npm - mcp-use - Versions diffs - 1.6.3-canary.0 → 1.7.0-canary.1 - Mend

mcp-use 1.6.3-canary.0 → 1.7.0-canary.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (74) hide show

package/dist/.tsbuildinfo +1 -1
package/dist/chunk-JQKKMUCT.js +0 -0
package/dist/chunk-PE7UMCVO.js +377 -0
package/dist/{chunk-BWOTID2D.js → chunk-QSLJXXMG.js} +3 -346
package/dist/chunk-R5DJJ4IV.js +942 -0
package/dist/{chunk-SJEHVCPM.js → chunk-XN2PU4PS.js} +100 -23
package/dist/index.cjs +132 -29
package/dist/index.js +8 -5
package/dist/oauth-CNGBFOZW.js +29 -0
package/dist/src/agents/index.js +1 -1
package/dist/src/auth/browser-provider.d.ts +2 -0
package/dist/src/auth/browser-provider.d.ts.map +1 -1
package/dist/src/auth/callback.d.ts.map +1 -1
package/dist/src/auth/index.cjs +396 -0
package/dist/src/auth/index.js +10 -0
package/dist/src/auth/types.d.ts +3 -1
package/dist/src/auth/types.d.ts.map +1 -1
package/dist/src/browser.cjs +36 -8
package/dist/src/browser.js +6 -4
package/dist/src/connectors/http.d.ts.map +1 -1
package/dist/src/react/index.cjs +132 -29
package/dist/src/react/index.js +3 -2
package/dist/src/react/types.d.ts +12 -1
package/dist/src/react/types.d.ts.map +1 -1
package/dist/src/react/useMcp.d.ts.map +1 -1
package/dist/src/server/context-storage.d.ts +54 -0
package/dist/src/server/context-storage.d.ts.map +1 -0
package/dist/src/server/index.cjs +1409 -410
package/dist/src/server/index.d.ts +4 -1
package/dist/src/server/index.d.ts.map +1 -1
package/dist/src/server/index.js +420 -412
package/dist/src/server/mcp-server.d.ts +50 -81
package/dist/src/server/mcp-server.d.ts.map +1 -1
package/dist/src/server/oauth/index.d.ts +13 -0
package/dist/src/server/oauth/index.d.ts.map +1 -0
package/dist/src/server/oauth/middleware.d.ts +19 -0
package/dist/src/server/oauth/middleware.d.ts.map +1 -0
package/dist/src/server/oauth/providers/auth0.d.ts +22 -0
package/dist/src/server/oauth/providers/auth0.d.ts.map +1 -0
package/dist/src/server/oauth/providers/custom.d.ts +19 -0
package/dist/src/server/oauth/providers/custom.d.ts.map +1 -0
package/dist/src/server/oauth/providers/keycloak.d.ts +22 -0
package/dist/src/server/oauth/providers/keycloak.d.ts.map +1 -0
package/dist/src/server/oauth/providers/supabase.d.ts +24 -0
package/dist/src/server/oauth/providers/supabase.d.ts.map +1 -0
package/dist/src/server/oauth/providers/types.d.ts +138 -0
package/dist/src/server/oauth/providers/types.d.ts.map +1 -0
package/dist/src/server/oauth/providers/workos.d.ts +30 -0
package/dist/src/server/oauth/providers/workos.d.ts.map +1 -0
package/dist/src/server/oauth/providers.d.ts +208 -0
package/dist/src/server/oauth/providers.d.ts.map +1 -0
package/dist/src/server/oauth/routes.d.ts +33 -0
package/dist/src/server/oauth/routes.d.ts.map +1 -0
package/dist/src/server/oauth/utils.d.ts +155 -0
package/dist/src/server/oauth/utils.d.ts.map +1 -0
package/dist/src/server/types/common.d.ts +47 -0
package/dist/src/server/types/common.d.ts.map +1 -1
package/dist/src/server/types/context.d.ts +34 -0
package/dist/src/server/types/context.d.ts.map +1 -0
package/dist/src/server/types/index.d.ts +2 -1
package/dist/src/server/types/index.d.ts.map +1 -1
package/dist/src/server/types/tool.d.ts +82 -9
package/dist/src/server/types/tool.d.ts.map +1 -1
package/dist/src/server/utils/index.d.ts +6 -0
package/dist/src/server/utils/index.d.ts.map +1 -0
package/dist/src/server/utils/response-helpers.d.ts +151 -0
package/dist/src/server/utils/response-helpers.d.ts.map +1 -0
package/dist/src/server/utils/runtime.d.ts +25 -0
package/dist/src/server/utils/runtime.d.ts.map +1 -0
package/dist/src/task_managers/streamable_http.d.ts +1 -0
package/dist/src/task_managers/streamable_http.d.ts.map +1 -1
package/dist/tsup.config.d.ts.map +1 -1
package/package.json +14 -5
/package/dist/{chunk-MCF5P6GJ.js → chunk-GVVPUU5K.js} +0 -0

package/dist/{chunk-BWOTID2D.js → chunk-QSLJXXMG.js} RENAMED Viewed

@@ -428,6 +428,7 @@ var HttpConnector = class extends BaseConnector {
         stop: /* @__PURE__ */ __name(async () => {
           if (this.streamableTransport) {
             try {
+              await this.streamableTransport.terminateSession();
               await this.streamableTransport.close();
             } catch (e) {
               logger.warn(`Error closing Streamable HTTP transport: ${e}`);
@@ -452,6 +453,8 @@ var HttpConnector = class extends BaseConnector {
   async connectWithSse(baseUrl) {
     try {
       this.connectionManager = new SseConnectionManager(baseUrl, {
+        authProvider: this.opts.authProvider,
+        // ← Pass OAuth provider to SDK (same as streamable HTTP)
         requestInit: {
           headers: this.headers
         }
@@ -782,350 +785,6 @@ var WebSocketConnector = class extends BaseConnector {
   }
 };
-// src/auth/browser-provider.ts
-import { sanitizeUrl } from "strict-url-sanitise";
-var BrowserOAuthClientProvider = class {
-  static {
-    __name(this, "BrowserOAuthClientProvider");
-  }
-  serverUrl;
-  storageKeyPrefix;
-  serverUrlHash;
-  clientName;
-  clientUri;
-  callbackUrl;
-  preventAutoAuth;
-  onPopupWindow;
-  constructor(serverUrl, options = {}) {
-    this.serverUrl = serverUrl;
-    this.storageKeyPrefix = options.storageKeyPrefix || "mcp:auth";
-    this.serverUrlHash = this.hashString(serverUrl);
-    this.clientName = options.clientName || "mcp-use";
-    this.clientUri = options.clientUri || (typeof window !== "undefined" ? window.location.origin : "");
-    this.callbackUrl = sanitizeUrl(
-      options.callbackUrl || (typeof window !== "undefined" ? new URL("/oauth/callback", window.location.origin).toString() : "/oauth/callback")
-    );
-    this.preventAutoAuth = options.preventAutoAuth;
-    this.onPopupWindow = options.onPopupWindow;
-  }
-  // --- SDK Interface Methods ---
-  get redirectUrl() {
-    return sanitizeUrl(this.callbackUrl);
-  }
-  get clientMetadata() {
-    return {
-      redirect_uris: [this.redirectUrl],
-      token_endpoint_auth_method: "none",
-      // Public client
-      grant_types: ["authorization_code", "refresh_token"],
-      response_types: ["code"],
-      client_name: this.clientName,
-      client_uri: this.clientUri
-      // scope: 'openid profile email mcp', // Example scopes, adjust as needed
-    };
-  }
-  async clientInformation() {
-    const key = this.getKey("client_info");
-    const data = localStorage.getItem(key);
-    if (!data) return void 0;
-    try {
-      return JSON.parse(data);
-    } catch (e) {
-      console.warn(
-        `[${this.storageKeyPrefix}] Failed to parse client information:`,
-        e
-      );
-      localStorage.removeItem(key);
-      return void 0;
-    }
-  }
-  // NOTE: The SDK's auth() function uses this if dynamic registration is needed.
-  // Ensure your OAuthClientInformationFull matches the expected structure if DCR is used.
-  async saveClientInformation(clientInformation) {
-    const key = this.getKey("client_info");
-    localStorage.setItem(key, JSON.stringify(clientInformation));
-  }
-  async tokens() {
-    const key = this.getKey("tokens");
-    const data = localStorage.getItem(key);
-    if (!data) return void 0;
-    try {
-      return JSON.parse(data);
-    } catch (e) {
-      console.warn(`[${this.storageKeyPrefix}] Failed to parse tokens:`, e);
-      localStorage.removeItem(key);
-      return void 0;
-    }
-  }
-  async saveTokens(tokens) {
-    const key = this.getKey("tokens");
-    localStorage.setItem(key, JSON.stringify(tokens));
-    localStorage.removeItem(this.getKey("code_verifier"));
-    localStorage.removeItem(this.getKey("last_auth_url"));
-  }
-  async saveCodeVerifier(codeVerifier) {
-    const key = this.getKey("code_verifier");
-    localStorage.setItem(key, codeVerifier);
-  }
-  async codeVerifier() {
-    const key = this.getKey("code_verifier");
-    const verifier = localStorage.getItem(key);
-    if (!verifier) {
-      throw new Error(
-        `[${this.storageKeyPrefix}] Code verifier not found in storage for key ${key}. Auth flow likely corrupted or timed out.`
-      );
-    }
-    return verifier;
-  }
-  /**
-   * Generates and stores the authorization URL with state, without opening a popup.
-   * Used when preventAutoAuth is enabled to provide the URL for manual navigation.
-   * @param authorizationUrl The fully constructed authorization URL from the SDK.
-   * @returns The full authorization URL with state parameter.
-   */
-  async prepareAuthorizationUrl(authorizationUrl) {
-    const state = globalThis.crypto.randomUUID();
-    const stateKey = `${this.storageKeyPrefix}:state_${state}`;
-    const stateData = {
-      serverUrlHash: this.serverUrlHash,
-      expiry: Date.now() + 1e3 * 60 * 10,
-      // State expires in 10 minutes
-      // Store provider options needed to reconstruct on callback
-      providerOptions: {
-        serverUrl: this.serverUrl,
-        storageKeyPrefix: this.storageKeyPrefix,
-        clientName: this.clientName,
-        clientUri: this.clientUri,
-        callbackUrl: this.callbackUrl
-      }
-    };
-    localStorage.setItem(stateKey, JSON.stringify(stateData));
-    authorizationUrl.searchParams.set("state", state);
-    const authUrlString = authorizationUrl.toString();
-    const sanitizedAuthUrl = sanitizeUrl(authUrlString);
-    localStorage.setItem(this.getKey("last_auth_url"), sanitizedAuthUrl);
-    return sanitizedAuthUrl;
-  }
-  /**
-   * Redirects the user agent to the authorization URL, storing necessary state.
-   * This now adheres to the SDK's void return type expectation for the interface.
-   * @param authorizationUrl The fully constructed authorization URL from the SDK.
-   */
-  async redirectToAuthorization(authorizationUrl) {
-    if (this.preventAutoAuth) return;
-    const sanitizedAuthUrl = await this.prepareAuthorizationUrl(authorizationUrl);
-    const popupFeatures = "width=600,height=700,resizable=yes,scrollbars=yes,status=yes";
-    try {
-      const popup = window.open(
-        sanitizedAuthUrl,
-        `mcp_auth_${this.serverUrlHash}`,
-        popupFeatures
-      );
-      if (this.onPopupWindow) {
-        this.onPopupWindow(sanitizedAuthUrl, popupFeatures, popup);
-      }
-      if (!popup || popup.closed || typeof popup.closed === "undefined") {
-        console.warn(
-          `[${this.storageKeyPrefix}] Popup likely blocked by browser. Manual navigation might be required using the stored URL.`
-        );
-      } else {
-        popup.focus();
-        console.info(
-          `[${this.storageKeyPrefix}] Redirecting to authorization URL in popup.`
-        );
-      }
-    } catch (e) {
-      console.error(
-        `[${this.storageKeyPrefix}] Error opening popup window:`,
-        e
-      );
-    }
-  }
-  // --- Helper Methods ---
-  /**
-   * Retrieves the last URL passed to `redirectToAuthorization`. Useful for manual fallback.
-   */
-  getLastAttemptedAuthUrl() {
-    const storedUrl = localStorage.getItem(this.getKey("last_auth_url"));
-    return storedUrl ? sanitizeUrl(storedUrl) : null;
-  }
-  clearStorage() {
-    const prefixPattern = `${this.storageKeyPrefix}_${this.serverUrlHash}_`;
-    const statePattern = `${this.storageKeyPrefix}:state_`;
-    const keysToRemove = [];
-    let count = 0;
-    for (let i = 0; i < localStorage.length; i++) {
-      const key = localStorage.key(i);
-      if (!key) continue;
-      if (key.startsWith(prefixPattern)) {
-        keysToRemove.push(key);
-      } else if (key.startsWith(statePattern)) {
-        try {
-          const item = localStorage.getItem(key);
-          if (item) {
-            const state = JSON.parse(item);
-            if (state.serverUrlHash === this.serverUrlHash) {
-              keysToRemove.push(key);
-            }
-          }
-        } catch (e) {
-          console.warn(
-            `[${this.storageKeyPrefix}] Error parsing state key ${key} during clearStorage:`,
-            e
-          );
-        }
-      }
-    }
-    const uniqueKeysToRemove = [...new Set(keysToRemove)];
-    uniqueKeysToRemove.forEach((key) => {
-      localStorage.removeItem(key);
-      count++;
-    });
-    return count;
-  }
-  hashString(str) {
-    let hash = 0;
-    for (let i = 0; i < str.length; i++) {
-      const char = str.charCodeAt(i);
-      hash = (hash << 5) - hash + char;
-      hash = hash & hash;
-    }
-    return Math.abs(hash).toString(16);
-  }
-  getKey(keySuffix) {
-    return `${this.storageKeyPrefix}_${this.serverUrlHash}_${keySuffix}`;
-  }
-};
-// src/auth/callback.ts
-import { auth } from "@modelcontextprotocol/sdk/client/auth.js";
-async function onMcpAuthorization() {
-  const queryParams = new URLSearchParams(window.location.search);
-  const code = queryParams.get("code");
-  const state = queryParams.get("state");
-  const error = queryParams.get("error");
-  const errorDescription = queryParams.get("error_description");
-  const logPrefix = "[mcp-callback]";
-  console.log(`${logPrefix} Handling callback...`, {
-    code,
-    state,
-    error,
-    errorDescription
-  });
-  let provider = null;
-  let storedStateData = null;
-  const stateKey = state ? `mcp:auth:state_${state}` : null;
-  try {
-    if (error) {
-      throw new Error(
-        `OAuth error: ${error} - ${errorDescription || "No description provided."}`
-      );
-    }
-    if (!code) {
-      throw new Error(
-        "Authorization code not found in callback query parameters."
-      );
-    }
-    if (!state || !stateKey) {
-      throw new Error(
-        "State parameter not found or invalid in callback query parameters."
-      );
-    }
-    const storedStateJSON = localStorage.getItem(stateKey);
-    if (!storedStateJSON) {
-      throw new Error(
-        `Invalid or expired state parameter "${state}". No matching state found in storage.`
-      );
-    }
-    try {
-      storedStateData = JSON.parse(storedStateJSON);
-    } catch (e) {
-      throw new Error("Failed to parse stored OAuth state.");
-    }
-    if (!storedStateData.expiry || storedStateData.expiry < Date.now()) {
-      localStorage.removeItem(stateKey);
-      throw new Error(
-        "OAuth state has expired. Please try initiating authentication again."
-      );
-    }
-    if (!storedStateData.providerOptions) {
-      throw new Error("Stored state is missing required provider options.");
-    }
-    const { serverUrl, ...providerOptions } = storedStateData.providerOptions;
-    console.log(
-      `${logPrefix} Re-instantiating provider for server: ${serverUrl}`
-    );
-    provider = new BrowserOAuthClientProvider(serverUrl, providerOptions);
-    console.log(`${logPrefix} Calling SDK auth() to exchange code...`);
-    const baseUrl = new URL(serverUrl).origin;
-    const authResult = await auth(provider, {
-      serverUrl: baseUrl,
-      authorizationCode: code
-    });
-    if (authResult === "AUTHORIZED") {
-      console.log(
-        `${logPrefix} Authorization successful via SDK auth(). Notifying opener...`
-      );
-      if (window.opener && !window.opener.closed) {
-        window.opener.postMessage(
-          { type: "mcp_auth_callback", success: true },
-          window.location.origin
-        );
-        window.close();
-      } else {
-        console.warn(
-          `${logPrefix} No opener window detected. Redirecting to root.`
-        );
-        const pathParts = window.location.pathname.split("/").filter(Boolean);
-        const basePath = pathParts.length > 0 && pathParts[pathParts.length - 1] === "callback" ? "/" + pathParts.slice(0, -2).join("/") : "/";
-        window.location.href = basePath || "/";
-      }
-      localStorage.removeItem(stateKey);
-    } else {
-      console.warn(
-        `${logPrefix} SDK auth() returned unexpected status: ${authResult}`
-      );
-      throw new Error(
-        `Unexpected result from authentication library: ${authResult}`
-      );
-    }
-  } catch (err) {
-    console.error(`${logPrefix} Error during OAuth callback handling:`, err);
-    const errorMessage = err instanceof Error ? err.message : String(err);
-    if (window.opener && !window.opener.closed) {
-      window.opener.postMessage(
-        { type: "mcp_auth_callback", success: false, error: errorMessage },
-        window.location.origin
-      );
-    }
-    try {
-      document.body.innerHTML = `
-            <div style="font-family: sans-serif; padding: 20px;">
-            <h1>Authentication Error</h1>
-            <p style="color: red; background-color: #ffebeb; border: 1px solid red; padding: 10px; border-radius: 4px;">
-                ${errorMessage}
-            </p>
-            <p>You can close this window or <a href="#" onclick="window.close(); return false;">click here to close</a>.</p>
-            <pre style="font-size: 0.8em; color: #555; margin-top: 20px; white-space: pre-wrap;">${err instanceof Error ? err.stack : ""}</pre>
-            </div>
-        `;
-    } catch (displayError) {
-      console.error(
-        `${logPrefix} Could not display error in callback window:`,
-        displayError
-      );
-    }
-    if (stateKey) {
-      localStorage.removeItem(stateKey);
-    }
-    if (provider) {
-      localStorage.removeItem(provider.getKey("code_verifier"));
-      localStorage.removeItem(provider.getKey("last_auth_url"));
-    }
-  }
-}
-__name(onMcpAuthorization, "onMcpAuthorization");
 // src/client/base.ts
 var BaseMCPClient = class {
   static {
@@ -1310,7 +969,5 @@ export {
   ConnectionManager,
   HttpConnector,
   WebSocketConnector,
-  BrowserOAuthClientProvider,
-  onMcpAuthorization,
   BrowserMCPClient
 };