mcp-proxy-adapter 2.0.1__py3-none-any.whl → 6.9.50__py3-none-any.whl

mcp_proxy_adapter/examples/debug_request_state.py

@@ -0,0 +1,130 @@
+#!/usr/bin/env python3
+"""
+Debug Request State - Проверка request.state
+Этот скрипт проверяет, как middleware устанавливает информацию о пользователе в request.state.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import asyncio
+import json
+import sys
+from pathlib import Path
+
+# Add project root to path
+project_root = Path(__file__).parent.parent.parent
+sys.path.insert(0, str(project_root))
+from fastapi.testclient import TestClient
+from mcp_proxy_adapter.api.app import create_app
+
+
+async def debug_request_state():
+    """Debug request state handling."""
+    print("🔍 ОТЛАДКА REQUEST.STATE")
+    print("=" * 50)
+    # Create test app with proper configuration
+    config_path = (
+        project_root
+        / "mcp_proxy_adapter"
+        / "examples"
+        / "server_configs"
+        / "config_http_token.json"
+    )
+    with open(config_path) as f:
+        config = json.load(f)
+    # Override global config for testing
+    import mcp_proxy_adapter.config
+
+    mcp_proxy_adapter.config.config = config
+    app = create_app(config)
+    client = TestClient(app)
+    print("📋 1. ТЕСТИРОВАНИЕ БЕЗ АУТЕНТИФИКАЦИИ")
+    print("-" * 30)
+    # Test without authentication
+    response = client.post(
+        "/cmd",
+        json={
+            "jsonrpc": "2.0",
+            "method": "echo",
+            "params": {"message": "test"},
+            "id": 1,
+        },
+    )
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 2. ТЕСТИРОВАНИЕ С ADMIN ТОКЕНОМ")
+    print("-" * 30)
+    # Test with admin token
+    response = client.post(
+        "/cmd",
+        json={
+            "jsonrpc": "2.0",
+            "method": "echo",
+            "params": {"message": "test"},
+            "id": 1,
+        },
+        headers={"X-API-Key": "test-token-123"},
+    )
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 3. ТЕСТИРОВАНИЕ С USER ТОКЕНОМ")
+    print("-" * 30)
+    # Test with user token
+    response = client.post(
+        "/cmd",
+        json={
+            "jsonrpc": "2.0",
+            "method": "echo",
+            "params": {"message": "test"},
+            "id": 1,
+        },
+        headers={"X-API-Key": "user-token-456"},
+    )
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 4. ТЕСТИРОВАНИЕ С READONLY ТОКЕНОМ")
+    print("-" * 30)
+    # Test with readonly token
+    response = client.post(
+        "/cmd",
+        json={
+            "jsonrpc": "2.0",
+            "method": "echo",
+            "params": {"message": "test"},
+            "id": 1,
+        },
+        headers={"X-API-Key": "readonly-token-123"},
+    )
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 5. ТЕСТИРОВАНИЕ ROLE_TEST КОМАНДЫ")
+    print("-" * 30)
+    # Test role_test command with readonly token
+    response = client.post(
+        "/cmd",
+        json={
+            "jsonrpc": "2.0",
+            "method": "role_test",
+            "params": {"action": "write"},
+            "id": 1,
+        },
+        headers={"X-API-Key": "readonly-token-123"},
+    )
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 6. АНАЛИЗ ПРОБЛЕМЫ")
+    print("-" * 30)
+    print("🔍 ПРОБЛЕМА: Readonly роль получает доступ к командам")
+    print("\n📋 ВОЗМОЖНЫЕ ПРИЧИНЫ:")
+    print("1. Framework middleware не устанавливает user info в request.state")
+    print("2. Нет проверки прав на уровне middleware")
+    print("3. Команды не проверяют права доступа")
+    print("4. Интеграция между middleware и командами не работает")
+    print("\n📋 РЕКОМЕНДАЦИИ:")
+    print("1. Добавить CommandPermissionMiddleware")
+    print("2. Убедиться, что framework middleware устанавливает user info")
+    print("3. Добавить проверку прав в команды")
+    print("4. Проверить интеграцию middleware")
+
+
+if __name__ == "__main__":
+    asyncio.run(debug_request_state())

mcp_proxy_adapter/examples/debug_role_chain.py

@@ -0,0 +1,191 @@
+#!/usr/bin/env python3
+"""
+Debug Role Chain - Анализ цепочки блокировки ролей
+Этот скрипт анализирует всю цепочку от аутентификации до блокировки доступа.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import asyncio
+import json
+import sys
+from pathlib import Path
+
+# Add project root to path
+project_root = Path(__file__).parent.parent.parent
+sys.path.insert(0, str(project_root))
+from mcp_security_framework import SecurityManager, AuthManager, PermissionManager
+from mcp_security_framework.schemas.config import (
+    SecurityConfig,
+    AuthConfig,
+    PermissionConfig,
+)
+
+
+async def debug_role_chain():
+    """Debug the complete role chain from authentication to blocking."""
+    print("🔍 АНАЛИЗ ЦЕПОЧКИ БЛОКИРОВКИ РОЛЕЙ")
+    print("=" * 60)
+    # Load configuration
+    config_path = (
+        project_root
+        / "mcp_proxy_adapter"
+        / "examples"
+        / "server_configs"
+        / "config_http_token.json"
+    )
+    with open(config_path) as f:
+        config = json.load(f)
+    security_config = config.get("security", {})
+    print("📋 1. КОНФИГУРАЦИЯ API КЛЮЧЕЙ")
+    print("-" * 30)
+    api_keys = security_config.get("auth", {}).get("api_keys", {})
+    for key, value in api_keys.items():
+        print(f"  {key}: {value}")
+    print("\n📋 2. КОНФИГУРАЦИЯ РОЛЕЙ")
+    print("-" * 30)
+    roles_config = security_config.get("permissions", {}).get("roles", {})
+    for role, permissions in roles_config.items():
+        print(f"  {role}: {permissions}")
+    print("\n📋 3. СОЗДАНИЕ КОМПОНЕНТОВ БЕЗОПАСНОСТИ")
+    print("-" * 30)
+    # Create permission config
+    perm_config = PermissionConfig(
+        roles_file=str(
+            project_root
+            / "mcp_proxy_adapter"
+            / "examples"
+            / "server_configs"
+            / "roles.json"
+        ),
+        default_role="guest",
+        admin_role="admin",
+        role_hierarchy=security_config.get("permissions", {}).get("role_hierarchy", {}),
+        permission_cache_enabled=True,
+        permission_cache_ttl=300,
+        wildcard_permissions=False,
+        strict_mode=True,
+        roles=roles_config,
+    )
+    # Create auth config
+    auth_config = AuthConfig(
+        enabled=security_config.get("auth", {}).get("enabled", True),
+        methods=security_config.get("auth", {}).get("methods", ["api_key"]),
+        api_keys=api_keys,
+        user_roles=security_config.get("auth", {}).get("user_roles", {}),
+        jwt_secret=security_config.get("auth", {}).get("jwt_secret"),
+        jwt_algorithm=security_config.get("auth", {}).get("jwt_algorithm", "HS256"),
+        jwt_expiry_hours=security_config.get("auth", {}).get("jwt_expiry_hours", 24),
+        certificate_auth=security_config.get("auth", {}).get("certificate_auth", False),
+        certificate_roles_oid=security_config.get("auth", {}).get(
+            "certificate_roles_oid"
+        ),
+        certificate_permissions_oid=security_config.get("auth", {}).get(
+            "certificate_permissions_oid"
+        ),
+        basic_auth=security_config.get("auth", {}).get("basic_auth", False),
+        oauth2_config=security_config.get("auth", {}).get("oauth2_config"),
+        public_paths=security_config.get("auth", {}).get("public_paths", []),
+    )
+    # Create security config
+    security_config_obj = SecurityConfig(auth=auth_config, permissions=perm_config)
+    print("✅ Конфигурации созданы")
+    print("\n📋 4. ИНИЦИАЛИЗАЦИЯ МЕНЕДЖЕРОВ")
+    print("-" * 30)
+    # Initialize managers
+    permission_manager = PermissionManager(perm_config)
+    auth_manager = AuthManager(auth_config, permission_manager)
+    security_manager = SecurityManager(security_config_obj)
+    print("✅ Менеджеры инициализированы")
+    print("\n📋 5. ТЕСТИРОВАНИЕ АУТЕНТИФИКАЦИИ")
+    print("-" * 30)
+    # Test authentication with different tokens
+    test_tokens = {
+        "admin": "test-token-123",
+        "user": "user-token-456",
+        "readonly": "readonly-token-123",
+        "invalid": "invalid-token-999",
+    }
+    auth_results = {}
+    for role, token in test_tokens.items():
+        print(f"\n🔐 Тестирование токена для роли '{role}': {token}")
+        try:
+            result = auth_manager.authenticate_api_key(token)
+            auth_results[role] = result
+            print(
+                f"  ✅ Аутентификация: {'УСПЕШНА' if result.is_valid else 'НЕУДАЧНА'}"
+            )
+            if result.is_valid:
+                print(f"  👤 Пользователь: {result.username}")
+                print(f"  🏷️ Роли: {result.roles}")
+                print(f"  🔑 Метод: {result.auth_method}")
+            else:
+                print(f"  ❌ Ошибка: {result.error_message}")
+        except Exception as e:
+            print(f"  ❌ Исключение: {e}")
+            auth_results[role] = None
+    print("\n📋 6. ТЕСТИРОВАНИЕ ПРАВ ДОСТУПА")
+    print("-" * 30)
+    # Test permissions for different actions
+    test_actions = ["read", "write", "manage", "delete"]
+    for role, auth_result in auth_results.items():
+        if auth_result and auth_result.is_valid:
+            print(
+                f"\n🔒 Тестирование прав для роли '{role}' (роли: {auth_result.roles})"
+            )
+            for action in test_actions:
+                try:
+                    # Check permissions using permission manager
+                    validation_result = permission_manager.validate_access(
+                        auth_result.roles, [action]
+                    )
+                    status = (
+                        "✅ РАЗРЕШЕНО"
+                        if validation_result.is_valid
+                        else "❌ ЗАБЛОКИРОВАНО"
+                    )
+                    print(f"  {action}: {status}")
+                    if not validation_result.is_valid:
+                        print(f"    📝 Причина: {validation_result.error_message}")
+                        print(
+                            f"    🎯 Эффективные права: {validation_result.effective_permissions}"
+                        )
+                        print(
+                            f"    ❌ Отсутствующие права: {validation_result.missing_permissions}"
+                        )
+                except Exception as e:
+                    print(f"  {action}: ❌ ОШИБКА - {e}")
+    print("\n📋 7. ТЕСТИРОВАНИЕ ПОЛНОЙ ЦЕПОЧКИ")
+    print("-" * 30)
+    # Test complete request validation
+    for role, token in test_tokens.items():
+        print(f"\n🔄 Полная цепочка для роли '{role}'")
+        request_data = {
+            "api_key": token,
+            "required_permissions": ["write"],
+            "client_ip": "127.0.0.1",
+        }
+        try:
+            result = security_manager.validate_request(request_data)
+            status = "✅ УСПЕШНО" if result.is_valid else "❌ ЗАБЛОКИРОВАНО"
+            print(f"  Результат: {status}")
+            if not result.is_valid:
+                print(f"  📝 Причина: {result.error_message}")
+        except Exception as e:
+            print(f"  ❌ ОШИБКА: {e}")
+    print("\n📋 8. АНАЛИЗ ПРОБЛЕМЫ")
+    print("-" * 30)
+    print("🔍 ПРОБЛЕМА: Readonly роль получает доступ к write операциям")
+    print("\n📋 ВОЗМОЖНЫЕ ПРИЧИНЫ:")
+    print("1. Middleware не передает информацию о пользователе в request.state")
+    print("2. Framework middleware не блокирует доступ на уровне middleware")
+    print("3. Команда role_test не получает правильный контекст пользователя")
+    print("4. Интеграция между middleware и командами не работает")
+    print("\n📋 РЕКОМЕНДАЦИИ:")
+    print("1. Проверить, как framework middleware устанавливает user info")
+    print("2. Добавить проверку прав на уровне middleware")
+    print("3. Убедиться, что request.state содержит user info")
+    print("4. Проверить интеграцию между middleware и командами")
+
+
+if __name__ == "__main__":
+    asyncio.run(debug_role_chain())

mcp_proxy_adapter/examples/demo_client.py

@@ -0,0 +1,287 @@
+"""
+Demo Client Script
+This script demonstrates how to use the UniversalClient with different
+authentication methods and connection types.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+
+import asyncio
+import json
+import sys
+from pathlib import Path
+
+# Add project root to path
+sys.path.insert(0, str(Path(__file__).parent.parent))
+from examples.universal_client import UniversalClient, create_client_config
+
+
+async def demo_from_config_file(config_file: str):
+    """
+    Demo client using configuration from file.
+    Args:
+        config_file: Path to configuration file
+    """
+    print(f"🚀 Demo from config file: {config_file}")
+    print("=" * 50)
+    try:
+        # Load configuration
+        with open(config_file, "r") as f:
+            config = json.load(f)
+        print(
+            f"Configuration loaded: {config.get('security', {}).get('auth_method', 'none')} auth"
+        )
+        # Create and use client
+        async with UniversalClient(config) as client:
+            # Test connection
+            success = await client.test_connection()
+            if success:
+                print("✅ Connection successful!")
+                # Test security features
+                security_results = await client.test_security_features()
+                print("\nSecurity Features:")
+                for feature, status in security_results.items():
+                    status_icon = "✅" if status else "❌"
+                    print(f"  {status_icon} {feature}: {status}")
+                # Make API calls
+                await demo_api_calls(client)
+            else:
+                print("❌ Connection failed")
+    except FileNotFoundError:
+        print(f"❌ Configuration file not found: {config_file}")
+    except json.JSONDecodeError:
+        print(f"❌ Invalid JSON in configuration file: {config_file}")
+    except Exception as e:
+        print(f"❌ Demo failed: {e}")
+
+
+async def demo_api_calls(client: UniversalClient):
+    """Demonstrate various API calls."""
+    print("\n📡 API Calls Demo:")
+    print("-" * 30)
+    # Test health endpoint
+    try:
+        health = await client.get("/health")
+        print(f"Health: {health}")
+    except Exception as e:
+        print(f"Health check failed: {e}")
+    # Test status endpoint
+    try:
+        status = await client.get("/api/status")
+        print(f"Status: {status}")
+    except Exception as e:
+        print(f"Status check failed: {e}")
+    # Test JSON-RPC command
+    try:
+        command_data = {
+            "jsonrpc": "2.0",
+            "method": "test_command",
+            "params": {
+                "message": "Hello from universal client!",
+                "timestamp": "2024-01-01T00:00:00Z",
+            },
+            "id": 1,
+        }
+        result = await client.post("/api/jsonrpc", command_data)
+        print(f"Command Result: {result}")
+    except Exception as e:
+        print(f"Command execution failed: {e}")
+    # Test security command if available
+    try:
+        security_data = {
+            "jsonrpc": "2.0",
+            "method": "security_command",
+            "params": {"action": "get_status", "include_certificates": True},
+            "id": 2,
+        }
+        result = await client.post("/api/jsonrpc", security_data)
+        print(f"Security Status: {result}")
+    except Exception as e:
+        print(f"Security command failed: {e}")
+
+
+async def demo_all_configs():
+    """Demo all available client configurations."""
+    print("🚀 Demo All Client Configurations")
+    print("=" * 50)
+    config_dir = Path(__file__).parent / "client_configs"
+    if not config_dir.exists():
+        print(f"❌ Config directory not found: {config_dir}")
+        return
+    config_files = list(config_dir.glob("*.json"))
+    if not config_files:
+        print(f"❌ No configuration files found in {config_dir}")
+        return
+    print(f"Found {len(config_files)} configuration files:")
+    for config_file in config_files:
+        print(f"  - {config_file.name}")
+    print("\n" + "=" * 50)
+    for config_file in config_files:
+        await demo_from_config_file(str(config_file))
+        print("\n" + "-" * 50)
+
+
+async def demo_programmatic_config():
+    """Demo client with programmatically created configuration."""
+    print("🚀 Demo Programmatic Configuration")
+    print("=" * 50)
+    # Create different configurations programmatically
+    configs = [
+        {
+            "name": "API Key Client",
+            "config": create_client_config(
+                "http://localhost:8000", "api_key", api_key="demo_api_key_123"
+            ),
+        },
+        {
+            "name": "JWT Client",
+            "config": create_client_config(
+                "http://localhost:8000",
+                "jwt",
+                username="demo_user",
+                password="demo_password",
+                secret="demo_jwt_secret",
+            ),
+        },
+        {
+            "name": "Certificate Client",
+            "config": create_client_config(
+                "https://localhost:8443",
+                "certificate",
+                cert_file="./certs/client.crt",
+                key_file="./keys/client.key",
+                ca_cert_file="./certs/ca.crt",
+            ),
+        },
+        {
+            "name": "Basic Auth Client",
+            "config": create_client_config(
+                "http://localhost:8000",
+                "basic",
+                username="demo_user",
+                password="demo_password",
+            ),
+        },
+    ]
+    for config_info in configs:
+        print(f"\n📋 Testing: {config_info['name']}")
+        print("-" * 30)
+        try:
+            async with UniversalClient(config_info["config"]) as client:
+                success = await client.test_connection()
+                if success:
+                    print("✅ Connection successful!")
+                    await demo_api_calls(client)
+                else:
+                    print("❌ Connection failed")
+        except Exception as e:
+            print(f"❌ Test failed: {e}")
+
+
+async def interactive_demo():
+    """Interactive demo with user input."""
+    print("🚀 Interactive Client Demo")
+    print("=" * 50)
+    print("Available authentication methods:")
+    print("1. No authentication")
+    print("2. API Key")
+    print("3. JWT Token")
+    print("4. Certificate")
+    print("5. Basic Authentication")
+    try:
+        choice = input("\nSelect authentication method (1-5): ").strip()
+        auth_methods = {
+            "1": "none",
+            "2": "api_key",
+            "3": "jwt",
+            "4": "certificate",
+            "5": "basic",
+        }
+        if choice not in auth_methods:
+            print("❌ Invalid choice")
+            return
+        auth_method = auth_methods[choice]
+        # Get server URL
+        server_url = input(
+            "Enter server URL (default: http://localhost:8000): "
+        ).strip()
+        if not server_url:
+            server_url = "http://localhost:8000"
+        # Create configuration based on choice
+        config_kwargs = {}
+        if auth_method == "api_key":
+            api_key = input("Enter API key: ").strip()
+            if api_key:
+                config_kwargs["api_key"] = api_key
+        elif auth_method == "jwt":
+            username = input("Enter username: ").strip()
+            password = input("Enter password: ").strip()
+            secret = input("Enter JWT secret: ").strip()
+            if username and password and secret:
+                config_kwargs.update(
+                    {"username": username, "password": password, "secret": secret}
+                )
+        elif auth_method == "certificate":
+            cert_file = input("Enter certificate file path: ").strip()
+            key_file = input("Enter key file path: ").strip()
+            ca_cert_file = input("Enter CA certificate file path: ").strip()
+            if cert_file and key_file:
+                config_kwargs.update(
+                    {
+                        "cert_file": cert_file,
+                        "key_file": key_file,
+                        "ca_cert_file": ca_cert_file,
+                    }
+                )
+        elif auth_method == "basic":
+            username = input("Enter username: ").strip()
+            password = input("Enter password: ").strip()
+            if username and password:
+                config_kwargs.update({"username": username, "password": password})
+        # Create configuration
+        config = create_client_config(server_url, auth_method, **config_kwargs)
+        print(f"\nConfiguration created for {auth_method} authentication")
+        print(f"Server URL: {server_url}")
+        # Test connection
+        async with UniversalClient(config) as client:
+            success = await client.test_connection()
+            if success:
+                print("✅ Connection successful!")
+                await demo_api_calls(client)
+            else:
+                print("❌ Connection failed")
+    except KeyboardInterrupt:
+        print("\n\nDemo interrupted by user")
+    except Exception as e:
+        print(f"❌ Interactive demo failed: {e}")
+
+
+def main():
+    """Main demo function."""
+    if len(sys.argv) > 1:
+        command = sys.argv[1]
+        if command == "config":
+            if len(sys.argv) > 2:
+                config_file = sys.argv[2]
+                asyncio.run(demo_from_config_file(config_file))
+            else:
+                print("Usage: python demo_client.py config <config_file>")
+        elif command == "all":
+            asyncio.run(demo_all_configs())
+        elif command == "programmatic":
+            asyncio.run(demo_programmatic_config())
+        elif command == "interactive":
+            asyncio.run(interactive_demo())
+        else:
+            print("Unknown command. Available commands:")
+            print("  config <file>     - Demo with config file")
+            print("  all               - Demo all config files")
+            print("  programmatic      - Demo programmatic configs")
+            print("  interactive       - Interactive demo")
+    else:
+        # Default: demo all configs
+        asyncio.run(demo_all_configs())
+
+
+if __name__ == "__main__":
+    main()

mcp_proxy_adapter/examples/full_application/__init__.py

@@ -0,0 +1,12 @@
+"""Full Application Example.
+
+This example demonstrates advanced usage of MCP Proxy Adapter including:
+- Proxy registration endpoints
+- Custom command hooks
+- Advanced security configurations
+- Role-based access control
+"""
+
+# Note: main.py doesn't export get_app, it's a standalone script
+# Import proxy router for use in other modules if needed
+from .proxy_endpoints import router as proxy_router

mcp_proxy_adapter/examples/full_application/commands/__init__.py

@@ -0,0 +1,8 @@
+"""
+Commands package for full application example.
+"""
+from .echo_command import EchoCommand
+from .list_command import ListCommand
+from .help_command import HelpCommand
+
+__all__ = ["EchoCommand", "ListCommand", "HelpCommand"]

mcp_proxy_adapter/examples/full_application/commands/custom_echo_command.py

@@ -0,0 +1,45 @@
+"""
+Custom Echo Command
+This module demonstrates a custom command implementation for the full application example.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+
+from mcp_proxy_adapter.commands.base import BaseCommand
+from mcp_proxy_adapter.commands.result import CommandResult
+
+
+class CustomEchoResult(CommandResult):
+    """Result class for custom echo command."""
+
+    def __init__(self, message: str, timestamp: str, echo_count: int):
+        self.message = message
+        self.timestamp = timestamp
+        self.echo_count = echo_count
+
+
+
+
+class CustomEchoCommand(BaseCommand):
+    """Custom echo command implementation."""
+
+    def __init__(self):
+        super().__init__()
+        self.echo_count = 0
+
+
+
+
+    async def execute(self, params: Dict[str, Any]) -> CustomEchoResult:
+        """Execute the custom echo command."""
+        message = params.get("message", "Hello from custom echo!")
+        repeat = min(max(params.get("repeat", 1), 1), 10)
+        self.echo_count += 1
+        from datetime import datetime
+
+        timestamp = datetime.now().isoformat()
+        # Repeat the message
+        echoed_message = " ".join([message] * repeat)
+        return CustomEchoResult(
+            message=echoed_message, timestamp=timestamp, echo_count=self.echo_count
+        )