actionmcp 0.104.0 → 0.104.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/action_mcp/configuration.rb +17 -6
- data/lib/action_mcp/gateway.rb +6 -7
- data/lib/action_mcp/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6cfb5ce2385d840e5a70a47707ff2a684b2b1129ab19e55869832cff57286619
|
|
4
|
+
data.tar.gz: aedeccd60db4263d29eee4da2d051d5910978c50951765dc7ec6b83cb1c2c6c9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c6fe8f1b667633f25e566df67f6c8da36d652ef993eb568b8c73b23fd46bb85c3c096560b91c62056bc00325fd1daa23aba789d960697007b5d28881ce02d292
|
|
7
|
+
data.tar.gz: dc9a41f5f340b09e11c551d64857239501341602731136686f508e3f8fa22558e9f10392941887c20f2ae6cbd7f1174d87fa4b371142e90bcbd3e0bfe8b90353
|
|
@@ -44,12 +44,14 @@ module ActionMCP
|
|
|
44
44
|
:max_queue,
|
|
45
45
|
:polling_interval,
|
|
46
46
|
:connects_to,
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
47
|
+
# --- Tasks Options (MCP 2025-11-25) ---
|
|
48
|
+
:tasks_enabled,
|
|
49
|
+
:tasks_list_enabled,
|
|
50
|
+
:tasks_cancel_enabled,
|
|
51
|
+
# --- Schema Validation Options ---
|
|
52
|
+
:validate_structured_content,
|
|
53
|
+
# --- Allowed identity keys for gateway ---
|
|
54
|
+
:allowed_identity_keys
|
|
53
55
|
|
|
54
56
|
def initialize
|
|
55
57
|
@logging_enabled = false
|
|
@@ -84,6 +86,11 @@ module ActionMCP
|
|
|
84
86
|
@session_store_type = Rails.env.production? ? :active_record : :volatile
|
|
85
87
|
@client_session_store_type = nil # defaults to session_store_type
|
|
86
88
|
@server_session_store_type = nil # defaults to session_store_type
|
|
89
|
+
|
|
90
|
+
# Whitelist of allowed identity attribute names to prevent method shadowing
|
|
91
|
+
# and unauthorized attribute assignment. Extend this list if you use custom
|
|
92
|
+
# identifier names in your GatewayIdentifier implementations.
|
|
93
|
+
@allowed_identity_keys = %w[user api_key jwt bearer token account session].freeze
|
|
87
94
|
end
|
|
88
95
|
|
|
89
96
|
def name
|
|
@@ -118,6 +125,10 @@ module ActionMCP
|
|
|
118
125
|
@server_instructions = parse_instructions(value)
|
|
119
126
|
end
|
|
120
127
|
|
|
128
|
+
def allowed_identity_keys=(value)
|
|
129
|
+
@allowed_identity_keys = Array(value).map(&:to_s).freeze
|
|
130
|
+
end
|
|
131
|
+
|
|
121
132
|
def gateway_class
|
|
122
133
|
# Resolve gateway class lazily to account for Zeitwerk autoloading
|
|
123
134
|
# This allows ApplicationGateway to be loaded from app/mcp even if the
|
data/lib/action_mcp/gateway.rb
CHANGED
|
@@ -4,11 +4,6 @@ module ActionMCP
|
|
|
4
4
|
class UnauthorizedError < StandardError; end
|
|
5
5
|
|
|
6
6
|
class Gateway
|
|
7
|
-
# Whitelist of allowed identity attribute names to prevent method shadowing
|
|
8
|
-
# and unauthorized attribute assignment. Extend this list if you use custom
|
|
9
|
-
# identifier names in your GatewayIdentifier implementations.
|
|
10
|
-
ALLOWED_IDENTITY_KEYS = %w[user api_key jwt bearer token account session].freeze
|
|
11
|
-
|
|
12
7
|
class << self
|
|
13
8
|
# pluck in one or many GatewayIdentifier classes
|
|
14
9
|
def identified_by(*klasses)
|
|
@@ -78,9 +73,9 @@ module ActionMCP
|
|
|
78
73
|
name_str = name.to_s
|
|
79
74
|
|
|
80
75
|
# Validate identity key against whitelist to prevent method shadowing
|
|
81
|
-
unless
|
|
76
|
+
unless allowed_identity_keys.include?(name_str)
|
|
82
77
|
raise ArgumentError, "Invalid identity key: '#{name_str}'. " \
|
|
83
|
-
"Allowed keys: #{
|
|
78
|
+
"Allowed keys: #{allowed_identity_keys.join(', ')}"
|
|
84
79
|
end
|
|
85
80
|
|
|
86
81
|
# define accessor on the fly
|
|
@@ -114,5 +109,9 @@ module ActionMCP
|
|
|
114
109
|
def apply_profile_from_authentication(identities)
|
|
115
110
|
# Default: do nothing. Override in subclass if you want profile switching.
|
|
116
111
|
end
|
|
112
|
+
|
|
113
|
+
def allowed_identity_keys
|
|
114
|
+
ActionMCP.configuration.allowed_identity_keys
|
|
115
|
+
end
|
|
117
116
|
end
|
|
118
117
|
end
|
data/lib/action_mcp/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: actionmcp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.104.
|
|
4
|
+
version: 0.104.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Abdelkader Boudih
|
|
@@ -302,7 +302,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
302
302
|
- !ruby/object:Gem::Version
|
|
303
303
|
version: '0'
|
|
304
304
|
requirements: []
|
|
305
|
-
rubygems_version: 4.0.
|
|
305
|
+
rubygems_version: 4.0.3
|
|
306
306
|
specification_version: 4
|
|
307
307
|
summary: Lightweight Model Context Protocol (MCP) server toolkit for Ruby/Rails
|
|
308
308
|
test_files: []
|