vector_mcp 0.3.0 → 0.3.2

data/lib/vector_mcp/errors.rb

@@ -28,7 +28,8 @@ module VectorMCP
     # @param details [Hash, nil] Additional details for the error (optional).
     # @param request_id [String, Integer, nil] The ID of the originating request.
     def initialize(message, code: -32_600, details: nil, request_id: nil)
-      VectorMCP.logger.debug("Initializing ProtocolError with code: #{code}")
+      logger = VectorMCP.logger_for("errors")
+      logger.debug("Initializing ProtocolError with code: #{code}")
       @code = code
       @message = message
       @details = details # NOTE: `data` in JSON-RPC is often used for this purpose.
@@ -104,7 +105,8 @@ module VectorMCP
     # @param details [Hash, nil] Additional details for the error (optional).
     # @param request_id [String, Integer, nil] The ID of the originating request.
     def initialize(message = "Server error", code: -32_000, details: nil, request_id: nil)
-      VectorMCP.logger.debug("Initializing ServerError with code: #{code}")
+      logger = VectorMCP.logger_for("errors")
+      logger.debug("Initializing ServerError with code: #{code}")
       unless (-32_099..-32_000).cover?(code)
         warn "Server error code #{code} is outside of the reserved range (-32099 to -32000). Using -32000 instead."
         code = -32_000
@@ -131,7 +133,8 @@ module VectorMCP
     # @param details [Hash, nil] Additional details for the error (optional).
     # @param request_id [String, Integer, nil] The ID of the originating request.
     def initialize(message = "Not Found", details: nil, request_id: nil)
-      VectorMCP.logger.debug("Initializing NotFoundError with code: -32001")
+      logger = VectorMCP.logger_for("errors")
+      logger.debug("Initializing NotFoundError with code: -32001")
       super(message, code: -32_001, details: details, request_id: request_id)
     end
   end
@@ -174,4 +177,28 @@ module VectorMCP
   #     super(message, code: client_code, details: client_details, request_id: request_id)
   #   end
   # end
+
+  # --- Security Specific Errors ---
+
+  # Represents an authentication required error (-32401).
+  # Indicates the request requires authentication.
+  class UnauthorizedError < ProtocolError
+    # @param message [String] The error message.
+    # @param details [Hash, nil] Additional details for the error (optional).
+    # @param request_id [String, Integer, nil] The ID of the originating request.
+    def initialize(message = "Authentication required", details: nil, request_id: nil)
+      super(message, code: -32_401, details: details, request_id: request_id)
+    end
+  end
+
+  # Represents an authorization failed error (-32403).
+  # Indicates the authenticated user does not have permission to perform the requested action.
+  class ForbiddenError < ProtocolError
+    # @param message [String] The error message.
+    # @param details [Hash, nil] Additional details for the error (optional).
+    # @param request_id [String, Integer, nil] The ID of the originating request.
+    def initialize(message = "Access denied", details: nil, request_id: nil)
+      super(message, code: -32_403, details: details, request_id: request_id)
+    end
+  end
 end

data/lib/vector_mcp/handlers/core.rb

@@ -3,6 +3,7 @@
 require "json"
 require "uri"
 require "json-schema"
+require_relative "../middleware"
 
 module VectorMCP
   module Handlers
@@ -21,7 +22,8 @@ module VectorMCP
       # @param _server [VectorMCP::Server] The server instance (ignored).
       # @return [Hash] An empty hash, as per MCP spec for ping.
       def self.ping(_params, _session, _server)
-        VectorMCP.logger.debug("Handling ping request")
+        logger = VectorMCP.logger_for("handlers.core")
+        logger.debug("Handling ping request")
         {}
       end
 
@@ -42,28 +44,35 @@ module VectorMCP
       #
       # @param params [Hash] The request parameters.
       #   Expected keys: "name" (String), "arguments" (Hash, optional).
-      # @param _session [VectorMCP::Session] The current session (ignored).
+      # @param session [VectorMCP::Session] The current session.
       # @param server [VectorMCP::Server] The server instance.
       # @return [Hash] A hash containing the tool call result or an error indication.
       #   Example success: `{ isError: false, content: [{ type: "text", ... }] }`
       # @raise [VectorMCP::NotFoundError] if the requested tool is not found.
       # @raise [VectorMCP::InvalidParamsError] if arguments validation fails.
-      def self.call_tool(params, _session, server)
+      # @raise [VectorMCP::UnauthorizedError] if authentication fails.
+      # @raise [VectorMCP::ForbiddenError] if authorization fails.
+      def self.call_tool(params, session, server)
         tool_name = params["name"]
         arguments = params["arguments"] || {}
 
-        tool = server.tools[tool_name]
-        raise VectorMCP::NotFoundError.new("Not Found", details: "Tool not found: #{tool_name}") unless tool
+        context = create_tool_context(tool_name, params, session, server)
+        context = server.middleware_manager.execute_hooks(:before_tool_call, context)
+        return handle_middleware_error(context) if context.error?
 
-        # Validate arguments against the tool's input schema
-        validate_input_arguments!(tool_name, tool, arguments)
+        begin
+          tool = find_tool!(tool_name, server)
+          security_result = validate_tool_security!(session, tool, server)
+          validate_input_arguments!(tool_name, tool, arguments)
 
-        # Let StandardError propagate to Server#handle_request
-        result = tool.handler.call(arguments)
-        {
-          isError: false,
-          content: VectorMCP::Util.convert_to_mcp_content(result)
-        }
+          result = execute_tool_handler(tool, arguments, security_result)
+          context.result = build_tool_result(result)
+
+          context = server.middleware_manager.execute_hooks(:after_tool_call, context)
+          context.result
+        rescue StandardError => e
+          handle_tool_error(e, context, server)
+        end
       end
 
       # Handles the `resources/list` request.
@@ -83,24 +92,33 @@ module VectorMCP
       #
       # @param params [Hash] The request parameters.
       #   Expected key: "uri" (String).
-      # @param _session [VectorMCP::Session] The current session (ignored).
+      # @param session [VectorMCP::Session] The current session.
       # @param server [VectorMCP::Server] The server instance.
       # @return [Hash] A hash containing an array of content items from the resource.
       #   Example: `{ contents: [{ type: "text", text: "...", uri: "memory://data" }] }`
       # @raise [VectorMCP::NotFoundError] if the requested resource URI is not found.
-      def self.read_resource(params, _session, server)
+      # @raise [VectorMCP::UnauthorizedError] if authentication fails.
+      # @raise [VectorMCP::ForbiddenError] if authorization fails.
+      def self.read_resource(params, session, server)
         uri_s = params["uri"]
-        raise VectorMCP::NotFoundError.new("Not Found", details: "Resource not found: #{uri_s}") unless server.resources[uri_s]
 
-        resource = server.resources[uri_s]
-        # Let StandardError propagate to Server#handle_request
-        content_raw = resource.handler.call(params)
-        contents = VectorMCP::Util.convert_to_mcp_content(content_raw, mime_type: resource.mime_type)
-        contents.each do |item|
-          # Add URI to each content item if not already present
-          item[:uri] ||= uri_s
+        context = create_resource_context(uri_s, params, session, server)
+        context = server.middleware_manager.execute_hooks(:before_resource_read, context)
+        return handle_middleware_error(context) if context.error?
+
+        begin
+          resource = find_resource!(uri_s, server)
+          security_result = validate_resource_security!(session, resource, server)
+
+          content_raw = execute_resource_handler(resource, params, security_result)
+          contents = process_resource_content(content_raw, resource, uri_s)
+
+          context.result = { contents: contents }
+          context = server.middleware_manager.execute_hooks(:after_resource_read, context)
+          context.result
+        rescue StandardError => e
+          handle_resource_error(e, context, server)
         end
-        { contents: contents }
       end
 
       # Handles the `prompts/list` request.
@@ -161,20 +179,51 @@ module VectorMCP
       # @raise [VectorMCP::NotFoundError] if the prompt name is not found.
       # @raise [VectorMCP::InvalidParamsError] if arguments are invalid.
       # @raise [VectorMCP::InternalError] if the prompt handler returns an invalid data structure.
-      def self.get_prompt(params, _session, server)
+      def self.get_prompt(params, session, server)
         prompt_name = params["name"]
-        prompt      = fetch_prompt(prompt_name, server)
 
-        arguments = params["arguments"] || {}
-        validate_arguments!(prompt_name, prompt, arguments)
+        # Create middleware context
+        context = VectorMCP::Middleware::Context.new(
+          operation_type: :prompt_get,
+          operation_name: prompt_name,
+          params: params,
+          session: session,
+          server: server,
+          metadata: { start_time: Time.now }
+        )
+
+        # Execute before_prompt_get hooks
+        context = server.middleware_manager.execute_hooks(:before_prompt_get, context)
+        return handle_middleware_error(context) if context.error?
+
+        begin
+          prompt = fetch_prompt(prompt_name, server)
+
+          arguments = params["arguments"] || {}
+          validate_arguments!(prompt_name, prompt, arguments)
 
-        # Call the registered handler after arguments were validated
-        result_data = prompt.handler.call(arguments)
+          # Call the registered handler after arguments were validated
+          result_data = prompt.handler.call(arguments)
 
-        validate_prompt_response!(prompt_name, result_data, server)
+          validate_prompt_response!(prompt_name, result_data, server)
 
-        # Return the handler response directly (must match GetPromptResult schema)
-        result_data
+          # Set result in context
+          context.result = result_data
+
+          # Execute after_prompt_get hooks
+          context = server.middleware_manager.execute_hooks(:after_prompt_get, context)
+
+          context.result
+        rescue StandardError => e
+          # Set error in context and execute error hooks
+          context.error = e
+          context = server.middleware_manager.execute_hooks(:on_prompt_error, context)
+
+          # Re-raise unless middleware handled the error
+          raise e unless context.result
+
+          context.result
+        end
       end
 
       # --- Notification Handlers ---
@@ -344,6 +393,194 @@ module VectorMCP
       end
       private_class_method :validate_input_arguments!
       private_class_method :raise_tool_validation_error
+
+      # Security helper methods
+
+      # Check security for tool access
+      # @api private
+      # @param session [VectorMCP::Session] The current session
+      # @param tool [VectorMCP::Definitions::Tool] The tool being accessed
+      # @param server [VectorMCP::Server] The server instance
+      # @return [Hash] Security check result
+      def self.check_tool_security(session, tool, server)
+        # Extract request context from session for security middleware
+        request = extract_request_from_session(session)
+        server.security_middleware.process_request(request, action: :call, resource: tool)
+      end
+      private_class_method :check_tool_security
+
+      # Check security for resource access
+      # @api private
+      # @param session [VectorMCP::Session] The current session
+      # @param resource [VectorMCP::Definitions::Resource] The resource being accessed
+      # @param server [VectorMCP::Server] The server instance
+      # @return [Hash] Security check result
+      def self.check_resource_security(session, resource, server)
+        request = extract_request_from_session(session)
+        server.security_middleware.process_request(request, action: :read, resource: resource)
+      end
+      private_class_method :check_resource_security
+
+      # Extract request context from session for security processing
+      # @api private
+      # @param session [VectorMCP::Session] The current session
+      # @return [Hash] Request context for security middleware
+      def self.extract_request_from_session(session)
+        # Extract security context from session
+        # This will be enhanced as we integrate with transport layers
+        {
+          headers: session.instance_variable_get(:@request_headers) || {},
+          params: session.instance_variable_get(:@request_params) || {},
+          session_id: session.respond_to?(:id) ? session.id : "test-session"
+        }
+      end
+      private_class_method :extract_request_from_session
+
+      # Handle security failure by raising appropriate error
+      # @api private
+      # @param security_result [Hash] The security check result
+      # @return [void]
+      # @raise [VectorMCP::UnauthorizedError, VectorMCP::ForbiddenError]
+      def self.handle_security_failure(security_result)
+        case security_result[:error_code]
+        when "AUTHENTICATION_REQUIRED"
+          raise VectorMCP::UnauthorizedError, security_result[:error]
+        when "AUTHORIZATION_FAILED"
+          raise VectorMCP::ForbiddenError, security_result[:error]
+        else
+          # Fallback to generic unauthorized error
+          raise VectorMCP::UnauthorizedError, security_result[:error] || "Security check failed"
+        end
+      end
+      private_class_method :handle_security_failure
+
+      # Handle middleware error by returning appropriate response or raising error
+      # @api private
+      # @param context [VectorMCP::Middleware::Context] The middleware context with error
+      # @return [Hash, nil] Response hash if middleware provided one
+      # @raise [StandardError] Re-raises the original error if not handled
+      def self.handle_middleware_error(context)
+        # If middleware provided a result, return it
+        return context.result if context.result
+
+        # Otherwise, re-raise the middleware error
+        raise context.error
+      end
+
+      # Tool helper methods
+
+      # Create middleware context for tool operations
+      def self.create_tool_context(tool_name, params, session, server)
+        VectorMCP::Middleware::Context.new(
+          operation_type: :tool_call,
+          operation_name: tool_name,
+          params: params,
+          session: session,
+          server: server,
+          metadata: { start_time: Time.now }
+        )
+      end
+
+      # Find and validate tool exists
+      def self.find_tool!(tool_name, server)
+        tool = server.tools[tool_name]
+        raise VectorMCP::NotFoundError.new("Not Found", details: "Tool not found: #{tool_name}") unless tool
+
+        tool
+      end
+
+      # Validate tool security
+      def self.validate_tool_security!(session, tool, server)
+        security_result = check_tool_security(session, tool, server)
+        handle_security_failure(security_result) unless security_result[:success]
+        security_result
+      end
+
+      # Execute tool handler with proper arity handling
+      def self.execute_tool_handler(tool, arguments, security_result)
+        if [1, -1].include?(tool.handler.arity)
+          tool.handler.call(arguments)
+        else
+          tool.handler.call(arguments, security_result[:session_context])
+        end
+      end
+
+      # Build tool result response
+      def self.build_tool_result(result)
+        {
+          isError: false,
+          content: VectorMCP::Util.convert_to_mcp_content(result)
+        }
+      end
+
+      # Handle tool execution errors
+      def self.handle_tool_error(error, context, server)
+        context.error = error
+        context = server.middleware_manager.execute_hooks(:on_tool_error, context)
+        raise error unless context.result
+
+        context.result
+      end
+
+      # Resource helper methods
+
+      # Create middleware context for resource operations
+      def self.create_resource_context(uri_s, params, session, server)
+        VectorMCP::Middleware::Context.new(
+          operation_type: :resource_read,
+          operation_name: uri_s,
+          params: params,
+          session: session,
+          server: server,
+          metadata: { start_time: Time.now }
+        )
+      end
+
+      # Find and validate resource exists
+      def self.find_resource!(uri_s, server)
+        raise VectorMCP::NotFoundError.new("Not Found", details: "Resource not found: #{uri_s}") unless server.resources[uri_s]
+
+        server.resources[uri_s]
+      end
+
+      # Validate resource security
+      def self.validate_resource_security!(session, resource, server)
+        security_result = check_resource_security(session, resource, server)
+        handle_security_failure(security_result) unless security_result[:success]
+        security_result
+      end
+
+      # Execute resource handler with proper arity handling
+      def self.execute_resource_handler(resource, params, security_result)
+        if [1, -1].include?(resource.handler.arity)
+          resource.handler.call(params)
+        else
+          resource.handler.call(params, security_result[:session_context])
+        end
+      end
+
+      # Process resource content and add URI
+      def self.process_resource_content(content_raw, resource, uri_s)
+        contents = VectorMCP::Util.convert_to_mcp_content(content_raw, mime_type: resource.mime_type)
+        contents.each do |item|
+          item[:uri] ||= uri_s
+        end
+        contents
+      end
+
+      # Handle resource execution errors
+      def self.handle_resource_error(error, context, server)
+        context.error = error
+        context = server.middleware_manager.execute_hooks(:on_resource_error, context)
+        raise error unless context.result
+
+        context.result
+      end
+
+      private_class_method :handle_middleware_error, :create_tool_context, :find_tool!, :validate_tool_security!,
+                           :execute_tool_handler, :build_tool_result, :handle_tool_error, :create_resource_context,
+                           :find_resource!, :validate_resource_security!, :execute_resource_handler,
+                           :process_resource_content, :handle_resource_error
     end
   end
 end

data/lib/vector_mcp/logger.rb

@@ -0,0 +1,148 @@
+# frozen_string_literal: true
+
+require "logger"
+require "json"
+
+module VectorMCP
+  # Simple, environment-driven logger for VectorMCP
+  # Supports JSON and text formats with component-based identification
+  class Logger
+    LEVELS = {
+      "TRACE" => ::Logger::DEBUG,
+      "DEBUG" => ::Logger::DEBUG,
+      "INFO" => ::Logger::INFO,
+      "WARN" => ::Logger::WARN,
+      "ERROR" => ::Logger::ERROR,
+      "FATAL" => ::Logger::FATAL
+    }.freeze
+
+    attr_reader :component, :ruby_logger
+
+    def initialize(component = "vectormcp")
+      @component = component.to_s
+      @ruby_logger = create_ruby_logger
+      @format = ENV.fetch("VECTORMCP_LOG_FORMAT", "text").downcase
+    end
+
+    def self.for(component)
+      new(component)
+    end
+
+    # Log methods with context support and block evaluation
+    def debug(message = nil, **context, &block)
+      log(:debug, message || block&.call, context)
+    end
+
+    def info(message = nil, **context, &block)
+      log(:info, message || block&.call, context)
+    end
+
+    def warn(message = nil, **context, &block)
+      log(:warn, message || block&.call, context)
+    end
+
+    def error(message = nil, **context, &block)
+      log(:error, message || block&.call, context)
+    end
+
+    def fatal(message = nil, **context, &block)
+      log(:fatal, message || block&.call, context)
+    end
+
+    # Security-specific logging
+    def security(message, **context)
+      log(:error, "[SECURITY] #{message}", context.merge(security_event: true))
+    end
+
+    # Performance measurement
+    def measure(description, **context)
+      start_time = Time.now
+      result = yield
+      duration = Time.now - start_time
+
+      info("#{description} completed", **context, duration_ms: (duration * 1000).round(2),
+                                                  success: true)
+
+      result
+    rescue StandardError => e
+      duration = Time.now - start_time
+      error("#{description} failed", **context, duration_ms: (duration * 1000).round(2),
+                                                success: false,
+                                                error: e.class.name,
+                                                error_message: e.message)
+      raise
+    end
+
+    private
+
+    def log(level, message, context)
+      return unless @ruby_logger.send("#{level}?")
+
+      if @format == "json"
+        log_json(level, message, context)
+      else
+        log_text(level, message, context)
+      end
+    end
+
+    def log_json(level, message, context)
+      entry = {
+        timestamp: Time.now.iso8601(3),
+        level: level.to_s.upcase,
+        component: @component,
+        message: message,
+        thread_id: Thread.current.object_id
+      }
+      entry.merge!(context) unless context.empty?
+
+      @ruby_logger.send(level, entry.to_json)
+    end
+
+    def log_text(level, message, context)
+      formatted_message = if context.empty?
+                            "[#{@component}] #{message}"
+                          else
+                            context_str = context.map { |k, v| "#{k}=#{v}" }.join(" ")
+                            "[#{@component}] #{message} (#{context_str})"
+                          end
+
+      @ruby_logger.send(level, formatted_message)
+    end
+
+    def create_ruby_logger
+      output = determine_output
+      logger = ::Logger.new(output)
+      logger.level = determine_level
+      logger.formatter = method(:format_log_entry)
+      logger
+    end
+
+    def determine_output
+      case ENV.fetch("VECTORMCP_LOG_OUTPUT", "stderr").downcase
+      when "stdout"
+        $stdout
+      when "file"
+        file_path = ENV.fetch("VECTORMCP_LOG_FILE", "./vectormcp.log")
+        File.open(file_path, "a")
+      else
+        $stderr
+      end
+    end
+
+    def determine_level
+      level_name = ENV.fetch("VECTORMCP_LOG_LEVEL", "INFO").upcase
+      LEVELS.fetch(level_name, ::Logger::INFO)
+    end
+
+    def format_log_entry(severity, datetime, _progname, msg)
+      if @format == "json"
+        # JSON messages are already formatted
+        "#{msg}\n"
+      else
+        # Text format with timestamp
+        timestamp = datetime.strftime("%Y-%m-%d %H:%M:%S.%3N")
+        "#{timestamp} [#{severity}] #{msg}\n"
+      end
+    end
+  end
+end