Support MCP streamable HTTP replay (#4242)

* feat(mcp): support resumable streamable HTTP

* fix(mcp): tighten SSE replay error semantics

---------

Co-authored-by: e <e@e.co>

Author: koala73

api/_cors.js

@@ -12,6 +12,26 @@ const ALLOWED_ORIGIN_PATTERNS = [
   ]),
 ];
 
+const ALLOWED_HEADERS = [
+  'Content-Type',
+  'Authorization',
+  'X-WorldMonitor-Key',
+  'X-Api-Key',
+  'X-Widget-Key',
+  'X-Pro-Key',
+  'X-WorldMonitor-Desktop-Timestamp',
+  'X-WorldMonitor-Desktop-Signature',
+  'Mcp-Session-Id',
+  'MCP-Protocol-Version',
+  'Last-Event-ID',
+].join(', ');
+
+const EXPOSED_HEADERS = [
+  'Mcp-Session-Id',
+  'WWW-Authenticate',
+  'Retry-After',
+].join(', ');
+
 function isAllowedOrigin(origin) {
   return Boolean(origin) && ALLOWED_ORIGIN_PATTERNS.some((pattern) => pattern.test(origin));
 }
@@ -23,7 +43,8 @@ export function getCorsHeaders(req, methods = 'GET, OPTIONS') {
     'Access-Control-Allow-Origin': allowOrigin,
     'Access-Control-Allow-Credentials': 'true',
     'Access-Control-Allow-Methods': methods,
-    'Access-Control-Allow-Headers': 'Content-Type, Authorization, X-WorldMonitor-Key, X-Api-Key, X-Widget-Key, X-Pro-Key, X-WorldMonitor-Desktop-Timestamp, X-WorldMonitor-Desktop-Signature',
+    'Access-Control-Allow-Headers': ALLOWED_HEADERS,
+    'Access-Control-Expose-Headers': EXPOSED_HEADERS,
     'Access-Control-Max-Age': '3600',
     'Vary': 'Origin',
   };
@@ -41,7 +62,8 @@ export function getPublicCorsHeaders(methods = 'GET, OPTIONS') {
   return {
     'Access-Control-Allow-Origin': '*',
     'Access-Control-Allow-Methods': methods,
-    'Access-Control-Allow-Headers': 'Content-Type, Authorization, X-WorldMonitor-Key, X-Api-Key, X-Widget-Key, X-Pro-Key, X-WorldMonitor-Desktop-Timestamp, X-WorldMonitor-Desktop-Signature',
+    'Access-Control-Allow-Headers': ALLOWED_HEADERS,
+    'Access-Control-Expose-Headers': EXPOSED_HEADERS,
     'Access-Control-Max-Age': '3600',
   };
 }

api/_cors.test.mjs

@@ -1,6 +1,6 @@
 import { strict as assert } from 'node:assert';
 import test from 'node:test';
-import { getCorsHeaders, isDisallowedOrigin } from './_cors.js';
+import { getCorsHeaders, getPublicCorsHeaders, isDisallowedOrigin } from './_cors.js';
 
 function makeRequest(origin) {
   const headers = new Headers();
@@ -40,3 +40,20 @@ test('requests without origin remain allowed', () => {
   const req = makeRequest(null);
   assert.equal(isDisallowedOrigin(req), false);
 });
+
+test('CORS allow headers include MCP transport headers', () => {
+  const privateCors = getCorsHeaders(makeRequest('https://worldmonitor.app'));
+  const publicCors = getPublicCorsHeaders('POST, GET, OPTIONS');
+
+  for (const cors of [privateCors, publicCors]) {
+    const allowed = cors['Access-Control-Allow-Headers'];
+    assert.match(allowed, /\bMcp-Session-Id\b/);
+    assert.match(allowed, /\bMCP-Protocol-Version\b/);
+    assert.match(allowed, /\bLast-Event-ID\b/);
+
+    const exposed = cors['Access-Control-Expose-Headers'];
+    assert.match(exposed, /\bMcp-Session-Id\b/);
+    assert.match(exposed, /\bWWW-Authenticate\b/);
+    assert.match(exposed, /\bRetry-After\b/);
+  }
+});

api/mcp/auth.ts

@@ -240,21 +240,21 @@ export async function runProPreChecks(
 /** Per-minute rate limit. Both paths fail-OPEN on Upstash error (graceful);
  *  the daily quota is the hard-cap fail-CLOSED gate. Returns null on success
  *  or pass-through, a Response on a real 60/min limit hit. */
-export async function applyPerMinuteLimit(context: McpAuthContext): Promise<Response | null> {
+export async function applyPerMinuteLimit(context: McpAuthContext, headers: Record<string, string> = {}): Promise<Response | null> {
   if (context.kind === 'env_key') {
     const rl = getMcpRatelimit();
     if (!rl) return null;
     try {
       const { success } = await rl.limit(`key:${context.apiKey}`);
-      if (!success) return rpcError(null, -32029, 'Rate limit exceeded. Max 60 requests per minute per API key.');
+      if (!success) return rpcError(null, -32029, 'Rate limit exceeded. Max 60 requests per minute per API key.', headers);
     } catch { /* graceful degradation */ }
     return null;
   }
   const rl = getMcpProMinRatelimit();
   if (!rl) return null;
   try {
     const { success } = await rl.limit(`pro-user:${context.userId}`);
-    if (!success) return rpcError(null, -32029, 'Rate limit exceeded. Max 60 requests per minute per Pro user.');
+    if (!success) return rpcError(null, -32029, 'Rate limit exceeded. Max 60 requests per minute per Pro user.', headers);
   } catch { /* graceful degradation */ }
   return null;
 }

api/mcp/dispatch.ts

@@ -110,11 +110,11 @@ export async function dispatchToolsCall(
   const id = body.id ?? null;
   const p = body.params as { name?: string; arguments?: Record<string, unknown> } | null;
   if (!p || typeof p.name !== 'string') {
-    return rpcError(id, -32602, 'Invalid params: missing tool name');
+    return rpcError(id, -32602, 'Invalid params: missing tool name', corsHeaders);
   }
   const tool = TOOL_REGISTRY.find((t) => t.name === p.name);
   if (!tool) {
-    return rpcError(id, -32602, `Unknown tool: ${p.name}`);
+    return rpcError(id, -32602, `Unknown tool: ${p.name}`, corsHeaders);
   }
 
   // Pro-only INCR-first reservation. Both cache-only AND RPC tools count
@@ -266,6 +266,6 @@ export async function dispatchToolsCall(
       error_kind: isClient4xx ? 'client_4xx' : 'server_error',
       budget_exceeded: false,
     });
-    return rpcError(id, -32603, 'Internal error: data fetch failed');
+    return rpcError(id, -32603, 'Internal error: data fetch failed', corsHeaders);
   }
 }