fix merge :(

Author: mattzcarey

src/client/sse.test.ts

@@ -294,15 +294,34 @@ describe('SSEClientTransport', () => {
             expect(lastServerRequest.headers.authorization).toBe(authToken);
         });
 
-        it('passes custom headers to fetch requests', async () => {
-            const customHeaders = {
-                Authorization: 'Bearer test-token',
-                'X-Custom-Header': 'custom-value'
-            };
-
+        it.each([
+            {
+                description: 'plain object headers',
+                headers: {
+                    Authorization: 'Bearer test-token',
+                    'X-Custom-Header': 'custom-value'
+                }
+            },
+            {
+                description: 'Headers object',
+                headers: ((): HeadersInit => {
+                    const h = new Headers();
+                    h.set('Authorization', 'Bearer test-token');
+                    h.set('X-Custom-Header', 'custom-value');
+                    return h;
+                })()
+            },
+            {
+                description: 'array of tuples',
+                headers: ((): HeadersInit => [
+                    ['Authorization', 'Bearer test-token'],
+                    ['X-Custom-Header', 'custom-value']
+                ])()
+            }
+        ])('passes custom headers to fetch requests ($description)', async ({ headers }) => {
             transport = new SSEClientTransport(resourceBaseUrl, {
                 requestInit: {
-                    headers: customHeaders
+                    headers
                 }
             });
 
@@ -335,8 +354,8 @@ describe('SSEClientTransport', () => {
                 );
 
                 const calledHeaders = (global.fetch as Mock).mock.calls[0][1].headers;
-                expect(calledHeaders.get('Authorization')).toBe(customHeaders.Authorization);
-                expect(calledHeaders.get('X-Custom-Header')).toBe(customHeaders['X-Custom-Header']);
+                expect(calledHeaders.get('Authorization')).toBe('Bearer test-token');
+                expect(calledHeaders.get('X-Custom-Header')).toBe('custom-value');
                 expect(calledHeaders.get('content-type')).toBe('application/json');
             } finally {
                 // Restore original fetch
@@ -345,36 +364,6 @@ describe('SSEClientTransport', () => {
         });
     });
 
-    it.each([
-      {
-        description: "plain object headers",
-        headers: {
-          Authorization: "Bearer test-token",
-          "X-Custom-Header": "custom-value",
-        },
-      },
-      {
-        description: "Headers object",
-        headers: ((): HeadersInit => {
-          const h = new Headers();
-          h.set("Authorization", "Bearer test-token");
-          h.set("X-Custom-Header", "custom-value");
-          return h;
-        })(),
-      },
-      {
-        description: "array of tuples",
-        headers: ((): HeadersInit => ([
-          ["Authorization", "Bearer test-token"],
-          ["X-Custom-Header", "custom-value"],
-        ]))(),
-      },
-    ])("passes custom headers to fetch requests ($description)", async ({ headers }) => {
-      transport = new SSEClientTransport(resourceBaseUrl, {
-        requestInit: {
-          headers,
-        },
-      });
     describe('auth handling', () => {
         const authServerMetadataUrls = ['/.well-known/oauth-authorization-server', '/.well-known/openid-configuration'];
 
@@ -430,49 +419,6 @@ describe('SSEClientTransport', () => {
                 }
             });
 
-        await transport.send(message);
-
-        // Verify fetch was called with correct headers
-        expect(global.fetch).toHaveBeenCalledWith(
-          expect.any(URL),
-          expect.objectContaining({
-            headers: expect.any(Headers),
-          }),
-        );
-
-        const calledHeaders = (global.fetch as jest.Mock).mock.calls[0][1]
-          .headers;
-        expect(calledHeaders.get("Authorization")).toBe("Bearer test-token");
-        expect(calledHeaders.get("X-Custom-Header")).toBe("custom-value");
-        expect(calledHeaders.get("content-type")).toBe("application/json");
-      } finally {
-        // Restore original fetch
-        global.fetch = originalFetch;
-      }
-    });
-  });
-
-  describe("auth handling", () => {
-    const authServerMetadataUrls = [
-      "/.well-known/oauth-authorization-server",
-      "/.well-known/openid-configuration",
-    ];
-
-    let mockAuthProvider: jest.Mocked<OAuthClientProvider>;
-
-    beforeEach(() => {
-      mockAuthProvider = {
-        get redirectUrl() { return "http://localhost/callback"; },
-        get clientMetadata() { return { redirect_uris: ["http://localhost/callback"] }; },
-        clientInformation: jest.fn(() => ({ client_id: "test-client-id", client_secret: "test-client-secret" })),
-        tokens: jest.fn(),
-        saveTokens: jest.fn(),
-        redirectToAuthorization: jest.fn(),
-        saveCodeVerifier: jest.fn(),
-        codeVerifier: jest.fn(),
-        invalidateCredentials: jest.fn(),
-      };
-    });
             await transport.start();
 
             expect(lastServerRequest.headers.authorization).toBe('Bearer test-token');

src/client/sse.ts

@@ -1,10 +1,5 @@
-import { EventSource, type ErrorEvent, type EventSourceInit } from "eventsource";
-import { Transport, FetchLike } from "../shared/transport.js";
-import { JSONRPCMessage, JSONRPCMessageSchema } from "../types.js";
-import { auth, AuthResult, extractResourceMetadataUrl, OAuthClientProvider, UnauthorizedError } from "./auth.js";
-import { normalizeHeaders } from "../shared/headers.js";
 import { EventSource, type ErrorEvent, type EventSourceInit } from 'eventsource';
-import { Transport, FetchLike, createFetchWithInit } from '../shared/transport.js';
+import { Transport, FetchLike, createFetchWithInit, normalizeHeaders } from '../shared/transport.js';
 import { JSONRPCMessage, JSONRPCMessageSchema } from '../types.js';
 import { auth, AuthResult, extractWWWAuthenticateParams, OAuthClientProvider, UnauthorizedError } from './auth.js';
 
@@ -93,59 +88,6 @@ export class SSEClientTransport implements Transport {
         this._fetchWithInit = createFetchWithInit(opts?.fetch, opts?.requestInit);
     }
 
-    return await this._startOrAuth();
-  }
-
-  private async _commonHeaders(): Promise<Headers> {
-    const headers: HeadersInit & Record<string, string> = {};
-    if (this._authProvider) {
-      const tokens = await this._authProvider.tokens();
-      if (tokens) {
-        headers["Authorization"] = `Bearer ${tokens.access_token}`;
-      }
-    }
-    if (this._protocolVersion) {
-      headers["mcp-protocol-version"] = this._protocolVersion;
-    }
-
-    const extraHeaders = normalizeHeaders(this._requestInit?.headers);
-
-    return new Headers({
-      ...headers,
-      ...extraHeaders,
-    });
-  }
-
-  private _startOrAuth(): Promise<void> {
-    const fetchImpl = (this?._eventSourceInit?.fetch ?? this._fetch ?? fetch) as typeof fetch
-    return new Promise((resolve, reject) => {
-      this._eventSource = new EventSource(
-        this._url.href,
-        {
-          ...this._eventSourceInit,
-          fetch: async (url, init) => {
-            const headers = await this._commonHeaders();
-            headers.set("Accept", "text/event-stream");
-            const response = await fetchImpl(url, {
-              ...init,
-              headers,
-            })
-
-            if (response.status === 401 && response.headers.has('www-authenticate')) {
-              this._resourceMetadataUrl = extractResourceMetadataUrl(response);
-            }
-
-            return response
-          },
-        },
-      );
-      this._abortController = new AbortController();
-
-      this._eventSource.onerror = (event) => {
-        if (event.code === 401 && this._authProvider) {
-
-          this._authThenStart().then(resolve, reject);
-          return;
     private async _authThenStart(): Promise<void> {
         if (!this._authProvider) {
             throw new UnauthorizedError('No auth provider');
@@ -172,7 +114,7 @@ export class SSEClientTransport implements Transport {
     }
 
     private async _commonHeaders(): Promise<Headers> {
-        const headers: HeadersInit = {};
+        const headers: HeadersInit & Record<string, string> = {};
         if (this._authProvider) {
             const tokens = await this._authProvider.tokens();
             if (tokens) {
@@ -183,7 +125,12 @@ export class SSEClientTransport implements Transport {
             headers['mcp-protocol-version'] = this._protocolVersion;
         }
 
-        return new Headers({ ...headers, ...this._requestInit?.headers });
+        const extraHeaders = normalizeHeaders(this._requestInit?.headers);
+
+        return new Headers({
+            ...headers,
+            ...extraHeaders
+        });
     }
 
     private _startOrAuth(): Promise<void> {

src/client/streamableHttp.ts

@@ -1,8 +1,3 @@
-import { Transport, FetchLike } from "../shared/transport.js";
-import { isInitializedNotification, isJSONRPCRequest, isJSONRPCResponse, JSONRPCMessage, JSONRPCMessageSchema } from "../types.js";
-import { auth, AuthResult, extractResourceMetadataUrl, OAuthClientProvider, UnauthorizedError } from "./auth.js";
-import { EventSourceParserStream } from "eventsource-parser/stream";
-import { normalizeHeaders } from "../shared/headers.js";
 import { Transport, FetchLike, createFetchWithInit, normalizeHeaders } from '../shared/transport.js';
 import { isInitializedNotification, isJSONRPCRequest, isJSONRPCResponse, JSONRPCMessage, JSONRPCMessageSchema } from '../types.js';
 import { auth, AuthResult, extractWWWAuthenticateParams, OAuthClientProvider, UnauthorizedError } from './auth.js';
@@ -183,38 +178,6 @@ export class StreamableHTTPClientTransport implements Transport {
         return await this._startOrAuthSse({ resumptionToken: undefined });
     }
 
-    const extraHeaders = normalizeHeaders(this._requestInit?.headers);
-
-    return new Headers({
-      ...headers,
-      ...extraHeaders,
-    });
-  }
-
-
-  private async _startOrAuthSse(options: StartSSEOptions): Promise<void> {
-    const { resumptionToken } = options;
-    try {
-      // Try to open an initial SSE stream with GET to listen for server messages
-      // This is optional according to the spec - server may not support it
-      const headers = await this._commonHeaders();
-      headers.set("Accept", "text/event-stream");
-
-      // Include Last-Event-ID header for resumable streams if provided
-      if (resumptionToken) {
-        headers.set("last-event-id", resumptionToken);
-      }
-
-      const response = await (this._fetch ?? fetch)(this._url, {
-        method: "GET",
-        headers,
-        signal: this._abortController?.signal,
-      });
-
-      if (!response.ok) {
-        if (response.status === 401 && this._authProvider) {
-          // Need to authenticate
-          return await this._authThenStart();
     private async _commonHeaders(): Promise<Headers> {
         const headers: HeadersInit & Record<string, string> = {};
         if (this._authProvider) {
@@ -259,20 +222,6 @@ export class StreamableHTTPClientTransport implements Transport {
                 signal: this._abortController?.signal
             });
 
-  /**
-   * Schedule a reconnection attempt with exponential backoff
-   *
-   * @param lastEventId The ID of the last received event for resumability
-   * @param attemptCount Current reconnection attempt count for this specific stream
-   */
-  private _scheduleReconnection(options: StartSSEOptions, attemptCount = 0): void {
-    // Use provided options or default options
-    const maxRetries = this._reconnectionOptions.maxRetries;
-
-    // Check if we've exceeded maximum retry attempts
-    if (maxRetries > 0 && attemptCount >= maxRetries) {
-      this.onerror?.(new Error(`Maximum reconnection attempts (${maxRetries}) exceeded.`));
-      return;
             if (!response.ok) {
                 await response.body?.cancel();