ylib-wecom-openclaw-plugin 2026.4.29

package/dist/src/mcp/transport.js

@@ -0,0 +1,702 @@
+"use strict";
+/**
+ * MCP Streamable HTTP 传输层模块
+ *
+ * 负责:
+ * - MCP JSON-RPC over HTTP 通信（发送请求、解析响应）
+ * - Streamable HTTP session 生命周期管理（initialize 握手 → Mcp-Session-Id 维护 → 失效重建）
+ * - 自动检测无状态 Server：如果 initialize 响应未返回 Mcp-Session-Id，
+ *   则标记为无状态模式，后续请求跳过握手和 session 管理
+ * - SSE 流式响应解析
+ * - MCP 配置运行时缓存（通过 WSClient 拉取 URL 并缓存在内存中）
+ */
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+var __assign = (this && this.__assign) || function () {
+    __assign = Object.assign || function(t) {
+        for (var s, i = 1, n = arguments.length; i < n; i++) {
+            s = arguments[i];
+            for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
+                t[p] = s[p];
+        }
+        return t;
+    };
+    return __assign.apply(this, arguments);
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+exports.__esModule = true;
+exports.sendJsonRpc = exports.clearAccountCache = exports.clearCategoryCache = exports.resolveCurrentAccountId = exports.McpHttpError = exports.McpRpcError = exports.WECOM_USERID_HEADER = exports.MEDIA_DOWNLOAD_TIMEOUT_MS = void 0;
+var aibot_node_sdk_1 = require("@wecom/aibot-node-sdk");
+var undici_1 = require("undici");
+var openclaw_compat_js_1 = require("../openclaw-compat.js");
+var state_manager_js_1 = require("../state-manager.js");
+var const_js_1 = require("../const.js");
+var timeout_js_1 = require("../timeout.js");
+var version_js_1 = require("../version.js");
+var runtime_js_1 = require("../runtime.js");
+var accounts_js_1 = require("../accounts.js");
+// ============================================================================
+// 内部状态
+// ============================================================================
+/** HTTP 请求超时时间（毫秒） */
+var HTTP_REQUEST_TIMEOUT_MS = 30000;
+/** 媒体下载请求超时时间（毫秒），base64 编码的媒体文件最大可达 ~27MB */
+exports.MEDIA_DOWNLOAD_TIMEOUT_MS = 120000;
+/** 日志前缀 */
+var LOG_TAG = "[mcp]";
+/** 请求 MCP Server 时透传可信企业微信 userid 的 header 名 */
+exports.WECOM_USERID_HEADER = "x-openclaw-wecom-userid";
+/**
+ * 构造 MCP 请求使用的 User-Agent
+ *
+ * 格式：`OpenClawPlugin/<version> <platform>/<arch>`
+ * 例如：`OpenClawPlugin/0.1.3 linux/x86_64`
+ *
+ * 说明：
+ * - version: 取自 package.json 的 PLUGIN_VERSION
+ * - platform: process.platform（linux / darwin / win32 ...）
+ * - arch: 将 Node 的 `x64` 归一化为传统 Unix 风格 `x86_64`，其他架构原样返回
+ */
+function buildUserAgent() {
+    var _a;
+    var archMap = {
+        x64: "x86_64",
+        ia32: "i386"
+    };
+    var arch = (_a = archMap[process.arch]) !== null && _a !== void 0 ? _a : process.arch;
+    return "OpenClawPlugin/" + version_js_1.PLUGIN_VERSION + " " + process.platform + "/" + arch;
+}
+var MCP_USER_AGENT = buildUserAgent();
+/**
+ * MCP JSON-RPC 错误
+ *
+ * 携带服务端返回的 JSON-RPC error.code，
+ * 用于上层按错误码进行差异化处理（如特定错误码触发缓存清理）。
+ */
+var McpRpcError = /** @class */ (function (_super) {
+    __extends(McpRpcError, _super);
+    function McpRpcError(code, message, data) {
+        var _this = _super.call(this, message) || this;
+        _this.code = code;
+        _this.data = data;
+        _this.name = "McpRpcError";
+        return _this;
+    }
+    return McpRpcError;
+}(Error));
+exports.McpRpcError = McpRpcError;
+/**
+ * MCP HTTP 错误
+ *
+ * 携带 HTTP 状态码，用于精确判断 session 失效（404）等场景，
+ * 避免通过字符串匹配 "404" 导致的误判。
+ */
+var McpHttpError = /** @class */ (function (_super) {
+    __extends(McpHttpError, _super);
+    function McpHttpError(statusCode, message) {
+        var _this = _super.call(this, message) || this;
+        _this.statusCode = statusCode;
+        _this.name = "McpHttpError";
+        return _this;
+    }
+    return McpHttpError;
+}(Error));
+exports.McpHttpError = McpHttpError;
+/**
+ * 需要清理缓存的 JSON-RPC 错误码集合
+ *
+ * 当 MCP Server 返回以下错误码时，说明服务端状态已发生变化（如配置变更、
+ * 服务重启等），需要清理对应 category 的全部缓存，确保下次请求重新
+ * 拉取配置并重建会话。
+ *
+ * - -32001: 服务不可用（Server Unavailable）
+ * - -32002: 配置已变更（Config Changed）
+ * - -32003: 认证失败（Auth Failed）
+ */
+var CACHE_CLEAR_ERROR_CODES = new Set([-32001, -32002, -32003]);
+/**
+ * 生成多账号感知的缓存 key
+ *
+ * 不同账号的同一 category 对应不同的 MCP Server（URL、凭据均不同），
+ * 必须用 accountId:category 的复合键隔离，避免跨账号缓存污染。
+ */
+function cacheKey(accountId, category) {
+    return accountId + ":" + category;
+}
+/** MCP 配置缓存：accountId:category → response.body（完整配置） */
+var mcpConfigCache = new Map();
+/** Streamable HTTP 会话缓存：accountId:category → session */
+var mcpSessionCache = new Map();
+/** 已确认为无状态的 MCP Server 集合（跳过后续握手），key 为 accountId:category */
+var statelessCategories = new Set();
+/** 正在进行中的 initialize 请求（防止并发重复初始化），key 为 accountId:category */
+var inflightInitRequests = new Map();
+// ============================================================================
+// MCP 配置拉取与缓存
+// ============================================================================
+/**
+ * 判断账户是否为长连接机器人（通过 botId + secret 配置）
+ */
+function isWebSocketBot(cfg, accountId) {
+    var _a, _b;
+    var resolved = accounts_js_1.resolveWeComAccountMulti({ cfg: cfg, accountId: accountId });
+    return Boolean(((_a = resolved.botId) === null || _a === void 0 ? void 0 : _a.trim()) && ((_b = resolved.secret) === null || _b === void 0 ? void 0 : _b.trim()));
+}
+/**
+ * 解析用于 MCP 调用的账户 ID
+ *
+ * 优先级：
+ * 1. 默认账户（如果是长连接机器人）
+ * 2. 第一个长连接机器人账户
+ * 3. 无可用账户时返回 null
+ */
+function resolveMcpAccountId(cfg) {
+    var defaultAccountId = accounts_js_1.resolveDefaultWeComAccountId(cfg);
+    // 优先使用默认账户
+    if (isWebSocketBot(cfg, defaultAccountId)) {
+        return defaultAccountId;
+    }
+    // 默认账户非长连接，查找第一个长连接账户
+    var allIds = accounts_js_1.listWeComAccountIds(cfg);
+    for (var _i = 0, allIds_1 = allIds; _i < allIds_1.length; _i++) {
+        var id = allIds_1[_i];
+        if (id !== defaultAccountId && isWebSocketBot(cfg, id)) {
+            console.log(LOG_TAG + " \u9ED8\u8BA4\u8D26\u6237 \"" + defaultAccountId + "\" \u975E\u957F\u8FDE\u63A5\u6A21\u5F0F\uFF0C\u4F7F\u7528\u8D26\u6237 \"" + id + "\" \u83B7\u53D6 MCP \u914D\u7F6E");
+            return id;
+        }
+    }
+    return null;
+}
+/**
+ * 根据配置解析当前用于 MCP 的账户 ID
+ *
+ * 通过 PluginRuntime 读取全局配置，按以下优先级选择账户：
+ * 1. 默认账户（如果配置了 botId + secret）
+ * 2. 第一个配置了 botId + secret 的长连接账户
+ * 3. 无可用长连接账户时回退到默认账户（会导致后续 WSClient 获取失败）
+ */
+function resolveCurrentAccountId() {
+    try {
+        var core = runtime_js_1.getWeComRuntime();
+        var cfg = core.config.loadConfig();
+        var mcpAccountId = resolveMcpAccountId(cfg);
+        if (mcpAccountId) {
+            return mcpAccountId;
+        }
+        // 无长连接账户，给出友好提示
+        console.warn(LOG_TAG + " \u672A\u627E\u5230\u957F\u8FDE\u63A5\u6A21\u5F0F\u7684\u673A\u5668\u4EBA\u8D26\u6237\uFF08\u9700\u914D\u7F6E botId + secret\uFF09\uFF0CMCP \u529F\u80FD\u4E0D\u53EF\u7528");
+        return accounts_js_1.resolveDefaultWeComAccountId(cfg);
+    }
+    catch (_a) {
+        // runtime 未初始化时回退到 "default"
+        return openclaw_compat_js_1.DEFAULT_ACCOUNT_ID;
+    }
+}
+exports.resolveCurrentAccountId = resolveCurrentAccountId;
+/**
+ * 通过 WSClient 拉取指定 category 的 MCP 完整配置
+ *
+ * @param accountId - 账户 ID，决定使用哪个 WSClient
+ * @param category - MCP 品类名称，如 doc、contact
+ * @returns 完整的 response.body 配置对象（至少包含 url 字段）
+ */
+function fetchMcpConfig(accountId, category) {
+    var _a;
+    return __awaiter(this, void 0, void 0, function () {
+        var wsClient, reqId, response, errMsg, body;
+        return __generator(this, function (_b) {
+            switch (_b.label) {
+                case 0:
+                    wsClient = state_manager_js_1.getWeComWebSocket(accountId);
+                    if (!wsClient) {
+                        throw new Error("WSClient \u672A\u8FDE\u63A5 (accountId=\"" + accountId + "\")\uFF0C\u65E0\u6CD5\u62C9\u53D6 MCP \u914D\u7F6E");
+                    }
+                    reqId = aibot_node_sdk_1.generateReqId("mcp_config");
+                    return [4 /*yield*/, timeout_js_1.withTimeout(wsClient.reply({ headers: { req_id: reqId } }, { biz_type: category, plugin_version: version_js_1.PLUGIN_VERSION }, const_js_1.MCP_GET_CONFIG_CMD), const_js_1.MCP_CONFIG_FETCH_TIMEOUT_MS, "MCP config fetch for \"" + category + "\" timed out after " + const_js_1.MCP_CONFIG_FETCH_TIMEOUT_MS + "ms")];
+                case 1:
+                    response = _b.sent();
+                    if (response.errcode !== undefined && response.errcode !== 0) {
+                        errMsg = "MCP \u914D\u7F6E\u8BF7\u6C42\u5931\u8D25: errcode=" + response.errcode + ", errmsg=" + ((_a = response.errmsg) !== null && _a !== void 0 ? _a : "unknown");
+                        console.error(LOG_TAG + " " + errMsg);
+                        throw new Error(errMsg);
+                    }
+                    body = response.body;
+                    if (!(body === null || body === void 0 ? void 0 : body.url)) {
+                        throw new Error("MCP \u914D\u7F6E\u54CD\u5E94\u7F3A\u5C11 url \u5B57\u6BB5 (category=\"" + category + "\")");
+                    }
+                    console.log(LOG_TAG + " \u914D\u7F6E\u62C9\u53D6\u6210\u529F (accountId=\"" + accountId + "\", category=\"" + category + "\")");
+                    return [2 /*return*/, body];
+            }
+        });
+    });
+}
+/**
+ * 获取指定品类的 MCP Server URL
+ *
+ * 优先从内存缓存中读取，未命中时通过 WSClient 拉取并缓存。
+ *
+ * @param accountId - 账户 ID
+ * @param category - MCP 品类名称
+ * @returns MCP Server URL
+ */
+function getMcpUrl(accountId, category) {
+    return __awaiter(this, void 0, void 0, function () {
+        var key, cached, body;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0:
+                    key = cacheKey(accountId, category);
+                    cached = mcpConfigCache.get(key);
+                    if (cached)
+                        return [2 /*return*/, cached.url];
+                    return [4 /*yield*/, fetchMcpConfig(accountId, category)];
+                case 1:
+                    body = _a.sent();
+                    // 写入缓存
+                    mcpConfigCache.set(key, body);
+                    console.log(LOG_TAG + " getMcpUrl " + accountId + "/" + category + ": " + body.url);
+                    return [2 /*return*/, body.url];
+            }
+        });
+    });
+}
+// ============================================================================
+// HTTP 底层通信
+// ============================================================================
+/**
+ * 发送原始 HTTP 请求到 MCP Server（底层方法）
+ *
+ * 自动携带 Mcp-Session-Id 请求头（如果有），
+ * 并从响应头中更新 sessionId。
+ */
+function sendRawJsonRpc(url, session, body, timeoutMs, requesterUserId) {
+    var _a, _b;
+    if (timeoutMs === void 0) { timeoutMs = HTTP_REQUEST_TIMEOUT_MS; }
+    return __awaiter(this, void 0, void 0, function () {
+        var controller, timeoutId, headers, normalizedRequesterUserId, response, err_1, newSessionId, contentLength, contentType, _c, text, rpc;
+        return __generator(this, function (_d) {
+            switch (_d.label) {
+                case 0:
+                    controller = new AbortController();
+                    timeoutId = setTimeout(function () { return controller.abort(); }, timeoutMs);
+                    headers = {
+                        "Content-Type": "application/json",
+                        Accept: "application/json, text/event-stream",
+                        "User-Agent": MCP_USER_AGENT
+                    };
+                    // Streamable HTTP：携带会话 ID
+                    if (session.sessionId) {
+                        headers["Mcp-Session-Id"] = session.sessionId;
+                    }
+                    normalizedRequesterUserId = requesterUserId === null || requesterUserId === void 0 ? void 0 : requesterUserId.trim();
+                    if (normalizedRequesterUserId) {
+                        headers[exports.WECOM_USERID_HEADER] = normalizedRequesterUserId;
+                    }
+                    console.log(LOG_TAG + " sendRawJsonRpc \u2192 " + body.method + " | " + exports.WECOM_USERID_HEADER + ": " + ((_a = headers[exports.WECOM_USERID_HEADER]) !== null && _a !== void 0 ? _a : "(not set)"));
+                    _d.label = 1;
+                case 1:
+                    _d.trys.push([1, 3, 4, 5]);
+                    return [4 /*yield*/, undici_1.fetch(url, {
+                            method: "POST",
+                            headers: headers,
+                            body: JSON.stringify(body),
+                            signal: controller.signal
+                        })];
+                case 2:
+                    // 使用 undici 提供的 fetch，规避 Node 18.0–18.17 原生 fetch 无法自定义 User-Agent 的 bug；
+                    // undici 是项目已有依赖，且在所有支持的 Node 版本上行为一致。
+                    response = (_d.sent());
+                    return [3 /*break*/, 5];
+                case 3:
+                    err_1 = _d.sent();
+                    if (err_1 instanceof DOMException && err_1.name === "AbortError") {
+                        throw new Error("MCP \u8BF7\u6C42\u8D85\u65F6 (" + timeoutMs + "ms)");
+                    }
+                    throw new Error("MCP \u7F51\u7EDC\u8BF7\u6C42\u5931\u8D25: " + (err_1 instanceof Error ? err_1.message : String(err_1)));
+                case 4:
+                    clearTimeout(timeoutId);
+                    return [7 /*endfinally*/];
+                case 5:
+                    newSessionId = response.headers.get("mcp-session-id");
+                    if (!response.ok) {
+                        throw new McpHttpError(response.status, "MCP HTTP \u8BF7\u6C42\u5931\u8D25: " + response.status + " " + response.statusText);
+                    }
+                    contentLength = response.headers.get("content-length");
+                    if (response.status === 204 || contentLength === "0") {
+                        return [2 /*return*/, { response: response, rpcResult: undefined, newSessionId: newSessionId }];
+                    }
+                    contentType = (_b = response.headers.get("content-type")) !== null && _b !== void 0 ? _b : "";
+                    if (!contentType.includes("text/event-stream")) return [3 /*break*/, 7];
+                    _c = { response: response };
+                    return [4 /*yield*/, parseSseResponse(response)];
+                case 6: return [2 /*return*/, (_c.rpcResult = _d.sent(), _c.newSessionId = newSessionId, _c)];
+                case 7: return [4 /*yield*/, response.text()];
+                case 8:
+                    text = _d.sent();
+                    if (!text.trim()) {
+                        return [2 /*return*/, { response: response, rpcResult: undefined, newSessionId: newSessionId }];
+                    }
+                    rpc = JSON.parse(text);
+                    if (rpc.error) {
+                        throw new McpRpcError(rpc.error.code, "MCP \u8C03\u7528\u9519\u8BEF [" + rpc.error.code + "]: " + rpc.error.message, rpc.error.data);
+                    }
+                    return [2 /*return*/, { response: response, rpcResult: rpc.result, newSessionId: newSessionId }];
+            }
+        });
+    });
+}
+// ============================================================================
+// Session 管理
+// ============================================================================
+/**
+ * 对指定 URL 执行 Streamable HTTP 的 initialize 握手
+ *
+ * 发送 initialize → 接收 serverInfo → 发送 initialized 通知。
+ * 如果服务端未返回 Mcp-Session-Id，则标记为无状态模式，后续请求跳过 session 管理。
+ */
+function initializeSession(url, accountId, category, requesterUserId) {
+    return __awaiter(this, void 0, void 0, function () {
+        var key, session, initBody, initSessionId, notifyBody, notifySessionId;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0:
+                    key = cacheKey(accountId, category);
+                    session = { sessionId: null, initialized: false, stateless: false };
+                    console.log(LOG_TAG + " \u5F00\u59CB initialize \u63E1\u624B (accountId=\"" + accountId + "\", category=\"" + category + "\")");
+                    initBody = {
+                        jsonrpc: "2.0",
+                        id: aibot_node_sdk_1.generateReqId("mcp_init"),
+                        method: "initialize",
+                        params: {
+                            protocolVersion: "2025-03-26",
+                            capabilities: {},
+                            clientInfo: { name: "wecom_mcp", version: "1.0.0" }
+                        }
+                    };
+                    return [4 /*yield*/, sendRawJsonRpc(url, session, initBody, HTTP_REQUEST_TIMEOUT_MS, requesterUserId)];
+                case 1:
+                    initSessionId = (_a.sent()).newSessionId;
+                    // 用返回的 newSessionId 更新 session（不再依赖副作用修改）
+                    if (initSessionId) {
+                        session.sessionId = initSessionId;
+                    }
+                    // 检查服务端是否返回了 Mcp-Session-Id
+                    // 如果没有返回，说明该 Server 是无状态实现，无需维护 session
+                    if (!session.sessionId) {
+                        session.stateless = true;
+                        session.initialized = true;
+                        statelessCategories.add(key);
+                        mcpSessionCache.set(key, session);
+                        console.log(LOG_TAG + " \u65E0\u72B6\u6001 Server \u786E\u8BA4 (accountId=\"" + accountId + "\", category=\"" + category + "\")");
+                        return [2 /*return*/, session];
+                    }
+                    notifyBody = {
+                        jsonrpc: "2.0",
+                        method: "notifications/initialized"
+                    };
+                    return [4 /*yield*/, sendRawJsonRpc(url, session, notifyBody, HTTP_REQUEST_TIMEOUT_MS, requesterUserId)];
+                case 2:
+                    notifySessionId = (_a.sent()).newSessionId;
+                    // 如果 initialized 通知的响应也携带了 sessionId，以最新的为准
+                    if (notifySessionId) {
+                        session.sessionId = notifySessionId;
+                    }
+                    session.initialized = true;
+                    mcpSessionCache.set(key, session);
+                    console.log(LOG_TAG + " \u6709\u72B6\u6001 Session \u5EFA\u7ACB\u6210\u529F (accountId=\"" + accountId + "\", category=\"" + category + "\", sessionId=\"" + session.sessionId + "\")");
+                    return [2 /*return*/, session];
+            }
+        });
+    });
+}
+/**
+ * 获取或创建指定 URL 的 MCP 会话
+ *
+ * - 已确认无状态的 category：直接返回空 session，跳过握手
+ * - 已有可用有状态会话：直接返回缓存
+ * - 其他情况：执行 initialize 握手，并发请求会被合并
+ */
+function getOrCreateSession(url, accountId, category, requesterUserId) {
+    return __awaiter(this, void 0, void 0, function () {
+        var key, cached_1, cached, inflight, promise;
+        return __generator(this, function (_a) {
+            key = cacheKey(accountId, category);
+            // 已确认为无状态的 Server，直接返回空 session 跳过握手
+            if (statelessCategories.has(key)) {
+                cached_1 = mcpSessionCache.get(key);
+                if (cached_1)
+                    return [2 /*return*/, cached_1];
+                // 首次发现被清除（理论上不会走到这里），重新走握手探测
+            }
+            cached = mcpSessionCache.get(key);
+            if (cached === null || cached === void 0 ? void 0 : cached.initialized)
+                return [2 /*return*/, cached];
+            inflight = inflightInitRequests.get(key);
+            if (inflight)
+                return [2 /*return*/, inflight];
+            promise = initializeSession(url, accountId, category, requesterUserId)["finally"](function () {
+                inflightInitRequests["delete"](key);
+            });
+            inflightInitRequests.set(key, promise);
+            return [2 /*return*/, promise];
+        });
+    });
+}
+// ============================================================================
+// SSE 解析
+// ============================================================================
+/**
+ * 解析 SSE 流式响应，提取最终的 JSON-RPC result
+ *
+ * 按照 SSE 规范，同一事件中的多个 `data:` 行会用换行符拼接。
+ * 空行分隔不同事件，取最后一个完整事件的数据。
+ */
+function parseSseResponse(response) {
+    return __awaiter(this, void 0, void 0, function () {
+        var text, lines, currentDataParts, lastEventData, _i, lines_1, line, rpc;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, response.text()];
+                case 1:
+                    text = _a.sent();
+                    lines = text.split("\n");
+                    currentDataParts = [];
+                    lastEventData = "";
+                    for (_i = 0, lines_1 = lines; _i < lines_1.length; _i++) {
+                        line = lines_1[_i];
+                        if (line.startsWith("data: ")) {
+                            currentDataParts.push(line.slice(6));
+                        }
+                        else if (line.startsWith("data:")) {
+                            // data: 后无空格时，值为空字符串
+                            currentDataParts.push(line.slice(5));
+                        }
+                        else if (line.trim() === "" && currentDataParts.length > 0) {
+                            // 空行表示事件结束，拼接所有 data 行
+                            lastEventData = currentDataParts.join("\n").trim();
+                            currentDataParts = [];
+                        }
+                    }
+                    // 处理最后一个未以空行结尾的事件
+                    if (currentDataParts.length > 0) {
+                        lastEventData = currentDataParts.join("\n").trim();
+                    }
+                    if (!lastEventData) {
+                        throw new Error("SSE 响应中未包含有效数据");
+                    }
+                    try {
+                        rpc = JSON.parse(lastEventData);
+                        if (rpc.error) {
+                            throw new McpRpcError(rpc.error.code, "MCP \u8C03\u7528\u9519\u8BEF [" + rpc.error.code + "]: " + rpc.error.message, rpc.error.data);
+                        }
+                        return [2 /*return*/, rpc.result];
+                    }
+                    catch (err) {
+                        if (err instanceof SyntaxError) {
+                            throw new Error("SSE \u54CD\u5E94\u89E3\u6790\u5931\u8D25: " + lastEventData.slice(0, 200));
+                        }
+                        throw err;
+                    }
+                    return [2 /*return*/];
+            }
+        });
+    });
+}
+// ============================================================================
+// 公共 API
+// ============================================================================
+/**
+ * 清理指定账户+品类的所有 MCP 缓存（配置、会话、无状态标记）
+ *
+ * 当 MCP Server 返回特定错误码时调用，确保下次请求重新拉取配置并重建会话。
+ *
+ * @param accountId - 账户 ID
+ * @param category - MCP 品类名称
+ */
+function clearCategoryCache(accountId, category) {
+    var key = cacheKey(accountId, category);
+    console.log(LOG_TAG + " \u6E05\u7406\u7F13\u5B58 (accountId=\"" + accountId + "\", category=\"" + category + "\")");
+    mcpConfigCache["delete"](key);
+    mcpSessionCache["delete"](key);
+    statelessCategories["delete"](key);
+    inflightInitRequests["delete"](key);
+}
+exports.clearCategoryCache = clearCategoryCache;
+/**
+ * 清理指定账户下所有品类的 MCP 缓存
+ *
+ * 适用于账户掉线、凭据变更等需要整体清理的场景。
+ *
+ * @param accountId - 账户 ID
+ */
+function clearAccountCache(accountId) {
+    var prefix = accountId + ":";
+    console.log(LOG_TAG + " \u6E05\u7406\u8D26\u6237\u6240\u6709\u7F13\u5B58 (accountId=\"" + accountId + "\")");
+    for (var _i = 0, _a = mcpConfigCache.keys(); _i < _a.length; _i++) {
+        var key = _a[_i];
+        if (key.startsWith(prefix))
+            mcpConfigCache["delete"](key);
+    }
+    for (var _b = 0, _c = mcpSessionCache.keys(); _b < _c.length; _b++) {
+        var key = _c[_b];
+        if (key.startsWith(prefix))
+            mcpSessionCache["delete"](key);
+    }
+    for (var _d = 0, statelessCategories_1 = statelessCategories; _d < statelessCategories_1.length; _d++) {
+        var key = statelessCategories_1[_d];
+        if (key.startsWith(prefix))
+            statelessCategories["delete"](key);
+    }
+    for (var _e = 0, _f = inflightInitRequests.keys(); _e < _f.length; _e++) {
+        var key = _f[_e];
+        if (key.startsWith(prefix))
+            inflightInitRequests["delete"](key);
+    }
+}
+exports.clearAccountCache = clearAccountCache;
+/**
+ * 发送 JSON-RPC 请求到 MCP Server（Streamable HTTP 协议）
+ *
+ * 自动管理 session 生命周期：
+ * - 无状态 Server：跳过 session 管理，直接发送请求
+ * - 有状态 Server：首次调用先执行 initialize 握手，session 失效（404）时自动重建并重试
+ *
+ * accountId 优先使用 options.accountId（由工具工厂从 ctx.agentAccountId 传入），
+ * 未提供时 fallback 到 resolveCurrentAccountId()。解析结果贯穿整条调用链，避免跨账号污染。
+ *
+ * @param category - MCP 品类名称
+ * @param method - JSON-RPC 方法名
+ * @param params - JSON-RPC 参数
+ * @param options - 可选配置（如自定义超时、指定账户）
+ * @returns JSON-RPC result
+ */
+function sendJsonRpc(category, method, params, options) {
+    var _a;
+    return __awaiter(this, void 0, void 0, function () {
+        var accountId, key, url, timeoutMs, requesterUserId, body, session, _b, rpcResult, newSessionId, err_2, _c, rpcResult, newSessionId;
+        return __generator(this, function (_d) {
+            switch (_d.label) {
+                case 0:
+                    accountId = ((_a = options === null || options === void 0 ? void 0 : options.accountId) === null || _a === void 0 ? void 0 : _a.trim()) || resolveCurrentAccountId();
+                    key = cacheKey(accountId, category);
+                    return [4 /*yield*/, getMcpUrl(accountId, category)];
+                case 1:
+                    url = _d.sent();
+                    timeoutMs = options === null || options === void 0 ? void 0 : options.timeoutMs;
+                    requesterUserId = options === null || options === void 0 ? void 0 : options.requesterUserId;
+                    body = __assign({ jsonrpc: "2.0", id: aibot_node_sdk_1.generateReqId("mcp_rpc"), method: method }, (params !== undefined ? { params: params } : {}));
+                    return [4 /*yield*/, getOrCreateSession(url, accountId, category, requesterUserId)];
+                case 2:
+                    session = _d.sent();
+                    _d.label = 3;
+                case 3:
+                    _d.trys.push([3, 5, , 9]);
+                    return [4 /*yield*/, sendRawJsonRpc(url, session, body, timeoutMs, requesterUserId)];
+                case 4:
+                    _b = _d.sent(), rpcResult = _b.rpcResult, newSessionId = _b.newSessionId;
+                    // 用最新的 sessionId 更新 session
+                    if (newSessionId) {
+                        session.sessionId = newSessionId;
+                    }
+                    return [2 /*return*/, rpcResult];
+                case 5:
+                    err_2 = _d.sent();
+                    // 特定 JSON-RPC 错误码触发缓存清理（统一在传输层处理，上层无需关心）
+                    if (err_2 instanceof McpRpcError && CACHE_CLEAR_ERROR_CODES.has(err_2.code)) {
+                        clearCategoryCache(accountId, category);
+                    }
+                    // 无状态 Server 不存在 session 失效问题，直接抛出错误
+                    if (session.stateless)
+                        throw err_2;
+                    if (!(err_2 instanceof McpHttpError && err_2.statusCode === 404)) return [3 /*break*/, 8];
+                    console.log(LOG_TAG + " Session \u5931\u6548 (accountId=\"" + accountId + "\", category=\"" + category + "\")\uFF0C\u5F00\u59CB\u91CD\u5EFA...");
+                    mcpSessionCache["delete"](key);
+                    return [4 /*yield*/, rebuildSession(url, accountId, category, requesterUserId)];
+                case 6:
+                    // 使用 rebuildSession 合并并发的 session 重建请求，避免竞态条件
+                    session = _d.sent();
+                    return [4 /*yield*/, sendRawJsonRpc(url, session, body, timeoutMs, requesterUserId)];
+                case 7:
+                    _c = _d.sent(), rpcResult = _c.rpcResult, newSessionId = _c.newSessionId;
+                    if (newSessionId) {
+                        session.sessionId = newSessionId;
+                    }
+                    return [2 /*return*/, rpcResult];
+                case 8:
+                    // 其他错误记录日志后抛出
+                    console.error(LOG_TAG + " RPC \u8BF7\u6C42\u5931\u8D25 (accountId=\"" + accountId + "\", category=\"" + category + "\", method=\"" + method + "\"): " + (err_2 instanceof Error ? err_2.message : String(err_2)));
+                    throw err_2;
+                case 9: return [2 /*return*/];
+            }
+        });
+    });
+}
+exports.sendJsonRpc = sendJsonRpc;
+/**
+ * 合并并发的 session 重建请求
+ *
+ * 与 getOrCreateSession 类似，使用 inflightInitRequests 防止
+ * 多个并发请求同时遇到 404 时重复执行 initialize 握手。
+ */
+function rebuildSession(url, accountId, category, requesterUserId) {
+    return __awaiter(this, void 0, void 0, function () {
+        var key, inflight, promise;
+        return __generator(this, function (_a) {
+            key = cacheKey(accountId, category);
+            inflight = inflightInitRequests.get(key);
+            if (inflight)
+                return [2 /*return*/, inflight];
+            promise = initializeSession(url, accountId, category, requesterUserId)["finally"](function () {
+                inflightInitRequests["delete"](key);
+            });
+            inflightInitRequests.set(key, promise);
+            return [2 /*return*/, promise];
+        });
+    });
+}