noumen 0.1.0 → 0.2.0

package/dist/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/server/index.ts"],"sourcesContent":["import { createServer as createHttpServer, type IncomingMessage, type ServerResponse } from \"node:http\";\nimport { randomUUID } from \"node:crypto\";\nimport type { Agent } from \"../agent.js\";\nimport type { StreamEvent } from \"../session/types.js\";\nimport type { PermissionResponse } from \"../permissions/types.js\";\n\ntype MaybePromise<T> = T | Promise<T>;\n\n// ---------------------------------------------------------------------------\n// Constants\n// ---------------------------------------------------------------------------\n\nconst SSE_KEEPALIVE_INTERVAL_MS = 15_000;\nconst MAX_BODY_BYTES = 1_048_576; // 1 MB\nconst MAX_EVENT_BUFFER = 1000;\nconst DEFAULT_PENDING_TIMEOUT_MS = 120_000; // 2 minutes\nconst WS_PING_INTERVAL_MS = 30_000;\nconst SHUTDOWN_DRAIN_MS = 500;\n\n// ---------------------------------------------------------------------------\n// Public types\n// ---------------------------------------------------------------------------\n\nexport interface ServerOptions {\n  port: number;\n  host?: string;\n  /** Enable WebSocket transport (default true). Requires `ws` peer dependency. */\n  ws?: boolean;\n  auth?: AuthConfig;\n  /** Maximum number of concurrent sessions (default unlimited). */\n  maxSessions?: number;\n  /** Automatically clean up sessions idle longer than this (ms). No timeout by default. */\n  idleTimeoutMs?: number;\n  /** Called on every new connection; return overrides for the session. */\n  onConnection?: (info: ConnectionInfo) => MaybePromise<ConnectionOverrides>;\n  onError?: (err: Error) => void;\n  /** Enable CORS for browser clients (default true). */\n  cors?: boolean;\n  /** Timeout for pending permission/input responses before rejecting (ms). Default 120000. */\n  pendingTimeoutMs?: number;\n}\n\n/**\n * Options for `createRequestHandler()` — same as `ServerOptions` but without\n * `port` / `host` / `ws` since the caller owns the HTTP server.\n */\nexport interface RequestHandlerOptions {\n  auth?: AuthConfig;\n  maxSessions?: number;\n  idleTimeoutMs?: number;\n  onConnection?: (info: ConnectionInfo) => MaybePromise<ConnectionOverrides>;\n  onError?: (err: Error) => void;\n  cors?: boolean;\n  pendingTimeoutMs?: number;\n}\n\nexport type AuthConfig =\n  | { type: \"bearer\"; token: string }\n  | { type: \"custom\"; verify: (req: IncomingMessage) => MaybePromise<AuthResult | null> };\n\nexport interface AuthResult {\n  [key: string]: unknown;\n}\n\nexport interface ConnectionInfo {\n  auth: AuthResult;\n  remoteAddress?: string;\n}\n\nexport interface ConnectionOverrides {\n  cwd?: string;\n}\n\ninterface PromiseResolver<T> {\n  resolve: (value: T) => void;\n  reject: (err: Error) => void;\n}\n\ninterface BufferedEvent {\n  seq: number;\n  event: StreamEvent;\n}\n\ninterface SessionState {\n  id: string;\n  abortController: AbortController;\n  pendingPermission: PromiseResolver<PermissionResponse> | null;\n  pendingInput: PromiseResolver<string> | null;\n  pendingPermissionTimer: ReturnType<typeof setTimeout> | null;\n  pendingInputTimer: ReturnType<typeof setTimeout> | null;\n  lastActivity: number;\n  sseResponse: ServerResponse | null;\n  sseKeepaliveTimer: ReturnType<typeof setInterval> | null;\n  eventBuffer: BufferedEvent[];\n  sequenceNum: number;\n  done: boolean;\n  cwd?: string;\n}\n\ntype WsWebSocket = {\n  on(event: \"message\", cb: (data: Buffer | string) => void): void;\n  on(event: \"close\", cb: () => void): void;\n  on(event: \"error\", cb: (err: Error) => void): void;\n  on(event: \"pong\", cb: () => void): void;\n  send(data: string): void;\n  ping(): void;\n  close(): void;\n  readyState: number;\n};\n\ntype WsServer = {\n  on(event: \"connection\", cb: (ws: WsWebSocket, req: IncomingMessage) => void): void;\n  close(cb?: () => void): void;\n};\n\n// ---------------------------------------------------------------------------\n// NoumenServer\n// ---------------------------------------------------------------------------\n\nexport class NoumenServer {\n  private code: Agent;\n  private options: ServerOptions;\n  private httpServer: ReturnType<typeof createHttpServer> | null = null;\n  private wss: WsServer | null = null;\n  private sessions = new Map<string, SessionState>();\n  private idleTimer: ReturnType<typeof setInterval> | null = null;\n\n  constructor(code: Agent, options: ServerOptions) {\n    this.code = code;\n    this.options = options;\n  }\n\n  async start(): Promise<void> {\n    this.httpServer = createHttpServer((req, res) => this.handleRequest(req, res));\n\n    if (this.options.ws !== false) {\n      await this.initWebSocket();\n    }\n\n    this.ensureIdleReaper();\n\n    return new Promise<void>((resolve, reject) => {\n      const host = this.options.host ?? \"0.0.0.0\";\n      this.httpServer!.listen(this.options.port, host, () => resolve());\n      this.httpServer!.once(\"error\", reject);\n    });\n  }\n\n  async stop(): Promise<void> {\n    if (this.idleTimer) {\n      clearInterval(this.idleTimer);\n      this.idleTimer = null;\n    }\n\n    // Signal all sessions to stop, then give a brief drain period\n    for (const session of this.sessions.values()) {\n      session.abortController.abort();\n    }\n    await new Promise<void>((resolve) => setTimeout(resolve, SHUTDOWN_DRAIN_MS));\n\n    for (const session of this.sessions.values()) {\n      this.destroySession(session);\n    }\n\n    if (this.wss) {\n      await new Promise<void>((resolve) => this.wss!.close(() => resolve()));\n      this.wss = null;\n    }\n\n    if (this.httpServer) {\n      if (typeof (this.httpServer as any).closeAllConnections === \"function\") {\n        (this.httpServer as any).closeAllConnections();\n      }\n      await new Promise<void>((resolve, reject) =>\n        this.httpServer!.close((err) => (err ? reject(err) : resolve())),\n      );\n      this.httpServer = null;\n    }\n  }\n\n  getActiveSessions(): Map<string, { id: string; lastActivity: number; done: boolean }> {\n    const result = new Map<string, { id: string; lastActivity: number; done: boolean }>();\n    for (const [id, s] of this.sessions) {\n      result.set(id, { id: s.id, lastActivity: s.lastActivity, done: s.done });\n    }\n    return result;\n  }\n\n  // -------------------------------------------------------------------------\n  // WebSocket setup\n  // -------------------------------------------------------------------------\n\n  private async initWebSocket(): Promise<void> {\n    let WsServerCtor: new (opts: { server: ReturnType<typeof createHttpServer> }) => WsServer;\n    try {\n      const ws = await import(\"ws\");\n      WsServerCtor = (ws as any).WebSocketServer ?? (ws as any).default?.WebSocketServer;\n    } catch {\n      throw new Error(\n        \"noumen/server: WebSocket support requires the 'ws' package. \" +\n        \"Install it with: npm install ws\\n\" +\n        \"Or disable WebSocket with { ws: false } in ServerOptions.\",\n      );\n    }\n\n    this.wss = new WsServerCtor({ server: this.httpServer! });\n    this.wss.on(\"connection\", (ws, req) => {\n      this.handleWsConnection(ws, req).catch((err) =>\n        this.options.onError?.(err instanceof Error ? err : new Error(String(err))),\n      );\n    });\n  }\n\n  /**\n   * Handle an HTTP request. Used internally by `start()` and exposed for\n   * `createRequestHandler()` so the same logic can be mounted on an\n   * external Express / Fastify / Hono server.\n   */\n  async handleRequest(req: IncomingMessage, res: ServerResponse): Promise<void> {\n    this.ensureIdleReaper();\n    return this.handleHttp(req, res).catch((err) => {\n      this.options.onError?.(err instanceof Error ? err : new Error(String(err)));\n      if (!res.headersSent) jsonResponse(res, 500, { error: \"Internal server error\" });\n    });\n  }\n\n  private idleReaperStarted = false;\n\n  private ensureIdleReaper(): void {\n    if (this.idleReaperStarted || !this.options.idleTimeoutMs) return;\n    this.idleReaperStarted = true;\n    const interval = Math.max(this.options.idleTimeoutMs / 2, 1000);\n    this.idleTimer = setInterval(() => this.reapIdleSessions(), interval);\n    this.idleTimer.unref();\n  }\n\n  // -------------------------------------------------------------------------\n  // HTTP routing\n  // -------------------------------------------------------------------------\n\n  private async handleHttp(req: IncomingMessage, res: ServerResponse): Promise<void> {\n    if (this.options.cors !== false) {\n      res.setHeader(\"Access-Control-Allow-Origin\", \"*\");\n      res.setHeader(\"Access-Control-Allow-Methods\", \"GET, POST, DELETE, OPTIONS\");\n      res.setHeader(\"Access-Control-Allow-Headers\", \"Content-Type, Authorization, Last-Event-ID\");\n    }\n\n    const method = req.method ?? \"GET\";\n\n    if (method === \"OPTIONS\") {\n      res.writeHead(204);\n      res.end();\n      return;\n    }\n\n    const url = new URL(req.url ?? \"/\", `http://${req.headers.host ?? \"localhost\"}`);\n    const path = url.pathname;\n\n    if (path === \"/health\" && method === \"GET\") {\n      return jsonResponse(res, 200, { status: \"ok\", sessions: this.sessions.size });\n    }\n\n    if (this.options.auth) {\n      const authResult = await this.authenticate(req);\n      if (!authResult) {\n        return jsonResponse(res, 401, { error: \"Unauthorized\" });\n      }\n    }\n\n    if (path === \"/sessions\" && method === \"POST\") {\n      return this.handleCreateSession(req, res);\n    }\n\n    if (path === \"/sessions\" && method === \"GET\") {\n      return this.handleListSessions(res);\n    }\n\n    const sessionMatch = path.match(/^\\/sessions\\/([^/]+)(?:\\/(.+))?$/);\n    if (sessionMatch) {\n      const sessionId = sessionMatch[1];\n      const sub = sessionMatch[2] ?? \"\";\n\n      if (sub === \"events\" && method === \"GET\") return this.handleSseStream(sessionId, req, res);\n      if (sub === \"permissions\" && method === \"POST\") return this.handlePermissionResponse(sessionId, req, res);\n      if (sub === \"input\" && method === \"POST\") return this.handleInputResponse(sessionId, req, res);\n      if (sub === \"messages\" && method === \"POST\") return this.handleSendMessage(sessionId, req, res);\n      if (sub === \"\" && method === \"DELETE\") return this.handleDeleteSession(sessionId, res);\n    }\n\n    jsonResponse(res, 404, { error: \"Not found\" });\n  }\n\n  // -------------------------------------------------------------------------\n  // Auth\n  // -------------------------------------------------------------------------\n\n  private async authenticate(req: IncomingMessage): Promise<AuthResult | null> {\n    const auth = this.options.auth;\n    if (!auth) return {};\n\n    if (auth.type === \"bearer\") {\n      const header = req.headers.authorization;\n      if (header === `Bearer ${auth.token}`) return {};\n      return null;\n    }\n\n    return auth.verify(req);\n  }\n\n  // -------------------------------------------------------------------------\n  // REST handlers\n  // -------------------------------------------------------------------------\n\n  private async handleCreateSession(req: IncomingMessage, res: ServerResponse): Promise<void> {\n    const body = await readBody(req);\n    const { prompt, sessionId: requestedId } = body as { prompt?: string; sessionId?: string };\n\n    if (!prompt || typeof prompt !== \"string\") {\n      return jsonResponse(res, 400, { error: \"Missing required field: prompt\" });\n    }\n\n    if (this.options.maxSessions && this.sessions.size >= this.options.maxSessions) {\n      return jsonResponse(res, 429, { error: \"Maximum sessions reached\" });\n    }\n\n    const overrides = await this.resolveConnectionOverrides(req);\n    const session = this.createSessionState(requestedId, overrides);\n\n    this.runAgentSse(session, prompt, false);\n\n    jsonResponse(res, 201, {\n      sessionId: session.id,\n      eventsUrl: `/sessions/${session.id}/events`,\n    });\n  }\n\n  private handleListSessions(res: ServerResponse): void {\n    const sessions = Array.from(this.sessions.values()).map((s) => ({\n      id: s.id,\n      lastActivity: s.lastActivity,\n      done: s.done,\n    }));\n    jsonResponse(res, 200, sessions);\n  }\n\n  private handleSseStream(sessionId: string, req: IncomingMessage, res: ServerResponse): void {\n    const session = this.sessions.get(sessionId);\n    if (!session) return jsonResponse(res, 404, { error: \"Session not found\" });\n\n    // Handle subscriber conflict: notify the old listener before replacing\n    if (session.sseResponse) {\n      const oldRes = session.sseResponse;\n      writeSseEventRaw(oldRes, session.sequenceNum + 1, { type: \"subscriber_replaced\" });\n      oldRes.end();\n      this.clearSseKeepalive(session);\n      session.sseResponse = null;\n    }\n\n    res.writeHead(200, {\n      \"Content-Type\": \"text/event-stream\",\n      \"Cache-Control\": \"no-cache\",\n      \"Connection\": \"keep-alive\",\n      \"X-Accel-Buffering\": \"no\",\n    });\n\n    // Support Last-Event-ID for resumption after reconnect\n    const lastEventId = req.headers[\"last-event-id\"] as string | undefined;\n    const resumeAfterSeq = lastEventId ? parseInt(lastEventId, 10) : 0;\n\n    for (const buffered of session.eventBuffer) {\n      if (resumeAfterSeq && buffered.seq <= resumeAfterSeq) continue;\n      writeSseEventRaw(res, buffered.seq, serializeEvent(buffered.event));\n    }\n    session.eventBuffer = [];\n    session.sseResponse = res;\n\n    // Start keepalive interval\n    this.startSseKeepalive(session);\n\n    res.on(\"close\", () => {\n      if (session.sseResponse === res) {\n        this.clearSseKeepalive(session);\n        session.sseResponse = null;\n      }\n    });\n  }\n\n  private async handlePermissionResponse(\n    sessionId: string,\n    req: IncomingMessage,\n    res: ServerResponse,\n  ): Promise<void> {\n    const session = this.sessions.get(sessionId);\n    if (!session) return jsonResponse(res, 404, { error: \"Session not found\" });\n    if (!session.pendingPermission) return jsonResponse(res, 409, { error: \"No pending permission request\" });\n\n    const body = (await readBody(req)) as PermissionResponse;\n    this.clearPendingPermissionTimer(session);\n    session.pendingPermission.resolve(body);\n    session.pendingPermission = null;\n    jsonResponse(res, 200, { ok: true });\n  }\n\n  private async handleInputResponse(\n    sessionId: string,\n    req: IncomingMessage,\n    res: ServerResponse,\n  ): Promise<void> {\n    const session = this.sessions.get(sessionId);\n    if (!session) return jsonResponse(res, 404, { error: \"Session not found\" });\n    if (!session.pendingInput) return jsonResponse(res, 409, { error: \"No pending input request\" });\n\n    const body = (await readBody(req)) as { answer?: string };\n    if (typeof body.answer !== \"string\") {\n      return jsonResponse(res, 400, { error: \"Missing required field: answer\" });\n    }\n\n    this.clearPendingInputTimer(session);\n    session.pendingInput.resolve(body.answer);\n    session.pendingInput = null;\n    jsonResponse(res, 200, { ok: true });\n  }\n\n  private async handleSendMessage(\n    sessionId: string,\n    req: IncomingMessage,\n    res: ServerResponse,\n  ): Promise<void> {\n    const session = this.sessions.get(sessionId);\n    if (!session) return jsonResponse(res, 404, { error: \"Session not found\" });\n    if (!session.done) return jsonResponse(res, 409, { error: \"Session is still running\" });\n\n    const body = (await readBody(req)) as { prompt?: string };\n    if (!body.prompt || typeof body.prompt !== \"string\") {\n      return jsonResponse(res, 400, { error: \"Missing required field: prompt\" });\n    }\n\n    session.done = false;\n    session.abortController = new AbortController();\n    this.runAgentSse(session, body.prompt, true);\n    jsonResponse(res, 200, { ok: true });\n  }\n\n  private handleDeleteSession(sessionId: string, res: ServerResponse): void {\n    const session = this.sessions.get(sessionId);\n    if (!session) return jsonResponse(res, 404, { error: \"Session not found\" });\n    this.destroySession(session);\n    jsonResponse(res, 200, { ok: true });\n  }\n\n  // -------------------------------------------------------------------------\n  // WebSocket handling\n  // -------------------------------------------------------------------------\n\n  private async handleWsConnection(ws: WsWebSocket, req: IncomingMessage): Promise<void> {\n    if (this.options.auth) {\n      const url = new URL(req.url ?? \"/\", `http://${req.headers.host ?? \"localhost\"}`);\n      const tokenParam = url.searchParams.get(\"token\");\n      if (tokenParam && this.options.auth.type === \"bearer\") {\n        if (tokenParam !== this.options.auth.token) {\n          ws.close();\n          return;\n        }\n      } else {\n        const authResult = await this.authenticate(req);\n        if (!authResult) {\n          ws.close();\n          return;\n        }\n      }\n    }\n\n    const wsSessions = new Set<string>();\n\n    // Ping/pong health check\n    let pongReceived = true;\n    const pingTimer = setInterval(() => {\n      if (!pongReceived) {\n        ws.close();\n        return;\n      }\n      pongReceived = false;\n      try { ws.ping(); } catch { /* connection may already be closing */ }\n    }, WS_PING_INTERVAL_MS);\n\n    ws.on(\"pong\", () => { pongReceived = true; });\n\n    ws.on(\"message\", async (raw) => {\n      try {\n        const msg = JSON.parse(typeof raw === \"string\" ? raw : raw.toString());\n        await this.handleWsMessage(ws, msg, wsSessions, req);\n      } catch (err) {\n        wsSend(ws, { type: \"error\", error: String(err) });\n      }\n    });\n\n    ws.on(\"close\", () => {\n      clearInterval(pingTimer);\n      for (const sid of wsSessions) {\n        const session = this.sessions.get(sid);\n        if (session) this.destroySession(session);\n      }\n    });\n\n    ws.on(\"error\", () => {\n      clearInterval(pingTimer);\n    });\n  }\n\n  private async handleWsMessage(\n    ws: WsWebSocket,\n    msg: Record<string, unknown>,\n    wsSessions: Set<string>,\n    req: IncomingMessage,\n  ): Promise<void> {\n    const msgType = msg.type as string;\n\n    if (msgType === \"run\") {\n      if (this.options.maxSessions && this.sessions.size >= this.options.maxSessions) {\n        wsSend(ws, { type: \"error\", error: \"Maximum sessions reached\" });\n        return;\n      }\n      const overrides = await this.resolveConnectionOverrides(req);\n      const session = this.createSessionState(msg.sessionId as string | undefined, overrides);\n      wsSessions.add(session.id);\n      wsSend(ws, { type: \"session_created\", sessionId: session.id });\n      this.runAgentWs(session, msg.prompt as string, ws, false);\n      return;\n    }\n\n    if (msgType === \"message\") {\n      const session = this.sessions.get(msg.sessionId as string);\n      if (!session) { wsSend(ws, { type: \"error\", error: \"Session not found\" }); return; }\n      if (!session.done) { wsSend(ws, { type: \"error\", error: \"Session is still running\" }); return; }\n      session.done = false;\n      session.abortController = new AbortController();\n      this.runAgentWs(session, msg.prompt as string, ws, true);\n      return;\n    }\n\n    if (msgType === \"permission_response\") {\n      const session = this.sessions.get(msg.sessionId as string);\n      if (!session?.pendingPermission) return;\n      this.clearPendingPermissionTimer(session);\n      const { sessionId: _sid, type: _type, ...response } = msg;\n      session.pendingPermission.resolve(response as unknown as PermissionResponse);\n      session.pendingPermission = null;\n      return;\n    }\n\n    if (msgType === \"input_response\") {\n      const session = this.sessions.get(msg.sessionId as string);\n      if (!session?.pendingInput) return;\n      this.clearPendingInputTimer(session);\n      session.pendingInput.resolve((msg.answer as string) ?? \"\");\n      session.pendingInput = null;\n      return;\n    }\n\n    if (msgType === \"abort\") {\n      const session = this.sessions.get(msg.sessionId as string);\n      if (session) this.destroySession(session);\n    }\n  }\n\n  // -------------------------------------------------------------------------\n  // Session management\n  // -------------------------------------------------------------------------\n\n  private createSessionState(\n    requestedId: string | undefined,\n    overrides: ConnectionOverrides,\n  ): SessionState {\n    const sessionId = requestedId ?? randomUUID();\n\n    const session: SessionState = {\n      id: sessionId,\n      abortController: new AbortController(),\n      pendingPermission: null,\n      pendingInput: null,\n      pendingPermissionTimer: null,\n      pendingInputTimer: null,\n      lastActivity: Date.now(),\n      sseResponse: null,\n      sseKeepaliveTimer: null,\n      eventBuffer: [],\n      sequenceNum: 0,\n      done: false,\n      cwd: overrides.cwd,\n    };\n\n    this.sessions.set(sessionId, session);\n    return session;\n  }\n\n  private makeThread(session: SessionState, resume: boolean) {\n    const handlers = {\n      cwd: session.cwd,\n      permissionHandler: (req: import(\"../permissions/types.js\").PermissionRequest) =>\n        this.bridgePermission(session.id, req),\n      userInputHandler: (q: string) =>\n        this.bridgeUserInput(session.id, q),\n    };\n\n    return resume\n      ? this.code.resumeThread(session.id, handlers)\n      : this.code.createThread({ sessionId: session.id, ...handlers });\n  }\n\n  private runAgentSse(session: SessionState, prompt: string, resume: boolean): void {\n    const run = async () => {\n      try {\n        const thread = this.makeThread(session, resume);\n        for await (const event of thread.run(prompt, { signal: session.abortController.signal })) {\n          this.emitSseEvent(session, event);\n          session.lastActivity = Date.now();\n        }\n      } catch (err) {\n        if ((err as Error).name !== \"AbortError\") {\n          this.emitSseEvent(session, {\n            type: \"error\",\n            error: err instanceof Error ? err : new Error(String(err)),\n          });\n        }\n      } finally {\n        session.done = true;\n      }\n    };\n    run().catch((err) => this.options.onError?.(err instanceof Error ? err : new Error(String(err))));\n  }\n\n  private runAgentWs(session: SessionState, prompt: string, ws: WsWebSocket, resume: boolean): void {\n    const run = async () => {\n      try {\n        const thread = this.makeThread(session, resume);\n        for await (const event of thread.run(prompt, { signal: session.abortController.signal })) {\n          session.sequenceNum++;\n          wsSend(ws, { ...serializeEvent(event), sessionId: session.id, seq: session.sequenceNum });\n          session.lastActivity = Date.now();\n        }\n      } catch (err) {\n        if ((err as Error).name !== \"AbortError\") {\n          wsSend(ws, { type: \"error\", sessionId: session.id, error: String(err) });\n        }\n      } finally {\n        session.done = true;\n      }\n    };\n    run().catch((err) => this.options.onError?.(err instanceof Error ? err : new Error(String(err))));\n  }\n\n  private emitSseEvent(session: SessionState, event: StreamEvent): void {\n    session.sequenceNum++;\n    const seq = session.sequenceNum;\n\n    if (session.sseResponse) {\n      writeSseEventRaw(session.sseResponse, seq, serializeEvent(event));\n    } else {\n      // Buffer with cap — drop oldest if full\n      if (session.eventBuffer.length >= MAX_EVENT_BUFFER) {\n        session.eventBuffer.shift();\n      }\n      session.eventBuffer.push({ seq, event });\n    }\n  }\n\n  private bridgePermission(\n    sessionId: string,\n    _request: import(\"../permissions/types.js\").PermissionRequest,\n  ): Promise<PermissionResponse> {\n    const session = this.sessions.get(sessionId);\n    if (!session) return Promise.reject(new Error(\"Session not found\"));\n    const timeoutMs = this.options.pendingTimeoutMs ?? DEFAULT_PENDING_TIMEOUT_MS;\n    return new Promise<PermissionResponse>((resolve, reject) => {\n      session.pendingPermission = { resolve, reject };\n      session.pendingPermissionTimer = setTimeout(() => {\n        session.pendingPermissionTimer = null;\n        if (session.pendingPermission) {\n          session.pendingPermission.reject(new Error(\"Permission request timed out\"));\n          session.pendingPermission = null;\n        }\n      }, timeoutMs);\n    });\n  }\n\n  private bridgeUserInput(sessionId: string, _question: string): Promise<string> {\n    const session = this.sessions.get(sessionId);\n    if (!session) return Promise.reject(new Error(\"Session not found\"));\n    const timeoutMs = this.options.pendingTimeoutMs ?? DEFAULT_PENDING_TIMEOUT_MS;\n    return new Promise<string>((resolve, reject) => {\n      session.pendingInput = { resolve, reject };\n      session.pendingInputTimer = setTimeout(() => {\n        session.pendingInputTimer = null;\n        if (session.pendingInput) {\n          session.pendingInput.reject(new Error(\"User input request timed out\"));\n          session.pendingInput = null;\n        }\n      }, timeoutMs);\n    });\n  }\n\n  private startSseKeepalive(session: SessionState): void {\n    this.clearSseKeepalive(session);\n    session.sseKeepaliveTimer = setInterval(() => {\n      if (session.sseResponse && !session.sseResponse.destroyed) {\n        session.sseResponse.write(\":keepalive\\n\\n\");\n      }\n    }, SSE_KEEPALIVE_INTERVAL_MS);\n    session.sseKeepaliveTimer.unref();\n  }\n\n  private clearSseKeepalive(session: SessionState): void {\n    if (session.sseKeepaliveTimer) {\n      clearInterval(session.sseKeepaliveTimer);\n      session.sseKeepaliveTimer = null;\n    }\n  }\n\n  private clearPendingPermissionTimer(session: SessionState): void {\n    if (session.pendingPermissionTimer) {\n      clearTimeout(session.pendingPermissionTimer);\n      session.pendingPermissionTimer = null;\n    }\n  }\n\n  private clearPendingInputTimer(session: SessionState): void {\n    if (session.pendingInputTimer) {\n      clearTimeout(session.pendingInputTimer);\n      session.pendingInputTimer = null;\n    }\n  }\n\n  private destroySession(session: SessionState): void {\n    session.abortController.abort();\n    this.clearSseKeepalive(session);\n    this.clearPendingPermissionTimer(session);\n    this.clearPendingInputTimer(session);\n    if (session.pendingPermission) {\n      session.pendingPermission.reject(new Error(\"Session aborted\"));\n      session.pendingPermission = null;\n    }\n    if (session.pendingInput) {\n      session.pendingInput.reject(new Error(\"Session aborted\"));\n      session.pendingInput = null;\n    }\n    if (session.sseResponse) {\n      session.sseResponse.end();\n      session.sseResponse = null;\n    }\n    this.sessions.delete(session.id);\n  }\n\n  private reapIdleSessions(): void {\n    const timeout = this.options.idleTimeoutMs;\n    if (!timeout) return;\n    const now = Date.now();\n    for (const session of this.sessions.values()) {\n      if (now - session.lastActivity > timeout) {\n        this.destroySession(session);\n      }\n    }\n  }\n\n  private async resolveConnectionOverrides(req: IncomingMessage): Promise<ConnectionOverrides> {\n    if (!this.options.onConnection) return {};\n    const auth = (await this.authenticate(req)) ?? {};\n    return this.options.onConnection({ auth, remoteAddress: req.socket.remoteAddress });\n  }\n}\n\n// ---------------------------------------------------------------------------\n// Factory\n// ---------------------------------------------------------------------------\n\nexport function createServer(code: Agent, options: ServerOptions): NoumenServer {\n  return new NoumenServer(code, options);\n}\n\n/**\n * Create a `(req, res)` handler that can be mounted on any Node HTTP\n * framework (Express, Fastify, Hono, bare `http.createServer`, etc.).\n *\n * ```ts\n * import express from \"express\";\n * import { createRequestHandler } from \"noumen/server\";\n *\n * const app = express();\n * app.use(\"/agent\", createRequestHandler(code, { auth: { type: \"bearer\", token: \"...\" } }));\n * ```\n *\n * WebSocket is not supported in middleware mode — use `createServer()` for WS.\n */\nexport function createRequestHandler(\n  code: Agent,\n  options?: RequestHandlerOptions,\n): (req: IncomingMessage, res: ServerResponse) => void {\n  const serverOpts: ServerOptions = {\n    port: 0,\n    ws: false,\n    ...options,\n  };\n  const server = new NoumenServer(code, serverOpts);\n  return (req, res) => { server.handleRequest(req, res); };\n}\n\n// ---------------------------------------------------------------------------\n// Helpers\n// ---------------------------------------------------------------------------\n\nfunction jsonResponse(res: ServerResponse, status: number, body: unknown): void {\n  const json = JSON.stringify(body);\n  res.writeHead(status, {\n    \"Content-Type\": \"application/json\",\n    \"Content-Length\": Buffer.byteLength(json),\n  });\n  res.end(json);\n}\n\n/**\n * Serialize a StreamEvent to a JSON-safe object. Error instances are\n * converted to `{ message, name }` since `JSON.stringify(new Error())`\n * produces `{}`.\n */\nfunction serializeEvent(event: StreamEvent): Record<string, unknown> {\n  if (event.type === \"error\") {\n    return { type: \"error\", error: { message: event.error.message, name: event.error.name } };\n  }\n  if (event.type === \"retry_exhausted\") {\n    return { ...event, error: { message: event.error.message, name: event.error.name } };\n  }\n  if (event.type === \"retry_attempt\") {\n    return { ...event, error: { message: event.error.message, name: event.error.name } };\n  }\n  return event as unknown as Record<string, unknown>;\n}\n\nfunction writeSseEventRaw(res: ServerResponse, seq: number, data: Record<string, unknown>): void {\n  res.write(`id: ${seq}\\ndata: ${JSON.stringify(data)}\\n\\n`);\n}\n\nfunction readBody(req: IncomingMessage): Promise<unknown> {\n  return new Promise((resolve, reject) => {\n    let totalBytes = 0;\n    let rejected = false;\n    const chunks: Buffer[] = [];\n    req.on(\"data\", (chunk: Buffer) => {\n      if (rejected) return;\n      totalBytes += chunk.length;\n      if (totalBytes > MAX_BODY_BYTES) {\n        rejected = true;\n        req.destroy();\n        reject(new Error(\"Request body too large\"));\n        return;\n      }\n      chunks.push(chunk);\n    });\n    req.on(\"end\", () => {\n      if (rejected) return;\n      try {\n        const raw = Buffer.concat(chunks).toString();\n        resolve(raw ? JSON.parse(raw) : {});\n      } catch (err) {\n        reject(err);\n      }\n    });\n    req.on(\"error\", (err) => {\n      if (!rejected) reject(err);\n    });\n  });\n}\n\nfunction wsSend(ws: WsWebSocket, data: unknown): void {\n  if (ws.readyState === 1) ws.send(JSON.stringify(data));\n}\n"],"mappings":";;;AAAA,SAAS,gBAAgB,wBAAmE;AAC5F,SAAS,kBAAkB;AAW3B,IAAM,4BAA4B;AAClC,IAAM,iBAAiB;AACvB,IAAM,mBAAmB;AACzB,IAAM,6BAA6B;AACnC,IAAM,sBAAsB;AAC5B,IAAM,oBAAoB;AAsGnB,IAAM,eAAN,MAAmB;AAAA,EAChB;AAAA,EACA;AAAA,EACA,aAAyD;AAAA,EACzD,MAAuB;AAAA,EACvB,WAAW,oBAAI,IAA0B;AAAA,EACzC,YAAmD;AAAA,EAE3D,YAAY,MAAa,SAAwB;AAC/C,SAAK,OAAO;AACZ,SAAK,UAAU;AAAA,EACjB;AAAA,EAEA,MAAM,QAAuB;AAC3B,SAAK,aAAa,iBAAiB,CAAC,KAAK,QAAQ,KAAK,cAAc,KAAK,GAAG,CAAC;AAE7E,QAAI,KAAK,QAAQ,OAAO,OAAO;AAC7B,YAAM,KAAK,cAAc;AAAA,IAC3B;AAEA,SAAK,iBAAiB;AAEtB,WAAO,IAAI,QAAc,CAAC,SAAS,WAAW;AAC5C,YAAM,OAAO,KAAK,QAAQ,QAAQ;AAClC,WAAK,WAAY,OAAO,KAAK,QAAQ,MAAM,MAAM,MAAM,QAAQ,CAAC;AAChE,WAAK,WAAY,KAAK,SAAS,MAAM;AAAA,IACvC,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,OAAsB;AAC1B,QAAI,KAAK,WAAW;AAClB,oBAAc,KAAK,SAAS;AAC5B,WAAK,YAAY;AAAA,IACnB;AAGA,eAAW,WAAW,KAAK,SAAS,OAAO,GAAG;AAC5C,cAAQ,gBAAgB,MAAM;AAAA,IAChC;AACA,UAAM,IAAI,QAAc,CAAC,YAAY,WAAW,SAAS,iBAAiB,CAAC;AAE3E,eAAW,WAAW,KAAK,SAAS,OAAO,GAAG;AAC5C,WAAK,eAAe,OAAO;AAAA,IAC7B;AAEA,QAAI,KAAK,KAAK;AACZ,YAAM,IAAI,QAAc,CAAC,YAAY,KAAK,IAAK,MAAM,MAAM,QAAQ,CAAC,CAAC;AACrE,WAAK,MAAM;AAAA,IACb;AAEA,QAAI,KAAK,YAAY;AACnB,UAAI,OAAQ,KAAK,WAAmB,wBAAwB,YAAY;AACtE,QAAC,KAAK,WAAmB,oBAAoB;AAAA,MAC/C;AACA,YAAM,IAAI;AAAA,QAAc,CAAC,SAAS,WAChC,KAAK,WAAY,MAAM,CAAC,QAAS,MAAM,OAAO,GAAG,IAAI,QAAQ,CAAE;AAAA,MACjE;AACA,WAAK,aAAa;AAAA,IACpB;AAAA,EACF;AAAA,EAEA,oBAAsF;AACpF,UAAM,SAAS,oBAAI,IAAiE;AACpF,eAAW,CAAC,IAAI,CAAC,KAAK,KAAK,UAAU;AACnC,aAAO,IAAI,IAAI,EAAE,IAAI,EAAE,IAAI,cAAc,EAAE,cAAc,MAAM,EAAE,KAAK,CAAC;AAAA,IACzE;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAMA,MAAc,gBAA+B;AAC3C,QAAI;AACJ,QAAI;AACF,YAAM,KAAK,MAAM,OAAO,IAAI;AAC5B,qBAAgB,GAAW,mBAAoB,GAAW,SAAS;AAAA,IACrE,QAAQ;AACN,YAAM,IAAI;AAAA,QACR;AAAA,MAGF;AAAA,IACF;AAEA,SAAK,MAAM,IAAI,aAAa,EAAE,QAAQ,KAAK,WAAY,CAAC;AACxD,SAAK,IAAI,GAAG,cAAc,CAAC,IAAI,QAAQ;AACrC,WAAK,mBAAmB,IAAI,GAAG,EAAE;AAAA,QAAM,CAAC,QACtC,KAAK,QAAQ,UAAU,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC,CAAC;AAAA,MAC5E;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAAc,KAAsB,KAAoC;AAC5E,SAAK,iBAAiB;AACtB,WAAO,KAAK,WAAW,KAAK,GAAG,EAAE,MAAM,CAAC,QAAQ;AAC9C,WAAK,QAAQ,UAAU,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC,CAAC;AAC1E,UAAI,CAAC,IAAI,YAAa,cAAa,KAAK,KAAK,EAAE,OAAO,wBAAwB,CAAC;AAAA,IACjF,CAAC;AAAA,EACH;AAAA,EAEQ,oBAAoB;AAAA,EAEpB,mBAAyB;AAC/B,QAAI,KAAK,qBAAqB,CAAC,KAAK,QAAQ,cAAe;AAC3D,SAAK,oBAAoB;AACzB,UAAM,WAAW,KAAK,IAAI,KAAK,QAAQ,gBAAgB,GAAG,GAAI;AAC9D,SAAK,YAAY,YAAY,MAAM,KAAK,iBAAiB,GAAG,QAAQ;AACpE,SAAK,UAAU,MAAM;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAMA,MAAc,WAAW,KAAsB,KAAoC;AACjF,QAAI,KAAK,QAAQ,SAAS,OAAO;AAC/B,UAAI,UAAU,+BAA+B,GAAG;AAChD,UAAI,UAAU,gCAAgC,4BAA4B;AAC1E,UAAI,UAAU,gCAAgC,4CAA4C;AAAA,IAC5F;AAEA,UAAM,SAAS,IAAI,UAAU;AAE7B,QAAI,WAAW,WAAW;AACxB,UAAI,UAAU,GAAG;AACjB,UAAI,IAAI;AACR;AAAA,IACF;AAEA,UAAM,MAAM,IAAI,IAAI,IAAI,OAAO,KAAK,UAAU,IAAI,QAAQ,QAAQ,WAAW,EAAE;AAC/E,UAAM,OAAO,IAAI;AAEjB,QAAI,SAAS,aAAa,WAAW,OAAO;AAC1C,aAAO,aAAa,KAAK,KAAK,EAAE,QAAQ,MAAM,UAAU,KAAK,SAAS,KAAK,CAAC;AAAA,IAC9E;AAEA,QAAI,KAAK,QAAQ,MAAM;AACrB,YAAM,aAAa,MAAM,KAAK,aAAa,GAAG;AAC9C,UAAI,CAAC,YAAY;AACf,eAAO,aAAa,KAAK,KAAK,EAAE,OAAO,eAAe,CAAC;AAAA,MACzD;AAAA,IACF;AAEA,QAAI,SAAS,eAAe,WAAW,QAAQ;AAC7C,aAAO,KAAK,oBAAoB,KAAK,GAAG;AAAA,IAC1C;AAEA,QAAI,SAAS,eAAe,WAAW,OAAO;AAC5C,aAAO,KAAK,mBAAmB,GAAG;AAAA,IACpC;AAEA,UAAM,eAAe,KAAK,MAAM,kCAAkC;AAClE,QAAI,cAAc;AAChB,YAAM,YAAY,aAAa,CAAC;AAChC,YAAM,MAAM,aAAa,CAAC,KAAK;AAE/B,UAAI,QAAQ,YAAY,WAAW,MAAO,QAAO,KAAK,gBAAgB,WAAW,KAAK,GAAG;AACzF,UAAI,QAAQ,iBAAiB,WAAW,OAAQ,QAAO,KAAK,yBAAyB,WAAW,KAAK,GAAG;AACxG,UAAI,QAAQ,WAAW,WAAW,OAAQ,QAAO,KAAK,oBAAoB,WAAW,KAAK,GAAG;AAC7F,UAAI,QAAQ,cAAc,WAAW,OAAQ,QAAO,KAAK,kBAAkB,WAAW,KAAK,GAAG;AAC9F,UAAI,QAAQ,MAAM,WAAW,SAAU,QAAO,KAAK,oBAAoB,WAAW,GAAG;AAAA,IACvF;AAEA,iBAAa,KAAK,KAAK,EAAE,OAAO,YAAY,CAAC;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA,EAMA,MAAc,aAAa,KAAkD;AAC3E,UAAM,OAAO,KAAK,QAAQ;AAC1B,QAAI,CAAC,KAAM,QAAO,CAAC;AAEnB,QAAI,KAAK,SAAS,UAAU;AAC1B,YAAM,SAAS,IAAI,QAAQ;AAC3B,UAAI,WAAW,UAAU,KAAK,KAAK,GAAI,QAAO,CAAC;AAC/C,aAAO;AAAA,IACT;AAEA,WAAO,KAAK,OAAO,GAAG;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA,EAMA,MAAc,oBAAoB,KAAsB,KAAoC;AAC1F,UAAM,OAAO,MAAM,SAAS,GAAG;AAC/B,UAAM,EAAE,QAAQ,WAAW,YAAY,IAAI;AAE3C,QAAI,CAAC,UAAU,OAAO,WAAW,UAAU;AACzC,aAAO,aAAa,KAAK,KAAK,EAAE,OAAO,iCAAiC,CAAC;AAAA,IAC3E;AAEA,QAAI,KAAK,QAAQ,eAAe,KAAK,SAAS,QAAQ,KAAK,QAAQ,aAAa;AAC9E,aAAO,aAAa,KAAK,KAAK,EAAE,OAAO,2BAA2B,CAAC;AAAA,IACrE;AAEA,UAAM,YAAY,MAAM,KAAK,2BAA2B,GAAG;AAC3D,UAAM,UAAU,KAAK,mBAAmB,aAAa,SAAS;AAE9D,SAAK,YAAY,SAAS,QAAQ,KAAK;AAEvC,iBAAa,KAAK,KAAK;AAAA,MACrB,WAAW,QAAQ;AAAA,MACnB,WAAW,aAAa,QAAQ,EAAE;AAAA,IACpC,CAAC;AAAA,EACH;AAAA,EAEQ,mBAAmB,KAA2B;AACpD,UAAM,WAAW,MAAM,KAAK,KAAK,SAAS,OAAO,CAAC,EAAE,IAAI,CAAC,OAAO;AAAA,MAC9D,IAAI,EAAE;AAAA,MACN,cAAc,EAAE;AAAA,MAChB,MAAM,EAAE;AAAA,IACV,EAAE;AACF,iBAAa,KAAK,KAAK,QAAQ;AAAA,EACjC;AAAA,EAEQ,gBAAgB,WAAmB,KAAsB,KAA2B;AAC1F,UAAM,UAAU,KAAK,SAAS,IAAI,SAAS;AAC3C,QAAI,CAAC,QAAS,QAAO,aAAa,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AAG1E,QAAI,QAAQ,aAAa;AACvB,YAAM,SAAS,QAAQ;AACvB,uBAAiB,QAAQ,QAAQ,cAAc,GAAG,EAAE,MAAM,sBAAsB,CAAC;AACjF,aAAO,IAAI;AACX,WAAK,kBAAkB,OAAO;AAC9B,cAAQ,cAAc;AAAA,IACxB;AAEA,QAAI,UAAU,KAAK;AAAA,MACjB,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,MACjB,cAAc;AAAA,MACd,qBAAqB;AAAA,IACvB,CAAC;AAGD,UAAM,cAAc,IAAI,QAAQ,eAAe;AAC/C,UAAM,iBAAiB,cAAc,SAAS,aAAa,EAAE,IAAI;AAEjE,eAAW,YAAY,QAAQ,aAAa;AAC1C,UAAI,kBAAkB,SAAS,OAAO,eAAgB;AACtD,uBAAiB,KAAK,SAAS,KAAK,eAAe,SAAS,KAAK,CAAC;AAAA,IACpE;AACA,YAAQ,cAAc,CAAC;AACvB,YAAQ,cAAc;AAGtB,SAAK,kBAAkB,OAAO;AAE9B,QAAI,GAAG,SAAS,MAAM;AACpB,UAAI,QAAQ,gBAAgB,KAAK;AAC/B,aAAK,kBAAkB,OAAO;AAC9B,gBAAQ,cAAc;AAAA,MACxB;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAc,yBACZ,WACA,KACA,KACe;AACf,UAAM,UAAU,KAAK,SAAS,IAAI,SAAS;AAC3C,QAAI,CAAC,QAAS,QAAO,aAAa,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AAC1E,QAAI,CAAC,QAAQ,kBAAmB,QAAO,aAAa,KAAK,KAAK,EAAE,OAAO,gCAAgC,CAAC;AAExG,UAAM,OAAQ,MAAM,SAAS,GAAG;AAChC,SAAK,4BAA4B,OAAO;AACxC,YAAQ,kBAAkB,QAAQ,IAAI;AACtC,YAAQ,oBAAoB;AAC5B,iBAAa,KAAK,KAAK,EAAE,IAAI,KAAK,CAAC;AAAA,EACrC;AAAA,EAEA,MAAc,oBACZ,WACA,KACA,KACe;AACf,UAAM,UAAU,KAAK,SAAS,IAAI,SAAS;AAC3C,QAAI,CAAC,QAAS,QAAO,aAAa,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AAC1E,QAAI,CAAC,QAAQ,aAAc,QAAO,aAAa,KAAK,KAAK,EAAE,OAAO,2BAA2B,CAAC;AAE9F,UAAM,OAAQ,MAAM,SAAS,GAAG;AAChC,QAAI,OAAO,KAAK,WAAW,UAAU;AACnC,aAAO,aAAa,KAAK,KAAK,EAAE,OAAO,iCAAiC,CAAC;AAAA,IAC3E;AAEA,SAAK,uBAAuB,OAAO;AACnC,YAAQ,aAAa,QAAQ,KAAK,MAAM;AACxC,YAAQ,eAAe;AACvB,iBAAa,KAAK,KAAK,EAAE,IAAI,KAAK,CAAC;AAAA,EACrC;AAAA,EAEA,MAAc,kBACZ,WACA,KACA,KACe;AACf,UAAM,UAAU,KAAK,SAAS,IAAI,SAAS;AAC3C,QAAI,CAAC,QAAS,QAAO,aAAa,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AAC1E,QAAI,CAAC,QAAQ,KAAM,QAAO,aAAa,KAAK,KAAK,EAAE,OAAO,2BAA2B,CAAC;AAEtF,UAAM,OAAQ,MAAM,SAAS,GAAG;AAChC,QAAI,CAAC,KAAK,UAAU,OAAO,KAAK,WAAW,UAAU;AACnD,aAAO,aAAa,KAAK,KAAK,EAAE,OAAO,iCAAiC,CAAC;AAAA,IAC3E;AAEA,YAAQ,OAAO;AACf,YAAQ,kBAAkB,IAAI,gBAAgB;AAC9C,SAAK,YAAY,SAAS,KAAK,QAAQ,IAAI;AAC3C,iBAAa,KAAK,KAAK,EAAE,IAAI,KAAK,CAAC;AAAA,EACrC;AAAA,EAEQ,oBAAoB,WAAmB,KAA2B;AACxE,UAAM,UAAU,KAAK,SAAS,IAAI,SAAS;AAC3C,QAAI,CAAC,QAAS,QAAO,aAAa,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AAC1E,SAAK,eAAe,OAAO;AAC3B,iBAAa,KAAK,KAAK,EAAE,IAAI,KAAK,CAAC;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAMA,MAAc,mBAAmB,IAAiB,KAAqC;AACrF,QAAI,KAAK,QAAQ,MAAM;AACrB,YAAM,MAAM,IAAI,IAAI,IAAI,OAAO,KAAK,UAAU,IAAI,QAAQ,QAAQ,WAAW,EAAE;AAC/E,YAAM,aAAa,IAAI,aAAa,IAAI,OAAO;AAC/C,UAAI,cAAc,KAAK,QAAQ,KAAK,SAAS,UAAU;AACrD,YAAI,eAAe,KAAK,QAAQ,KAAK,OAAO;AAC1C,aAAG,MAAM;AACT;AAAA,QACF;AAAA,MACF,OAAO;AACL,cAAM,aAAa,MAAM,KAAK,aAAa,GAAG;AAC9C,YAAI,CAAC,YAAY;AACf,aAAG,MAAM;AACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAEA,UAAM,aAAa,oBAAI,IAAY;AAGnC,QAAI,eAAe;AACnB,UAAM,YAAY,YAAY,MAAM;AAClC,UAAI,CAAC,cAAc;AACjB,WAAG,MAAM;AACT;AAAA,MACF;AACA,qBAAe;AACf,UAAI;AAAE,WAAG,KAAK;AAAA,MAAG,QAAQ;AAAA,MAA0C;AAAA,IACrE,GAAG,mBAAmB;AAEtB,OAAG,GAAG,QAAQ,MAAM;AAAE,qBAAe;AAAA,IAAM,CAAC;AAE5C,OAAG,GAAG,WAAW,OAAO,QAAQ;AAC9B,UAAI;AACF,cAAM,MAAM,KAAK,MAAM,OAAO,QAAQ,WAAW,MAAM,IAAI,SAAS,CAAC;AACrE,cAAM,KAAK,gBAAgB,IAAI,KAAK,YAAY,GAAG;AAAA,MACrD,SAAS,KAAK;AACZ,eAAO,IAAI,EAAE,MAAM,SAAS,OAAO,OAAO,GAAG,EAAE,CAAC;AAAA,MAClD;AAAA,IACF,CAAC;AAED,OAAG,GAAG,SAAS,MAAM;AACnB,oBAAc,SAAS;AACvB,iBAAW,OAAO,YAAY;AAC5B,cAAM,UAAU,KAAK,SAAS,IAAI,GAAG;AACrC,YAAI,QAAS,MAAK,eAAe,OAAO;AAAA,MAC1C;AAAA,IACF,CAAC;AAED,OAAG,GAAG,SAAS,MAAM;AACnB,oBAAc,SAAS;AAAA,IACzB,CAAC;AAAA,EACH;AAAA,EAEA,MAAc,gBACZ,IACA,KACA,YACA,KACe;AACf,UAAM,UAAU,IAAI;AAEpB,QAAI,YAAY,OAAO;AACrB,UAAI,KAAK,QAAQ,eAAe,KAAK,SAAS,QAAQ,KAAK,QAAQ,aAAa;AAC9E,eAAO,IAAI,EAAE,MAAM,SAAS,OAAO,2BAA2B,CAAC;AAC/D;AAAA,MACF;AACA,YAAM,YAAY,MAAM,KAAK,2BAA2B,GAAG;AAC3D,YAAM,UAAU,KAAK,mBAAmB,IAAI,WAAiC,SAAS;AACtF,iBAAW,IAAI,QAAQ,EAAE;AACzB,aAAO,IAAI,EAAE,MAAM,mBAAmB,WAAW,QAAQ,GAAG,CAAC;AAC7D,WAAK,WAAW,SAAS,IAAI,QAAkB,IAAI,KAAK;AACxD;AAAA,IACF;AAEA,QAAI,YAAY,WAAW;AACzB,YAAM,UAAU,KAAK,SAAS,IAAI,IAAI,SAAmB;AACzD,UAAI,CAAC,SAAS;AAAE,eAAO,IAAI,EAAE,MAAM,SAAS,OAAO,oBAAoB,CAAC;AAAG;AAAA,MAAQ;AACnF,UAAI,CAAC,QAAQ,MAAM;AAAE,eAAO,IAAI,EAAE,MAAM,SAAS,OAAO,2BAA2B,CAAC;AAAG;AAAA,MAAQ;AAC/F,cAAQ,OAAO;AACf,cAAQ,kBAAkB,IAAI,gBAAgB;AAC9C,WAAK,WAAW,SAAS,IAAI,QAAkB,IAAI,IAAI;AACvD;AAAA,IACF;AAEA,QAAI,YAAY,uBAAuB;AACrC,YAAM,UAAU,KAAK,SAAS,IAAI,IAAI,SAAmB;AACzD,UAAI,CAAC,SAAS,kBAAmB;AACjC,WAAK,4BAA4B,OAAO;AACxC,YAAM,EAAE,WAAW,MAAM,MAAM,OAAO,GAAG,SAAS,IAAI;AACtD,cAAQ,kBAAkB,QAAQ,QAAyC;AAC3E,cAAQ,oBAAoB;AAC5B;AAAA,IACF;AAEA,QAAI,YAAY,kBAAkB;AAChC,YAAM,UAAU,KAAK,SAAS,IAAI,IAAI,SAAmB;AACzD,UAAI,CAAC,SAAS,aAAc;AAC5B,WAAK,uBAAuB,OAAO;AACnC,cAAQ,aAAa,QAAS,IAAI,UAAqB,EAAE;AACzD,cAAQ,eAAe;AACvB;AAAA,IACF;AAEA,QAAI,YAAY,SAAS;AACvB,YAAM,UAAU,KAAK,SAAS,IAAI,IAAI,SAAmB;AACzD,UAAI,QAAS,MAAK,eAAe,OAAO;AAAA,IAC1C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAMQ,mBACN,aACA,WACc;AACd,UAAM,YAAY,eAAe,WAAW;AAE5C,UAAM,UAAwB;AAAA,MAC5B,IAAI;AAAA,MACJ,iBAAiB,IAAI,gBAAgB;AAAA,MACrC,mBAAmB;AAAA,MACnB,cAAc;AAAA,MACd,wBAAwB;AAAA,MACxB,mBAAmB;AAAA,MACnB,cAAc,KAAK,IAAI;AAAA,MACvB,aAAa;AAAA,MACb,mBAAmB;AAAA,MACnB,aAAa,CAAC;AAAA,MACd,aAAa;AAAA,MACb,MAAM;AAAA,MACN,KAAK,UAAU;AAAA,IACjB;AAEA,SAAK,SAAS,IAAI,WAAW,OAAO;AACpC,WAAO;AAAA,EACT;AAAA,EAEQ,WAAW,SAAuB,QAAiB;AACzD,UAAM,WAAW;AAAA,MACf,KAAK,QAAQ;AAAA,MACb,mBAAmB,CAAC,QAClB,KAAK,iBAAiB,QAAQ,IAAI,GAAG;AAAA,MACvC,kBAAkB,CAAC,MACjB,KAAK,gBAAgB,QAAQ,IAAI,CAAC;AAAA,IACtC;AAEA,WAAO,SACH,KAAK,KAAK,aAAa,QAAQ,IAAI,QAAQ,IAC3C,KAAK,KAAK,aAAa,EAAE,WAAW,QAAQ,IAAI,GAAG,SAAS,CAAC;AAAA,EACnE;AAAA,EAEQ,YAAY,SAAuB,QAAgB,QAAuB;AAChF,UAAM,MAAM,YAAY;AACtB,UAAI;AACF,cAAM,SAAS,KAAK,WAAW,SAAS,MAAM;AAC9C,yBAAiB,SAAS,OAAO,IAAI,QAAQ,EAAE,QAAQ,QAAQ,gBAAgB,OAAO,CAAC,GAAG;AACxF,eAAK,aAAa,SAAS,KAAK;AAChC,kBAAQ,eAAe,KAAK,IAAI;AAAA,QAClC;AAAA,MACF,SAAS,KAAK;AACZ,YAAK,IAAc,SAAS,cAAc;AACxC,eAAK,aAAa,SAAS;AAAA,YACzB,MAAM;AAAA,YACN,OAAO,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC;AAAA,UAC3D,CAAC;AAAA,QACH;AAAA,MACF,UAAE;AACA,gBAAQ,OAAO;AAAA,MACjB;AAAA,IACF;AACA,QAAI,EAAE,MAAM,CAAC,QAAQ,KAAK,QAAQ,UAAU,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC,CAAC,CAAC;AAAA,EAClG;AAAA,EAEQ,WAAW,SAAuB,QAAgB,IAAiB,QAAuB;AAChG,UAAM,MAAM,YAAY;AACtB,UAAI;AACF,cAAM,SAAS,KAAK,WAAW,SAAS,MAAM;AAC9C,yBAAiB,SAAS,OAAO,IAAI,QAAQ,EAAE,QAAQ,QAAQ,gBAAgB,OAAO,CAAC,GAAG;AACxF,kBAAQ;AACR,iBAAO,IAAI,EAAE,GAAG,eAAe,KAAK,GAAG,WAAW,QAAQ,IAAI,KAAK,QAAQ,YAAY,CAAC;AACxF,kBAAQ,eAAe,KAAK,IAAI;AAAA,QAClC;AAAA,MACF,SAAS,KAAK;AACZ,YAAK,IAAc,SAAS,cAAc;AACxC,iBAAO,IAAI,EAAE,MAAM,SAAS,WAAW,QAAQ,IAAI,OAAO,OAAO,GAAG,EAAE,CAAC;AAAA,QACzE;AAAA,MACF,UAAE;AACA,gBAAQ,OAAO;AAAA,MACjB;AAAA,IACF;AACA,QAAI,EAAE,MAAM,CAAC,QAAQ,KAAK,QAAQ,UAAU,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC,CAAC,CAAC;AAAA,EAClG;AAAA,EAEQ,aAAa,SAAuB,OAA0B;AACpE,YAAQ;AACR,UAAM,MAAM,QAAQ;AAEpB,QAAI,QAAQ,aAAa;AACvB,uBAAiB,QAAQ,aAAa,KAAK,eAAe,KAAK,CAAC;AAAA,IAClE,OAAO;AAEL,UAAI,QAAQ,YAAY,UAAU,kBAAkB;AAClD,gBAAQ,YAAY,MAAM;AAAA,MAC5B;AACA,cAAQ,YAAY,KAAK,EAAE,KAAK,MAAM,CAAC;AAAA,IACzC;AAAA,EACF;AAAA,EAEQ,iBACN,WACA,UAC6B;AAC7B,UAAM,UAAU,KAAK,SAAS,IAAI,SAAS;AAC3C,QAAI,CAAC,QAAS,QAAO,QAAQ,OAAO,IAAI,MAAM,mBAAmB,CAAC;AAClE,UAAM,YAAY,KAAK,QAAQ,oBAAoB;AACnD,WAAO,IAAI,QAA4B,CAAC,SAAS,WAAW;AAC1D,cAAQ,oBAAoB,EAAE,SAAS,OAAO;AAC9C,cAAQ,yBAAyB,WAAW,MAAM;AAChD,gBAAQ,yBAAyB;AACjC,YAAI,QAAQ,mBAAmB;AAC7B,kBAAQ,kBAAkB,OAAO,IAAI,MAAM,8BAA8B,CAAC;AAC1E,kBAAQ,oBAAoB;AAAA,QAC9B;AAAA,MACF,GAAG,SAAS;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEQ,gBAAgB,WAAmB,WAAoC;AAC7E,UAAM,UAAU,KAAK,SAAS,IAAI,SAAS;AAC3C,QAAI,CAAC,QAAS,QAAO,QAAQ,OAAO,IAAI,MAAM,mBAAmB,CAAC;AAClE,UAAM,YAAY,KAAK,QAAQ,oBAAoB;AACnD,WAAO,IAAI,QAAgB,CAAC,SAAS,WAAW;AAC9C,cAAQ,eAAe,EAAE,SAAS,OAAO;AACzC,cAAQ,oBAAoB,WAAW,MAAM;AAC3C,gBAAQ,oBAAoB;AAC5B,YAAI,QAAQ,cAAc;AACxB,kBAAQ,aAAa,OAAO,IAAI,MAAM,8BAA8B,CAAC;AACrE,kBAAQ,eAAe;AAAA,QACzB;AAAA,MACF,GAAG,SAAS;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEQ,kBAAkB,SAA6B;AACrD,SAAK,kBAAkB,OAAO;AAC9B,YAAQ,oBAAoB,YAAY,MAAM;AAC5C,UAAI,QAAQ,eAAe,CAAC,QAAQ,YAAY,WAAW;AACzD,gBAAQ,YAAY,MAAM,gBAAgB;AAAA,MAC5C;AAAA,IACF,GAAG,yBAAyB;AAC5B,YAAQ,kBAAkB,MAAM;AAAA,EAClC;AAAA,EAEQ,kBAAkB,SAA6B;AACrD,QAAI,QAAQ,mBAAmB;AAC7B,oBAAc,QAAQ,iBAAiB;AACvC,cAAQ,oBAAoB;AAAA,IAC9B;AAAA,EACF;AAAA,EAEQ,4BAA4B,SAA6B;AAC/D,QAAI,QAAQ,wBAAwB;AAClC,mBAAa,QAAQ,sBAAsB;AAC3C,cAAQ,yBAAyB;AAAA,IACnC;AAAA,EACF;AAAA,EAEQ,uBAAuB,SAA6B;AAC1D,QAAI,QAAQ,mBAAmB;AAC7B,mBAAa,QAAQ,iBAAiB;AACtC,cAAQ,oBAAoB;AAAA,IAC9B;AAAA,EACF;AAAA,EAEQ,eAAe,SAA6B;AAClD,YAAQ,gBAAgB,MAAM;AAC9B,SAAK,kBAAkB,OAAO;AAC9B,SAAK,4BAA4B,OAAO;AACxC,SAAK,uBAAuB,OAAO;AACnC,QAAI,QAAQ,mBAAmB;AAC7B,cAAQ,kBAAkB,OAAO,IAAI,MAAM,iBAAiB,CAAC;AAC7D,cAAQ,oBAAoB;AAAA,IAC9B;AACA,QAAI,QAAQ,cAAc;AACxB,cAAQ,aAAa,OAAO,IAAI,MAAM,iBAAiB,CAAC;AACxD,cAAQ,eAAe;AAAA,IACzB;AACA,QAAI,QAAQ,aAAa;AACvB,cAAQ,YAAY,IAAI;AACxB,cAAQ,cAAc;AAAA,IACxB;AACA,SAAK,SAAS,OAAO,QAAQ,EAAE;AAAA,EACjC;AAAA,EAEQ,mBAAyB;AAC/B,UAAM,UAAU,KAAK,QAAQ;AAC7B,QAAI,CAAC,QAAS;AACd,UAAM,MAAM,KAAK,IAAI;AACrB,eAAW,WAAW,KAAK,SAAS,OAAO,GAAG;AAC5C,UAAI,MAAM,QAAQ,eAAe,SAAS;AACxC,aAAK,eAAe,OAAO;AAAA,MAC7B;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,2BAA2B,KAAoD;AAC3F,QAAI,CAAC,KAAK,QAAQ,aAAc,QAAO,CAAC;AACxC,UAAM,OAAQ,MAAM,KAAK,aAAa,GAAG,KAAM,CAAC;AAChD,WAAO,KAAK,QAAQ,aAAa,EAAE,MAAM,eAAe,IAAI,OAAO,cAAc,CAAC;AAAA,EACpF;AACF;AAMO,SAAS,aAAa,MAAa,SAAsC;AAC9E,SAAO,IAAI,aAAa,MAAM,OAAO;AACvC;AAgBO,SAAS,qBACd,MACA,SACqD;AACrD,QAAM,aAA4B;AAAA,IAChC,MAAM;AAAA,IACN,IAAI;AAAA,IACJ,GAAG;AAAA,EACL;AACA,QAAM,SAAS,IAAI,aAAa,MAAM,UAAU;AAChD,SAAO,CAAC,KAAK,QAAQ;AAAE,WAAO,cAAc,KAAK,GAAG;AAAA,EAAG;AACzD;AAMA,SAAS,aAAa,KAAqB,QAAgB,MAAqB;AAC9E,QAAM,OAAO,KAAK,UAAU,IAAI;AAChC,MAAI,UAAU,QAAQ;AAAA,IACpB,gBAAgB;AAAA,IAChB,kBAAkB,OAAO,WAAW,IAAI;AAAA,EAC1C,CAAC;AACD,MAAI,IAAI,IAAI;AACd;AAOA,SAAS,eAAe,OAA6C;AACnE,MAAI,MAAM,SAAS,SAAS;AAC1B,WAAO,EAAE,MAAM,SAAS,OAAO,EAAE,SAAS,MAAM,MAAM,SAAS,MAAM,MAAM,MAAM,KAAK,EAAE;AAAA,EAC1F;AACA,MAAI,MAAM,SAAS,mBAAmB;AACpC,WAAO,EAAE,GAAG,OAAO,OAAO,EAAE,SAAS,MAAM,MAAM,SAAS,MAAM,MAAM,MAAM,KAAK,EAAE;AAAA,EACrF;AACA,MAAI,MAAM,SAAS,iBAAiB;AAClC,WAAO,EAAE,GAAG,OAAO,OAAO,EAAE,SAAS,MAAM,MAAM,SAAS,MAAM,MAAM,MAAM,KAAK,EAAE;AAAA,EACrF;AACA,SAAO;AACT;AAEA,SAAS,iBAAiB,KAAqB,KAAa,MAAqC;AAC/F,MAAI,MAAM,OAAO,GAAG;AAAA,QAAW,KAAK,UAAU,IAAI,CAAC;AAAA;AAAA,CAAM;AAC3D;AAEA,SAAS,SAAS,KAAwC;AACxD,SAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,QAAI,aAAa;AACjB,QAAI,WAAW;AACf,UAAM,SAAmB,CAAC;AAC1B,QAAI,GAAG,QAAQ,CAAC,UAAkB;AAChC,UAAI,SAAU;AACd,oBAAc,MAAM;AACpB,UAAI,aAAa,gBAAgB;AAC/B,mBAAW;AACX,YAAI,QAAQ;AACZ,eAAO,IAAI,MAAM,wBAAwB,CAAC;AAC1C;AAAA,MACF;AACA,aAAO,KAAK,KAAK;AAAA,IACnB,CAAC;AACD,QAAI,GAAG,OAAO,MAAM;AAClB,UAAI,SAAU;AACd,UAAI;AACF,cAAM,MAAM,OAAO,OAAO,MAAM,EAAE,SAAS;AAC3C,gBAAQ,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC,CAAC;AAAA,MACpC,SAAS,KAAK;AACZ,eAAO,GAAG;AAAA,MACZ;AAAA,IACF,CAAC;AACD,QAAI,GAAG,SAAS,CAAC,QAAQ;AACvB,UAAI,CAAC,SAAU,QAAO,GAAG;AAAA,IAC3B,CAAC;AAAA,EACH,CAAC;AACH;AAEA,SAAS,OAAO,IAAiB,MAAqB;AACpD,MAAI,GAAG,eAAe,EAAG,IAAG,KAAK,KAAK,UAAU,IAAI,CAAC;AACvD;","names":[]}

package/dist/server-Cg1yWGaV.d.ts

@@ -0,0 +1,96 @@
+import { T as Tool, g as ToolResult, h as ToolContext } from './types-CwKKucOF.js';
+import { T as TokenStorage, M as McpServerConfig } from './types-2kTLUCnD.js';
+
+/**
+ * Normalize a server or tool name to be compatible with the API pattern
+ * ^[a-zA-Z0-9_-]{1,64}$. Replaces any invalid characters with underscores.
+ */
+declare function normalizeNameForMCP(name: string): string;
+declare function getMcpPrefix(serverName: string): string;
+declare function buildMcpToolName(serverName: string, toolName: string): string;
+/**
+ * Parse a fully-qualified MCP tool name back into server + tool components.
+ * Returns null if the string doesn't match the mcp__server__tool pattern.
+ */
+declare function parseMcpToolName(fullName: string): {
+    serverName: string;
+    toolName: string;
+} | null;
+
+interface McpClientManagerOptions {
+    /**
+     * Default token storage used for servers that declare `oauth` config
+     * but no custom `authProvider`. Falls back to InMemoryTokenStorage.
+     */
+    tokenStorage?: TokenStorage;
+    /**
+     * Called when a server requires interactive OAuth and the user must
+     * visit an authorization URL. Passed through to NoumenOAuthProvider.
+     */
+    onAuthorizationUrl?: (url: string) => void | Promise<void>;
+}
+declare class McpClientManager {
+    private connections;
+    private serverConfigs;
+    private tokenStorage;
+    private onAuthorizationUrl?;
+    constructor(mcpServers: Record<string, McpServerConfig>, options?: McpClientManagerOptions);
+    connect(): Promise<void>;
+    private connectToServer;
+    /**
+     * Resolve an OAuthClientProvider for an HTTP or SSE server config.
+     * Returns null if the server doesn't require authentication.
+     */
+    private resolveAuthProvider;
+    getTools(): Promise<Tool[]>;
+    private mapMcpTool;
+    callTool(serverName: string, toolName: string, args: Record<string, unknown>, options?: {
+        timeoutMs?: number;
+    }): Promise<ToolResult>;
+    getConnectionStatus(): Array<{
+        name: string;
+        status: string;
+        toolCount?: number;
+    }>;
+    /**
+     * Returns server names that are in `needs-auth` status and require
+     * interactive OAuth before they can be used.
+     */
+    getServersNeedingAuth(): string[];
+    /**
+     * Reconnect a server by closing its existing connection and
+     * establishing a new one. Useful after completing OAuth.
+     */
+    reconnect(serverName: string): Promise<void>;
+    /**
+     * Trigger interactive OAuth for a `needs-auth` server, then reconnect.
+     * Runs the full MCP SDK auth orchestrator with a local callback server.
+     *
+     * Returns the authorization URL if the flow requires user interaction,
+     * or null if the server connected without browser auth (e.g. cached tokens).
+     */
+    performAuth(serverName: string, options?: {
+        signal?: AbortSignal;
+    }): Promise<{
+        authUrl?: string;
+    }>;
+    close(): Promise<void>;
+}
+
+interface McpServerOptions {
+    /** Additional tools beyond the 6 built-ins */
+    tools?: Tool[];
+    /** Context passed to tool.call() for all invocations */
+    toolContext: ToolContext;
+    /** Server name reported to clients */
+    name?: string;
+    /** Server version reported to clients */
+    version?: string;
+}
+/**
+ * Start an MCP server over stdio that exposes noumen's tools.
+ * This is the entry point for `noumen mcp` or similar CLI integrations.
+ */
+declare function createMcpServer(opts: McpServerOptions): Promise<void>;
+
+export { McpClientManager as M, type McpClientManagerOptions as a, type McpServerOptions as b, buildMcpToolName as c, createMcpServer as d, getMcpPrefix as g, normalizeNameForMCP as n, parseMcpToolName as p };

package/dist/spinner-OJNR6NFO.js

@@ -0,0 +1,8 @@
+import {
+  startSpinner
+} from "./chunk-KXDB56YW.js";
+import "./chunk-DGUM43GV.js";
+export {
+  startSpinner
+};
+//# sourceMappingURL=spinner-OJNR6NFO.js.map

package/dist/spinner-OJNR6NFO.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/types-2kTLUCnD.d.ts

@@ -0,0 +1,107 @@
+import { Client } from '@modelcontextprotocol/sdk/client/index.js';
+import { OAuthDiscoveryState, OAuthClientProvider } from '@modelcontextprotocol/sdk/client/auth.js';
+import { OAuthTokens, OAuthClientInformationMixed, OAuthClientMetadata } from '@modelcontextprotocol/sdk/shared/auth.js';
+
+/**
+ * Configuration for MCP server OAuth authentication.
+ * When provided on an HTTP or SSE server config, noumen will automatically
+ * create an OAuthClientProvider and wire it into the transport.
+ */
+interface McpOAuthConfig {
+    /** Pre-registered client ID. Omit to use Dynamic Client Registration. */
+    clientId?: string;
+    /** Client secret for confidential clients. */
+    clientSecret?: string;
+    /** Space-separated OAuth scopes to request. */
+    scopes?: string;
+    /** Preferred local port for the OAuth callback server. */
+    callbackPort?: number;
+    /** Override URL for the authorization server metadata endpoint. */
+    authServerMetadataUrl?: string;
+}
+/**
+ * Persisted state for a single MCP server's OAuth session.
+ */
+interface OAuthTokenData {
+    tokens?: OAuthTokens;
+    clientInformation?: OAuthClientInformationMixed;
+    codeVerifier?: string;
+    discoveryState?: OAuthDiscoveryState;
+    /** Epoch ms when the access token expires (computed from tokens.expires_in). */
+    expiresAt?: number;
+}
+/**
+ * Pluggable storage backend for OAuth tokens and session data.
+ * Consumers provide their own implementation (file, keychain, database, etc).
+ */
+interface TokenStorage {
+    load(serverKey: string): Promise<OAuthTokenData | undefined>;
+    save(serverKey: string, data: OAuthTokenData): Promise<void>;
+    delete(serverKey: string): Promise<void>;
+}
+/**
+ * Options for creating a NoumenOAuthProvider.
+ */
+interface OAuthProviderOptions {
+    storage: TokenStorage;
+    clientMetadata: OAuthClientMetadata;
+    /** Pre-registered client ID (skips Dynamic Client Registration). */
+    clientId?: string;
+    /** Client secret for confidential clients. */
+    clientSecret?: string;
+    /** Preferred local port for the callback server. */
+    callbackPort?: number;
+    /**
+     * Called when the user must visit an authorization URL.
+     * If not provided, the default behavior opens the system browser.
+     */
+    onAuthorizationUrl?: (url: string) => void | Promise<void>;
+    /** AbortSignal to cancel in-progress authorization flows. */
+    signal?: AbortSignal;
+}
+
+interface McpStdioServerConfig {
+    type?: "stdio";
+    command: string;
+    args?: string[];
+    env?: Record<string, string>;
+}
+interface McpHttpServerConfig {
+    type: "http";
+    url: string;
+    headers?: Record<string, string>;
+    /** OAuth configuration — noumen creates an auth provider automatically. */
+    oauth?: McpOAuthConfig;
+    /** Fully custom OAuthClientProvider — overrides `oauth` config when set. */
+    authProvider?: OAuthClientProvider;
+}
+interface McpSseServerConfig {
+    type: "sse";
+    url: string;
+    headers?: Record<string, string>;
+    /** OAuth configuration — noumen creates an auth provider automatically. */
+    oauth?: McpOAuthConfig;
+    /** Fully custom OAuthClientProvider — overrides `oauth` config when set. */
+    authProvider?: OAuthClientProvider;
+}
+interface McpWebSocketServerConfig {
+    type: "websocket";
+    url: string;
+}
+type McpServerConfig = McpStdioServerConfig | McpHttpServerConfig | McpSseServerConfig | McpWebSocketServerConfig;
+interface McpConfig {
+    mcpServers: Record<string, McpServerConfig>;
+}
+interface McpConnection {
+    name: string;
+    client: Client | null;
+    status: "connected" | "failed" | "pending" | "needs-auth";
+    config: McpServerConfig;
+    cleanup: () => Promise<void>;
+}
+interface McpToolInfo {
+    serverName: string;
+    toolName: string;
+}
+
+export type { McpServerConfig as M, OAuthTokenData as O, TokenStorage as T, OAuthProviderOptions as a, McpConfig as b, McpConnection as c, McpHttpServerConfig as d, McpOAuthConfig as e, McpSseServerConfig as f, McpStdioServerConfig as g, McpToolInfo as h, McpWebSocketServerConfig as i };