mcp-openapi-proxy 0.1.1741477332__tar.gz → 0.1.1741479690__tar.gz

{mcp_openapi_proxy-0.1.1741477332 → mcp_openapi_proxy-0.1.1741479690}/PKG-INFO

@@ -1,8 +1,9 @@
 Metadata-Version: 2.2
 Name: mcp-openapi-proxy
-Version: 0.1.1741477332
+Version: 0.1.1741479690
 Summary: MCP server for exposing OpenAPI specifications as MCP tools.
 Author-email: Matthew Hand <matthewhandau@gmail.com>
+Requires-Python: >=3.10
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: mcp[cli]>=1.2.0
@@ -197,9 +198,8 @@ Update your configuration:
             "env": {
                 "OPENAPI_SPEC_URL": "https://raw.githubusercontent.com/slackapi/slack-api-specs/master/web-api/slack_web_openapi_v2.json",
                 "TOOL_WHITELIST": "/chat,/bots,/conversations,/reminders,/files,/users",
-                "API_KEY": "<your_slack_bot_token>",
-                "API_KEY_JMESPATH": "token",
-                "TOOL_NAME_PREFIX": "slack_"
+                "API_KEY": "<your_slack_bot_token, starts with xoxb>",
+                "STRIP_PARAM": "token"
             }
         }
     }
@@ -234,7 +234,7 @@ Try these commands in your MCP client:
 
 ### GetZep Example
 
-![image](https://github.com/user-attachments/assets/6ae7f708-9494-41a1-9075-e685f2cd8873)
+![image](https://github.com/user-attachments/assets/9a4fdabb-fa3d-4626-a50f-438147eadc9f)
 
 GetZep offers a free cloud API for memory management with detailed endpoints. Since GetZep did not provide an official OpenAPI specification, this project includes a generated spec hosted on GitHub for convenience. This approach—creating a spec from documentation—is a reusable pattern: users can similarly generate OpenAPI specs for any REST API and reference them locally (e.g., `file:///path/to/spec.json`). Obtain an API key from [GetZep's documentation](https://docs.getzep.com/).
 

{mcp_openapi_proxy-0.1.1741477332 → mcp_openapi_proxy-0.1.1741479690}/README.md

@@ -181,9 +181,8 @@ Update your configuration:
             "env": {
                 "OPENAPI_SPEC_URL": "https://raw.githubusercontent.com/slackapi/slack-api-specs/master/web-api/slack_web_openapi_v2.json",
                 "TOOL_WHITELIST": "/chat,/bots,/conversations,/reminders,/files,/users",
-                "API_KEY": "<your_slack_bot_token>",
-                "API_KEY_JMESPATH": "token",
-                "TOOL_NAME_PREFIX": "slack_"
+                "API_KEY": "<your_slack_bot_token, starts with xoxb>",
+                "STRIP_PARAM": "token"
             }
         }
     }
@@ -218,7 +217,7 @@ Try these commands in your MCP client:
 
 ### GetZep Example
 
-![image](https://github.com/user-attachments/assets/6ae7f708-9494-41a1-9075-e685f2cd8873)
+![image](https://github.com/user-attachments/assets/9a4fdabb-fa3d-4626-a50f-438147eadc9f)
 
 GetZep offers a free cloud API for memory management with detailed endpoints. Since GetZep did not provide an official OpenAPI specification, this project includes a generated spec hosted on GitHub for convenience. This approach—creating a spec from documentation—is a reusable pattern: users can similarly generate OpenAPI specs for any REST API and reference them locally (e.g., `file:///path/to/spec.json`). Obtain an API key from [GetZep's documentation](https://docs.getzep.com/).
 

{mcp_openapi_proxy-0.1.1741477332 → mcp_openapi_proxy-0.1.1741479690}/mcp_openapi_proxy/server_fastmcp.py

@@ -7,9 +7,8 @@ Configuration is controlled via environment variables:
 - OPENAPI_SPEC_URL_<hash>: Unique URL per test, falls back to OPENAPI_SPEC_URL.
 - TOOL_WHITELIST: Comma-separated list of allowed endpoint paths.
 - SERVER_URL_OVERRIDE: Optional override for the base URL from the OpenAPI spec.
-- API_KEY: Optional token for endpoints requiring authentication.
-- API_AUTH_TYPE: Optional type like 'Bearer' or 'Api-Key'.
-- API_KEY_JMESPATH: Optional JMESPath expression to map API_KEY into request parameters.
+- API_KEY: Generic token for Bearer header.
+- STRIP_PARAM: Param name (e.g., "auth") to remove from parameters.
 """
 
 import os
@@ -19,7 +18,7 @@ import requests
 from typing import Dict, Any
 from mcp import types
 from mcp.server.fastmcp import FastMCP
-from mcp_openapi_proxy.utils import setup_logging, is_tool_whitelisted, fetch_openapi_spec, get_auth_headers, build_base_url, normalize_tool_name, handle_custom_auth, get_tool_prefix
+from mcp_openapi_proxy.utils import setup_logging, is_tool_whitelisted, fetch_openapi_spec, build_base_url, normalize_tool_name, handle_auth, strip_parameters, get_tool_prefix
 
 logger = setup_logging(debug=os.getenv("DEBUG", "").lower() in ("true", "1", "yes"))
 
@@ -112,8 +111,8 @@ def list_functions(*, env_key: str = "OPENAPI_SPEC_URL") -> str:
 def call_function(*, function_name: str, parameters: dict = None, env_key: str = "OPENAPI_SPEC_URL") -> str:
     """Calls a function derived from the OpenAPI specification."""
     logger.debug(f"call_function invoked with function_name='{function_name}' and parameters={parameters}")
-    logger.debug(f"API_KEY from env: {os.getenv('API_KEY', '<not set>')[:5] + '...' if os.getenv('API_KEY') else '<not set>'}")
-    logger.debug(f"API_KEY_JMESPATH from env: {os.getenv('API_KEY_JMESPATH', '<not set>')}")
+    logger.debug(f"API_KEY: {os.getenv('API_KEY', '<not set>')[:5] + '...' if os.getenv('API_KEY') else '<not set>'}")
+    logger.debug(f"STRIP_PARAM: {os.getenv('STRIP_PARAM', '<not set>')}")
     if not function_name:
         logger.error("function_name is empty or None")
         return json.dumps({"error": "function_name is required"})
@@ -159,8 +158,10 @@ def call_function(*, function_name: str, parameters: dict = None, env_key: str =
 
     operation = function_def["operation"]
     operation["method"] = function_def["method"]
-    parameters = handle_custom_auth(operation, parameters)
-    logger.debug(f"Parameters after auth handling: {parameters}")
+    headers = handle_auth(operation)
+    parameters = strip_parameters(parameters)
+    if function_def["method"] != "GET":
+        headers["Content-Type"] = "application/json"
 
     if not is_tool_whitelisted(function_def["path"]):
         logger.error(f"Access to function '{function_name}' is not allowed.")
@@ -173,14 +174,9 @@ def call_function(*, function_name: str, parameters: dict = None, env_key: str =
 
     path = function_def["path"]
     api_url = f"{base_url.rstrip('/')}/{path.lstrip('/')}"
-    headers = {}
-    if function_def["method"] != "GET":
-        headers["Content-Type"] = "application/json"
-    headers.update(get_auth_headers(spec))
     request_params = {}
     request_body = None
 
-    # Map all path parameters dynamically from the spec
     if isinstance(parameters, dict):
         path_params_in_openapi = [
             param["name"] for param in operation.get("parameters", []) if param.get("in") == "path"
@@ -197,7 +193,6 @@ def call_function(*, function_name: str, parameters: dict = None, env_key: str =
                 if param_name in parameters:
                     api_url = api_url.replace(f"{{{param_name}}}", str(parameters.pop(param_name)))
                     logger.debug(f"Replaced path param {param_name} in URL: {api_url}")
-        # Remaining parameters go to query (GET) or body (non-GET)
         if function_def["method"] == "GET":
             request_params = parameters
         else:

{mcp_openapi_proxy-0.1.1741477332 → mcp_openapi_proxy-0.1.1741479690}/mcp_openapi_proxy/server_lowlevel.py

@@ -15,12 +15,12 @@ from mcp import types
 from mcp.server.lowlevel import Server
 from mcp.server.models import InitializationOptions
 from mcp.server.stdio import stdio_server
-from mcp_openapi_proxy.utils import setup_logging, normalize_tool_name, is_tool_whitelisted, fetch_openapi_spec, get_auth_headers, detect_response_type, build_base_url, handle_custom_auth
+from mcp_openapi_proxy.utils import setup_logging, normalize_tool_name, is_tool_whitelisted, fetch_openapi_spec, build_base_url, handle_auth, strip_parameters, detect_response_type
 
 DEBUG = os.getenv("DEBUG", "").lower() in ("true", "1", "yes")
 logger = setup_logging(debug=DEBUG)
 
-tools: List[types.Tool] = []
+tools: List[types.Tool] = []  # Global tools list
 openapi_spec_data = None
 
 mcp = Server("OpenApiProxy-LowLevel")
@@ -31,8 +31,8 @@ async def dispatcher_handler(request: types.CallToolRequest) -> types.ServerResu
     try:
         function_name = request.params.name
         logger.debug(f"Dispatcher received CallToolRequest for function: {function_name}")
-        logger.debug(f"API_KEY from env: {os.getenv('API_KEY', '<not set>')[:5] + '...' if os.getenv('API_KEY') else '<not set>'}")
-        logger.debug(f"API_KEY_JMESPATH from env: {os.getenv('API_KEY_JMESPATH', '<not set>')}")
+        logger.debug(f"API_KEY: {os.getenv('API_KEY', '<not set>')[:5] + '...' if os.getenv('API_KEY') else '<not set>'}")
+        logger.debug(f"STRIP_PARAM: {os.getenv('STRIP_PARAM', '<not set>')}")
         tool = next((tool for tool in tools if tool.name == function_name), None)
         if not tool:
             logger.error(f"Unknown function requested: {function_name}")
@@ -42,7 +42,7 @@ async def dispatcher_handler(request: types.CallToolRequest) -> types.ServerResu
                 )
             )
         arguments = request.params.arguments or {}
-        logger.debug(f"Raw arguments before auth: {arguments}")
+        logger.debug(f"Raw arguments before processing: {arguments}")
 
         operation_details = lookup_operation_details(function_name, openapi_spec_data)
         if not operation_details:
@@ -55,11 +55,13 @@ async def dispatcher_handler(request: types.CallToolRequest) -> types.ServerResu
 
         operation = operation_details['operation']
         operation['method'] = operation_details['method']
-        parameters = handle_custom_auth(operation, arguments)
-        logger.debug(f"Parameters after auth handling: {parameters}")
+        headers = handle_auth(operation)
+        parameters = strip_parameters(arguments)
+        method = operation_details['method']
+        if method != "GET":
+            headers["Content-Type"] = "application/json"
 
         path = operation_details['path']
-        method = operation_details['method']
 
         base_url = build_base_url(openapi_spec_data)
         if not base_url:
@@ -71,14 +73,9 @@ async def dispatcher_handler(request: types.CallToolRequest) -> types.ServerResu
             )
 
         api_url = f"{base_url.rstrip('/')}/{path.lstrip('/')}"
-        headers = {}
-        if method != "GET":
-            headers["Content-Type"] = "application/json"
-        headers.update(get_auth_headers(openapi_spec_data))
         request_params = {}
         request_body = None
 
-        # Map all path parameters dynamically from the spec
         if isinstance(parameters, dict):
             path_params_in_openapi = [
                 param['name'] for param in operation.get('parameters', []) if param.get('in') == 'path'
@@ -99,7 +96,6 @@ async def dispatcher_handler(request: types.CallToolRequest) -> types.ServerResu
                     if param_name in parameters:
                         api_url = api_url.replace(f"{{{param_name}}}", str(parameters.pop(param_name)))
                         logger.debug(f"Replaced path param {param_name} in URL: {api_url}")
-            # Remaining parameters go to query (GET) or body (non-GET)
             if method == "GET":
                 request_params = parameters
             else:
@@ -158,7 +154,11 @@ async def list_tools(request: types.ListToolsRequest) -> types.ServerResult:
     return result
 
 def register_functions(spec: Dict) -> List[types.Tool]:
+    """Register tools from OpenAPI spec, preserving across calls if already populated."""
     global tools
+    if tools:  # If tools already exist, don’t reset unless spec changes
+        logger.debug("Tools already registered, skipping re-registration")
+        return tools
     tools = []
     if not spec:
         logger.error("OpenAPI spec is None or empty.")

{mcp_openapi_proxy-0.1.1741477332 → mcp_openapi_proxy-0.1.1741479690}/mcp_openapi_proxy/utils.py

@@ -1,7 +1,7 @@
 """
 Utility functions for mcp_openapi_proxy, including logging setup,
 OpenAPI fetching, name normalization, whitelist filtering, auth handling,
-and response type detection.
+parameter stripping, and response type detection.
 """
 
 import os
@@ -11,7 +11,6 @@ import requests
 import re
 import json
 import yaml
-import jmespath
 from urllib.parse import urlparse
 from dotenv import load_dotenv
 from mcp import types
@@ -151,84 +150,33 @@ def fetch_openapi_spec(spec_url: str) -> dict:
         logger.error(f"Error parsing OpenAPI spec from {spec_url}: {e}")
         return None
 
-def get_auth_headers(spec: dict, api_key_env: str = "API_KEY") -> dict:
+def handle_auth(operation: dict) -> dict:
+    """
+    Handles authentication for API requests.
+    - API_KEY: Sets Bearer header.
+    Returns: headers
+    """
+    api_key = os.getenv("API_KEY")
     headers = {}
-    auth_token = os.getenv(api_key_env)
-    if not auth_token:
-        logger.debug(f"No {api_key_env} set, skipping auth headers.")
-        return headers
-    auth_type_override = os.getenv("API_AUTH_TYPE")
-    if auth_type_override:
-        headers["Authorization"] = f"{auth_type_override} {auth_token}"
-        logger.debug(f"Using API_AUTH_TYPE override: Authorization: {auth_type_override} {redact_api_key(auth_token)}")
-        return headers
-    security_defs = spec.get('securityDefinitions', {})
-    for name, definition in security_defs.items():
-        if definition.get('type') == 'apiKey' and definition.get('in') == 'header' and definition.get('name') == 'Authorization':
-            desc = definition.get('description', '')
-            match = re.search(r'(\w+(?:-\w+)*)\s+<token>', desc)
-            if match:
-                prefix = match.group(1)
-                headers["Authorization"] = f"{prefix} {auth_token}"
-                logger.debug(f"Using apiKey with prefix from spec description: Authorization: {prefix} {redact_api_key(auth_token)}")
-            else:
-                headers["Authorization"] = auth_token
-                logger.debug(f"Using raw apiKey auth from spec: Authorization: {redact_api_key(auth_token)}")
-            return headers
-        elif definition.get('type') == 'oauth2':
-            headers["Authorization"] = f"Bearer {auth_token}"
-            logger.debug(f"Using Bearer auth from spec: Authorization: Bearer {redact_api_key(auth_token)}")
-            return headers
-    headers["Authorization"] = auth_token
-    logger.warning(f"No clear auth type in spec, using raw API key: Authorization: {redact_api_key(auth_token)}")
+    if api_key:
+        headers["Authorization"] = f"Bearer {api_key}"
+        logger.debug(f"Using API_KEY as Bearer: {redact_api_key(api_key)}")
+    logger.debug(f"Headers after auth: {headers}")
     return headers
 
-def handle_custom_auth(operation: dict, parameters: dict = None) -> dict:
+def strip_parameters(parameters: dict = None) -> dict:
+    """
+    Strips specified parameter from parameters if STRIP_PARAM is set.
+    Returns: updated_parameters
+    """
     if parameters is None:
         parameters = {}
-    logger.debug(f"Raw parameters before auth handling: {parameters}")
-    api_key = os.getenv("API_KEY")
-    jmespath_expr = os.getenv("API_KEY_JMESPATH")
-    if not api_key or not jmespath_expr:
-        logger.debug("No API_KEY or API_KEY_JMESPATH set, skipping custom auth handling.")
-        return parameters
-
-    method = operation.get("method", "GET").upper()
-    request_data = {"query": {}, "body": {}}
-    # Preserve original params, split by method
-    if parameters:
-        for key, value in parameters.items():
-            param_in = next((p.get("in") for p in operation.get("parameters", []) if p.get("name") == key), None)
-            if param_in == "query" or (method == "GET" and param_in not in ["path", "header"]):
-                request_data["query"][key] = value
-            elif param_in == "header":
-                request_data["body"][key] = value
-            elif param_in != "path":  # Path params handled elsewhere
-                request_data["body"][key] = value
-
-    # Apply API_KEY via JMESPath
-    try:
-        if jmespath_expr:
-            parts = jmespath_expr.split(".")
-            target = request_data[parts[0]] if parts[0] in request_data else {}
-            current = target
-            for i, part in enumerate(parts[1:], 1):
-                if i == len(parts) - 1:
-                    current[part] = api_key  # Overwrite at final key
-                else:
-                    current = current.setdefault(part, {})
-            if parts[0] in request_data:
-                request_data[parts[0]] = target
-            logger.debug(f"Applied API_KEY to {jmespath_expr}: {redact_api_key(api_key)}")
-    except Exception as e:
-        logger.error(f"Error applying JMESPath expression {jmespath_expr}: {e}")
-
-    # Merge back, overwriting original params
-    if method == "GET":
-        parameters = {**parameters, **request_data["query"]}
-    else:
-        parameters = {**parameters, **request_data["body"]}
-    logger.debug(f"Parameters after custom auth merge: {parameters}")
+    logger.debug(f"Raw parameters before stripping: {parameters}")
+    strip_param = os.getenv("STRIP_PARAM")
+    if strip_param and isinstance(parameters, dict) and strip_param in parameters:
+        del parameters[strip_param]
+        logger.debug(f"Stripped param '{strip_param}' from parameters")
+    logger.debug(f"Parameters after stripping: {parameters}")
     return parameters
 
 def map_schema_to_tools(schema: dict) -> list:

{mcp_openapi_proxy-0.1.1741477332 → mcp_openapi_proxy-0.1.1741479690}/mcp_openapi_proxy.egg-info/PKG-INFO

@@ -1,8 +1,9 @@
 Metadata-Version: 2.2
 Name: mcp-openapi-proxy
-Version: 0.1.1741477332
+Version: 0.1.1741479690
 Summary: MCP server for exposing OpenAPI specifications as MCP tools.
 Author-email: Matthew Hand <matthewhandau@gmail.com>
+Requires-Python: >=3.10
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: mcp[cli]>=1.2.0
@@ -197,9 +198,8 @@ Update your configuration:
             "env": {
                 "OPENAPI_SPEC_URL": "https://raw.githubusercontent.com/slackapi/slack-api-specs/master/web-api/slack_web_openapi_v2.json",
                 "TOOL_WHITELIST": "/chat,/bots,/conversations,/reminders,/files,/users",
-                "API_KEY": "<your_slack_bot_token>",
-                "API_KEY_JMESPATH": "token",
-                "TOOL_NAME_PREFIX": "slack_"
+                "API_KEY": "<your_slack_bot_token, starts with xoxb>",
+                "STRIP_PARAM": "token"
             }
         }
     }
@@ -234,7 +234,7 @@ Try these commands in your MCP client:
 
 ### GetZep Example
 
-![image](https://github.com/user-attachments/assets/6ae7f708-9494-41a1-9075-e685f2cd8873)
+![image](https://github.com/user-attachments/assets/9a4fdabb-fa3d-4626-a50f-438147eadc9f)
 
 GetZep offers a free cloud API for memory management with detailed endpoints. Since GetZep did not provide an official OpenAPI specification, this project includes a generated spec hosted on GitHub for convenience. This approach—creating a spec from documentation—is a reusable pattern: users can similarly generate OpenAPI specs for any REST API and reference them locally (e.g., `file:///path/to/spec.json`). Obtain an API key from [GetZep's documentation](https://docs.getzep.com/).
 

{mcp_openapi_proxy-0.1.1741477332 → mcp_openapi_proxy-0.1.1741479690}/pyproject.toml

@@ -4,7 +4,8 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "mcp-openapi-proxy"
-version = "0.1.1741477332"
+requires-python = ">=3.10"
+version = "0.1.1741479690"
 description = "MCP server for exposing OpenAPI specifications as MCP tools."
 readme = "README.md"
 authors = [
@@ -27,6 +28,7 @@ mcp-openapi-proxy = "mcp_openapi_proxy:main"  # Correct entry pointing to __init
 [dependency-groups]
 dev = [
     "pytest>=8.3.4",
+    "pytest-asyncio>=0.21.0",
 ]
 
 [tool.pytest.ini_options]