callServerTool: opt into progress-based timeout reset

Hosts may interpose long-running steps (e.g. inline OAuth on 401) between
the guest's tools/call and the server's response. Without this, the base
SDK's 60s DEFAULT_REQUEST_TIMEOUT_MSEC fires and the guest sees -32001
even though the host is still working.

Passing onprogress causes Protocol.request to include _meta.progressToken
in the outgoing request and register a progress handler; resetTimeoutOnProgress
makes incoming notifications/progress reset the per-request timer. Hosts can
then heartbeat during human-in-the-loop steps. Callers can still override both.

Author: anthroy

src/app.ts

@@ -860,7 +860,14 @@ export class App extends ProtocolWithEvents<
     return await this.request(
       { method: "tools/call", params },
       CallToolResultSchema,
-      options,
+      {
+        ...options,
+        // Hosts may interpose long-running steps (e.g. lazy OAuth) before the
+        // tool result arrives. Opting in here lets a host heartbeat keep the
+        // request alive past the 60s default; callers can still override.
+        onprogress: options?.onprogress ?? (() => {}),
+        resetTimeoutOnProgress: options?.resetTimeoutOnProgress ?? true,
+      },
     );
   }