npm - mcp4openapi - Versions diffs - 0.1.0 - Mend

mcp4openapi 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (209) hide show

package/LICENSE.md +7 -0
package/README.md +489 -0
package/dist/composite-executor.d.ts +65 -0
package/dist/composite-executor.d.ts.map +1 -0
package/dist/composite-executor.js +147 -0
package/dist/composite-executor.js.map +1 -0
package/dist/constants.d.ts +36 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +36 -0
package/dist/constants.js.map +1 -0
package/dist/http-transport.d.ts +195 -0
package/dist/http-transport.d.ts.map +1 -0
package/dist/http-transport.js +760 -0
package/dist/http-transport.js.map +1 -0
package/dist/interceptors.d.ts +74 -0
package/dist/interceptors.d.ts.map +1 -0
package/dist/interceptors.js +220 -0
package/dist/interceptors.js.map +1 -0
package/dist/logger.d.ts +81 -0
package/dist/logger.d.ts.map +1 -0
package/dist/logger.js +264 -0
package/dist/logger.js.map +1 -0
package/dist/mcp-server.d.ts +110 -0
package/dist/mcp-server.d.ts.map +1 -0
package/dist/mcp-server.js +568 -0
package/dist/mcp-server.js.map +1 -0
package/dist/metrics.d.ts +86 -0
package/dist/metrics.d.ts.map +1 -0
package/dist/metrics.js +229 -0
package/dist/metrics.js.map +1 -0
package/dist/openapi-parser.d.ts +35 -0
package/dist/openapi-parser.d.ts.map +1 -0
package/dist/openapi-parser.js +160 -0
package/dist/openapi-parser.js.map +1 -0
package/dist/profile-loader.d.ts +25 -0
package/dist/profile-loader.d.ts.map +1 -0
package/dist/profile-loader.js +134 -0
package/dist/profile-loader.js.map +1 -0
package/dist/schema-validator.d.ts +32 -0
package/dist/schema-validator.d.ts.map +1 -0
package/dist/schema-validator.js +126 -0
package/dist/schema-validator.js.map +1 -0
package/dist/scripts/validate-profile.d.ts +9 -0
package/dist/scripts/validate-profile.d.ts.map +1 -0
package/dist/scripts/validate-profile.js +289 -0
package/dist/scripts/validate-profile.js.map +1 -0
package/dist/scripts/validate-schema.d.ts +9 -0
package/dist/scripts/validate-schema.d.ts.map +1 -0
package/dist/scripts/validate-schema.js +84 -0
package/dist/scripts/validate-schema.js.map +1 -0
package/dist/src/composite-executor.d.ts +75 -0
package/dist/src/composite-executor.d.ts.map +1 -0
package/dist/src/composite-executor.js +175 -0
package/dist/src/composite-executor.js.map +1 -0
package/dist/src/constants.d.ts +36 -0
package/dist/src/constants.d.ts.map +1 -0
package/dist/src/constants.js +36 -0
package/dist/src/constants.js.map +1 -0
package/dist/src/dag-executor.d.ts +49 -0
package/dist/src/dag-executor.d.ts.map +1 -0
package/dist/src/dag-executor.js +138 -0
package/dist/src/dag-executor.js.map +1 -0
package/dist/src/errors.d.ts +47 -0
package/dist/src/errors.d.ts.map +1 -0
package/dist/src/errors.js +99 -0
package/dist/src/errors.js.map +1 -0
package/dist/src/generated-schemas.d.ts +661 -0
package/dist/src/generated-schemas.d.ts.map +1 -0
package/dist/src/generated-schemas.js +66 -0
package/dist/src/generated-schemas.js.map +1 -0
package/dist/src/http-client-factory.d.ts +62 -0
package/dist/src/http-client-factory.d.ts.map +1 -0
package/dist/src/http-client-factory.js +121 -0
package/dist/src/http-client-factory.js.map +1 -0
package/dist/src/http-transport.d.ts +194 -0
package/dist/src/http-transport.d.ts.map +1 -0
package/dist/src/http-transport.js +851 -0
package/dist/src/http-transport.js.map +1 -0
package/dist/src/index.d.ts +8 -0
package/dist/src/index.d.ts.map +1 -0
package/dist/src/index.js +59 -0
package/dist/src/index.js.map +1 -0
package/dist/src/interceptors.d.ts +78 -0
package/dist/src/interceptors.d.ts.map +1 -0
package/dist/src/interceptors.js +252 -0
package/dist/src/interceptors.js.map +1 -0
package/dist/src/jsonrpc-validator.d.ts +27 -0
package/dist/src/jsonrpc-validator.d.ts.map +1 -0
package/dist/src/jsonrpc-validator.js +58 -0
package/dist/src/jsonrpc-validator.js.map +1 -0
package/dist/src/lib.d.ts +8 -0
package/dist/src/lib.d.ts.map +1 -0
package/dist/src/lib.js +7 -0
package/dist/src/lib.js.map +1 -0
package/dist/src/logger.d.ts +81 -0
package/dist/src/logger.d.ts.map +1 -0
package/dist/src/logger.js +264 -0
package/dist/src/logger.js.map +1 -0
package/dist/src/mcp-server.d.ts +117 -0
package/dist/src/mcp-server.d.ts.map +1 -0
package/dist/src/mcp-server.js +621 -0
package/dist/src/mcp-server.js.map +1 -0
package/dist/src/metrics.d.ts +86 -0
package/dist/src/metrics.d.ts.map +1 -0
package/dist/src/metrics.js +229 -0
package/dist/src/metrics.js.map +1 -0
package/dist/src/naming-warnings.d.ts +23 -0
package/dist/src/naming-warnings.d.ts.map +1 -0
package/dist/src/naming-warnings.js +83 -0
package/dist/src/naming-warnings.js.map +1 -0
package/dist/src/naming.d.ts +58 -0
package/dist/src/naming.d.ts.map +1 -0
package/dist/src/naming.js +510 -0
package/dist/src/naming.js.map +1 -0
package/dist/src/openapi-parser.d.ts +49 -0
package/dist/src/openapi-parser.d.ts.map +1 -0
package/dist/src/openapi-parser.js +216 -0
package/dist/src/openapi-parser.js.map +1 -0
package/dist/src/profile-loader.d.ts +77 -0
package/dist/src/profile-loader.d.ts.map +1 -0
package/dist/src/profile-loader.js +443 -0
package/dist/src/profile-loader.js.map +1 -0
package/dist/src/schema-validator.d.ts +30 -0
package/dist/src/schema-validator.d.ts.map +1 -0
package/dist/src/schema-validator.js +115 -0
package/dist/src/schema-validator.js.map +1 -0
package/dist/src/testing/fixtures.d.ts +268 -0
package/dist/src/testing/fixtures.d.ts.map +1 -0
package/dist/src/testing/fixtures.js +210 -0
package/dist/src/testing/fixtures.js.map +1 -0
package/dist/src/testing/mock-gitlab-server.d.ts +34 -0
package/dist/src/testing/mock-gitlab-server.d.ts.map +1 -0
package/dist/src/testing/mock-gitlab-server.js +351 -0
package/dist/src/testing/mock-gitlab-server.js.map +1 -0
package/dist/src/testing/mock-utils.d.ts +41 -0
package/dist/src/testing/mock-utils.d.ts.map +1 -0
package/dist/src/testing/mock-utils.js +59 -0
package/dist/src/testing/mock-utils.js.map +1 -0
package/dist/src/testing/test-http-utils.d.ts +52 -0
package/dist/src/testing/test-http-utils.d.ts.map +1 -0
package/dist/src/testing/test-http-utils.js +109 -0
package/dist/src/testing/test-http-utils.js.map +1 -0
package/dist/src/testing/test-types.d.ts +76 -0
package/dist/src/testing/test-types.d.ts.map +1 -0
package/dist/src/testing/test-types.js +7 -0
package/dist/src/testing/test-types.js.map +1 -0
package/dist/src/tool-generator.d.ts +43 -0
package/dist/src/tool-generator.d.ts.map +1 -0
package/dist/src/tool-generator.js +123 -0
package/dist/src/tool-generator.js.map +1 -0
package/dist/src/types/http-transport.d.ts +45 -0
package/dist/src/types/http-transport.d.ts.map +1 -0
package/dist/src/types/http-transport.js +8 -0
package/dist/src/types/http-transport.js.map +1 -0
package/dist/src/types/openapi.d.ts +50 -0
package/dist/src/types/openapi.d.ts.map +1 -0
package/dist/src/types/openapi.js +9 -0
package/dist/src/types/openapi.js.map +1 -0
package/dist/src/types/profile.d.ts +80 -0
package/dist/src/types/profile.d.ts.map +1 -0
package/dist/src/types/profile.js +9 -0
package/dist/src/types/profile.js.map +1 -0
package/dist/src/validation-utils.d.ts +15 -0
package/dist/src/validation-utils.d.ts.map +1 -0
package/dist/src/validation-utils.js +25 -0
package/dist/src/validation-utils.js.map +1 -0
package/dist/testing/fixtures.d.ts +186 -0
package/dist/testing/fixtures.d.ts.map +1 -0
package/dist/testing/fixtures.js +135 -0
package/dist/testing/fixtures.js.map +1 -0
package/dist/testing/http-integration.test.d.ts +7 -0
package/dist/testing/http-integration.test.d.ts.map +1 -0
package/dist/testing/http-integration.test.js +383 -0
package/dist/testing/http-integration.test.js.map +1 -0
package/dist/testing/http-multiuser.test.d.ts +10 -0
package/dist/testing/http-multiuser.test.d.ts.map +1 -0
package/dist/testing/http-multiuser.test.js +255 -0
package/dist/testing/http-multiuser.test.js.map +1 -0
package/dist/testing/integration.test.d.ts +8 -0
package/dist/testing/integration.test.d.ts.map +1 -0
package/dist/testing/integration.test.js +247 -0
package/dist/testing/integration.test.js.map +1 -0
package/dist/testing/mock-gitlab-server.d.ts +34 -0
package/dist/testing/mock-gitlab-server.d.ts.map +1 -0
package/dist/testing/mock-gitlab-server.js +224 -0
package/dist/testing/mock-gitlab-server.js.map +1 -0
package/dist/testing/test-types.d.ts +59 -0
package/dist/testing/test-types.d.ts.map +1 -0
package/dist/testing/test-types.js +7 -0
package/dist/testing/test-types.js.map +1 -0
package/dist/tool-generator.d.ts +43 -0
package/dist/tool-generator.d.ts.map +1 -0
package/dist/tool-generator.js +123 -0
package/dist/tool-generator.js.map +1 -0
package/dist/tsconfig.tsbuildinfo +1 -0
package/dist/types/http-transport.d.ts +39 -0
package/dist/types/http-transport.d.ts.map +1 -0
package/dist/types/http-transport.js +8 -0
package/dist/types/http-transport.js.map +1 -0
package/dist/types/openapi.d.ts +50 -0
package/dist/types/openapi.d.ts.map +1 -0
package/dist/types/openapi.js +9 -0
package/dist/types/openapi.js.map +1 -0
package/dist/types/profile.d.ts +76 -0
package/dist/types/profile.d.ts.map +1 -0
package/dist/types/profile.js +9 -0
package/dist/types/profile.js.map +1 -0
package/package.json +84 -0
package/profile-schema.json +369 -0

package/dist/composite-executor.js ADDED Viewed

@@ -0,0 +1,147 @@
+/**
+ * Composite action executor for chaining API calls
+ *
+ * Why: Reduces roundtrips by fetching related data in sequence (e.g., MR + comments).
+ * Aggregates results into single JSON structure as defined by store_as paths.
+ */
+export class CompositeExecutor {
+    parser;
+    httpClient;
+    constructor(parser, httpClient) {
+        this.parser = parser;
+        this.httpClient = httpClient;
+    }
+    /**
+     * Execute a series of API calls and merge results
+     *
+     * Why sequential: Steps may depend on previous results (e.g., get MR ID, then fetch comments).
+     * Could parallelize independent steps in future optimization.
+     *
+     * Supports partial results: If allowPartial=true, continues after errors and returns
+     * what was completed. Useful for composite actions where some data is better than none.
+     */
+    async execute(steps, args, allowPartial = false, httpClient) {
+        const result = {};
+        const errors = [];
+        let completedSteps = 0;
+        for (let i = 0; i < steps.length; i++) {
+            const step = steps[i];
+            try {
+                const { method, path, operation } = this.parseCall(step.call);
+                if (!operation) {
+                    throw new Error(`Operation not found for call: ${step.call}`);
+                }
+                // Substitute path parameters from args
+                const resolvedPath = this.resolvePath(path, args);
+                // Execute request
+                const client = httpClient || this.httpClient;
+                if (!client) {
+                    throw new Error('HTTP client not provided');
+                }
+                const response = await client.request(method, resolvedPath, {
+                    params: this.extractQueryParams(operation, args),
+                });
+                // Store result at specified path
+                this.storeResult(result, step.store_as, response.body);
+                completedSteps++;
+            }
+            catch (error) {
+                const stepError = {
+                    step_index: i,
+                    step_call: step.call,
+                    error: error instanceof Error ? error.message : String(error),
+                    timestamp: new Date().toISOString(),
+                };
+                errors.push(stepError);
+                // Store error in result for debugging
+                this.storeResult(result, `${step.store_as}_error`, stepError);
+                if (!allowPartial) {
+                    throw new Error(`Composite step ${i + 1}/${steps.length} failed: ${stepError.error}\n` +
+                        `Completed steps: ${completedSteps}\n` +
+                        `Failed step: ${step.call}`);
+                }
+                // Continue with next step if partial results allowed
+            }
+        }
+        return {
+            data: result,
+            completed_steps: completedSteps,
+            total_steps: steps.length,
+            errors: errors.length > 0 ? errors : undefined,
+        };
+    }
+    /**
+     * Parse composite step call syntax
+     *
+     * Format: "GET /projects/{id}/merge_requests/{iid}"
+     */
+    parseCall(call) {
+        const [method, path] = call.split(' ');
+        const pathInfo = this.parser.getPath(path);
+        const operation = pathInfo?.operations[method.toLowerCase()];
+        return { method, path, operation };
+    }
+    /**
+     * Resolve path template with actual values
+     *
+     * Example: "/projects/{id}" + {id: "123"} => "/projects/123"
+     */
+    resolvePath(template, args) {
+        return template.replace(/\{(\w+)\}/g, (_, key) => {
+            const value = args[key];
+            if (value === undefined) {
+                throw new Error(`Missing path parameter: ${key}`);
+            }
+            return String(value);
+        });
+    }
+    /**
+     * Extract query parameters from args based on operation definition
+     */
+    extractQueryParams(operation, args) {
+        const params = {};
+        for (const param of operation.parameters) {
+            if (param.in === 'query' && args[param.name] !== undefined) {
+                const value = args[param.name];
+                // Pass arrays as-is for HttpClient serialization
+                if (Array.isArray(value)) {
+                    params[param.name] = value.map(String);
+                }
+                else {
+                    params[param.name] = String(value);
+                }
+            }
+        }
+        return params;
+    }
+    /**
+     * Store value at JSONPath-like location
+     *
+     * Why nested: Allows semantic structure (comments belong under merge_request object).
+     *
+     * Examples:
+     * - "merge_request" => { merge_request: value }
+     * - "merge_request.comments" => { merge_request: { comments: value } }
+     *
+     * Validates path navigation to prevent overwriting non-object values.
+     */
+    storeResult(target, path, value) {
+        const parts = path.split('.');
+        let current = target;
+        for (let i = 0; i < parts.length - 1; i++) {
+            const part = parts[i];
+            const existing = current[part];
+            // Validate we can navigate through this path
+            if (existing !== undefined && (typeof existing !== 'object' || existing === null)) {
+                throw new Error(`Cannot store at path '${path}': ` +
+                    `'${parts.slice(0, i + 1).join('.')}' is ${typeof existing}, not an object`);
+            }
+            if (!current[part]) {
+                current[part] = {};
+            }
+            current = current[part];
+        }
+        current[parts[parts.length - 1]] = value;
+    }
+}
+//# sourceMappingURL=composite-executor.js.map

package/dist/composite-executor.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"composite-executor.js","sourceRoot":"","sources":["../src/composite-executor.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAqBH,MAAM,OAAO,iBAAiB;IAElB;IACA;IAFV,YACU,MAAqB,EACrB,UAAuB;QADvB,WAAM,GAAN,MAAM,CAAe;QACrB,eAAU,GAAV,UAAU,CAAa;IAC9B,CAAC;IAEJ;;;;;;;;OAQG;IACH,KAAK,CAAC,OAAO,CACX,KAAsB,EACtB,IAA6B,EAC7B,eAAwB,KAAK,EAC7B,UAAuB;QAEvB,MAAM,MAAM,GAA4B,EAAE,CAAC;QAC3C,MAAM,MAAM,GAAgB,EAAE,CAAC;QAC/B,IAAI,cAAc,GAAG,CAAC,CAAC;QAEvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAEtB,IAAI,CAAC;gBACH,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAE9D,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,MAAM,IAAI,KAAK,CAAC,iCAAiC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;gBAChE,CAAC;gBAED,uCAAuC;gBACvC,MAAM,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBAElD,kBAAkB;gBAClB,MAAM,MAAM,GAAG,UAAU,IAAI,IAAI,CAAC,UAAU,CAAC;gBAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;gBAC9C,CAAC;gBACD,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,YAAY,EAAE;oBAC1D,MAAM,EAAE,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC;iBACjD,CAAC,CAAC;gBAEH,iCAAiC;gBACjC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACvD,cAAc,EAAE,CAAC;YAEnB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,SAAS,GAAc;oBAC3B,UAAU,EAAE,CAAC;oBACb,SAAS,EAAE,IAAI,CAAC,IAAI;oBACpB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;oBAC7D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;iBACpC,CAAC;gBAEF,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAEvB,sCAAsC;gBACtC,IAAI,CAAC,WAAW,CACd,MAAM,EACN,GAAG,IAAI,CAAC,QAAQ,QAAQ,EACxB,SAAS,CACV,CAAC;gBAEF,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CACb,kBAAkB,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,MAAM,YAAY,SAAS,CAAC,KAAK,IAAI;wBACtE,oBAAoB,cAAc,IAAI;wBACtC,gBAAgB,IAAI,CAAC,IAAI,EAAE,CAC5B,CAAC;gBACJ,CAAC;gBAED,qDAAqD;YACvD,CAAC;QACH,CAAC;QAED,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,eAAe,EAAE,cAAc;YAC/B,WAAW,EAAE,KAAK,CAAC,MAAM;YACzB,MAAM,EAAE,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;SAC/C,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACK,SAAS,CAAC,IAAY;QAC5B,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,SAAS,GAAG,QAAQ,EAAE,UAAU,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;QAE7D,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;IACrC,CAAC;IAED;;;;OAIG;IACK,WAAW,CAAC,QAAgB,EAAE,IAA6B;QACjE,OAAO,QAAQ,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE;YAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;YACxB,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,EAAE,CAAC,CAAC;YACpD,CAAC;YACD,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;QACvB,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,SAAwB,EAAE,IAA6B;QAChF,MAAM,MAAM,GAAsC,EAAE,CAAC;QAErD,KAAK,MAAM,KAAK,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;YACzC,IAAI,KAAK,CAAC,EAAE,KAAK,OAAO,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;gBAC3D,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC/B,iDAAiD;gBACjD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBACzB,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBACzC,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;;;;;;OAUG;IACK,WAAW,CAAC,MAA+B,EAAE,IAAY,EAAE,KAAc;QAC/E,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC9B,IAAI,OAAO,GAAG,MAAiC,CAAC;QAEhD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;YAE/B,6CAA6C;YAC7C,IAAI,QAAQ,KAAK,SAAS,IAAI,CAAC,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,CAAC,EAAE,CAAC;gBAClF,MAAM,IAAI,KAAK,CACb,yBAAyB,IAAI,KAAK;oBAClC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,OAAO,QAAQ,iBAAiB,CAC5E,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnB,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;YACrB,CAAC;YACD,OAAO,GAAG,OAAO,CAAC,IAAI,CAA4B,CAAC;QACrD,CAAC;QAED,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;IAC3C,CAAC;CACF"}

package/dist/constants.d.ts ADDED Viewed

@@ -0,0 +1,36 @@
+/**
+ * Application constants
+ *
+ * Why: Centralized constants improve readability and maintainability.
+ * Magic numbers scattered through code are harder to understand and change.
+ */
+/**
+ * Time conversion constants
+ */
+export declare const TIME: {
+    readonly MS_PER_SECOND: 1000;
+    readonly MS_PER_MINUTE: 60000;
+    readonly MS_PER_HOUR: 3600000;
+    readonly SECONDS_PER_MINUTE: 60;
+    readonly MINUTES_PER_HOUR: 60;
+};
+/**
+ * HTTP status codes
+ *
+ * Why: Named constants more readable than numeric literals.
+ * Makes intent clear (STATUS_TOO_MANY_REQUESTS vs 429).
+ */
+export declare const HTTP_STATUS: {
+    readonly OK: 200;
+    readonly MULTIPLE_CHOICES: 300;
+    readonly BAD_REQUEST: 400;
+    readonly UNAUTHORIZED: 401;
+    readonly FORBIDDEN: 403;
+    readonly NOT_FOUND: 404;
+    readonly TOO_MANY_REQUESTS: 429;
+    readonly INTERNAL_SERVER_ERROR: 500;
+    readonly BAD_GATEWAY: 502;
+    readonly SERVICE_UNAVAILABLE: 503;
+    readonly GATEWAY_TIMEOUT: 504;
+};
+//# sourceMappingURL=constants.d.ts.map

package/dist/constants.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,eAAO,MAAM,IAAI;;;;;;CAMP,CAAC;AAEX;;;;;GAKG;AACH,eAAO,MAAM,WAAW;;;;;;;;;;;;CAYd,CAAC"}

package/dist/constants.js ADDED Viewed

@@ -0,0 +1,36 @@
+/**
+ * Application constants
+ *
+ * Why: Centralized constants improve readability and maintainability.
+ * Magic numbers scattered through code are harder to understand and change.
+ */
+/**
+ * Time conversion constants
+ */
+export const TIME = {
+    MS_PER_SECOND: 1000,
+    MS_PER_MINUTE: 60000,
+    MS_PER_HOUR: 3600000,
+    SECONDS_PER_MINUTE: 60,
+    MINUTES_PER_HOUR: 60,
+};
+/**
+ * HTTP status codes
+ *
+ * Why: Named constants more readable than numeric literals.
+ * Makes intent clear (STATUS_TOO_MANY_REQUESTS vs 429).
+ */
+export const HTTP_STATUS = {
+    OK: 200,
+    MULTIPLE_CHOICES: 300,
+    BAD_REQUEST: 400,
+    UNAUTHORIZED: 401,
+    FORBIDDEN: 403,
+    NOT_FOUND: 404,
+    TOO_MANY_REQUESTS: 429,
+    INTERNAL_SERVER_ERROR: 500,
+    BAD_GATEWAY: 502,
+    SERVICE_UNAVAILABLE: 503,
+    GATEWAY_TIMEOUT: 504,
+};
+//# sourceMappingURL=constants.js.map

package/dist/constants.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG;IAClB,aAAa,EAAE,IAAI;IACnB,aAAa,EAAE,KAAK;IACpB,WAAW,EAAE,OAAO;IACpB,kBAAkB,EAAE,EAAE;IACtB,gBAAgB,EAAE,EAAE;CACZ,CAAC;AAEX;;;;;GAKG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,EAAE,EAAE,GAAG;IACP,gBAAgB,EAAE,GAAG;IACrB,WAAW,EAAE,GAAG;IAChB,YAAY,EAAE,GAAG;IACjB,SAAS,EAAE,GAAG;IACd,SAAS,EAAE,GAAG;IACd,iBAAiB,EAAE,GAAG;IACtB,qBAAqB,EAAE,GAAG;IAC1B,WAAW,EAAE,GAAG;IAChB,mBAAmB,EAAE,GAAG;IACxB,eAAe,EAAE,GAAG;CACZ,CAAC"}

package/dist/http-transport.d.ts ADDED Viewed

@@ -0,0 +1,195 @@
+/**
+ * HTTP Streamable Transport for MCP
+ *
+ * Implements MCP Specification 2025-03-26
+ * https://modelcontextprotocol.io/specification/2025-03-26/basic/transports
+ *
+ * Why: Enables remote MCP server access with SSE streaming, session management,
+ * and resumability for reliable communication over HTTP.
+ */
+import type { Logger } from './logger.js';
+import type { HttpTransportConfig } from './types/http-transport.js';
+export declare class HttpTransport {
+    private app;
+    private server;
+    private sessions;
+    private config;
+    private logger;
+    private metrics;
+    private cleanupInterval;
+    private messageHandler;
+    constructor(config: HttpTransportConfig, logger: Logger);
+    /**
+     * Setup Express middleware
+     *
+     * Why: Security (Origin validation), JSON parsing, session extraction, metrics
+     */
+    private setupMiddleware;
+    private hasWarnedAboutBinding;
+    /**
+     * Check if origin is allowed
+     *
+     * Why: Prevent DNS rebinding attacks
+     *
+     * Supports:
+     * - Exact hostname: 'example.com', 'api.example.com'
+     * - Wildcard subdomain: '*.example.com'
+     * - IPv4 CIDR: '192.168.1.0/24', '10.0.0.0/8'
+     * - IPv4 exact: '192.168.1.100'
+     */
+    private isAllowedOrigin;
+    /**
+     * Match hostname against allowed origin pattern
+     *
+     * Supports:
+     * - Exact match: 'example.com' === 'example.com'
+     * - Wildcard: '*.example.com' matches 'api.example.com', 'web.example.com'
+     * - CIDR: '192.168.1.0/24' matches '192.168.1.1' through '192.168.1.254'
+     */
+    private matchOrigin;
+    /**
+     * Check if IP address is within CIDR range
+     *
+     * Example: '192.168.1.50' matches '192.168.1.0/24'
+     */
+    private matchCIDR;
+    /**
+     * Convert IPv4 address to 32-bit integer
+     *
+     * Example: '192.168.1.1' -> 3232235777
+     */
+    private ipToInt;
+    /**
+     * Setup MCP endpoint routes
+     *
+     * Why: Single endpoint for POST (client→server) and GET (SSE stream)
+     */
+    private setupRoutes;
+    /**
+     * Handle metrics endpoint
+     *
+     * Why: Prometheus scraping endpoint
+     */
+    private handleMetrics;
+    /**
+     * Validate token format and length
+     *
+     * Why centralized: Single source of truth for token validation rules
+     */
+    private validateToken;
+    /**
+     * Extract and validate auth token from request headers
+     *
+     * Supports:
+     * - Authorization: Bearer <token>
+     * - X-API-Token: <token>
+     *
+     * Why strict validation: Prevents header injection attacks
+     */
+    private extractAuthToken;
+    /**
+     * Handle POST requests - Client sending messages to server
+     *
+     * MCP Spec: POST can contain requests, notifications, or responses
+     */
+    private handlePost;
+    /**
+     * Handle GET requests - Client opening SSE stream for server messages
+     *
+     * MCP Spec: GET opens SSE stream for server-initiated requests/notifications
+     */
+    private handleGet;
+    /**
+     * Handle DELETE requests - Client terminating session
+     *
+     * MCP Spec: DELETE explicitly terminates session
+     */
+    private handleDelete;
+    /**
+     * Start SSE response for a POST request
+     *
+     * Why: Returns response via SSE stream, allows server-initiated messages
+     */
+    private startSSEResponse;
+    /**
+     * Start SSE stream for GET request
+     *
+     * Why: Allows server to send requests/notifications to client
+     */
+    private startSSEStream;
+    /**
+     * Replay messages after Last-Event-ID
+     *
+     * Why: Resumability - client can reconnect and receive missed messages
+     */
+    private replayMessages;
+    /**
+     * Send message to client via SSE
+     *
+     * Why: Server-initiated requests/notifications
+     */
+    sendToClient(sessionId: string, message: unknown): void;
+    /**
+     * Check if request is initialization
+     */
+    private isInitializeRequest;
+    /**
+     * Determine message type (request, notification, response)
+     */
+    private getMessageType;
+    /**
+     * Create new session
+     *
+     * Why: Stateful sessions for MCP protocol
+     */
+    private createSession;
+    /**
+     * Update session activity timestamp
+     */
+    private updateSessionActivity;
+    /**
+     * Destroy session and cleanup resources
+     *
+     * Why: Free memory, close streams
+     */
+    private destroySession;
+    /**
+     * Session destruction listeners for cleanup in other components
+     */
+    private sessionDestroyedListeners;
+    /**
+     * Register listener for session destruction events
+     *
+     * Why: Allows MCPServer to cleanup per-session HTTP clients
+     */
+    onSessionDestroyed(listener: (sessionId: string) => void): void;
+    /**
+     * Notify all listeners about session destruction
+     */
+    private notifySessionDestroyed;
+    /**
+     * Cleanup expired sessions
+     *
+     * Why: Prevent memory leaks, enforce session timeout
+     */
+    private cleanupExpiredSessions;
+    /**
+     * Get auth token from session
+     *
+     * Why public: Allows MCPServer to securely access session tokens without breaking encapsulation
+     */
+    getSessionToken(sessionId: string): string | undefined;
+    /**
+     * Set message handler for processing incoming JSON-RPC messages
+     */
+    setMessageHandler(handler: (message: unknown, sessionId?: string) => Promise<unknown>): void;
+    /**
+     * Start HTTP server
+     */
+    start(): Promise<void>;
+    /**
+     * Stop HTTP server
+     */
+    stop(): Promise<void>;
+}
+//# sourceMappingURL=http-transport.d.ts.map

package/dist/http-transport.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"http-transport.d.ts","sourceRoot":"","sources":["../src/http-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,KAAK,EAIV,mBAAmB,EAEpB,MAAM,2BAA2B,CAAC;AAGnC,qBAAa,aAAa;IACxB,OAAO,CAAC,GAAG,CAAsB;IACjC,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,QAAQ,CAAuC;IACvD,OAAO,CAAC,MAAM,CAAsB;IACpC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,OAAO,CAAiC;IAChD,OAAO,CAAC,eAAe,CAA+B;IACtD,OAAO,CAAC,cAAc,CAA6E;gBAEvF,MAAM,EAAE,mBAAmB,EAAE,MAAM,EAAE,MAAM;IAiBvD;;;;OAIG;IACH,OAAO,CAAC,eAAe;IA+CvB,OAAO,CAAC,qBAAqB,CAAS;IAEtC;;;;;;;;;;OAUG;IACH,OAAO,CAAC,eAAe;IA8BvB;;;;;;;OAOG;IACH,OAAO,CAAC,WAAW;IAoBnB;;;;OAIG;IACH,OAAO,CAAC,SAAS;IAyBjB;;;;OAIG;IACH,OAAO,CAAC,OAAO;IAmBf;;;;OAIG;IACH,OAAO,CAAC,WAAW;IA2BnB;;;;OAIG;YACW,aAAa;IAoB3B;;;;OAIG;IACH,OAAO,CAAC,aAAa;IAUrB;;;;;;;;OAQG;IACH,OAAO,CAAC,gBAAgB;IAyBxB;;;;OAIG;YACW,UAAU;IA4FxB;;;;OAIG;YACW,SAAS;IAkDvB;;;;OAIG;IACH,OAAO,CAAC,YAAY;IAmCpB;;;;OAIG;IACH,OAAO,CAAC,gBAAgB;IAuBxB;;;;OAIG;IACH,OAAO,CAAC,cAAc;IA4CtB;;;;OAIG;IACH,OAAO,CAAC,cAAc;IAatB;;;;OAIG;IACI,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,IAAI;IA4B9D;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAM3B;;OAEG;IACH,OAAO,CAAC,cAAc;IAuBtB;;;;OAIG;IACH,OAAO,CAAC,aAAa;IAyBrB;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAO7B;;;;OAIG;IACH,OAAO,CAAC,cAAc;IAsBtB;;OAEG;IACH,OAAO,CAAC,yBAAyB,CAA0C;IAE3E;;;;OAIG;IACI,kBAAkB,CAAC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,GAAG,IAAI;IAItE;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAU9B;;;;OAIG;IACH,OAAO,CAAC,sBAAsB;IAqB9B;;;;OAIG;IACI,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAK7D;;OAEG;IACI,iBAAiB,CAAC,OAAO,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI;IAInG;;OAEG;IACU,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA2BnC;;OAEG;IACU,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAuBnC"}