mcp-proxy-adapter 4.1.1__py3-none-any.whl → 6.0.0__py3-none-any.whl

mcp_proxy_adapter/examples/simple_custom_commands/README.md

@@ -0,0 +1,149 @@
+# Простой пример с пользовательскими командами
+
+Этот пример показывает, как настроить `discovery_path` в конфигурации для автоматического обнаружения команд из вашего проекта.
+
+## Структура проекта
+
+```
+simple_custom_commands/
+├── config.json          # Конфигурация с discovery_path
+├── main.py              # Точка входа
+├── my_commands/         # Пакет с командами
+│   ├── __init__.py
+│   ├── hello_command.py
+│   └── calc_command.py
+└── README.md
+```
+
+## Конфигурация (config.json)
+
+```json
+{
+  "server": {
+    "host": "127.0.0.1",
+    "port": 8001,
+    "debug": true,
+    "log_level": "DEBUG"
+  },
+  "logging": {
+    "level": "DEBUG",
+    "log_dir": "./logs",
+    "log_file": "simple_commands.log"
+  },
+  "commands": {
+    "auto_discovery": true,
+    "discovery_path": "my_commands"
+  }
+}
+```
+
+**Ключевой момент**: В `discovery_path` указан путь `"my_commands"` - это пакет, где находятся команды.
+
+## Команды
+
+### hello_command.py
+
+```python
+from mcp_proxy_adapter.commands.base import Command
+from mcp_proxy_adapter.commands.result import CommandResult
+
+class HelloCommand(Command):
+    """Простая команда приветствия."""
+    
+    name = "hello"
+    
+    def execute(self, name: str = "World") -> CommandResult:
+        return CommandResult(
+            success=True, 
+            data={"message": f"Hello, {name}!"}
+        )
+    
+    @classmethod
+    def get_param_info(cls) -> dict:
+        return {
+            "name": {
+                "type": "string",
+                "description": "Имя для приветствия",
+                "required": False,
+                "default": "World"
+            }
+        }
+```
+
+### calc_command.py
+
+```python
+from mcp_proxy_adapter.commands.base import Command
+from mcp_proxy_adapter.commands.result import CommandResult
+
+class CalcCommand(Command):
+    """Простая команда калькулятора."""
+    
+    name = "calc"
+    
+    def execute(self, a: float, b: float, operation: str = "add") -> CommandResult:
+        if operation == "add":
+            result = a + b
+        elif operation == "sub":
+            result = a - b
+        elif operation == "mul":
+            result = a * b
+        elif operation == "div":
+            if b == 0:
+                return CommandResult(success=False, error="Division by zero")
+            result = a / b
+        else:
+            return CommandResult(success=False, error=f"Unknown operation: {operation}")
+        
+        return CommandResult(
+            success=True, 
+            data={"result": result, "operation": operation}
+        )
+    
+    @classmethod
+    def get_param_info(cls) -> dict:
+        return {
+            "a": {
+                "type": "number",
+                "description": "Первое число",
+                "required": True
+            },
+            "b": {
+                "type": "number", 
+                "description": "Второе число",
+                "required": True
+            },
+            "operation": {
+                "type": "string",
+                "description": "Операция (add, sub, mul, div)",
+                "required": False,
+                "default": "add"
+            }
+        }
+```
+
+## Запуск
+
+```bash
+python main.py
+```
+
+При запуске сервис автоматически обнаружит команды из пакета `my_commands` благодаря настройке `discovery_path` в конфигурации.
+
+## Тестирование
+
+```bash
+# Приветствие
+curl -X POST http://127.0.0.1:8001/cmd \
+  -H "Content-Type: application/json" \
+  -d '{"command": "hello", "params": {"name": "Alice"}}'
+
+# Калькулятор
+curl -X POST http://127.0.0.1:8001/cmd \
+  -H "Content-Type: application/json" \
+  -d '{"command": "calc", "params": {"a": 10, "b": 5, "operation": "add"}}'
+```
+
+## Результат
+
+Сервис автоматически обнаружит и зарегистрирует команды `hello` и `calc` из пакета `my_commands`, указанного в `discovery_path`. 

mcp_proxy_adapter/examples/simple_custom_commands/README_EN.md

@@ -0,0 +1,149 @@
+# Simple Custom Commands Example
+
+This example shows how to configure `discovery_path` in the configuration for automatic discovery of commands from your project.
+
+## Project Structure
+
+```
+simple_custom_commands/
+├── config.json          # Configuration with discovery_path
+├── main.py              # Entry point
+├── my_commands/         # Package with commands
+│   ├── __init__.py
+│   ├── hello_command.py
+│   └── calc_command.py
+└── README.md
+```
+
+## Configuration (config.json)
+
+```json
+{
+  "server": {
+    "host": "127.0.0.1",
+    "port": 8001,
+    "debug": true,
+    "log_level": "DEBUG"
+  },
+  "logging": {
+    "level": "DEBUG",
+    "log_dir": "./logs",
+    "log_file": "simple_commands.log"
+  },
+  "commands": {
+    "auto_discovery": true,
+    "discovery_path": "my_commands"
+  }
+}
+```
+
+**Key point**: In `discovery_path` we specify `"my_commands"` - this is the package where commands are located.
+
+## Commands
+
+### hello_command.py
+
+```python
+from mcp_proxy_adapter.commands.base import Command
+from mcp_proxy_adapter.commands.result import CommandResult
+
+class HelloCommand(Command):
+    """Simple greeting command."""
+    
+    name = "hello"
+    
+    def execute(self, name: str = "World") -> CommandResult:
+        return CommandResult(
+            success=True, 
+            data={"message": f"Hello, {name}!"}
+        )
+    
+    @classmethod
+    def get_param_info(cls) -> dict:
+        return {
+            "name": {
+                "type": "string",
+                "description": "Name for greeting",
+                "required": False,
+                "default": "World"
+            }
+        }
+```
+
+### calc_command.py
+
+```python
+from mcp_proxy_adapter.commands.base import Command
+from mcp_proxy_adapter.commands.result import CommandResult
+
+class CalcCommand(Command):
+    """Simple calculator command."""
+    
+    name = "calc"
+    
+    def execute(self, a: float, b: float, operation: str = "add") -> CommandResult:
+        if operation == "add":
+            result = a + b
+        elif operation == "sub":
+            result = a - b
+        elif operation == "mul":
+            result = a * b
+        elif operation == "div":
+            if b == 0:
+                return CommandResult(success=False, error="Division by zero")
+            result = a / b
+        else:
+            return CommandResult(success=False, error=f"Unknown operation: {operation}")
+        
+        return CommandResult(
+            success=True, 
+            data={"result": result, "operation": operation}
+        )
+    
+    @classmethod
+    def get_param_info(cls) -> dict:
+        return {
+            "a": {
+                "type": "number",
+                "description": "First number",
+                "required": True
+            },
+            "b": {
+                "type": "number", 
+                "description": "Second number",
+                "required": True
+            },
+            "operation": {
+                "type": "string",
+                "description": "Operation (add, sub, mul, div)",
+                "required": False,
+                "default": "add"
+            }
+        }
+```
+
+## Running
+
+```bash
+python main.py
+```
+
+When starting, the service will automatically discover commands from the `my_commands` package thanks to the `discovery_path` configuration setting.
+
+## Testing
+
+```bash
+# Greeting
+curl -X POST http://127.0.0.1:8001/cmd \
+  -H "Content-Type: application/json" \
+  -d '{"command": "hello", "params": {"name": "Alice"}}'
+
+# Calculator
+curl -X POST http://127.0.0.1:8001/cmd \
+  -H "Content-Type: application/json" \
+  -d '{"command": "calc", "params": {"a": 10, "b": 5, "operation": "add"}}'
+```
+
+## Result
+
+The service will automatically discover and register the `hello` and `calc` commands from the `my_commands` package specified in `discovery_path`. 

mcp_proxy_adapter/main.py

@@ -0,0 +1,175 @@
+#!/usr/bin/env python3
+"""
+Main entry point for MCP Proxy Adapter.
+
+This module provides the main function for running the MCP Proxy Adapter server.
+"""
+
+import argparse
+import asyncio
+import uvicorn
+import sys
+import os
+from pathlib import Path
+
+from mcp_proxy_adapter import create_app
+from mcp_proxy_adapter.core.logging import get_logger, setup_logging
+from mcp_proxy_adapter.core.settings import (
+    Settings, 
+    get_server_host, 
+    get_server_port, 
+    get_server_debug,
+    get_setting
+)
+from mcp_proxy_adapter.core.ssl_utils import SSLUtils
+
+
+def parse_args():
+    """Parse command line arguments."""
+    parser = argparse.ArgumentParser(description="MCP Proxy Adapter Server")
+    parser.add_argument(
+        "--config", 
+        type=str, 
+        default=None,
+        help="Path to configuration file"
+    )
+    parser.add_argument(
+        "--host",
+        type=str,
+        default=None,
+        help="Host to bind to (overrides config)"
+    )
+    parser.add_argument(
+        "--port",
+        type=int,
+        default=None,
+        help="Port to bind to (overrides config)"
+    )
+    parser.add_argument(
+        "--debug",
+        action="store_true",
+        help="Enable debug mode (overrides config)"
+    )
+    parser.add_argument(
+        "--log-level",
+        type=str,
+        default=None,
+        choices=["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"],
+        help="Log level (overrides config)"
+    )
+    return parser.parse_args()
+
+
+def main():
+    """Run the MCP Proxy Adapter server."""
+    args = parse_args()
+    
+    # Load configuration if specified
+    if args.config:
+        config_path = Path(args.config)
+        if config_path.exists():
+            from mcp_proxy_adapter.config import config
+            config.load_from_file(str(config_path))
+            print(f"✅ Loaded configuration from: {config_path}")
+        else:
+            print(f"❌ Configuration file not found: {config_path}")
+            sys.exit(1)
+    else:
+        print("⚠️  No configuration file specified, using defaults")
+    
+    # Setup logging with configuration
+    setup_logging()
+    logger = get_logger("mcp_proxy_adapter")
+    
+    # Get settings from configuration
+    server_settings = Settings.get_server_settings()
+    logging_settings = Settings.get_logging_settings()
+    commands_settings = Settings.get_commands_settings()
+    ssl_settings = Settings.get_custom_setting("ssl", {})
+    security_settings = Settings.get_custom_setting("security", {})
+    
+    # STRICT CONFIGURATION VALIDATION
+    from mcp_proxy_adapter.core.config_validator import ConfigValidator
+    
+    # Get full config for validation
+    full_config = {
+        "server": server_settings,
+        "logging": logging_settings,
+        "commands": commands_settings,
+        "ssl": ssl_settings,
+        "security": security_settings,
+        "auth_enabled": Settings.get_custom_setting("auth_enabled", False),
+        "roles": Settings.get_custom_setting("roles", {})
+    }
+    
+    # Validate configuration
+    validator = ConfigValidator(full_config)
+    if not validator.validate_all():
+        logger.critical("CRITICAL SECURITY ERROR: Configuration validation failed")
+        validator.print_validation_report()
+        logger.critical("Server startup blocked for security reasons.")
+        logger.critical("Please fix configuration errors or disable security features.")
+        sys.exit(1)
+    
+    logger.info("Configuration validation passed")
+    
+    # Override settings with command line arguments
+    if args.host:
+        server_settings['host'] = args.host
+    if args.port:
+        server_settings['port'] = args.port
+    if args.debug:
+        server_settings['debug'] = True
+    if args.log_level:
+        logging_settings['level'] = args.log_level
+        server_settings['log_level'] = args.log_level
+    
+    # Print server header and description
+    print("=" * 80)
+    print("🚀 MCP PROXY ADAPTER SERVER")
+    print("=" * 80)
+    print("📋 Configuration:")
+    print(f"   • Server: {server_settings['host']}:{server_settings['port']}")
+    print(f"   • Debug: {server_settings['debug']}")
+    print(f"   • Log Level: {logging_settings['level']}")
+    print(f"   • Auto Discovery: {commands_settings['auto_discovery']}")
+    print(f"   • SSL Enabled: {ssl_settings.get('enabled', False)}")
+    print(f"   • Security Enabled: {security_settings.get('enabled', False)}")
+    if ssl_settings.get('enabled', False):
+        print(f"   • SSL Mode: {ssl_settings.get('mode', 'https_only')}")
+    if security_settings.get('enabled', False):
+        print(f"   • Security Framework: {security_settings.get('framework', 'built-in')}")
+    print("=" * 80)
+    print()
+    
+    logger.info("Starting MCP Proxy Adapter Server...")
+    logger.info(f"Server configuration: {server_settings}")
+    logger.info(f"Security configuration: {security_settings}")
+    
+    try:
+        # Create application
+        app = create_app(
+            title="MCP Proxy Adapter Server",
+            description="Model Context Protocol Proxy Adapter with Security Framework",
+            version="1.0.0"
+        )
+        
+        # Get SSL configuration for uvicorn
+        uvicorn_ssl_config = SSLUtils.get_ssl_config_for_uvicorn(ssl_settings)
+        
+        # Run the server
+        uvicorn.run(
+            app,
+            host=server_settings['host'],
+            port=server_settings['port'],
+            log_level=server_settings.get('log_level', 'info').lower(),
+            **uvicorn_ssl_config
+        )
+        
+    except Exception as e:
+        logger.error(f"Failed to start server: {e}")
+        sys.exit(1)
+
+
+if __name__ == "__main__":
+    main()

mcp_proxy_adapter/schemas/roles_schema.json

@@ -0,0 +1,162 @@
+{
+  "roles": {
+    "admin": {
+      "description": "Administrator with full access",
+      "allowed_servers": ["*"],
+      "allowed_clients": ["*"],
+      "permissions": ["read", "write", "delete", "admin"],
+      "priority": 100
+    },
+    "super-admin": {
+      "description": "Super administrator with system-level access",
+      "allowed_servers": ["*"],
+      "allowed_clients": ["*"],
+      "permissions": ["read", "write", "delete", "admin", "system"],
+      "priority": 200
+    },
+    "kubernetes_service": {
+      "description": "Kubernetes service with cluster management access",
+      "allowed_servers": ["kubernetes_manager", "kubernetes_api", "cluster_monitor", "k8s_operator"],
+      "allowed_clients": ["admin", "super-admin", "kubernetes_service", "ca_root", "ca_intermediate"],
+      "permissions": ["read", "write", "system"],
+      "priority": 120
+    },
+    "ca_root": {
+      "description": "Root Certificate Authority with full certificate management",
+      "allowed_servers": ["*"],
+      "allowed_clients": ["admin", "super-admin", "ca_root", "ca_intermediate"],
+      "permissions": ["read", "write", "delete", "admin", "system"],
+      "priority": 180
+    },
+    "ca_intermediate": {
+      "description": "Intermediate Certificate Authority with delegated certificate management",
+      "allowed_servers": ["certificate_manager", "ssl_manager", "tls_manager"],
+      "allowed_clients": ["admin", "super-admin", "ca_root", "ca_intermediate", "kubernetes_service"],
+      "permissions": ["read", "write", "admin"],
+      "priority": 140
+    },
+    "operator": {
+      "description": "Operator with limited access",
+      "allowed_servers": ["kubernetes_manager", "docker_manager", "monitor", "aiadm"],
+      "allowed_clients": ["admin", "super-admin", "operator"],
+      "permissions": ["read", "write"],
+      "priority": 50
+    },
+    "user": {
+      "description": "Regular user with basic access",
+      "allowed_servers": ["basic_commands", "info_commands"],
+      "allowed_clients": ["admin", "super-admin", "operator", "user"],
+      "permissions": ["read"],
+      "priority": 10
+    },
+    "guest": {
+      "description": "Guest user with minimal access",
+      "allowed_servers": ["help", "info"],
+      "allowed_clients": ["admin", "super-admin", "operator", "user", "guest"],
+      "permissions": ["read"],
+      "priority": 1
+    },
+    "system": {
+      "description": "System service with internal access",
+      "allowed_servers": ["*"],
+      "allowed_clients": ["admin", "super-admin", "system"],
+      "permissions": ["read", "write", "system"],
+      "priority": 150
+    }
+  },
+  "default_policy": {
+    "deny_by_default": true,
+    "require_role_match": true,
+    "case_sensitive": false,
+    "allow_wildcard": true
+  },
+  "role_hierarchy": {
+    "super-admin": ["admin", "user"],
+    "admin": ["operator", "user"],
+    "kubernetes_service": ["operator", "user"],
+    "ca_root": ["admin", "ca_intermediate", "kubernetes_service"],
+    "ca_intermediate": ["operator", "user"],
+    "operator": ["user"],
+    "user": ["guest"],
+    "system": ["admin", "user"]
+  },
+  "permissions": {
+    "read": {
+      "description": "Read access to data and commands",
+      "level": 1
+    },
+    "write": {
+      "description": "Write access to data and commands",
+      "level": 2
+    },
+    "delete": {
+      "description": "Delete access to data and commands",
+      "level": 3
+    },
+    "admin": {
+      "description": "Administrative access",
+      "level": 4
+    },
+    "system": {
+      "description": "System-level access",
+      "level": 5
+    }
+  },
+  "server_roles": {
+    "kubernetes_manager": {
+      "description": "Kubernetes management server",
+      "required_roles": ["admin", "operator", "kubernetes_service"],
+      "allowed_commands": ["k8s_*", "system_monitor"]
+    },
+    "kubernetes_api": {
+      "description": "Kubernetes API server",
+      "required_roles": ["kubernetes_service", "admin"],
+      "allowed_commands": ["k8s_api_*", "cluster_*"]
+    },
+    "cluster_monitor": {
+      "description": "Kubernetes cluster monitoring server",
+      "required_roles": ["kubernetes_service", "admin"],
+      "allowed_commands": ["monitor_*", "metrics_*"]
+    },
+    "k8s_operator": {
+      "description": "Kubernetes operator server",
+      "required_roles": ["kubernetes_service", "admin"],
+      "allowed_commands": ["operator_*", "crd_*"]
+    },
+    "certificate_manager": {
+      "description": "Certificate management server",
+      "required_roles": ["ca_root", "ca_intermediate", "admin"],
+      "allowed_commands": ["cert_*", "ca_*", "ssl_*"]
+    },
+    "ssl_manager": {
+      "description": "SSL/TLS management server",
+      "required_roles": ["ca_intermediate", "admin"],
+      "allowed_commands": ["ssl_*", "tls_*", "cert_*"]
+    },
+    "tls_manager": {
+      "description": "TLS management server",
+      "required_roles": ["ca_intermediate", "admin"],
+      "allowed_commands": ["tls_*", "mtls_*", "cert_*"]
+    },
+    "docker_manager": {
+      "description": "Docker management server",
+      "required_roles": ["admin", "operator"],
+      "allowed_commands": ["docker_*", "system_monitor"]
+    },
+    "aiadm": {
+      "description": "AI Admin server",
+      "required_roles": ["admin", "operator"],
+      "allowed_commands": ["*"]
+    },
+    "basic_commands": {
+      "description": "Basic command server",
+      "required_roles": ["user", "admin", "operator"],
+      "allowed_commands": ["help", "config", "health", "info"]
+    },
+    "help": {
+      "description": "Help server",
+      "required_roles": ["guest", "user", "admin", "operator"],
+      "allowed_commands": ["help"]
+    }
+  }
+}