SafeUrlSchema.optional(),
   revocation_endpoint_auth_methods_supported: z.array(z.string()).optional(),
   revocation_endpoint_auth_signing_alg_values_supported: z.array(z.string()).optional(),
   introspection_endpoint: z.string().optional(),
@@ -11785,8 +11963,50 @@ var OAuthMetadataSchema = z.object({
   introspection_endpoint_auth_signing_alg_values_supported: z.array(z.string()).optional(),
   code_challenge_methods_supported: z.array(z.string()).optional()
 }).passthrough();
+var OpenIdProviderMetadataSchema = z.object({
+  issuer: z.string(),
+  authorization_endpoint: SafeUrlSchema,
+  token_endpoint: SafeUrlSchema,
+  userinfo_endpoint: SafeUrlSchema.optional(),
+  jwks_uri: SafeUrlSchema,
+  registration_endpoint: SafeUrlSchema.optional(),
+  scopes_supported: z.array(z.string()).optional(),
+  response_types_supported: z.array(z.string()),
+  response_modes_supported: z.array(z.string()).optional(),
+  grant_types_supported: z.array(z.string()).optional(),
+  acr_values_supported: z.array(z.string()).optional(),
+  subject_types_supported: z.array(z.string()),
+  id_token_signing_alg_values_supported: z.array(z.string()),
+  id_token_encryption_alg_values_supported: z.array(z.string()).optional(),
+  id_token_encryption_enc_values_supported: z.array(z.string()).optional(),
+  userinfo_signing_alg_values_supported: z.array(z.string()).optional(),
+  userinfo_encryption_alg_values_supported: z.array(z.string()).optional(),
+  userinfo_encryption_enc_values_supported: z.array(z.string()).optional(),
+  request_object_signing_alg_values_supported: z.array(z.string()).optional(),
+  request_object_encryption_alg_values_supported: z.array(z.string()).optional(),
+  request_object_encryption_enc_values_supported: z.array(z.string()).optional(),
+  token_endpoint_auth_methods_supported: z.array(z.string()).optional(),
+  token_endpoint_auth_signing_alg_values_supported: z.array(z.string()).optional(),
+  display_values_supported: z.array(z.string()).optional(),
+  claim_types_supported: z.array(z.string()).optional(),
+  claims_supported: z.array(z.string()).optional(),
+  service_documentation: z.string().optional(),
+  claims_locales_supported: z.array(z.string()).optional(),
+  ui_locales_supported: z.array(z.string()).optional(),
+  claims_parameter_supported: z.boolean().optional(),
+  request_parameter_supported: z.boolean().optional(),
+  request_uri_parameter_supported: z.boolean().optional(),
+  require_request_uri_registration: z.boolean().optional(),
+  op_policy_uri: SafeUrlSchema.optional(),
+  op_tos_uri: SafeUrlSchema.optional()
+}).passthrough();
+var OpenIdProviderDiscoveryMetadataSchema = OpenIdProviderMetadataSchema.merge(OAuthMetadataSchema.pick({
+  code_challenge_methods_supported: true
+}));
 var OAuthTokensSchema = z.object({
   access_token: z.string(),
+  id_token: z.string().optional(),
+  // Optional for OAuth 2.1, but necessary in OpenID Connect
   token_type: z.string(),
   expires_in: z.number().optional(),
   scope: z.string().optional(),
@@ -11798,21 +12018,22 @@ var OAuthErrorResponseSchema = z.object({
   error_uri: z.string().optional()
 });
 var OAuthClientMetadataSchema = z.object({
-  redirect_uris: z.array(z.string()).refine((uris) => uris.every((uri) => URL.canParse(uri)), { message: "redirect_uris must contain valid URLs" }),
+  redirect_uris: z.array(SafeUrlSchema),
   token_endpoint_auth_method: z.string().optional(),
   grant_types: z.array(z.string()).optional(),
   response_types: z.array(z.string()).optional(),
   client_name: z.string().optional(),
-  client_uri: z.string().optional(),
-  logo_uri: z.string().optional(),
+  client_uri: SafeUrlSchema.optional(),
+  logo_uri: SafeUrlSchema.optional(),
   scope: z.string().optional(),
   contacts: z.array(z.string()).optional(),
-  tos_uri: z.string().optional(),
+  tos_uri: SafeUrlSchema.optional(),
   policy_uri: z.string().optional(),
-  jwks_uri: z.string().optional(),
+  jwks_uri: SafeUrlSchema.optional(),
   jwks: z.any().optional(),
   software_id: z.string().optional(),
-  software_version: z.string().optional()
+  software_version: z.string().optional(),
+  software_statement: z.string().optional()
 }).strip();
 var OAuthClientInformationSchema = z.object({
   client_id: z.string(),
@@ -11830,12 +12051,31 @@ var OAuthTokenRevocationRequestSchema = z.object({
   token_type_hint: z.string().optional()
 }).strip();
 
-// node_modules/.pnpm/@modelcontextprotocol+sdk@https+++pkg.pr.new+geelen+typescript-sdk+@modelcontextprotocol+sdk@cdf3508/node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/errors.js
+// node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.4/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/auth-utils.js
+function resourceUrlFromServerUrl(url) {
+  const resourceURL = typeof url === "string" ? new URL(url) : new URL(url.href);
+  resourceURL.hash = "";
+  return resourceURL;
+}
+function checkResourceAllowed({ requestedResource, configuredResource }) {
+  const requested = typeof requestedResource === "string" ? new URL(requestedResource) : new URL(requestedResource.href);
+  const configured = typeof configuredResource === "string" ? new URL(configuredResource) : new URL(configuredResource.href);
+  if (requested.origin !== configured.origin) {
+    return false;
+  }
+  if (requested.pathname.length < configured.pathname.length) {
+    return false;
+  }
+  const requestedPath = requested.pathname.endsWith("/") ? requested.pathname : requested.pathname + "/";
+  const configuredPath = configured.pathname.endsWith("/") ? configured.pathname : configured.pathname + "/";
+  return requestedPath.startsWith(configuredPath);
+}
+
+// node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.4/node_modules/@modelcontextprotocol/sdk/dist/esm/server/auth/errors.js
 var OAuthError = class extends Error {
   constructor(message, errorUri) {
     super(message);
     this.errorUri = errorUri;
-    this.errorCode = this.constructor.errorCode;
     this.name = this.constructor.name;
   }
   /**
@@ -11851,6 +12091,9 @@ var OAuthError = class extends Error {
     }
     return response;
   }
+  get errorCode() {
+    return this.constructor.errorCode;
+  }
 };
 var InvalidRequestError = class extends OAuthError {
 };
@@ -11919,12 +12162,60 @@ var OAUTH_ERRORS = {
   [InsufficientScopeError.errorCode]: InsufficientScopeError
 };
 
-// node_modules/.pnpm/@modelcontextprotocol+sdk@https+++pkg.pr.new+geelen+typescript-sdk+@modelcontextprotocol+sdk@cdf3508/node_modules/@modelcontextprotocol/sdk/dist/esm/client/auth.js
+// node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.4/node_modules/@modelcontextprotocol/sdk/dist/esm/client/auth.js
 var UnauthorizedError = class extends Error {
   constructor(message) {
     super(message !== null && message !== void 0 ? message : "Unauthorized");
   }
 };
+function selectClientAuthMethod(clientInformation, supportedMethods) {
+  const hasClientSecret = clientInformation.client_secret !== void 0;
+  if (supportedMethods.length === 0) {
+    return hasClientSecret ? "client_secret_post" : "none";
+  }
+  if (hasClientSecret && supportedMethods.includes("client_secret_basic")) {
+    return "client_secret_basic";
+  }
+  if (hasClientSecret && supportedMethods.includes("client_secret_post")) {
+    return "client_secret_post";
+  }
+  if (supportedMethods.includes("none")) {
+    return "none";
+  }
+  return hasClientSecret ? "client_secret_post" : "none";
+}
+function applyClientAuthentication(method, clientInformation, headers, params) {
+  const { client_id, client_secret } = clientInformation;
+  switch (method) {
+    case "client_secret_basic":
+      applyBasicAuth(client_id, client_secret, headers);
+      return;
+    case "client_secret_post":
+      applyPostAuth(client_id, client_secret, params);
+      return;
+    case "none":
+      applyPublicAuth(client_id, params);
+      return;
+    default:
+      throw new Error(`Unsupported client authentication method: ${method}`);
+  }
+}
+function applyBasicAuth(clientId, clientSecret, headers) {
+  if (!clientSecret) {
+    throw new Error("client_secret_basic authentication requires a client_secret");
+  }
+  const credentials = btoa(`${clientId}:${clientSecret}`);
+  headers.set("Authorization", `Basic ${credentials}`);
+}
+function applyPostAuth(clientId, clientSecret, params) {
+  params.set("client_id", clientId);
+  if (clientSecret) {
+    params.set("client_secret", clientSecret);
+  }
+}
+function applyPublicAuth(clientId, params) {
+  params.set("client_id", clientId);
+}
 async function parseErrorResponse(input) {
   const statusCode = input instanceof Response ? input.status : void 0;
   const body = input instanceof Response ? await input.text() : input;
@@ -11953,17 +12244,23 @@ async function auth(provider, options) {
     throw error;
   }
 }
-async function authInternal(provider, { serverUrl, authorizationCode, scope, resourceMetadataUrl }) {
-  let authorizationServerUrl = serverUrl;
+async function authInternal(provider, { serverUrl, authorizationCode, scope, resourceMetadataUrl, fetchFn }) {
+  let resourceMetadata;
+  let authorizationServerUrl;
   try {
-    const resourceMetadata = await discoverOAuthProtectedResourceMetadata(resourceMetadataUrl || serverUrl);
+    resourceMetadata = await discoverOAuthProtectedResourceMetadata(serverUrl, { resourceMetadataUrl }, fetchFn);
     if (resourceMetadata.authorization_servers && resourceMetadata.authorization_servers.length > 0) {
       authorizationServerUrl = resourceMetadata.authorization_servers[0];
     }
-  } catch (error) {
-    console.warn("Could not load OAuth Protected Resource metadata, falling back to /.well-known/oauth-authorization-server", error);
+  } catch (_a) {
+  }
+  if (!authorizationServerUrl) {
+    authorizationServerUrl = serverUrl;
   }
-  const metadata = await discoverOAuthMetadata(authorizationServerUrl);
+  const resource = await selectResourceURL(serverUrl, provider, resourceMetadata);
+  const metadata = await discoverAuthorizationServerMetadata(authorizationServerUrl, {
+    fetchFn
+  });
   let clientInformation = await Promise.resolve(provider.clientInformation());
   if (!clientInformation) {
     if (authorizationCode !== void 0) {
@@ -11974,7 +12271,8 @@ async function authInternal(provider, { serverUrl, authorizationCode, scope, res
     }
     const fullInformation = await registerClient(authorizationServerUrl, {
       metadata,
-      clientMetadata: provider.clientMetadata
+      clientMetadata: provider.clientMetadata,
+      fetchFn
     });
     await provider.saveClientInformation(fullInformation);
     clientInformation = fullInformation;
@@ -11986,7 +12284,10 @@ async function authInternal(provider, { serverUrl, authorizationCode, scope, res
       clientInformation,
       authorizationCode,
       codeVerifier: codeVerifier2,
-      redirectUri: provider.redirectUrl
+      redirectUri: provider.redirectUrl,
+      resource,
+      addClientAuthentication: provider.addClientAuthentication,
+      fetchFn
     });
     await provider.saveTokens(tokens2);
     return "AUTHORIZED";
@@ -11997,15 +12298,16 @@ async function authInternal(provider, { serverUrl, authorizationCode, scope, res
       const newTokens = await refreshAuthorization(authorizationServerUrl, {
         metadata,
         clientInformation,
-        refreshToken: tokens.refresh_token
+        refreshToken: tokens.refresh_token,
+        resource,
+        addClientAuthentication: provider.addClientAuthentication,
+        fetchFn
       });
       await provider.saveTokens(newTokens);
       return "AUTHORIZED";
     } catch (error) {
       if (!(error instanceof OAuthError) || error instanceof ServerError) {
-        console.error("Could not refresh OAuth tokens:", error);
       } else {
-        console.warn(`OAuth token refresh failed: ${JSON.stringify(error.toResponseObject())}`);
         throw error;
       }
     }
@@ -12016,12 +12318,26 @@ async function authInternal(provider, { serverUrl, authorizationCode, scope, res
     clientInformation,
     state,
     redirectUrl: provider.redirectUrl,
-    scope: scope || provider.clientMetadata.scope
+    scope: scope || provider.clientMetadata.scope,
+    resource
   });
   await provider.saveCodeVerifier(codeVerifier);
   await provider.redirectToAuthorization(authorizationUrl);
   return "REDIRECT";
 }
+async function selectResourceURL(serverUrl, provider, resourceMetadata) {
+  const defaultResource = resourceUrlFromServerUrl(serverUrl);
+  if (provider.validateResourceURL) {
+    return await provider.validateResourceURL(defaultResource, resourceMetadata === null || resourceMetadata === void 0 ? void 0 : resourceMetadata.resource);
+  }
+  if (!resourceMetadata) {
+    return void 0;
+  }
+  if (!checkResourceAllowed({ requestedResource: defaultResource, configuredResource: resourceMetadata.resource })) {
+    throw new Error(`Protected resource ${resourceMetadata.resource} does not match expected ${defaultResource} (or origin)`);
+  }
+  return new URL(resourceMetadata.resource);
+}
 function extractResourceMetadataUrl(res) {
   const authenticateHeader = res.headers.get("WWW-Authenticate");
   if (!authenticateHeader) {
@@ -12029,7 +12345,6 @@ function extractResourceMetadataUrl(res) {
   }
   const [type, scheme] = authenticateHeader.split(" ");
   if (type.toLowerCase() !== "bearer" || !scheme) {
-    console.log("Invalid WWW-Authenticate header format, expected 'Bearer'");
     return void 0;
   }
   const regex = /resource_metadata="([^"]*)"/;
@@ -12040,33 +12355,15 @@ function extractResourceMetadataUrl(res) {
   try {
     return new URL(match[1]);
   } catch (_a) {
-    console.log("Invalid resource metadata url: ", match[1]);
     return void 0;
   }
 }
-async function discoverOAuthProtectedResourceMetadata(serverUrl, opts) {
-  var _a;
-  let url;
-  if (opts === null || opts === void 0 ? void 0 : opts.resourceMetadataUrl) {
-    url = new URL(opts === null || opts === void 0 ? void 0 : opts.resourceMetadataUrl);
-  } else {
-    url = new URL("/.well-known/oauth-protected-resource", serverUrl);
-  }
-  let response;
-  try {
-    response = await fetch(url, {
-      headers: {
-        "MCP-Protocol-Version": (_a = opts === null || opts === void 0 ? void 0 : opts.protocolVersion) !== null && _a !== void 0 ? _a : LATEST_PROTOCOL_VERSION
-      }
-    });
-  } catch (error) {
-    if (error instanceof TypeError) {
-      response = await fetch(url);
-    } else {
-      throw error;
-    }
-  }
-  if (response.status === 404) {
+async function discoverOAuthProtectedResourceMetadata(serverUrl, opts, fetchFn = fetch) {
+  const response = await discoverMetadataWithFallback(serverUrl, "oauth-protected-resource", fetchFn, {
+    protocolVersion: opts === null || opts === void 0 ? void 0 : opts.protocolVersion,
+    metadataUrl: opts === null || opts === void 0 ? void 0 : opts.resourceMetadataUrl
+  });
+  if (!response || response.status === 404) {
     throw new Error(`Resource server does not implement OAuth 2.0 Protected Resource Metadata.`);
   }
   if (!response.ok) {
@@ -12074,32 +12371,119 @@ async function discoverOAuthProtectedResourceMetadata(serverUrl, opts) {
   }
   return OAuthProtectedResourceMetadataSchema.parse(await response.json());
 }
-async function discoverOAuthMetadata(authorizationServerUrl, opts) {
-  var _a;
-  const url = new URL("/.well-known/oauth-authorization-server", authorizationServerUrl);
-  let response;
+async function fetchWithCorsRetry(url, headers, fetchFn = fetch) {
   try {
-    response = await fetch(url, {
-      headers: {
-        "MCP-Protocol-Version": (_a = opts === null || opts === void 0 ? void 0 : opts.protocolVersion) !== null && _a !== void 0 ? _a : LATEST_PROTOCOL_VERSION
-      }
-    });
+    return await fetchFn(url, { headers });
   } catch (error) {
     if (error instanceof TypeError) {
-      response = await fetch(url);
-    } else {
-      throw error;
+      if (headers) {
+        return fetchWithCorsRetry(url, void 0, fetchFn);
+      } else {
+        return void 0;
+      }
     }
+    throw error;
   }
-  if (response.status === 404) {
-    return void 0;
+}
+function buildWellKnownPath(wellKnownPrefix, pathname = "", options = {}) {
+  if (pathname.endsWith("/")) {
+    pathname = pathname.slice(0, -1);
   }
-  if (!response.ok) {
-    throw new Error(`HTTP ${response.status} trying to load well-known OAuth metadata`);
+  return options.prependPathname ? `${pathname}/.well-known/${wellKnownPrefix}` : `/.well-known/${wellKnownPrefix}${pathname}`;
+}
+async function tryMetadataDiscovery(url, protocolVersion, fetchFn = fetch) {
+  const headers = {
+    "MCP-Protocol-Version": protocolVersion
+  };
+  return await fetchWithCorsRetry(url, headers, fetchFn);
+}
+function shouldAttemptFallback(response, pathname) {
+  return !response || response.status >= 400 && response.status < 500 && pathname !== "/";
+}
+async function discoverMetadataWithFallback(serverUrl, wellKnownType, fetchFn, opts) {
+  var _a, _b;
+  const issuer = new URL(serverUrl);
+  const protocolVersion = (_a = opts === null || opts === void 0 ? void 0 : opts.protocolVersion) !== null && _a !== void 0 ? _a : LATEST_PROTOCOL_VERSION;
+  let url;
+  if (opts === null || opts === void 0 ? void 0 : opts.metadataUrl) {
+    url = new URL(opts.metadataUrl);
+  } else {
+    const wellKnownPath = buildWellKnownPath(wellKnownType, issuer.pathname);
+    url = new URL(wellKnownPath, (_b = opts === null || opts === void 0 ? void 0 : opts.metadataServerUrl) !== null && _b !== void 0 ? _b : issuer);
+    url.search = issuer.search;
+  }
+  let response = await tryMetadataDiscovery(url, protocolVersion, fetchFn);
+  if (!(opts === null || opts === void 0 ? void 0 : opts.metadataUrl) && shouldAttemptFallback(response, issuer.pathname)) {
+    const rootUrl = new URL(`/.well-known/${wellKnownType}`, issuer);
+    response = await tryMetadataDiscovery(rootUrl, protocolVersion, fetchFn);
+  }
+  return response;
+}
+function buildDiscoveryUrls(authorizationServerUrl) {
+  const url = typeof authorizationServerUrl === "string" ? new URL(authorizationServerUrl) : authorizationServerUrl;
+  const hasPath = url.pathname !== "/";
+  const urlsToTry = [];
+  if (!hasPath) {
+    urlsToTry.push({
+      url: new URL("/.well-known/oauth-authorization-server", url.origin),
+      type: "oauth"
+    });
+    urlsToTry.push({
+      url: new URL(`/.well-known/openid-configuration`, url.origin),
+      type: "oidc"
+    });
+    return urlsToTry;
+  }
+  let pathname = url.pathname;
+  if (pathname.endsWith("/")) {
+    pathname = pathname.slice(0, -1);
+  }
+  urlsToTry.push({
+    url: new URL(`/.well-known/oauth-authorization-server${pathname}`, url.origin),
+    type: "oauth"
+  });
+  urlsToTry.push({
+    url: new URL("/.well-known/oauth-authorization-server", url.origin),
+    type: "oauth"
+  });
+  urlsToTry.push({
+    url: new URL(`/.well-known/openid-configuration${pathname}`, url.origin),
+    type: "oidc"
+  });
+  urlsToTry.push({
+    url: new URL(`${pathname}/.well-known/openid-configuration`, url.origin),
+    type: "oidc"
+  });
+  return urlsToTry;
+}
+async function discoverAuthorizationServerMetadata(authorizationServerUrl, { fetchFn = fetch, protocolVersion = LATEST_PROTOCOL_VERSION } = {}) {
+  var _a;
+  const headers = { "MCP-Protocol-Version": protocolVersion };
+  const urlsToTry = buildDiscoveryUrls(authorizationServerUrl);
+  for (const { url: endpointUrl, type } of urlsToTry) {
+    const response = await fetchWithCorsRetry(endpointUrl, headers, fetchFn);
+    if (!response) {
+      continue;
+    }
+    if (!response.ok) {
+      if (response.status >= 400 && response.status < 500) {
+        continue;
+      }
+      throw new Error(`HTTP ${response.status} trying to load ${type === "oauth" ? "OAuth" : "OpenID provider"} metadata from ${endpointUrl}`);
+    }
+    if (type === "oauth") {
+      return OAuthMetadataSchema.parse(await response.json());
+    } else {
+      const metadata = OpenIdProviderDiscoveryMetadataSchema.parse(await response.json());
+      if (!((_a = metadata.code_challenge_methods_supported) === null || _a === void 0 ? void 0 : _a.includes("S256"))) {
+        throw new Error(`Incompatible OIDC provider at ${endpointUrl}: does not support S256 code challenge method required by MCP specification`);
+      }
+      return metadata;
+    }
   }
-  return OAuthMetadataSchema.parse(await response.json());
+  return void 0;
 }
-async function startAuthorization(authorizationServerUrl, { metadata, clientInformation, redirectUrl, scope, state }) {
+async function startAuthorization(authorizationServerUrl, { metadata, clientInformation, redirectUrl, scope, state, resource }) {
   const responseType = "code";
   const codeChallengeMethod = "S256";
   let authorizationUrl;
@@ -12128,34 +12512,44 @@ async function startAuthorization(authorizationServerUrl, { metadata, clientInfo
   if (scope) {
     authorizationUrl.searchParams.set("scope", scope);
   }
+  if (scope === null || scope === void 0 ? void 0 : scope.includes("offline_access")) {
+    authorizationUrl.searchParams.append("prompt", "consent");
+  }
+  if (resource) {
+    authorizationUrl.searchParams.set("resource", resource.href);
+  }
   return { authorizationUrl, codeVerifier };
 }
-async function exchangeAuthorization(authorizationServerUrl, { metadata, clientInformation, authorizationCode, codeVerifier, redirectUri }) {
+async function exchangeAuthorization(authorizationServerUrl, { metadata, clientInformation, authorizationCode, codeVerifier, redirectUri, resource, addClientAuthentication, fetchFn }) {
+  var _a;
   const grantType = "authorization_code";
-  let tokenUrl;
-  if (metadata) {
-    tokenUrl = new URL(metadata.token_endpoint);
-    if (metadata.grant_types_supported && !metadata.grant_types_supported.includes(grantType)) {
-      throw new Error(`Incompatible auth server: does not support grant type ${grantType}`);
-    }
-  } else {
-    tokenUrl = new URL("/token", authorizationServerUrl);
+  const tokenUrl = (metadata === null || metadata === void 0 ? void 0 : metadata.token_endpoint) ? new URL(metadata.token_endpoint) : new URL("/token", authorizationServerUrl);
+  if ((metadata === null || metadata === void 0 ? void 0 : metadata.grant_types_supported) && !metadata.grant_types_supported.includes(grantType)) {
+    throw new Error(`Incompatible auth server: does not support grant type ${grantType}`);
   }
+  const headers = new Headers({
+    "Content-Type": "application/x-www-form-urlencoded",
+    "Accept": "application/json"
+  });
   const params = new URLSearchParams({
     grant_type: grantType,
-    client_id: clientInformation.client_id,
     code: authorizationCode,
     code_verifier: codeVerifier,
     redirect_uri: String(redirectUri)
   });
-  if (clientInformation.client_secret) {
-    params.set("client_secret", clientInformation.client_secret);
+  if (addClientAuthentication) {
+    addClientAuthentication(headers, params, authorizationServerUrl, metadata);
+  } else {
+    const supportedMethods = (_a = metadata === null || metadata === void 0 ? void 0 : metadata.token_endpoint_auth_methods_supported) !== null && _a !== void 0 ? _a : [];
+    const authMethod = selectClientAuthMethod(clientInformation, supportedMethods);
+    applyClientAuthentication(authMethod, clientInformation, headers, params);
   }
-  const response = await fetch(tokenUrl, {
+  if (resource) {
+    params.set("resource", resource.href);
+  }
+  const response = await (fetchFn !== null && fetchFn !== void 0 ? fetchFn : fetch)(tokenUrl, {
     method: "POST",
-    headers: {
-      "Content-Type": "application/x-www-form-urlencoded"
-    },
+    headers,
     body: params
   });
   if (!response.ok) {
@@ -12163,7 +12557,8 @@ async function exchangeAuthorization(authorizationServerUrl, { metadata, clientI
   }
   return OAuthTokensSchema.parse(await response.json());
 }
-async function refreshAuthorization(authorizationServerUrl, { metadata, clientInformation, refreshToken }) {
+async function refreshAuthorization(authorizationServerUrl, { metadata, clientInformation, refreshToken, resource, addClientAuthentication, fetchFn }) {
+  var _a;
   const grantType = "refresh_token";
   let tokenUrl;
   if (metadata) {
@@ -12174,19 +12569,26 @@ async function refreshAuthorization(authorizationServerUrl, { metadata, clientIn
   } else {
     tokenUrl = new URL("/token", authorizationServerUrl);
   }
+  const headers = new Headers({
+    "Content-Type": "application/x-www-form-urlencoded"
+  });
   const params = new URLSearchParams({
     grant_type: grantType,
-    client_id: clientInformation.client_id,
     refresh_token: refreshToken
   });
-  if (clientInformation.client_secret) {
-    params.set("client_secret", clientInformation.client_secret);
+  if (addClientAuthentication) {
+    addClientAuthentication(headers, params, authorizationServerUrl, metadata);
+  } else {
+    const supportedMethods = (_a = metadata === null || metadata === void 0 ? void 0 : metadata.token_endpoint_auth_methods_supported) !== null && _a !== void 0 ? _a : [];
+    const authMethod = selectClientAuthMethod(clientInformation, supportedMethods);
+    applyClientAuthentication(authMethod, clientInformation, headers, params);
   }
-  const response = await fetch(tokenUrl, {
+  if (resource) {
+    params.set("resource", resource.href);
+  }
+  const response = await (fetchFn !== null && fetchFn !== void 0 ? fetchFn : fetch)(tokenUrl, {
     method: "POST",
-    headers: {
-      "Content-Type": "application/x-www-form-urlencoded"
-    },
+    headers,
     body: params
   });
   if (!response.ok) {
@@ -12194,7 +12596,7 @@ async function refreshAuthorization(authorizationServerUrl, { metadata, clientIn
   }
   return OAuthTokensSchema.parse({ refresh_token: refreshToken, ...await response.json() });
 }
-async function registerClient(authorizationServerUrl, { metadata, clientMetadata }) {
+async function registerClient(authorizationServerUrl, { metadata, clientMetadata, fetchFn }) {
   let registrationUrl;
   if (metadata) {
     if (!metadata.registration_endpoint) {
@@ -12204,7 +12606,7 @@ async function registerClient(authorizationServerUrl, { metadata, clientMetadata
   } else {
     registrationUrl = new URL("/register", authorizationServerUrl);
   }
-  const response = await fetch(registrationUrl, {
+  const response = await (fetchFn !== null && fetchFn !== void 0 ? fetchFn : fetch)(registrationUrl, {
     method: "POST",
     headers: {
       "Content-Type": "application/json"
@@ -12617,7 +13019,7 @@ function getBaseURL() {
   return doc && typeof doc == "object" && "baseURI" in doc && typeof doc.baseURI == "string" ? doc.baseURI : void 0;
 }
 
-// node_modules/.pnpm/@modelcontextprotocol+sdk@https+++pkg.pr.new+geelen+typescript-sdk+@modelcontextprotocol+sdk@cdf3508/node_modules/@modelcontextprotocol/sdk/dist/esm/client/sse.js
+// node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.4/node_modules/@modelcontextprotocol/sdk/dist/esm/client/sse.js
 var SseError = class extends Error {
   constructor(code, message, event) {
     super(`SSE error: ${message}`);
@@ -12632,6 +13034,7 @@ var SSEClientTransport = class {
     this._eventSourceInit = opts === null || opts === void 0 ? void 0 : opts.eventSourceInit;
     this._requestInit = opts === null || opts === void 0 ? void 0 : opts.requestInit;
     this._authProvider = opts === null || opts === void 0 ? void 0 : opts.authProvider;
+    this._fetch = opts === null || opts === void 0 ? void 0 : opts.fetch;
   }
   async _authThenStart() {
     var _a;
@@ -12640,7 +13043,7 @@ var SSEClientTransport = class {
     }
     let result;
     try {
-      result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl });
+      result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
     } catch (error) {
       (_a = this.onerror) === null || _a === void 0 ? void 0 : _a.call(this, error);
       throw error;
@@ -12652,26 +13055,36 @@ var SSEClientTransport = class {
   }
   async _commonHeaders() {
     var _a;
-    const headers = { ...(_a = this._requestInit) === null || _a === void 0 ? void 0 : _a.headers };
+    const headers = {};
     if (this._authProvider) {
       const tokens = await this._authProvider.tokens();
       if (tokens) {
         headers["Authorization"] = `Bearer ${tokens.access_token}`;
       }
     }
-    return headers;
+    if (this._protocolVersion) {
+      headers["mcp-protocol-version"] = this._protocolVersion;
+    }
+    return new Headers({ ...headers, ...(_a = this._requestInit) === null || _a === void 0 ? void 0 : _a.headers });
   }
   _startOrAuth() {
+    var _a, _b, _c;
+    const fetchImpl = (_c = (_b = (_a = this === null || this === void 0 ? void 0 : this._eventSourceInit) === null || _a === void 0 ? void 0 : _a.fetch) !== null && _b !== void 0 ? _b : this._fetch) !== null && _c !== void 0 ? _c : fetch;
     return new Promise((resolve, reject) => {
-      var _a;
-      this._eventSource = new EventSource(this._url.href, (_a = this._eventSourceInit) !== null && _a !== void 0 ? _a : {
-        fetch: (url, init) => this._commonHeaders().then((headers) => fetch(url, {
-          ...init,
-          headers: {
-            ...headers,
-            Accept: "text/event-stream"
+      this._eventSource = new EventSource(this._url.href, {
+        ...this._eventSourceInit,
+        fetch: async (url, init) => {
+          const headers = await this._commonHeaders();
+          headers.set("Accept", "text/event-stream");
+          const response = await fetchImpl(url, {
+            ...init,
+            headers
+          });
+          if (response.status === 401 && response.headers.has("www-authenticate")) {
+            this._resourceMetadataUrl = extractResourceMetadataUrl(response);
           }
-        }))
+          return response;
+        }
       });
       this._abortController = new AbortController();
       this._eventSource.onerror = (event) => {
@@ -12703,7 +13116,7 @@ var SSEClientTransport = class {
         resolve();
       });
       this._eventSource.onmessage = (event) => {
-        var _a2, _b;
+        var _a2, _b2;
         const messageEvent = event;
         let message;
         try {
@@ -12712,7 +13125,7 @@ var SSEClientTransport = class {
           (_a2 = this.onerror) === null || _a2 === void 0 ? void 0 : _a2.call(this, error);
           return;
         }
-        (_b = this.onmessage) === null || _b === void 0 ? void 0 : _b.call(this, message);
+        (_b2 = this.onmessage) === null || _b2 === void 0 ? void 0 : _b2.call(this, message);
       };
     });
   }
@@ -12729,7 +13142,7 @@ var SSEClientTransport = class {
     if (!this._authProvider) {
       throw new UnauthorizedError("No auth provider");
     }
-    const result = await auth(this._authProvider, { serverUrl: this._url, authorizationCode, resourceMetadataUrl: this._resourceMetadataUrl });
+    const result = await auth(this._authProvider, { serverUrl: this._url, authorizationCode, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
     if (result !== "AUTHORIZED") {
       throw new UnauthorizedError("Failed to authorize");
     }
@@ -12746,21 +13159,20 @@ var SSEClientTransport = class {
       throw new Error("Not connected");
     }
     try {
-      const commonHeaders = await this._commonHeaders();
-      const headers = new Headers({ ...commonHeaders, ...(_a = this._requestInit) === null || _a === void 0 ? void 0 : _a.headers });
+      const headers = await this._commonHeaders();
       headers.set("content-type", "application/json");
       const init = {
         ...this._requestInit,
         method: "POST",
         headers,
         body: JSON.stringify(message),
-        signal: (_b = this._abortController) === null || _b === void 0 ? void 0 : _b.signal
+        signal: (_a = this._abortController) === null || _a === void 0 ? void 0 : _a.signal
       };
-      const response = await fetch(this._endpoint, init);
+      const response = await ((_b = this._fetch) !== null && _b !== void 0 ? _b : fetch)(this._endpoint, init);
       if (!response.ok) {
         if (response.status === 401 && this._authProvider) {
           this._resourceMetadataUrl = extractResourceMetadataUrl(response);
-          const result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl });
+          const result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
           if (result !== "AUTHORIZED") {
             throw new UnauthorizedError();
           }
@@ -12774,6 +13186,9 @@ var SSEClientTransport = class {
       throw error;
     }
   }
+  setProtocolVersion(version2) {
+    this._protocolVersion = version2;
+  }
 };
 
 // node_modules/.pnpm/eventsource-parser@3.0.1/node_modules/eventsource-parser/dist/stream.js
@@ -12800,7 +13215,7 @@ var EventSourceParserStream = class extends TransformStream {
   }
 };
 
-// node_modules/.pnpm/@modelcontextprotocol+sdk@https+++pkg.pr.new+geelen+typescript-sdk+@modelcontextprotocol+sdk@cdf3508/node_modules/@modelcontextprotocol/sdk/dist/esm/client/streamableHttp.js
+// node_modules/.pnpm/@modelcontextprotocol+sdk@1.17.4/node_modules/@modelcontextprotocol/sdk/dist/esm/client/streamableHttp.js
 var DEFAULT_STREAMABLE_HTTP_RECONNECTION_OPTIONS = {
   initialReconnectionDelay: 1e3,
   maxReconnectionDelay: 3e4,
@@ -12820,6 +13235,7 @@ var StreamableHTTPClientTransport = class {
     this._resourceMetadataUrl = void 0;
     this._requestInit = opts === null || opts === void 0 ? void 0 : opts.requestInit;
     this._authProvider = opts === null || opts === void 0 ? void 0 : opts.authProvider;
+    this._fetch = opts === null || opts === void 0 ? void 0 : opts.fetch;
     this._sessionId = opts === null || opts === void 0 ? void 0 : opts.sessionId;
     this._reconnectionOptions = (_a = opts === null || opts === void 0 ? void 0 : opts.reconnectionOptions) !== null && _a !== void 0 ? _a : DEFAULT_STREAMABLE_HTTP_RECONNECTION_OPTIONS;
   }
@@ -12830,7 +13246,7 @@ var StreamableHTTPClientTransport = class {
     }
     let result;
     try {
-      result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl });
+      result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
     } catch (error) {
       (_a = this.onerror) === null || _a === void 0 ? void 0 : _a.call(this, error);
       throw error;
@@ -12852,10 +13268,17 @@ var StreamableHTTPClientTransport = class {
     if (this._sessionId) {
       headers["mcp-session-id"] = this._sessionId;
     }
-    return new Headers({ ...headers, ...(_a = this._requestInit) === null || _a === void 0 ? void 0 : _a.headers });
+    if (this._protocolVersion) {
+      headers["mcp-protocol-version"] = this._protocolVersion;
+    }
+    const extraHeaders = this._normalizeHeaders((_a = this._requestInit) === null || _a === void 0 ? void 0 : _a.headers);
+    return new Headers({
+      ...headers,
+      ...extraHeaders
+    });
   }
   async _startOrAuthSse(options) {
-    var _a, _b;
+    var _a, _b, _c;
     const { resumptionToken } = options;
     try {
       const headers = await this._commonHeaders();
@@ -12863,10 +13286,10 @@ var StreamableHTTPClientTransport = class {
       if (resumptionToken) {
         headers.set("last-event-id", resumptionToken);
       }
-      const response = await fetch(this._url, {
+      const response = await ((_a = this._fetch) !== null && _a !== void 0 ? _a : fetch)(this._url, {
         method: "GET",
         headers,
-        signal: (_a = this._abortController) === null || _a === void 0 ? void 0 : _a.signal
+        signal: (_b = this._abortController) === null || _b === void 0 ? void 0 : _b.signal
       });
       if (!response.ok) {
         if (response.status === 401 && this._authProvider) {
@@ -12877,9 +13300,9 @@ var StreamableHTTPClientTransport = class {
         }
         throw new StreamableHTTPError(response.status, `Failed to open SSE stream: ${response.statusText}`);
       }
-      this._handleSseStream(response.body, options);
+      this._handleSseStream(response.body, options, true);
     } catch (error) {
-      (_b = this.onerror) === null || _b === void 0 ? void 0 : _b.call(this, error);
+      (_c = this.onerror) === null || _c === void 0 ? void 0 : _c.call(this, error);
       throw error;
     }
   }
@@ -12895,6 +13318,17 @@ var StreamableHTTPClientTransport = class {
     const maxDelay = this._reconnectionOptions.maxReconnectionDelay;
     return Math.min(initialDelay * Math.pow(growFactor, attempt), maxDelay);
   }
+  _normalizeHeaders(headers) {
+    if (!headers)
+      return {};
+    if (headers instanceof Headers) {
+      return Object.fromEntries(headers.entries());
+    }
+    if (Array.isArray(headers)) {
+      return Object.fromEntries(headers);
+    }
+    return { ...headers };
+  }
   /**
    * Schedule a reconnection attempt with exponential backoff
    *
@@ -12917,7 +13351,7 @@ var StreamableHTTPClientTransport = class {
       });
     }, delay);
   }
-  _handleSseStream(stream, options) {
+  _handleSseStream(stream, options, isReconnectable) {
     if (!stream) {
       return;
     }
@@ -12950,17 +13384,15 @@ var StreamableHTTPClientTransport = class {
         }
       } catch (error) {
         (_c = this.onerror) === null || _c === void 0 ? void 0 : _c.call(this, new Error(`SSE stream disconnected: ${error}`));
-        if (this._abortController && !this._abortController.signal.aborted) {
-          if (lastEventId !== void 0) {
-            try {
-              this._scheduleReconnection({
-                resumptionToken: lastEventId,
-                onresumptiontoken,
-                replayMessageId
-              }, 0);
-            } catch (error2) {
-              (_d = this.onerror) === null || _d === void 0 ? void 0 : _d.call(this, new Error(`Failed to reconnect: ${error2 instanceof Error ? error2.message : String(error2)}`));
-            }
+        if (isReconnectable && this._abortController && !this._abortController.signal.aborted) {
+          try {
+            this._scheduleReconnection({
+              resumptionToken: lastEventId,
+              onresumptiontoken,
+              replayMessageId
+            }, 0);
+          } catch (error2) {
+            (_d = this.onerror) === null || _d === void 0 ? void 0 : _d.call(this, new Error(`Failed to reconnect: ${error2 instanceof Error ? error2.message : String(error2)}`));
           }
         }
       }
@@ -12980,7 +13412,7 @@ var StreamableHTTPClientTransport = class {
     if (!this._authProvider) {
       throw new UnauthorizedError("No auth provider");
     }
-    const result = await auth(this._authProvider, { serverUrl: this._url, authorizationCode, resourceMetadataUrl: this._resourceMetadataUrl });
+    const result = await auth(this._authProvider, { serverUrl: this._url, authorizationCode, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
     if (result !== "AUTHORIZED") {
       throw new UnauthorizedError("Failed to authorize");
     }
@@ -12991,7 +13423,7 @@ var StreamableHTTPClientTransport = class {
     (_b = this.onclose) === null || _b === void 0 ? void 0 : _b.call(this);
   }
   async send(message, options) {
-    var _a, _b, _c;
+    var _a, _b, _c, _d;
     try {
       const { resumptionToken, onresumptiontoken } = options || {};
       if (resumptionToken) {
@@ -13011,7 +13443,7 @@ var StreamableHTTPClientTransport = class {
         body: JSON.stringify(message),
         signal: (_a = this._abortController) === null || _a === void 0 ? void 0 : _a.signal
       };
-      const response = await fetch(this._url, init);
+      const response = await ((_b = this._fetch) !== null && _b !== void 0 ? _b : fetch)(this._url, init);
       const sessionId = response.headers.get("mcp-session-id");
       if (sessionId) {
         this._sessionId = sessionId;
@@ -13019,7 +13451,7 @@ var StreamableHTTPClientTransport = class {
       if (!response.ok) {
         if (response.status === 401 && this._authProvider) {
           this._resourceMetadataUrl = extractResourceMetadataUrl(response);
-          const result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl });
+          const result = await auth(this._authProvider, { serverUrl: this._url, resourceMetadataUrl: this._resourceMetadataUrl, fetchFn: this._fetch });
           if (result !== "AUTHORIZED") {
             throw new UnauthorizedError();
           }
@@ -13042,19 +13474,19 @@ var StreamableHTTPClientTransport = class {
       const contentType = response.headers.get("content-type");
       if (hasRequests) {
         if (contentType === null || contentType === void 0 ? void 0 : contentType.includes("text/event-stream")) {
-          this._handleSseStream(response.body, { onresumptiontoken });
+          this._handleSseStream(response.body, { onresumptiontoken }, false);
         } else if (contentType === null || contentType === void 0 ? void 0 : contentType.includes("application/json")) {
           const data = await response.json();
           const responseMessages = Array.isArray(data) ? data.map((msg) => JSONRPCMessageSchema.parse(msg)) : [JSONRPCMessageSchema.parse(data)];
           for (const msg of responseMessages) {
-            (_b = this.onmessage) === null || _b === void 0 ? void 0 : _b.call(this, msg);
+            (_c = this.onmessage) === null || _c === void 0 ? void 0 : _c.call(this, msg);
           }
         } else {
           throw new StreamableHTTPError(-1, `Unexpected content type: ${contentType}`);
         }
       }
     } catch (error) {
-      (_c = this.onerror) === null || _c === void 0 ? void 0 : _c.call(this, error);
+      (_d = this.onerror) === null || _d === void 0 ? void 0 : _d.call(this, error);
       throw error;
     }
   }
@@ -13073,7 +13505,7 @@ var StreamableHTTPClientTransport = class {
    * the server does not allow clients to terminate sessions.
    */
   async terminateSession() {
-    var _a, _b;
+    var _a, _b, _c;
     if (!this._sessionId) {
       return;
     }
@@ -13085,16 +13517,22 @@ var StreamableHTTPClientTransport = class {
         headers,
         signal: (_a = this._abortController) === null || _a === void 0 ? void 0 : _a.signal
       };
-      const response = await fetch(this._url, init);
+      const response = await ((_b = this._fetch) !== null && _b !== void 0 ? _b : fetch)(this._url, init);
       if (!response.ok && response.status !== 405) {
         throw new StreamableHTTPError(response.status, `Failed to terminate session: ${response.statusText}`);
       }
       this._sessionId = void 0;
     } catch (error) {
-      (_b = this.onerror) === null || _b === void 0 ? void 0 : _b.call(this, error);
+      (_c = this.onerror) === null || _c === void 0 ? void 0 : _c.call(this, error);
       throw error;
     }
   }
+  setProtocolVersion(version2) {
+    this._protocolVersion = version2;
+  }
+  get protocolVersion() {
+    return this._protocolVersion;
+  }
 };
 
 // src/lib/mcp-auth-config.ts
@@ -13323,7 +13761,7 @@ async function connectToRemoteServer(client, serverUrl, authProvider, headers, a
     }
   };
   log(`Using transport strategy: ${transportStrategy}`);
-  const shouldAttemptFallback = transportStrategy === "http-first" || transportStrategy === "sse-first";
+  const shouldAttemptFallback2 = transportStrategy === "http-first" || transportStrategy === "sse-first";
   const sseTransport = transportStrategy === "sse-only" || transportStrategy === "sse-first";
   const transport = sseTransport ? new SSEClientTransport(url, {
     authProvider,
@@ -13351,7 +13789,7 @@ async function connectToRemoteServer(client, serverUrl, authProvider, headers, a
     log(`Connected to remote server using ${transport.constructor.name}`);
     return transport;
   } catch (error) {
-    if (error instanceof Error && shouldAttemptFallback && (error.message.includes("405") || error.message.includes("Method Not Allowed") || error.message.includes("404") || error.message.includes("Not Found"))) {
+    if (error instanceof Error && shouldAttemptFallback2 && (error.message.includes("405") || error.message.includes("Method Not Allowed") || error.message.includes("404") || error.message.includes("Not Found"))) {
       log(`Received error: ${error.message}`);
       if (recursionReasons.has(REASON_TRANSPORT_FALLBACK)) {
         const errorMessage = `Already attempted transport fallback. Giving up.`;
@@ -13601,6 +14039,12 @@ async function parseCommandLineArgs(args, usage) {
       log(`Using static OAuth client information from string`);
     }
   }
+  let authorizeResource = "";
+  const resourceIndex = args.indexOf("--resource");
+  if (resourceIndex !== -1 && resourceIndex < args.length - 1) {
+    authorizeResource = args[resourceIndex + 1];
+    log(`Using authorize resource: ${authorizeResource}`);
+  }
   if (!serverUrl) {
     log(usage);
     process.exit(1);
@@ -13651,7 +14095,17 @@ async function parseCommandLineArgs(args, usage) {
       }
     });
   }
-  return { serverUrl, callbackPort, headers, transportStrategy, host, debug, staticOAuthClientMetadata, staticOAuthClientInfo };
+  return {
+    serverUrl,
+    callbackPort,
+    headers,
+    transportStrategy,
+    host,
+    debug,
+    staticOAuthClientMetadata,
+    staticOAuthClientInfo,
+    authorizeResource
+  };
 }
 function setupSignalHandlers(cleanup) {
   process.on("SIGINT", async () => {
@@ -13689,6 +14143,7 @@ var NodeOAuthClientProvider = class {
     this.softwareVersion = options.softwareVersion || version;
     this.staticOAuthClientMetadata = options.staticOAuthClientMetadata;
     this.staticOAuthClientInfo = options.staticOAuthClientInfo;
+    this.authorizeResource = options.authorizeResource;
     this._state = randomUUID();
   }
   serverUrlHash;
@@ -13699,6 +14154,7 @@ var NodeOAuthClientProvider = class {
   softwareVersion;
   staticOAuthClientMetadata;
   staticOAuthClientInfo;
+  authorizeResource;
   _state;
   get redirectUrl() {
     return `http://${this.options.host}:${this.options.callbackPort}${this.callbackPath}`;
@@ -13807,6 +14263,9 @@ var NodeOAuthClientProvider = class {
    * @param authorizationUrl The URL to redirect to
    */
   async redirectToAuthorization(authorizationUrl) {
+    if (this.authorizeResource) {
+      authorizationUrl.searchParams.set("resource", this.authorizeResource);
+    }
     log(`
 Please authorize this client by visiting:
 ${authorizationUrl.toString()}