/**
 * MCP Server Plugin
 *
 * Exposes gateway capabilities as a standard MCP server via Streamable HTTP.
 * Any MCP client (Claude Desktop, Cursor, Claude Code, etc.) can connect.
 *
 * Architecture: ONE MCPServer instance, ONE transport, MANY client sessions.
 * The MCPServer uses the SDK's raw Server class with session-aware request handlers.
 * Dynamic tool/resource changes propagate to ALL connected clients automatically
 * via MCP notifications (tools/list_changed, resources/list_changed).
 *
 * Auth is handled by the gateway middleware layer. The plugin itself is auth-agnostic.
 */
import type { GatewayPlugin } from "../types.js";
import { MCPServer } from "@agentick/mcp/server";
import { type MCPServerOptions, type MCPToolDefinition, type MCPRequestContext, type MCPAppDefinition } from "@agentick/mcp";
import type { CallToolResult } from "@modelcontextprotocol/sdk/types.js";
export interface ToolEntry {
    name: string;
    description: string;
    input: Record<string, unknown>;
    output?: Record<string, unknown>;
    annotations?: Record<string, unknown>;
}
export interface MCPStandaloneTool {
    name: string;
    description: string;
    inputSchema: unknown;
    outputSchema?: unknown;
    annotations?: Record<string, unknown>;
    /**
     * MCP Apps linkage — set when this tool renders a `ui://` resource. The
     * plugin forwards this to the underlying MCPServer so `tools/list` emits
     * `_meta.ui.resourceUri` and spec-compliant hosts render the view.
     */
    ui?: MCPToolDefinition["ui"];
    /**
     * Pass-through metadata for interop with hosts or SDKs that author tools
     * against the legacy MCP Apps `_meta["ui/resourceUri"]` shape. The
     * MCPServer normalizes this into canonical `ui.resourceUri` on registration.
     */
    _meta?: Record<string, unknown>;
    handler: (args: Record<string, unknown>) => Promise<CallToolResult> | CallToolResult;
}
export interface MCPStaticResource {
    name: string;
    uri: string;
    title?: string;
    description?: string;
    mimeType?: string;
    read: () => {
        text: string;
    } | Promise<{
        text: string;
    }>;
}
export interface MCPResourceTemplate {
    name: string;
    uriTemplate: string;
    title?: string;
    description?: string;
    mimeType?: string;
    list: () => Array<{
        uri: string;
        title?: string;
        description?: string;
    }> | Promise<Array<{
        uri: string;
        title?: string;
        description?: string;
    }>>;
    read: (variables: Record<string, string>) => {
        text: string;
    } | Promise<{
        text: string;
    }>;
    complete?: Record<string, (value: string) => string[] | Promise<string[]>>;
}
export interface MCPServerPluginConfig {
    id?: string;
    path?: string;
    /**
     * Pre-built MCPServer instance. When provided, the plugin uses this server
     * directly instead of constructing one from tools/resources/apps config.
     * The server's security pipeline, tools, resources, and apps are all owned
     * by the caller — the plugin just bridges it to HTTP.
     *
     * Mutually exclusive with tools/resources/resourceTemplates/apps/instructions.
     */
    server?: MCPServer;
    /** Server name for the MCP initialize response. */
    name?: string;
    /** Server version for the MCP initialize response. */
    version?: string;
    /** Human-readable server description for the MCP initialize response. */
    description?: string;
    /** @deprecated Use `name` instead. */
    serverName?: string;
    /** @deprecated Use `version` instead. */
    serverVersion?: string;
    sessionId?: string;
    include?: string[];
    exclude?: string[];
    /**
     * Per-session tool filtering. Receives the tool catalog and request context
     * (which includes user info from the gateway's auth layer via contextProvider).
     * Return the tools this client should see.
     */
    toolFilter?: (tools: ToolEntry[], ctx: MCPRequestContext) => ToolEntry[] | Promise<ToolEntry[]>;
    /**
     * Transform tool definitions per session before tools/list response.
     * Passed directly to MCPServer — use to inject per-session context
     * (e.g., user info into tool descriptions).
     */
    toolTransform?: MCPServerOptions["toolTransform"];
    tools?: MCPStandaloneTool[];
    resources?: MCPStaticResource[];
    resourceTemplates?: MCPResourceTemplate[];
    /** Instructions for MCP clients. Supports per-session dynamic form (function). */
    instructions?: MCPServerOptions["instructions"];
    apps?: MCPAppDefinition[];
    /** Security config passed to MCPServer. Default: allow-all (gateway handles auth). */
    security?: MCPServerOptions["security"];
    /** Build MCPRequestContext from each request. */
    contextProvider?: MCPServerOptions["contextProvider"];
    /** Session management config. */
    sessions?: MCPServerOptions["sessions"];
    oauthMetadata?: {
        issuer: string;
        cacheTtl?: number;
    } | {
        metadata: Record<string, unknown>;
    };
}
export declare function filterTools(tools: ToolEntry[], config: Pick<MCPServerPluginConfig, "include" | "exclude">): ToolEntry[];
export declare function mcpServerPlugin(config: MCPServerPluginConfig): GatewayPlugin;
//# sourceMappingURL=mcp-server.d.ts.map