ccproxy-api 0.1.0__py3-none-any.whl

ccproxy/cli/main.py

@@ -0,0 +1,193 @@
+"""Main entry point for CCProxy API Server."""
+
+import json
+import os
+import secrets
+from pathlib import Path
+from typing import Any, Optional, cast
+
+import typer
+from click import get_current_context
+from structlog import get_logger
+from typer import Typer
+
+from ccproxy._version import __version__
+from ccproxy.api.middleware.cors import setup_cors_middleware
+from ccproxy.cli.helpers import (
+    get_rich_toolkit,
+    is_running_in_docker,
+    warning,
+)
+from ccproxy.config.settings import (
+    ConfigurationError,
+    Settings,
+    config_manager,
+    get_settings,
+)
+from ccproxy.core.async_utils import get_package_dir, get_root_package_name
+from ccproxy.core.logging import setup_logging
+from ccproxy.models.responses import (
+    PermissionToolAllowResponse,
+    PermissionToolDenyResponse,
+)
+
+from .commands.auth import app as auth_app
+from .commands.config import app as config_app
+from .commands.serve import api, get_config_path_from_context
+
+
+def version_callback(value: bool) -> None:
+    """Print version and exit."""
+    if value:
+        toolkit = get_rich_toolkit()
+        toolkit.print(f"ccproxy {__version__}", tag="version")
+        raise typer.Exit()
+
+
+app = typer.Typer(
+    rich_markup_mode="rich",
+    add_completion=True,
+    no_args_is_help=False,
+    pretty_exceptions_enable=False,
+)
+
+# Logger will be configured by configuration manager
+logger = get_logger(__name__)
+
+
+# Add global options
+@app.callback()
+def app_main(
+    ctx: typer.Context,
+    version: bool = typer.Option(
+        False,
+        "--version",
+        "-V",
+        callback=version_callback,
+        is_eager=True,
+        help="Show version and exit.",
+    ),
+    config: Path | None = typer.Option(
+        None,
+        "--config",
+        "-c",
+        help="Path to configuration file (TOML, JSON, or YAML)",
+        exists=True,
+        file_okay=True,
+        dir_okay=False,
+        readable=True,
+    ),
+) -> None:
+    """CCProxy API Server - Anthropic and OpenAI compatible interface for Claude."""
+    # Store config path for commands to use
+    ctx.ensure_object(dict)
+    ctx.obj["config_path"] = config
+
+
+# Register config command
+app.add_typer(config_app)
+
+# Register auth command
+app.add_typer(auth_app)
+
+
+# Register imported commands
+app.command(name="serve")(api)
+# Claude command removed - functionality moved to serve command
+
+
+@app.command()
+def permission_tool(
+    tool_name: str = typer.Argument(
+        ..., help="Name of the tool to check permissions for"
+    ),
+    tool_input: str = typer.Argument(..., help="JSON string of the tool input"),
+) -> None:
+    """
+    MCP permission prompt tool for Claude Code SDK.
+
+    This tool is used by the Claude Code SDK to check permissions for tool calls.
+    It returns a JSON response indicating whether the tool call should be allowed or denied.
+
+    Response format:
+    - Allow: {"behavior": "allow", "updatedInput": {...}}
+    - Deny: {"behavior": "deny", "message": "reason"}
+
+    Examples:
+        ccproxy permission_tool "bash" '{"command": "ls -la"}'
+        ccproxy permission_tool "edit_file" '{"path": "/etc/passwd", "content": "..."}'
+    """
+    toolkit = get_rich_toolkit()
+
+    try:
+        # Parse the tool input JSON
+        try:
+            input_data = json.loads(tool_input)
+        except json.JSONDecodeError as e:
+            response = PermissionToolDenyResponse(message=f"Invalid JSON input: {e}")
+            toolkit.print(response.model_dump_json(by_alias=True), tag="result")
+            raise typer.Exit(1) from e
+
+        # Load settings to get permission configuration
+        settings = config_manager.load_settings(
+            config_path=get_config_path_from_context()
+        )
+
+        # Basic permission checking logic
+        # This can be extended with more sophisticated rules
+
+        # Check for potentially dangerous commands
+        dangerous_patterns = [
+            "rm -rf",
+            "sudo",
+            "passwd",
+            "chmod 777",
+            "/etc/passwd",
+            "/etc/shadow",
+            "format",
+            "mkfs",
+        ]
+
+        # Convert input to string for pattern matching
+        input_str = json.dumps(input_data).lower()
+
+        # Check for dangerous patterns
+        for pattern in dangerous_patterns:
+            if pattern in input_str:
+                response = PermissionToolDenyResponse(
+                    message=f"Tool call contains potentially dangerous pattern: {pattern}"
+                )
+                toolkit.print(response.model_dump_json(by_alias=True), tag="result")
+                return
+
+        # Check for specific tool restrictions
+        restricted_tools = {"exec", "system", "shell", "subprocess"}
+
+        if tool_name.lower() in restricted_tools:
+            response = PermissionToolDenyResponse(
+                message=f"Tool {tool_name} is restricted for security reasons"
+            )
+            toolkit.print(response.model_dump_json(by_alias=True), tag="result")
+            return
+
+        # Allow the tool call with original input
+        allow_response = PermissionToolAllowResponse(updated_input=input_data)
+        toolkit.print(allow_response.model_dump_json(by_alias=True), tag="result")
+
+    except Exception as e:
+        error_response = PermissionToolDenyResponse(
+            message=f"Error processing permission request: {e}"
+        )
+        toolkit.print(error_response.model_dump_json(by_alias=True), tag="result")
+        raise typer.Exit(1) from e
+
+
+def main() -> None:
+    """Entry point for the CLI application."""
+    app()
+
+
+if __name__ == "__main__":
+    import sys
+
+    sys.exit(app())

ccproxy/cli/options/__init__.py

@@ -0,0 +1,14 @@
+"""CLI option modules for organized command-line argument handling."""
+
+from .claude_options import ClaudeOptions
+from .core_options import CoreOptions
+from .security_options import SecurityOptions
+from .server_options import ServerOptions
+
+
+__all__ = [
+    "CoreOptions",
+    "ServerOptions",
+    "ClaudeOptions",
+    "SecurityOptions",
+]

ccproxy/cli/options/claude_options.py

@@ -0,0 +1,216 @@
+"""Claude-specific CLI options."""
+
+from pathlib import Path
+from typing import Any
+
+import typer
+
+
+def validate_max_thinking_tokens(
+    ctx: typer.Context, param: typer.CallbackParam, value: int | None
+) -> int | None:
+    """Validate max thinking tokens."""
+    if value is None:
+        return None
+
+    if value < 0:
+        raise typer.BadParameter("Max thinking tokens must be non-negative")
+
+    return value
+
+
+def validate_max_turns(
+    ctx: typer.Context, param: typer.CallbackParam, value: int | None
+) -> int | None:
+    """Validate max turns."""
+    if value is None:
+        return None
+
+    if value < 1:
+        raise typer.BadParameter("Max turns must be at least 1")
+
+    return value
+
+
+def validate_permission_mode(
+    ctx: typer.Context, param: typer.CallbackParam, value: str | None
+) -> str | None:
+    """Validate permission mode."""
+    if value is None:
+        return None
+
+    valid_modes = {"default", "acceptEdits", "bypassPermissions"}
+    if value not in valid_modes:
+        raise typer.BadParameter(
+            f"Permission mode must be one of: {', '.join(valid_modes)}"
+        )
+
+    return value
+
+
+def validate_claude_cli_path(
+    ctx: typer.Context, param: typer.CallbackParam, value: str | None
+) -> str | None:
+    """Validate Claude CLI path."""
+    if value is None:
+        return None
+
+    path = Path(value)
+    if not path.exists():
+        raise typer.BadParameter(f"Claude CLI path does not exist: {value}")
+
+    return value
+
+
+def validate_cwd(
+    ctx: typer.Context, param: typer.CallbackParam, value: str | None
+) -> str | None:
+    """Validate working directory."""
+    if value is None:
+        return None
+
+    path = Path(value)
+    if not path.exists():
+        raise typer.BadParameter(f"Working directory does not exist: {value}")
+    if not path.is_dir():
+        raise typer.BadParameter(f"Working directory is not a directory: {value}")
+
+    return value
+
+
+def max_thinking_tokens_option() -> Any:
+    """Max thinking tokens parameter."""
+    return typer.Option(
+        None,
+        "--max-thinking-tokens",
+        help="Maximum thinking tokens for Claude Code",
+        callback=validate_max_thinking_tokens,
+        rich_help_panel="Claude Settings",
+    )
+
+
+def allowed_tools_option() -> Any:
+    """Allowed tools parameter."""
+    return typer.Option(
+        None,
+        "--allowed-tools",
+        help="List of allowed tools (comma-separated)",
+        rich_help_panel="Claude Settings",
+    )
+
+
+def disallowed_tools_option() -> Any:
+    """Disallowed tools parameter."""
+    return typer.Option(
+        None,
+        "--disallowed-tools",
+        help="List of disallowed tools (comma-separated)",
+        rich_help_panel="Claude Settings",
+    )
+
+
+def claude_cli_path_option() -> Any:
+    """Claude CLI path parameter."""
+    return typer.Option(
+        None,
+        "--claude-cli-path",
+        help="Path to Claude CLI executable",
+        callback=validate_claude_cli_path,
+        rich_help_panel="Claude Settings",
+    )
+
+
+def append_system_prompt_option() -> Any:
+    """Append system prompt parameter."""
+    return typer.Option(
+        None,
+        "--append-system-prompt",
+        help="Additional system prompt to append",
+        rich_help_panel="Claude Settings",
+    )
+
+
+def permission_mode_option() -> Any:
+    """Permission mode parameter."""
+    return typer.Option(
+        None,
+        "--permission-mode",
+        help="Permission mode: default, acceptEdits, or bypassPermissions",
+        callback=validate_permission_mode,
+        rich_help_panel="Claude Settings",
+    )
+
+
+def max_turns_option() -> Any:
+    """Max turns parameter."""
+    return typer.Option(
+        None,
+        "--max-turns",
+        help="Maximum conversation turns",
+        callback=validate_max_turns,
+        rich_help_panel="Claude Settings",
+    )
+
+
+def cwd_option() -> Any:
+    """Working directory parameter."""
+    return typer.Option(
+        None,
+        "--cwd",
+        help="Working directory path",
+        callback=validate_cwd,
+        rich_help_panel="Claude Settings",
+    )
+
+
+def permission_prompt_tool_name_option() -> Any:
+    """Permission prompt tool name parameter."""
+    return typer.Option(
+        None,
+        "--permission-prompt-tool-name",
+        help="Permission prompt tool name",
+        rich_help_panel="Claude Settings",
+    )
+
+
+class ClaudeOptions:
+    """Container for all Claude-related CLI options.
+
+    This class provides a convenient way to include all Claude-related
+    options in a command using typed attributes.
+    """
+
+    def __init__(
+        self,
+        max_thinking_tokens: int | None = None,
+        allowed_tools: str | None = None,
+        disallowed_tools: str | None = None,
+        claude_cli_path: str | None = None,
+        append_system_prompt: str | None = None,
+        permission_mode: str | None = None,
+        max_turns: int | None = None,
+        cwd: str | None = None,
+        permission_prompt_tool_name: str | None = None,
+    ):
+        """Initialize Claude options.
+
+        Args:
+            max_thinking_tokens: Maximum thinking tokens for Claude Code
+            allowed_tools: List of allowed tools (comma-separated)
+            disallowed_tools: List of disallowed tools (comma-separated)
+            claude_cli_path: Path to Claude CLI executable
+            append_system_prompt: Additional system prompt to append
+            permission_mode: Permission mode
+            max_turns: Maximum conversation turns
+            cwd: Working directory path
+            permission_prompt_tool_name: Permission prompt tool name
+        """
+        self.max_thinking_tokens = max_thinking_tokens
+        self.allowed_tools = allowed_tools
+        self.disallowed_tools = disallowed_tools
+        self.claude_cli_path = claude_cli_path
+        self.append_system_prompt = append_system_prompt
+        self.permission_mode = permission_mode
+        self.max_turns = max_turns
+        self.cwd = cwd
+        self.permission_prompt_tool_name = permission_prompt_tool_name

ccproxy/cli/options/core_options.py

@@ -0,0 +1,40 @@
+"""Core CLI options for configuration and global settings."""
+
+from pathlib import Path
+from typing import Any
+
+import typer
+
+
+def config_option() -> Any:
+    """Configuration file parameter."""
+    return typer.Option(
+        None,
+        "--config",
+        "-c",
+        help="Path to configuration file (TOML, JSON, or YAML)",
+        exists=True,
+        file_okay=True,
+        dir_okay=False,
+        readable=True,
+        rich_help_panel="Configuration",
+    )
+
+
+class CoreOptions:
+    """Container for core CLI options.
+
+    This class provides a convenient way to include core options
+    in a command using typed attributes.
+    """
+
+    def __init__(
+        self,
+        config: Path | None = None,
+    ):
+        """Initialize core options.
+
+        Args:
+            config: Path to configuration file
+        """
+        self.config = config

ccproxy/cli/options/security_options.py

@@ -0,0 +1,48 @@
+"""Security-related CLI options."""
+
+from typing import Any
+
+import typer
+
+
+def validate_auth_token(
+    ctx: typer.Context, param: typer.CallbackParam, value: str | None
+) -> str | None:
+    """Validate auth token."""
+    if value is None:
+        return None
+
+    if not value.strip():
+        raise typer.BadParameter("Auth token cannot be empty")
+
+    return value
+
+
+def auth_token_option() -> Any:
+    """Auth token parameter."""
+    return typer.Option(
+        None,
+        "--auth-token",
+        help="Bearer token for API authentication",
+        callback=validate_auth_token,
+        rich_help_panel="Security Settings",
+    )
+
+
+class SecurityOptions:
+    """Container for all security-related CLI options.
+
+    This class provides a convenient way to include all security-related
+    options in a command using typed attributes.
+    """
+
+    def __init__(
+        self,
+        auth_token: str | None = None,
+    ):
+        """Initialize security options.
+
+        Args:
+            auth_token: Bearer token for API authentication
+        """
+        self.auth_token = auth_token

ccproxy/cli/options/server_options.py

@@ -0,0 +1,117 @@
+"""Server-related CLI options."""
+
+from typing import Any
+
+import typer
+
+
+def validate_port(
+    ctx: typer.Context, param: typer.CallbackParam, value: int | None
+) -> int | None:
+    """Validate port number."""
+    if value is None:
+        return None
+
+    if value < 1 or value > 65535:
+        raise typer.BadParameter("Port must be between 1 and 65535")
+
+    return value
+
+
+def validate_log_level(
+    ctx: typer.Context, param: typer.CallbackParam, value: str | None
+) -> str | None:
+    """Validate log level."""
+    if value is None:
+        return None
+
+    valid_levels = {"DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"}
+    if value.upper() not in valid_levels:
+        raise typer.BadParameter(f"Log level must be one of: {', '.join(valid_levels)}")
+
+    return value.upper()
+
+
+def port_option() -> Any:
+    """Port parameter."""
+    return typer.Option(
+        None,
+        "--port",
+        "-p",
+        help="Port to run the server on",
+        callback=validate_port,
+        rich_help_panel="Server Settings",
+    )
+
+
+def host_option() -> Any:
+    """Host parameter."""
+    return typer.Option(
+        None,
+        "--host",
+        "-h",
+        help="Host to bind the server to",
+        rich_help_panel="Server Settings",
+    )
+
+
+def reload_option() -> Any:
+    """Reload parameter."""
+    return typer.Option(
+        None,
+        "--reload/--no-reload",
+        help="Enable auto-reload for development",
+        rich_help_panel="Server Settings",
+    )
+
+
+def log_level_option() -> Any:
+    """Log level parameter."""
+    return typer.Option(
+        None,
+        "--log-level",
+        help="Logging level (DEBUG, INFO, WARNING, ERROR, CRITICAL)",
+        callback=validate_log_level,
+        rich_help_panel="Server Settings",
+    )
+
+
+def log_file_option() -> Any:
+    """Log file parameter."""
+    return typer.Option(
+        None,
+        "--log-file",
+        help="Path to JSON log file. If specified, logs will be written to this file in JSON format",
+        rich_help_panel="Server Settings",
+    )
+
+
+class ServerOptions:
+    """Container for all server-related CLI options.
+
+    This class provides a convenient way to include all server-related
+    options in a command using typed attributes.
+    """
+
+    def __init__(
+        self,
+        port: int | None = None,
+        host: str | None = None,
+        reload: bool | None = None,
+        log_level: str | None = None,
+        log_file: str | None = None,
+    ):
+        """Initialize server options.
+
+        Args:
+            port: Port to run the server on
+            host: Host to bind the server to
+            reload: Enable auto-reload for development
+            log_level: Logging level
+            log_file: Path to JSON log file
+        """
+        self.port = port
+        self.host = host
+        self.reload = reload
+        self.log_level = log_level
+        self.log_file = log_file

ccproxy/config/__init__.py

@@ -0,0 +1,40 @@
+"""Configuration module for Claude Proxy API Server."""
+
+from .auth import AuthSettings, CredentialStorageSettings, OAuthSettings
+from .docker_settings import DockerSettings
+from .loader import ConfigLoader, load_config
+from .reverse_proxy import ReverseProxySettings
+from .settings import Settings, get_settings
+from .validators import (
+    ConfigValidationError,
+    validate_config_dict,
+    validate_cors_origins,
+    validate_host,
+    validate_log_level,
+    validate_path,
+    validate_port,
+    validate_timeout,
+    validate_url,
+)
+
+
+__all__ = [
+    "Settings",
+    "get_settings",
+    "AuthSettings",
+    "OAuthSettings",
+    "CredentialStorageSettings",
+    "ReverseProxySettings",
+    "DockerSettings",
+    "ConfigLoader",
+    "load_config",
+    "ConfigValidationError",
+    "validate_config_dict",
+    "validate_cors_origins",
+    "validate_host",
+    "validate_log_level",
+    "validate_path",
+    "validate_port",
+    "validate_timeout",
+    "validate_url",
+]