bizteamai-smcp-biz 1.13.1__py3-none-any.whl

smcp/cli/revoke.py

@@ -0,0 +1,76 @@
+#!/usr/bin/env python3
+"""
+License key revocation utility for SMCP Business Edition.
+"""
+import sys
+import hmac
+import hashlib
+import argparse
+import json
+import os
+from datetime import datetime
+
+def revoke_license_key(license_key: str, reason: str = "") -> str:
+    """Revoke a license key by adding its hash to the revocation list."""
+    # Calculate key hash
+    key_hash = hashlib.sha256(license_key.encode()).hexdigest()
+    
+    # Create revocation entry
+    revocation_entry = {
+        "hash": key_hash,
+        "revoked_at": datetime.utcnow().isoformat() + "Z",
+        "reason": reason
+    }
+    
+    return key_hash, revocation_entry
+
+def main():
+    parser = argparse.ArgumentParser(description='Revoke SMCP Business Edition license keys')
+    parser.add_argument('--key', '-k', required=True, help='License key to revoke')
+    parser.add_argument('--reason', '-r', help='Reason for revocation')
+    parser.add_argument('--revocation-db', '-d', 
+                       default='/var/lib/bizteam/revocation.db',
+                       help='Revocation database file')
+    parser.add_argument('--output-json', '-o', help='Output revocation list as JSON')
+    
+    args = parser.parse_args()
+    
+    try:
+        key_hash, revocation_entry = revoke_license_key(args.key, args.reason or "")
+        
+        # Load existing revocation database
+        revocation_list = {}
+        if os.path.exists(args.revocation_db):
+            try:
+                with open(args.revocation_db, 'r') as f:
+                    revocation_list = json.load(f)
+            except (json.JSONDecodeError, FileNotFoundError):
+                revocation_list = {}
+        
+        # Add new revocation
+        revocation_list[key_hash] = revocation_entry
+        
+        # Save updated database
+        os.makedirs(os.path.dirname(args.revocation_db), exist_ok=True)
+        with open(args.revocation_db, 'w') as f:
+            json.dump(revocation_list, f, indent=2)
+        
+        print(f"License key revoked: {key_hash[:16]}...")
+        print(f"Revocation database updated: {args.revocation_db}")
+        
+        # Output JSON list if requested
+        if args.output_json:
+            json_output = {
+                "revoked": list(revocation_list.keys()),
+                "updated_at": datetime.utcnow().isoformat() + "Z"
+            }
+            with open(args.output_json, 'w') as f:
+                json.dump(json_output, f, indent=2)
+            print(f"JSON revocation list written to: {args.output_json}")
+        
+    except Exception as e:
+        print(f"Error revoking license key: {e}", file=sys.stderr)
+        sys.exit(1)
+
+if __name__ == '__main__':
+    main()

smcp/confirm.py

@@ -0,0 +1,262 @@
+"""
+Destructive action confirmation queue and approval system.
+"""
+
+import json
+import time
+import uuid
+from pathlib import Path
+from typing import Any, Callable, Dict, List, Optional, Tuple
+
+
+class PendingApproval(Exception):
+    """Raised when an action is queued for approval."""
+    pass
+
+
+class ActionQueue:
+    """Manages queued actions awaiting approval."""
+    
+    def __init__(self, queue_file: Optional[str] = None):
+        """
+        Initialize the action queue.
+        
+        Args:
+            queue_file: Path to the queue file (defaults to temp file)
+        """
+        self.queue_file = Path(queue_file or "/tmp/smcp_queue.json")
+        self._ensure_queue_file()
+    
+    def _ensure_queue_file(self) -> None:
+        """Ensure the queue file exists."""
+        if not self.queue_file.exists():
+            self.queue_file.parent.mkdir(parents=True, exist_ok=True)
+            self._save_queue([])
+    
+    def _load_queue(self) -> List[Dict[str, Any]]:
+        """Load the current queue from disk."""
+        try:
+            with open(self.queue_file, 'r') as f:
+                return json.load(f)
+        except (FileNotFoundError, json.JSONDecodeError):
+            return []
+    
+    def _save_queue(self, queue: List[Dict[str, Any]]) -> None:
+        """Save the queue to disk."""
+        with open(self.queue_file, 'w') as f:
+            json.dump(queue, f, indent=2, default=str)
+    
+    def add_action(self, action_id: str, function: Callable, args: Tuple, kwargs: Dict[str, Any]) -> None:
+        """
+        Add an action to the approval queue.
+        
+        Args:
+            action_id: Unique identifier for the action
+            function: Function to be executed
+            args: Function arguments
+            kwargs: Function keyword arguments
+        """
+        queue = self._load_queue()
+        
+        action = {
+            "id": action_id,
+            "function_name": function.__name__,
+            "module": function.__module__,
+            "args": args,
+            "kwargs": kwargs,
+            "timestamp": time.time(),
+            "status": "pending"
+        }
+        
+        queue.append(action)
+        self._save_queue(queue)
+    
+    def get_pending_actions(self) -> List[Dict[str, Any]]:
+        """Get all pending actions."""
+        queue = self._load_queue()
+        return [action for action in queue if action["status"] == "pending"]
+    
+    def approve_action(self, action_id: str) -> Optional[Dict[str, Any]]:
+        """
+        Approve an action for execution.
+        
+        Args:
+            action_id: ID of the action to approve
+            
+        Returns:
+            The approved action data, or None if not found
+        """
+        queue = self._load_queue()
+        
+        for action in queue:
+            if action["id"] == action_id and action["status"] == "pending":
+                action["status"] = "approved"
+                action["approved_at"] = time.time()
+                self._save_queue(queue)
+                return action
+        
+        return None
+    
+    def reject_action(self, action_id: str) -> bool:
+        """
+        Reject an action.
+        
+        Args:
+            action_id: ID of the action to reject
+            
+        Returns:
+            True if the action was found and rejected
+        """
+        queue = self._load_queue()
+        
+        for action in queue:
+            if action["id"] == action_id and action["status"] == "pending":
+                action["status"] = "rejected"
+                action["rejected_at"] = time.time()
+                self._save_queue(queue)
+                return True
+        
+        return False
+    
+    def cleanup_old_actions(self, max_age_hours: int = 24) -> int:
+        """
+        Remove old actions from the queue.
+        
+        Args:
+            max_age_hours: Maximum age in hours before removal
+            
+        Returns:
+            Number of actions removed
+        """
+        queue = self._load_queue()
+        cutoff_time = time.time() - (max_age_hours * 3600)
+        
+        old_count = len(queue)
+        queue = [action for action in queue if action["timestamp"] > cutoff_time]
+        new_count = len(queue)
+        
+        if old_count != new_count:
+            self._save_queue(queue)
+        
+        return old_count - new_count
+
+
+# Global action queue instance
+_action_queue = None
+
+
+def get_action_queue(cfg: Dict[str, Any]) -> ActionQueue:
+    """Get or create the global action queue."""
+    global _action_queue
+    if _action_queue is None:
+        queue_file = cfg.get("QUEUE_FILE")
+        _action_queue = ActionQueue(queue_file)
+    return _action_queue
+
+
+def maybe_queue(function: Callable, args: Tuple, kwargs: Dict[str, Any], cfg: Dict[str, Any]) -> bool:
+    """
+    Queue an action for approval if confirmation is required.
+    
+    Args:
+        function: Function to potentially queue
+        args: Function arguments
+        kwargs: Function keyword arguments
+        cfg: Configuration dictionary
+        
+    Returns:
+        True if the action was queued (requiring approval)
+        False if the action should proceed immediately
+    """
+    # Check if confirmation is enabled globally
+    if not cfg.get("CONFIRMATION_ENABLED", True):
+        return False
+    
+    # Generate unique action ID
+    action_id = str(uuid.uuid4())
+    
+    # Add to queue
+    queue = get_action_queue(cfg)
+    queue.add_action(action_id, function, args, kwargs)
+    
+    # Store action ID for potential approval
+    cfg["_last_action_id"] = action_id
+    
+    return True
+
+
+def execute_approved_action(action_id: str, cfg: Dict[str, Any]) -> Any:
+    """
+    Execute a previously approved action.
+    
+    Args:
+        action_id: ID of the action to execute
+        cfg: Configuration dictionary
+        
+    Returns:
+        Result of the executed function
+        
+    Raises:
+        ValueError: If the action is not found or not approved
+    """
+    queue = get_action_queue(cfg)
+    action_queue_data = queue._load_queue()
+    
+    # Find the action
+    action = None
+    for a in action_queue_data:
+        if a["id"] == action_id:
+            action = a
+            break
+    
+    if not action:
+        raise ValueError(f"Action {action_id} not found")
+    
+    if action["status"] != "approved":
+        raise ValueError(f"Action {action_id} is not approved")
+    
+    # Import and execute the function
+    # Note: This is a simplified version - in practice, you'd need
+    # to properly reconstruct the function from module/name
+    function_name = action["function_name"]
+    args = tuple(action["args"])
+    kwargs = action["kwargs"]
+    
+    # This would need to be implemented based on your specific requirements
+    # for function reconstruction and execution
+    raise NotImplementedError("Function execution from queue not implemented")
+
+
+def list_pending_actions(cfg: Dict[str, Any]) -> List[Dict[str, Any]]:
+    """
+    List all pending actions.
+    
+    Args:
+        cfg: Configuration dictionary
+        
+    Returns:
+        List of pending action dictionaries
+    """
+    queue = get_action_queue(cfg)
+    return queue.get_pending_actions()
+
+
+def format_action_summary(action: Dict[str, Any]) -> str:
+    """
+    Format an action for display.
+    
+    Args:
+        action: Action dictionary
+        
+    Returns:
+        Human-readable action summary
+    """
+    timestamp = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(action["timestamp"]))
+    return (
+        f"ID: {action['id']}\n"
+        f"Function: {action['function_name']}\n"
+        f"Time: {timestamp}\n"
+        f"Args: {action['args']}\n"
+        f"Kwargs: {action['kwargs']}\n"
+        f"Status: {action['status']}"
+    )

smcp/cpu.py

@@ -0,0 +1,67 @@
+"""
+CPU core detection for licensing enforcement.
+"""
+import os
+import logging
+from typing import Optional
+
+logger = logging.getLogger(__name__)
+
+def get_physical_cores() -> int:
+    """Get physical CPU core count."""
+    try:
+        import psutil
+        physical = psutil.cpu_count(logical=False)
+        if physical is None:
+            physical = psutil.cpu_count(logical=True)
+        return physical or 1
+    except ImportError:
+        # Fallback to os.cpu_count if psutil not available
+        return os.cpu_count() or 1
+
+def get_cgroup_cores() -> Optional[int]:
+    """Get CPU limit from cgroup v2."""
+    try:
+        with open("/sys/fs/cgroup/cpu.max", "r") as f:
+            content = f.read().strip()
+            if content == "max":
+                return None
+            
+            parts = content.split()
+            if len(parts) >= 2:
+                quota = int(parts[0])
+                period = int(parts[1])
+                return quota // period
+            return None
+    except (FileNotFoundError, ValueError, PermissionError):
+        # Try cgroup v1
+        try:
+            with open("/sys/fs/cgroup/cpu/cpu.cfs_quota_us", "r") as f:
+                quota = int(f.read().strip())
+            with open("/sys/fs/cgroup/cpu/cpu.cfs_period_us", "r") as f:
+                period = int(f.read().strip())
+            
+            if quota > 0:
+                return quota // period
+            return None
+        except (FileNotFoundError, ValueError, PermissionError):
+            return None
+
+def detect_cores() -> int:
+    """
+    Detect available CPU cores considering both physical and cgroup limits.
+    
+    Returns:
+        Number of detected cores
+    """
+    physical = get_physical_cores()
+    cgroup = get_cgroup_cores()
+    
+    if cgroup is not None:
+        detected = min(physical, cgroup)
+        logger.debug(f"Core detection: physical={physical}, cgroup={cgroup}, detected={detected}")
+    else:
+        detected = physical
+        logger.debug(f"Core detection: physical={physical}, cgroup=None, detected={detected}")
+    
+    return max(1, detected)  # Ensure at least 1 core

smcp/decorators.py

@@ -0,0 +1,97 @@
+"""
+Decorator builders for securing MCP tools, prompts, and retrieval functions.
+
+Provides a unified decorator factory that wraps the original MCP decorators
+with conditional security guards.
+"""
+
+from functools import wraps
+from typing import Any, Callable, Dict, Optional
+
+try:
+    from mcp import tool as base_tool, prompt as base_prompt, retrieval as base_retrieval
+except ImportError:
+    # Fallback for testing or when mcp is not available
+    def base_tool(*args, **kwargs):
+        def decorator(fn):
+            return fn
+        return decorator
+    
+    def base_prompt(*args, **kwargs):
+        def decorator(fn):
+            return fn
+        return decorator
+    
+    def base_retrieval(*args, **kwargs):
+        def decorator(fn):
+            return fn
+        return decorator
+
+from .filters import sanitize_prompt
+from .allowlist import validate_host
+from .confirm import maybe_queue, PendingApproval
+from .logchain import log_event
+
+
+def _secure(base_deco: Callable) -> Callable:
+    """
+    Create a security-enhanced decorator factory from a base MCP decorator.
+    
+    Args:
+        base_deco: The original MCP decorator (tool, prompt, or retrieval)
+        
+    Returns:
+        A decorator factory that applies security guards conditionally
+    """
+    def builder(*dargs, confirm: bool = False, **dkwargs) -> Callable:
+        """
+        Build a secured decorator with optional confirmation requirement.
+        
+        Args:
+            *dargs: Positional arguments passed to base decorator
+            confirm: Whether to require approval for destructive actions
+            **dkwargs: Keyword arguments passed to base decorator
+            
+        Returns:
+            A decorator that applies security guards to the wrapped function
+        """
+        def inner(fn: Callable) -> Callable:
+            @base_deco(*dargs, **dkwargs)
+            @wraps(fn)
+            def wrapper(*args, **kwargs) -> Any:
+                # Extract SMCP configuration injected by runtime adapter
+                cfg = kwargs.pop("_smcp_cfg", {})
+                
+                # Input sanitization guard (activates if SAFE_RE configured)
+                if cfg.get("SAFE_RE"):
+                    prompt_text = kwargs.get("prompt", "")
+                    if prompt_text:
+                        sanitize_prompt(prompt_text, cfg)
+                
+                # Host allowlist guard (activates if ALLOWED_HOSTS configured)
+                if cfg.get("ALLOWED_HOSTS"):
+                    target_host = kwargs.get("target", "")
+                    if target_host:
+                        validate_host(target_host, cfg)
+                
+                # Destructive action confirmation guard
+                if confirm and maybe_queue(fn, args, kwargs, cfg):
+                    raise PendingApproval(f"Action {fn.__name__} queued for approval")
+                
+                # Execute the wrapped function
+                result = fn(*args, **kwargs)
+                
+                # Audit logging guard (activates if LOG_PATH configured)
+                if cfg.get("LOG_PATH"):
+                    log_event(fn.__name__, args, kwargs, result, cfg)
+                
+                return result
+            return wrapper
+        return inner
+    return builder
+
+
+# Create secured versions of MCP decorators
+tool = _secure(base_tool)
+prompt = _secure(base_prompt) 
+retrieval = _secure(base_retrieval)

smcp/enforce.py

@@ -0,0 +1,132 @@
+"""
+License enforcement with grace period and core monitoring.
+"""
+import os
+import sys
+import time
+import threading
+import logging
+from typing import Optional
+
+from .cpu import detect_cores
+from .license import get_licensed_cores, get_customer_id
+
+logger = logging.getLogger(__name__)
+
+class EnforcementTimer:
+    """Manages the 15-minute grace period timer."""
+    
+    def __init__(self):
+        self._timer: Optional[threading.Timer] = None
+        self._lock = threading.Lock()
+        self._violations_logged = set()
+    
+    def start_timer(self, used_cores: int, licensed_cores: int):
+        """Start or restart the 15-minute grace period timer."""
+        with self._lock:
+            # Cancel existing timer
+            if self._timer:
+                self._timer.cancel()
+            
+            # Log violation (once per cores combination)
+            violation_key = f"{used_cores}>{licensed_cores}"
+            if violation_key not in self._violations_logged:
+                logger.warning(
+                    f"License violation: using {used_cores} cores, licensed for {licensed_cores}. "
+                    f"Grace period: 15 minutes."
+                )
+                self._violations_logged.add(violation_key)
+            
+            # Start new timer for 15 minutes (900 seconds)
+            self._timer = threading.Timer(900.0, self._enforce_shutdown)
+            self._timer.daemon = True
+            self._timer.start()
+            logger.info("Grace period timer started (15 minutes)")
+    
+    def cancel_timer(self):
+        """Cancel the grace period timer."""
+        with self._lock:
+            if self._timer:
+                self._timer.cancel()
+                self._timer = None
+                logger.info("Grace period timer cancelled - back within license limits")
+    
+    def _enforce_shutdown(self):
+        """Called when grace period expires."""
+        customer_id = get_customer_id() or "unknown"
+        used_cores = detect_cores()
+        licensed_cores = get_licensed_cores()
+        
+        logger.error(
+            f"License enforcement: Grace period expired. "
+            f"Customer: {customer_id}, Used: {used_cores}, Licensed: {licensed_cores}"
+        )
+        
+        # Check for emergency override
+        if os.getenv('BIZTEAM_EMERGENCY_OVERRIDE') == '1':
+            logger.critical("EMERGENCY OVERRIDE ACTIVE - Continuing with unlicensed usage")
+            # Exit after 30 seconds as specified
+            threading.Timer(30.0, lambda: os._exit(1)).start()
+            return
+        
+        # Force shutdown
+        logger.critical("Shutting down due to license violation")
+        os._exit(1)
+
+# Global enforcement timer instance
+_enforcement_timer = EnforcementTimer()
+
+def check_compliance() -> bool:
+    """
+    Check if current core usage is within license limits.
+    
+    Returns:
+        True if compliant, False if in violation
+    """
+    used_cores = detect_cores()
+    licensed_cores = get_licensed_cores()
+    customer_id = get_customer_id() or "unknown"
+    
+    # Log current status
+    logger.info(f"bizteam cores licensed={licensed_cores} used={used_cores}")
+    
+    if used_cores <= licensed_cores:
+        # Within limits - cancel any active timer
+        _enforcement_timer.cancel_timer()
+        return True
+    else:
+        # Violation - start/restart timer
+        _enforcement_timer.start_timer(used_cores, licensed_cores)
+        return False
+
+def start_enforcement():
+    """Start the enforcement monitoring system."""
+    # Check for emergency flags
+    if os.getenv('BIZTEAM_IGNORE_CORES') == '1':
+        logger.warning("Core enforcement disabled via BIZTEAM_IGNORE_CORES")
+        # Still log usage but don't enforce
+        used_cores = detect_cores()
+        licensed_cores = get_licensed_cores()
+        logger.warning(f"UNLICENSED USAGE: cores used={used_cores}, licensed={licensed_cores}")
+        # Exit after 30 seconds as specified for emergency runs
+        threading.Timer(30.0, lambda: os._exit(0)).start()
+        return
+    
+    # Initial compliance check
+    compliant = check_compliance()
+    
+    if not compliant:
+        logger.warning("Starting in license violation state")
+    
+    # Start periodic monitoring (every 30 seconds)
+    def monitor_loop():
+        while True:
+            time.sleep(30)
+            try:
+                check_compliance()
+            except Exception as e:
+                logger.error(f"Error during compliance check: {e}")
+    
+    monitor_thread = threading.Thread(target=monitor_loop, daemon=True)
+    monitor_thread.start()
+    logger.info("License enforcement monitoring started")