feat(mcp): Add plugin-scoped MCP tool support

Add plugin manifest support for HTTP MCP servers and a turn-local MCP tool manager that progressively exposes plugin tools when matching skills load. Pause turns on MCP auth challenges and resume the same session after the callback instead of failing the turn.

Persist loaded skills and active MCP providers across resume, and align the resumed callback path with normal reply delivery and thread-state persistence so Slack state stays consistent.

Co-Authored-By: Codex <noreply@openai.com>

Author: dcramer

packages/junior/package.json

@@ -42,6 +42,7 @@
     "@chat-adapter/state-redis": "4.17.0",
     "@mariozechner/pi-agent-core": "^0.56.3",
     "@mariozechner/pi-ai": "^0.56.3",
+    "@modelcontextprotocol/sdk": "1.27.1",
     "@sinclair/typebox": "^0.34.48",
     "@slack/web-api": "^7.14.1",
     "@vercel/queue": "^0.1.3",

packages/junior/src/chat/mcp/auth-store.ts

@@ -0,0 +1,220 @@
+import type {
+  OAuthClientInformationMixed,
+  OAuthTokens,
+} from "@modelcontextprotocol/sdk/shared/auth.js";
+import type { OAuthDiscoveryState } from "@modelcontextprotocol/sdk/client/auth.js";
+import type { ThreadArtifactsState } from "@/chat/slack-actions/types";
+import { getStateAdapter } from "@/chat/state";
+
+const MCP_AUTH_SESSION_PREFIX = "junior:mcp_auth_session";
+const MCP_AUTH_CREDENTIALS_PREFIX = "junior:mcp_auth_credentials";
+const MCP_AUTH_SESSION_TTL_MS = 24 * 60 * 60 * 1000;
+const MCP_AUTH_CREDENTIALS_TTL_MS = 30 * 24 * 60 * 60 * 1000;
+
+export interface McpAuthSessionState {
+  authSessionId: string;
+  provider: string;
+  userId: string;
+  conversationId: string;
+  sessionId: string;
+  userMessage: string;
+  channelId?: string;
+  threadTs?: string;
+  toolChannelId?: string;
+  configuration?: Record<string, unknown>;
+  artifactState?: ThreadArtifactsState;
+  authorizationUrl?: string;
+  codeVerifier?: string;
+  createdAtMs: number;
+  updatedAtMs: number;
+}
+
+export interface McpStoredOAuthCredentials {
+  clientInformation?: OAuthClientInformationMixed;
+  discoveryState?: OAuthDiscoveryState;
+  tokens?: OAuthTokens;
+}
+
+function sessionKey(authSessionId: string): string {
+  return `${MCP_AUTH_SESSION_PREFIX}:${authSessionId}`;
+}
+
+function credentialsKey(userId: string, provider: string): string {
+  return `${MCP_AUTH_CREDENTIALS_PREFIX}:${userId}:${provider}`;
+}
+
+function isRecord(value: unknown): value is Record<string, unknown> {
+  return typeof value === "object" && value !== null;
+}
+
+function parseMcpAuthSession(value: unknown): McpAuthSessionState | undefined {
+  if (typeof value !== "string") {
+    return undefined;
+  }
+
+  try {
+    const parsed = JSON.parse(value) as Record<string, unknown>;
+    if (!isRecord(parsed)) {
+      return undefined;
+    }
+
+    if (
+      typeof parsed.authSessionId !== "string" ||
+      typeof parsed.provider !== "string" ||
+      typeof parsed.userId !== "string" ||
+      typeof parsed.conversationId !== "string" ||
+      typeof parsed.sessionId !== "string" ||
+      typeof parsed.userMessage !== "string" ||
+      typeof parsed.createdAtMs !== "number" ||
+      typeof parsed.updatedAtMs !== "number"
+    ) {
+      return undefined;
+    }
+
+    return {
+      authSessionId: parsed.authSessionId,
+      provider: parsed.provider,
+      userId: parsed.userId,
+      conversationId: parsed.conversationId,
+      sessionId: parsed.sessionId,
+      userMessage: parsed.userMessage,
+      createdAtMs: parsed.createdAtMs,
+      updatedAtMs: parsed.updatedAtMs,
+      ...(typeof parsed.channelId === "string"
+        ? { channelId: parsed.channelId }
+        : {}),
+      ...(typeof parsed.threadTs === "string"
+        ? { threadTs: parsed.threadTs }
+        : {}),
+      ...(typeof parsed.toolChannelId === "string"
+        ? { toolChannelId: parsed.toolChannelId }
+        : {}),
+      ...(isRecord(parsed.configuration)
+        ? { configuration: parsed.configuration }
+        : {}),
+      ...(isRecord(parsed.artifactState)
+        ? { artifactState: parsed.artifactState as ThreadArtifactsState }
+        : {}),
+      ...(typeof parsed.authorizationUrl === "string"
+        ? { authorizationUrl: parsed.authorizationUrl }
+        : {}),
+      ...(typeof parsed.codeVerifier === "string"
+        ? { codeVerifier: parsed.codeVerifier }
+        : {}),
+    };
+  } catch {
+    return undefined;
+  }
+}
+
+function parseStoredCredentials(
+  value: unknown,
+): McpStoredOAuthCredentials | undefined {
+  if (typeof value !== "string") {
+    return undefined;
+  }
+
+  try {
+    const parsed = JSON.parse(value) as Record<string, unknown>;
+    if (!isRecord(parsed)) {
+      return undefined;
+    }
+
+    return {
+      ...(isRecord(parsed.clientInformation)
+        ? {
+            clientInformation:
+              parsed.clientInformation as OAuthClientInformationMixed,
+          }
+        : {}),
+      ...(isRecord(parsed.discoveryState)
+        ? {
+            discoveryState:
+              parsed.discoveryState as unknown as OAuthDiscoveryState,
+          }
+        : {}),
+      ...(isRecord(parsed.tokens)
+        ? { tokens: parsed.tokens as OAuthTokens }
+        : {}),
+    };
+  } catch {
+    return undefined;
+  }
+}
+
+export async function getMcpAuthSession(
+  authSessionId: string,
+): Promise<McpAuthSessionState | undefined> {
+  await getStateAdapter().connect();
+  return parseMcpAuthSession(
+    await getStateAdapter().get(sessionKey(authSessionId)),
+  );
+}
+
+export async function putMcpAuthSession(
+  session: McpAuthSessionState,
+  ttlMs: number = MCP_AUTH_SESSION_TTL_MS,
+): Promise<void> {
+  await getStateAdapter().connect();
+  await getStateAdapter().set(
+    sessionKey(session.authSessionId),
+    JSON.stringify(session),
+    ttlMs,
+  );
+}
+
+export async function patchMcpAuthSession(
+  authSessionId: string,
+  patch: Partial<McpAuthSessionState>,
+): Promise<McpAuthSessionState> {
+  const current = await getMcpAuthSession(authSessionId);
+  if (!current) {
+    throw new Error(`Unknown MCP auth session: ${authSessionId}`);
+  }
+
+  const next: McpAuthSessionState = {
+    ...current,
+    ...patch,
+    authSessionId: current.authSessionId,
+    provider: current.provider,
+    userId: current.userId,
+    conversationId: current.conversationId,
+    sessionId: current.sessionId,
+    userMessage: current.userMessage,
+    createdAtMs: current.createdAtMs,
+    updatedAtMs: Date.now(),
+  };
+  await putMcpAuthSession(next);
+  return next;
+}
+
+export async function deleteMcpAuthSession(
+  authSessionId: string,
+): Promise<void> {
+  await getStateAdapter().connect();
+  await getStateAdapter().delete(sessionKey(authSessionId));
+}
+
+export async function getMcpStoredOAuthCredentials(
+  userId: string,
+  provider: string,
+): Promise<McpStoredOAuthCredentials | undefined> {
+  await getStateAdapter().connect();
+  return parseStoredCredentials(
+    await getStateAdapter().get(credentialsKey(userId, provider)),
+  );
+}
+
+export async function putMcpStoredOAuthCredentials(
+  userId: string,
+  provider: string,
+  value: McpStoredOAuthCredentials,
+  ttlMs: number = MCP_AUTH_CREDENTIALS_TTL_MS,
+): Promise<void> {
+  await getStateAdapter().connect();
+  await getStateAdapter().set(
+    credentialsKey(userId, provider),
+    JSON.stringify(value),
+    ttlMs,
+  );
+}

packages/junior/src/chat/mcp/client.ts

@@ -0,0 +1,164 @@
+import { Client } from "@modelcontextprotocol/sdk/client";
+import {
+  UnauthorizedError,
+  type OAuthClientProvider,
+} from "@modelcontextprotocol/sdk/client/auth.js";
+import {
+  StreamableHTTPClientTransport,
+  StreamableHTTPError,
+} from "@modelcontextprotocol/sdk/client/streamableHttp.js";
+import type { PluginDefinition } from "@/chat/plugins/types";
+
+type ListedTool = Awaited<ReturnType<Client["listTools"]>>["tools"][number];
+type ToolCallResult = Awaited<ReturnType<Client["callTool"]>>;
+
+const MCP_CLIENT_INFO = {
+  name: "junior-mcp-client",
+  version: "1.0.0",
+};
+
+export class McpAuthorizationRequiredError extends Error {
+  readonly provider: string;
+
+  constructor(provider: string, message: string) {
+    super(message);
+    this.name = "McpAuthorizationRequiredError";
+    this.provider = provider;
+  }
+}
+
+export interface PluginMcpClientOptions {
+  authProvider?: OAuthClientProvider;
+  fetch?: typeof fetch;
+  sessionId?: string;
+}
+
+export class PluginMcpClient {
+  private client?: Client;
+  private transport?: StreamableHTTPClientTransport;
+  private listedTools?: ListedTool[];
+
+  constructor(
+    private readonly plugin: PluginDefinition,
+    private readonly options: PluginMcpClientOptions = {},
+  ) {}
+
+  async listTools(): Promise<ListedTool[]> {
+    if (this.listedTools) {
+      return [...this.listedTools];
+    }
+
+    const client = await this.getClient();
+    const discovered: ListedTool[] = [];
+    const seen = new Set<string>();
+    let cursor: string | undefined;
+
+    do {
+      const result = await this.wrapAuth(
+        client.listTools(cursor ? { cursor } : undefined),
+      );
+      for (const tool of result.tools) {
+        if (seen.has(tool.name)) {
+          continue;
+        }
+        seen.add(tool.name);
+        discovered.push(tool);
+      }
+      cursor = result.nextCursor;
+    } while (cursor);
+
+    this.listedTools = discovered.sort((left, right) =>
+      left.name.localeCompare(right.name),
+    );
+    return [...this.listedTools];
+  }
+
+  async callTool(
+    name: string,
+    args: Record<string, unknown> | undefined,
+  ): Promise<ToolCallResult> {
+    const client = await this.getClient();
+    return await this.wrapAuth(
+      client.callTool({
+        name,
+        ...(args && Object.keys(args).length > 0 ? { arguments: args } : {}),
+      }),
+    );
+  }
+
+  async close(): Promise<void> {
+    this.listedTools = undefined;
+
+    const transport = this.transport;
+    this.transport = undefined;
+    this.client = undefined;
+
+    if (transport) {
+      await transport.close();
+    }
+  }
+
+  private async getClient(): Promise<Client> {
+    if (this.client) {
+      return this.client;
+    }
+
+    const mcp = this.plugin.manifest.mcp;
+    if (!mcp) {
+      throw new Error(
+        `Plugin "${this.plugin.manifest.name}" does not declare MCP config`,
+      );
+    }
+
+    const requestInit: RequestInit = {};
+    if (mcp.headers && Object.keys(mcp.headers).length > 0) {
+      requestInit.headers = new Headers(mcp.headers);
+    }
+
+    const transport = new StreamableHTTPClientTransport(new URL(mcp.url), {
+      ...(Object.keys(requestInit).length > 0 ? { requestInit } : {}),
+      ...(this.options.fetch ? { fetch: this.options.fetch } : {}),
+      ...(this.options.authProvider
+        ? { authProvider: this.options.authProvider }
+        : {}),
+      ...(this.options.sessionId ? { sessionId: this.options.sessionId } : {}),
+    });
+    const client = new Client(MCP_CLIENT_INFO, {
+      capabilities: {},
+    });
+
+    await this.wrapAuth(client.connect(transport));
+
+    this.transport = transport;
+    this.client = client;
+    return client;
+  }
+
+  private async wrapAuth<T>(promise: Promise<T>): Promise<T> {
+    try {
+      return await promise;
+    } catch (error) {
+      if (error instanceof McpAuthorizationRequiredError) {
+        throw error;
+      }
+      if (error instanceof UnauthorizedError) {
+        throw new McpAuthorizationRequiredError(
+          this.plugin.manifest.name,
+          `MCP authorization required for plugin "${this.plugin.manifest.name}"`,
+        );
+      }
+      if (error instanceof StreamableHTTPError && error.code === 401) {
+        throw new McpAuthorizationRequiredError(
+          this.plugin.manifest.name,
+          `MCP authorization required for plugin "${this.plugin.manifest.name}"`,
+        );
+      }
+      throw error;
+    }
+  }
+}
+
+export type {
+  ListedTool as PluginMcpListedTool,
+  ToolCallResult as PluginMcpToolCallResult,
+};