Parallels RAS MCP Server

Instructions

Implementation Reference

• src/tools/publishing.ts:55-62 (handler)

  The main handler function that executes the ras_pub_get_vdi_apps tool. It makes an authenticated GET request to the RAS API endpoint '/api/publishing/apps/vdi' to retrieve published VDI applications and returns the JSON response.

  async () => {
    try {
      const data = await rasClient.get("/api/publishing/apps/vdi");
      return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
    } catch (err) {
      return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve published VDI apps") }], isError: true };
    }
  }

• src/tools/publishing.ts:44-63 (registration)

  Tool registration for ras_pub_get_vdi_apps, including title, description, read-only annotations, and empty input schema (no parameters required). The handler is registered with the MCP server.

  server.registerTool(
    "ras_pub_get_vdi_apps",
    {
      title: "Published VDI Apps",
      description:
        "List published VDI (Virtual Desktop Infrastructure) applications. VDI apps " +
        "run on dedicated virtual machines rather than shared RDS hosts. Use this to " +
        "review VDI-published applications or compare with RDS app assignments.",
      annotations: READ_ONLY_ANNOTATIONS,
      inputSchema: {},
    },
    async () => {
      try {
        const data = await rasClient.get("/api/publishing/apps/vdi");
        return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
      } catch (err) {
        return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve published VDI apps") }], isError: true };
      }
    }
  );

• src/tools/publishing.ts:53-53 (schema)

  Input schema definition for ras_pub_get_vdi_apps - an empty object indicating the tool requires no input parameters.

  inputSchema: {},

• src/client.ts:128-166 (helper)

  The rasClient.get() helper method that performs authenticated GET requests to the RAS API, handling session management, automatic authentication, retry on 401 errors, and request timeouts.

  async get(path: string): Promise<unknown> {
    // Ensure we have a valid session
    if (!this.authToken) {
      await this.login();
    }
  
    const fetchOptions = {
      method: "GET" as const,
      headers: {
        ...this.headers,
        auth_token: this.authToken!,
      },
      signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS),
    };
  
    let response = await fetch(`${this.baseUrl}${path}`, fetchOptions);
  
    // Token may have expired — re-authenticate once and retry
    if (response.status === 401) {
      await this.login();
      response = await fetch(`${this.baseUrl}${path}`, {
        ...fetchOptions,
        headers: {
          ...this.headers,
          auth_token: this.authToken!,
        },
        signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS),
      });
    }
  
    if (!response.ok) {
      const body = await response.text();
      throw new Error(
        `RAS API error (HTTP ${response.status}) on ${path}: ${body.substring(0, 300)}`
      );
    }
  
    return response.json();
  }

• src/client.ts:43-54 (helper)

  The sanitiseError() helper function that sanitizes error messages by removing sensitive data like auth tokens and passwords, and truncating excessively long responses.

  function sanitiseError(err: unknown, context: string): string {
    const raw = err instanceof Error ? err.message : String(err);
    // Remove anything that looks like a token or password value
    let sanitised = raw
      .replace(/auth_token[=:]\s*\S+/gi, "auth_token=[REDACTED]")
      .replace(/password[=:]\s*\S+/gi, "password=[REDACTED]");
    // Truncate excessively long API response bodies
    if (sanitised.length > 500) {
      sanitised = sanitised.substring(0, 500) + "... (truncated)";
    }
    return `${context}: ${sanitised}`;
  }