mcp4openapi 0.1.0 → 0.2.1

package/dist/http-transport.d.ts

@@ -1,195 +0,0 @@
-/**
- * HTTP Streamable Transport for MCP
- *
- * Implements MCP Specification 2025-03-26
- * https://modelcontextprotocol.io/specification/2025-03-26/basic/transports
- *
- * Why: Enables remote MCP server access with SSE streaming, session management,
- * and resumability for reliable communication over HTTP.
- */
-import type { Logger } from './logger.js';
-import type { HttpTransportConfig } from './types/http-transport.js';
-export declare class HttpTransport {
-    private app;
-    private server;
-    private sessions;
-    private config;
-    private logger;
-    private metrics;
-    private cleanupInterval;
-    private messageHandler;
-    constructor(config: HttpTransportConfig, logger: Logger);
-    /**
-     * Setup Express middleware
-     *
-     * Why: Security (Origin validation), JSON parsing, session extraction, metrics
-     */
-    private setupMiddleware;
-    private hasWarnedAboutBinding;
-    /**
-     * Check if origin is allowed
-     *
-     * Why: Prevent DNS rebinding attacks
-     *
-     * Supports:
-     * - Exact hostname: 'example.com', 'api.example.com'
-     * - Wildcard subdomain: '*.example.com'
-     * - IPv4 CIDR: '192.168.1.0/24', '10.0.0.0/8'
-     * - IPv4 exact: '192.168.1.100'
-     */
-    private isAllowedOrigin;
-    /**
-     * Match hostname against allowed origin pattern
-     *
-     * Supports:
-     * - Exact match: 'example.com' === 'example.com'
-     * - Wildcard: '*.example.com' matches 'api.example.com', 'web.example.com'
-     * - CIDR: '192.168.1.0/24' matches '192.168.1.1' through '192.168.1.254'
-     */
-    private matchOrigin;
-    /**
-     * Check if IP address is within CIDR range
-     *
-     * Example: '192.168.1.50' matches '192.168.1.0/24'
-     */
-    private matchCIDR;
-    /**
-     * Convert IPv4 address to 32-bit integer
-     *
-     * Example: '192.168.1.1' -> 3232235777
-     */
-    private ipToInt;
-    /**
-     * Setup MCP endpoint routes
-     *
-     * Why: Single endpoint for POST (client→server) and GET (SSE stream)
-     */
-    private setupRoutes;
-    /**
-     * Handle metrics endpoint
-     *
-     * Why: Prometheus scraping endpoint
-     */
-    private handleMetrics;
-    /**
-     * Validate token format and length
-     *
-     * Why centralized: Single source of truth for token validation rules
-     */
-    private validateToken;
-    /**
-     * Extract and validate auth token from request headers
-     *
-     * Supports:
-     * - Authorization: Bearer <token>
-     * - X-API-Token: <token>
-     *
-     * Why strict validation: Prevents header injection attacks
-     */
-    private extractAuthToken;
-    /**
-     * Handle POST requests - Client sending messages to server
-     *
-     * MCP Spec: POST can contain requests, notifications, or responses
-     */
-    private handlePost;
-    /**
-     * Handle GET requests - Client opening SSE stream for server messages
-     *
-     * MCP Spec: GET opens SSE stream for server-initiated requests/notifications
-     */
-    private handleGet;
-    /**
-     * Handle DELETE requests - Client terminating session
-     *
-     * MCP Spec: DELETE explicitly terminates session
-     */
-    private handleDelete;
-    /**
-     * Start SSE response for a POST request
-     *
-     * Why: Returns response via SSE stream, allows server-initiated messages
-     */
-    private startSSEResponse;
-    /**
-     * Start SSE stream for GET request
-     *
-     * Why: Allows server to send requests/notifications to client
-     */
-    private startSSEStream;
-    /**
-     * Replay messages after Last-Event-ID
-     *
-     * Why: Resumability - client can reconnect and receive missed messages
-     */
-    private replayMessages;
-    /**
-     * Send message to client via SSE
-     *
-     * Why: Server-initiated requests/notifications
-     */
-    sendToClient(sessionId: string, message: unknown): void;
-    /**
-     * Check if request is initialization
-     */
-    private isInitializeRequest;
-    /**
-     * Determine message type (request, notification, response)
-     */
-    private getMessageType;
-    /**
-     * Create new session
-     *
-     * Why: Stateful sessions for MCP protocol
-     */
-    private createSession;
-    /**
-     * Update session activity timestamp
-     */
-    private updateSessionActivity;
-    /**
-     * Destroy session and cleanup resources
-     *
-     * Why: Free memory, close streams
-     */
-    private destroySession;
-    /**
-     * Session destruction listeners for cleanup in other components
-     */
-    private sessionDestroyedListeners;
-    /**
-     * Register listener for session destruction events
-     *
-     * Why: Allows MCPServer to cleanup per-session HTTP clients
-     */
-    onSessionDestroyed(listener: (sessionId: string) => void): void;
-    /**
-     * Notify all listeners about session destruction
-     */
-    private notifySessionDestroyed;
-    /**
-     * Cleanup expired sessions
-     *
-     * Why: Prevent memory leaks, enforce session timeout
-     */
-    private cleanupExpiredSessions;
-    /**
-     * Get auth token from session
-     *
-     * Why public: Allows MCPServer to securely access session tokens without breaking encapsulation
-     */
-    getSessionToken(sessionId: string): string | undefined;
-    /**
-     * Set message handler for processing incoming JSON-RPC messages
-     */
-    setMessageHandler(handler: (message: unknown, sessionId?: string) => Promise<unknown>): void;
-    /**
-     * Start HTTP server
-     */
-    start(): Promise<void>;
-    /**
-     * Stop HTTP server
-     */
-    stop(): Promise<void>;
-}
-//# sourceMappingURL=http-transport.d.ts.map

package/dist/http-transport.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"http-transport.d.ts","sourceRoot":"","sources":["../src/http-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,KAAK,EAIV,mBAAmB,EAEpB,MAAM,2BAA2B,CAAC;AAGnC,qBAAa,aAAa;IACxB,OAAO,CAAC,GAAG,CAAsB;IACjC,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,QAAQ,CAAuC;IACvD,OAAO,CAAC,MAAM,CAAsB;IACpC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,OAAO,CAAiC;IAChD,OAAO,CAAC,eAAe,CAA+B;IACtD,OAAO,CAAC,cAAc,CAA6E;gBAEvF,MAAM,EAAE,mBAAmB,EAAE,MAAM,EAAE,MAAM;IAiBvD;;;;OAIG;IACH,OAAO,CAAC,eAAe;IA+CvB,OAAO,CAAC,qBAAqB,CAAS;IAEtC;;;;;;;;;;OAUG;IACH,OAAO,CAAC,eAAe;IA8BvB;;;;;;;OAOG;IACH,OAAO,CAAC,WAAW;IAoBnB;;;;OAIG;IACH,OAAO,CAAC,SAAS;IAyBjB;;;;OAIG;IACH,OAAO,CAAC,OAAO;IAmBf;;;;OAIG;IACH,OAAO,CAAC,WAAW;IA2BnB;;;;OAIG;YACW,aAAa;IAoB3B;;;;OAIG;IACH,OAAO,CAAC,aAAa;IAUrB;;;;;;;;OAQG;IACH,OAAO,CAAC,gBAAgB;IAyBxB;;;;OAIG;YACW,UAAU;IA4FxB;;;;OAIG;YACW,SAAS;IAkDvB;;;;OAIG;IACH,OAAO,CAAC,YAAY;IAmCpB;;;;OAIG;IACH,OAAO,CAAC,gBAAgB;IAuBxB;;;;OAIG;IACH,OAAO,CAAC,cAAc;IA4CtB;;;;OAIG;IACH,OAAO,CAAC,cAAc;IAatB;;;;OAIG;IACI,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,IAAI;IA4B9D;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAM3B;;OAEG;IACH,OAAO,CAAC,cAAc;IAuBtB;;;;OAIG;IACH,OAAO,CAAC,aAAa;IAyBrB;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAO7B;;;;OAIG;IACH,OAAO,CAAC,cAAc;IAsBtB;;OAEG;IACH,OAAO,CAAC,yBAAyB,CAA0C;IAE3E;;;;OAIG;IACI,kBAAkB,CAAC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,GAAG,IAAI;IAItE;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAU9B;;;;OAIG;IACH,OAAO,CAAC,sBAAsB;IAqB9B;;;;OAIG;IACI,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAK7D;;OAEG;IACI,iBAAiB,CAAC,OAAO,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI;IAInG;;OAEG;IACU,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA2BnC;;OAEG;IACU,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAuBnC"}