mcp-proxy-adapter 4.1.1__py3-none-any.whl → 6.0.1__py3-none-any.whl

mcp_proxy_adapter/examples/generate_test_configs.py

@@ -0,0 +1,331 @@
+#!/usr/bin/env python3
+"""
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+Script for generating test configurations for MCP Proxy Adapter.
+Generates 6 different configuration types for testing various security scenarios.
+"""
+import json
+import os
+import argparse
+from typing import Dict, Any
+def generate_http_simple_config(port: int = 20000, certs_dir: str = "certs", keys_dir: str = "keys") -> Dict[str, Any]:
+    """Generate HTTP configuration without authorization."""
+    return {
+        "server": {"host": "127.0.0.1", "port": port},
+        "ssl": {"enabled": False},
+        "security": {"enabled": False},
+        "registration": {
+            "enabled": False,
+            "auth_method": "token",
+            "server_url": "http://127.0.0.1:3004/proxy",
+            "token": {"enabled": True, "token": "proxy_registration_token_123"},
+            "proxy_info": {
+                "name": "mcp_example_server",
+                "capabilities": ["jsonrpc", "rest", "proxy_registration"],
+                "endpoints": {"jsonrpc": "/api/jsonrpc", "rest": "/cmd", "health": "/health"}
+            },
+            "heartbeat": {"enabled": True, "interval": 30}
+        },
+        "protocols": {"enabled": True, "allowed_protocols": ["http"]}
+    }
+def generate_http_token_config(port: int = 20001, certs_dir: str = "certs", keys_dir: str = "keys", roles_file: str = "configs/roles.json") -> Dict[str, Any]:
+    """Generate HTTP configuration with token authorization."""
+    return {
+        "server": {"host": "127.0.0.1", "port": port},
+        "ssl": {"enabled": False},
+        "security": {
+            "enabled": True,
+            "auth": {
+                "enabled": True,
+                "methods": ["api_key"],
+                # Map API tokens to roles for testing
+                "api_keys": {
+                    "test-token-123": "admin",
+                    "user-token-456": "user",
+                    "readonly-token-123": "readonly",
+                    "guest-token-123": "guest",
+                    "proxy-token-123": "proxy"
+                }
+            },
+            "permissions": {"enabled": True, "roles_file": roles_file}
+        },
+        "registration": {
+            "enabled": True,
+            "url": "http://127.0.0.1:3004/proxy",
+            "name": "http_token_adapter",
+            "capabilities": ["http", "token_auth"],
+            "retry_count": 3,
+            "retry_delay": 5,
+            "heartbeat": {"enabled": True, "interval": 30}
+        },
+        "protocols": {"enabled": True, "allowed_protocols": ["http"]}
+    }
+def generate_https_simple_config(port: int = 20002, certs_dir: str = "certs", keys_dir: str = "keys") -> Dict[str, Any]:
+    """Generate HTTPS configuration without client certificate verification and authorization."""
+    return {
+        "server": {"host": "127.0.0.1", "port": port},
+        "ssl": {
+            "enabled": True,
+            "cert_file": f"{certs_dir}/localhost_server.crt",
+            "key_file": f"{keys_dir}/localhost_server.key"
+        },
+        "security": {"enabled": False},
+        "registration": {
+            "enabled": True,
+            "url": "http://127.0.0.1:3004/proxy",
+            "name": "https_simple_adapter",
+            "capabilities": ["https"],
+            "retry_count": 3,
+            "retry_delay": 5,
+            "heartbeat": {"enabled": True, "interval": 30}
+        },
+        "protocols": {"enabled": True, "allowed_protocols": ["http", "https"]}
+    }
+def generate_https_token_config(port: int = 20003, certs_dir: str = "certs", keys_dir: str = "keys") -> Dict[str, Any]:
+    """Generate HTTPS configuration without client certificate verification with token authorization."""
+    return {
+        "server": {"host": "127.0.0.1", "port": port},
+        "ssl": {
+            "enabled": True,
+            "cert_file": f"{certs_dir}/localhost_server.crt",
+            "key_file": f"{keys_dir}/localhost_server.key"
+        },
+        "security": {
+            "enabled": True,
+            "auth": {
+                "enabled": True,
+                "methods": ["api_key"],
+                "api_keys": {
+                    "test-token-123": "admin",
+                    "user-token-456": "user",
+                    "readonly-token-123": "readonly",
+                    "guest-token-123": "guest",
+                    "proxy-token-123": "proxy"
+                }
+            },
+            "permissions": {"enabled": True, "roles_file": "./configs/roles.json"}
+        },
+        "registration": {
+            "enabled": True,
+            "url": "http://127.0.0.1:3004/proxy",
+            "name": "https_token_adapter",
+            "capabilities": ["https", "token_auth"],
+            "retry_count": 3,
+            "retry_delay": 5,
+            "heartbeat": {"enabled": True, "interval": 30}
+        },
+        "protocols": {"enabled": True, "allowed_protocols": ["http", "https"]}
+    }
+def generate_mtls_no_roles_config(port: int = 20004, certs_dir: str = "certs", keys_dir: str = "keys") -> Dict[str, Any]:
+    """Generate mTLS configuration without roles."""
+    return {
+        "server": {"host": "127.0.0.1", "port": port},
+        "ssl": {
+            "enabled": True,
+            "cert_file": f"{certs_dir}/localhost_server.crt",
+            "key_file": f"{keys_dir}/localhost_server.key",
+            "ca_cert": f"{certs_dir}/mcp_proxy_adapter_ca_ca.crt",
+            "verify_client": True
+        },
+        "security": {
+            "enabled": True,
+            "auth": {"enabled": True, "methods": ["certificate"]},
+            "permissions": {"enabled": False}
+        },
+        "protocols": {"enabled": True, "allowed_protocols": ["https", "mtls"]}
+    }
+def generate_mtls_with_roles_config(port: int = 20005, certs_dir: str = "certs", keys_dir: str = "keys", roles_file: str = "configs/roles.json") -> Dict[str, Any]:
+    """Generate mTLS configuration with roles."""
+    return {
+        "server": {"host": "127.0.0.1", "port": port},
+        "ssl": {
+            "enabled": True,
+            "cert_file": f"{certs_dir}/localhost_server.crt",
+            "key_file": f"{keys_dir}/localhost_server.key",
+            "ca_cert": f"{certs_dir}/mcp_proxy_adapter_ca_ca.crt",
+            "verify_client": True
+        },
+        "registration": {
+            "enabled": True,
+            "auth_method": "token",
+            "server_url": "http://127.0.0.1:3004/proxy",
+            "token": {"enabled": True, "token": "proxy_registration_token_123"},
+            "proxy_info": {
+                "name": "mcp_example_server",
+                "capabilities": ["jsonrpc", "rest", "security", "proxy_registration"],
+                "endpoints": {"jsonrpc": "/api/jsonrpc", "rest": "/cmd", "health": "/health"}
+            },
+            "heartbeat": {"enabled": True, "interval": 30}
+        },
+        "security": {
+            "enabled": True,
+            "auth": {"enabled": True, "methods": ["certificate"]},
+            "permissions": {"enabled": True, "roles_file": roles_file}
+        },
+        "protocols": {"enabled": True, "allowed_protocols": ["https", "mtls"]}
+    }
+def generate_roles_config() -> Dict[str, Any]:
+    """Generate roles configuration for testing."""
+    return {
+        "admin": {
+            "description": "Administrator role with full access",
+            "permissions": [
+                "read",
+                "write",
+                "execute",
+                "delete",
+                "admin",
+                "register",
+                "unregister",
+                "heartbeat",
+                "discover"
+            ],
+            "tokens": ["test-token-123"]
+        },
+        "user": {
+            "description": "User role with limited access",
+            "permissions": [
+                "read",
+                "execute",
+                "register",
+                "unregister",
+                "heartbeat",
+                "discover"
+            ],
+            "tokens": ["user-token-456"]
+        },
+        "readonly": {
+            "description": "Read-only role",
+            "permissions": [
+                "read",
+                "discover"
+            ],
+            "tokens": ["readonly-token-123"]
+        },
+        "guest": {
+            "description": "Guest role with read-only access",
+            "permissions": [
+                "read",
+                "discover"
+            ],
+            "tokens": ["guest-token-123"]
+        },
+        "proxy": {
+            "description": "Proxy role for registration",
+            "permissions": [
+                "register",
+                "unregister",
+                "heartbeat",
+                "discover"
+            ],
+            "tokens": ["proxy-token-123"]
+        }
+    }
+def generate_all_configs(output_dir: str, certs_dir: str = "certs", keys_dir: str = "keys", roles_file: str = "configs/roles.json") -> None:
+    """Generate all 6 configuration types and save them to files."""
+    # Ensure output directory exists first
+    os.makedirs(output_dir, exist_ok=True)
+
+    configs = {
+        "http_simple": generate_http_simple_config(20000, certs_dir, keys_dir),
+        "http_token": generate_http_token_config(20001, certs_dir, keys_dir, roles_file),
+        "https_simple": generate_https_simple_config(20002, certs_dir, keys_dir),
+        "https_token": generate_https_token_config(20003, certs_dir, keys_dir),
+        "mtls_no_roles": generate_mtls_no_roles_config(20004, certs_dir, keys_dir),
+        "mtls_with_roles": generate_mtls_with_roles_config(20005, certs_dir, keys_dir, roles_file)
+    }
+    # Ensure output directory exists
+    os.makedirs(output_dir, exist_ok=True)
+    # Generate each configuration
+    for name, config in configs.items():
+        filename = os.path.join(output_dir, f"{name}.json")
+        with open(filename, 'w', encoding='utf-8') as f:
+            json.dump(config, f, indent=2, ensure_ascii=False)
+        print(f"Generated: {filename}")
+    # Generate roles configuration
+    roles_config = generate_roles_config()
+    
+    # Create roles.json in the root directory (test environment root) for compatibility
+    # When running as module, we need to create roles.json in the current working directory
+    # This is the directory where the user is running the command from
+    try:
+        # Get the current working directory where the user is running the command
+        current_dir = os.getcwd()
+        root_roles_filename = os.path.join(current_dir, "roles.json")
+        
+        # Create roles.json in the current working directory
+        with open(root_roles_filename, 'w', encoding='utf-8') as f:
+            json.dump(roles_config, f, indent=2, ensure_ascii=False)
+        print(f"Generated: {root_roles_filename}")
+        
+        # Also create a copy in the output directory for reference
+        backup_roles_filename = os.path.join(output_dir, "roles_backup.json")
+        with open(backup_roles_filename, 'w', encoding='utf-8') as f:
+            json.dump(roles_config, f, indent=2, ensure_ascii=False)
+        print(f"Generated backup: {backup_roles_filename}")
+        
+    except Exception as e:
+        print(f"Warning: Could not create roles.json in current directory: {e}")
+        print(f"Current working directory: {os.getcwd()}")
+        print(f"Script directory: {os.path.dirname(os.path.abspath(__file__))}")
+    
+    # Also create roles.json in configs directory for reference
+    roles_filename = os.path.join(output_dir, "roles.json")
+    with open(roles_filename, 'w', encoding='utf-8') as f:
+        json.dump(roles_config, f, indent=2, ensure_ascii=False)
+    print(f"Generated: {roles_filename}")
+    print(f"\nGenerated {len(configs)} configuration files and roles.json in {output_dir}")
+    
+    print("\n" + "=" * 60)
+    print("✅ CONFIGURATION GENERATION COMPLETED SUCCESSFULLY")
+    print("=" * 60)
+    print("\n📋 NEXT STEPS:")
+    print("1. Run security tests:")
+    print("   python -m mcp_proxy_adapter.examples.run_security_tests")
+    print("\n2. Start basic framework example:")
+    print("   python -m mcp_proxy_adapter.examples.basic_framework.main --config configs/https_simple.json")
+    print("\n3. Start full application example:")
+    print("   python -m mcp_proxy_adapter.examples.full_application.main --config configs/mtls_with_roles.json")
+    print("=" * 60)
+def main():
+    """Main function for command line execution."""
+    parser = argparse.ArgumentParser(
+        description="Generate test configurations for MCP Proxy Adapter"
+    )
+    parser.add_argument(
+        "--output-dir",
+        default="configs",
+        help="Output directory for configuration files (default: configs)"
+    )
+    parser.add_argument(
+        "--certs-dir",
+        default="certs",
+        help="Certificates directory (default: certs)"
+    )
+    parser.add_argument(
+        "--keys-dir",
+        default="keys",
+        help="Keys directory (default: keys)"
+    )
+    parser.add_argument(
+        "--roles-file",
+        default="configs/roles.json",
+        help="Roles file path (default: configs/roles.json)"
+    )
+    args = parser.parse_args()
+    try:
+        generate_all_configs(args.output_dir, args.certs_dir, args.keys_dir, args.roles_file)
+        print("Configuration generation completed successfully!")
+    except Exception as e:
+        print(f"\n❌ CONFIGURATION GENERATION FAILED: {e}")
+        print("=" * 60)
+        print("\n🔧 TROUBLESHOOTING:")
+        print("1. Check if output directory is writable")
+        print("2. Verify JSON encoding support")
+        print("3. Check available disk space")
+        print("=" * 60)
+        return 1
+    return 0
+if __name__ == "__main__":
+    exit(main())

mcp_proxy_adapter/examples/proxy_registration_example.py

@@ -0,0 +1,334 @@
+"""
+Proxy Registration Example
+This example demonstrates how to use the MCP Proxy Adapter framework
+for proxy registration with different authentication methods.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import asyncio
+import json
+import sys
+import os
+from pathlib import Path
+from typing import Dict, Any, Optional
+# Add project root to path
+project_root = Path(__file__).parent.parent.parent
+sys.path.insert(0, str(project_root))
+import aiohttp
+from aiohttp import ClientTimeout, TCPConnector
+import ssl
+from mcp_proxy_adapter.core.logging import logger
+class ProxyRegistrationExample:
+    """Example client for testing proxy registration functionality."""
+    def __init__(self, server_url: str, auth_token: Optional[str] = None):
+        """
+        Initialize example client.
+        Args:
+            server_url: Server URL
+            auth_token: Authentication token
+        """
+        self.server_url = server_url
+        self.auth_token = auth_token
+        self.session: Optional[aiohttp.ClientSession] = None
+        # Test data
+        self.test_servers = [
+            {
+                "server_id": "example-server-1",
+                "server_url": "http://localhost:8001",
+                "server_name": "Example Server 1",
+                "description": "Example server for registration testing",
+                "version": "1.0.0",
+                "capabilities": ["jsonrpc", "rest"],
+                "endpoints": {
+                    "jsonrpc": "/api/jsonrpc",
+                    "rest": "/cmd",
+                    "health": "/health"
+                },
+                "auth_method": "api_key",
+                "security_enabled": True
+            },
+            {
+                "server_id": "example-server-2",
+                "server_url": "http://localhost:8002",
+                "server_name": "Example Server 2",
+                "description": "Another example server",
+                "version": "1.0.0",
+                "capabilities": ["jsonrpc", "rest", "security"],
+                "endpoints": {
+                    "jsonrpc": "/api/jsonrpc",
+                    "rest": "/cmd",
+                    "health": "/health"
+                },
+                "auth_method": "certificate",
+                "security_enabled": True
+            }
+        ]
+    async def __aenter__(self):
+        """Async context manager entry."""
+        # Create SSL context for HTTPS
+        ssl_context = None
+        if self.server_url.startswith("https"):
+            ssl_context = ssl.create_default_context()
+            ssl_context.check_hostname = False
+            ssl_context.verify_mode = ssl.CERT_NONE
+        # Create connector
+        connector = TCPConnector(ssl=ssl_context) if ssl_context else None
+        # Create session
+        timeout = ClientTimeout(total=30)
+        self.session = aiohttp.ClientSession(
+            connector=connector,
+            timeout=timeout
+        )
+        return self
+    async def __aexit__(self, exc_type, exc_val, exc_tb):
+        """Async context manager exit."""
+        if self.session:
+            await self.session.close()
+    def _get_headers(self) -> Dict[str, str]:
+        """Get request headers with authentication."""
+        headers = {
+            "Content-Type": "application/json"
+        }
+        if self.auth_token:
+            headers["X-API-Key"] = self.auth_token
+        return headers
+    async def test_registration(self, server_data: Dict[str, Any]) -> Dict[str, Any]:
+        """
+        Test registration with authentication.
+        Args:
+            server_data: Server registration data
+        Returns:
+            Test result
+        """
+        try:
+            # Prepare JSON-RPC request
+            request_data = {
+                "jsonrpc": "2.0",
+                "id": 1,
+                "method": "proxy_registration",
+                "params": {
+                    "operation": "register",
+                    **server_data
+                }
+            }
+            logger.info(f"Testing registration for server: {server_data['server_id']}")
+            logger.debug(f"Request data: {json.dumps(request_data, indent=2)}")
+            # Make request
+            async with self.session.post(
+                f"{self.server_url}/cmd",
+                json=request_data,
+                headers=self._get_headers()
+            ) as response:
+                result = await response.json()
+                logger.info(f"Response status: {response.status}")
+                logger.debug(f"Response: {json.dumps(result, indent=2)}")
+                return {
+                    "success": response.status == 200,
+                    "status_code": response.status,
+                    "result": result,
+                    "server_id": server_data["server_id"]
+                }
+        except Exception as e:
+            logger.error(f"Registration test failed: {e}")
+            return {
+                "success": False,
+                "error": str(e),
+                "server_id": server_data["server_id"]
+            }
+    async def test_discovery(self) -> Dict[str, Any]:
+        """
+        Test discovery operation.
+        Returns:
+            Test result
+        """
+        try:
+            # Prepare JSON-RPC request
+            request_data = {
+                "jsonrpc": "2.0",
+                "id": 1,
+                "method": "proxy_registration",
+                "params": {
+                    "operation": "discover"
+                }
+            }
+            logger.info("Testing discovery operation")
+            # Make request
+            async with self.session.post(
+                f"{self.server_url}/cmd",
+                json=request_data,
+                headers=self._get_headers()
+            ) as response:
+                result = await response.json()
+                logger.info(f"Response status: {response.status}")
+                logger.debug(f"Response: {json.dumps(result, indent=2)}")
+                return {
+                    "success": response.status == 200,
+                    "status_code": response.status,
+                    "result": result
+                }
+        except Exception as e:
+            logger.error(f"Discovery test failed: {e}")
+            return {
+                "success": False,
+                "error": str(e)
+            }
+    async def test_heartbeat(self, server_key: str) -> Dict[str, Any]:
+        """
+        Test heartbeat operation.
+        Args:
+            server_key: Server key for heartbeat
+        Returns:
+            Test result
+        """
+        try:
+            # Prepare JSON-RPC request
+            request_data = {
+                "jsonrpc": "2.0",
+                "id": 1,
+                "method": "proxy_registration",
+                "params": {
+                    "operation": "heartbeat",
+                    "server_key": server_key,
+                    "timestamp": 1234567890,
+                    "status": "healthy"
+                }
+            }
+            logger.info(f"Testing heartbeat for server: {server_key}")
+            # Make request
+            async with self.session.post(
+                f"{self.server_url}/cmd",
+                json=request_data,
+                headers=self._get_headers()
+            ) as response:
+                result = await response.json()
+                logger.info(f"Response status: {response.status}")
+                logger.debug(f"Response: {json.dumps(result, indent=2)}")
+                return {
+                    "success": response.status == 200,
+                    "status_code": response.status,
+                    "result": result,
+                    "server_key": server_key
+                }
+        except Exception as e:
+            logger.error(f"Heartbeat test failed: {e}")
+            return {
+                "success": False,
+                "error": str(e),
+                "server_key": server_key
+            }
+async def run_proxy_registration_example():
+    """Run proxy registration example."""
+    logger.info("🚀 Starting proxy registration example")
+    # Test configurations
+    test_configs = [
+        {
+            "name": "Admin Token",
+            "server_url": "http://localhost:8002",
+            "auth_token": "test-token-123"
+        },
+        {
+            "name": "User Token",
+            "server_url": "http://localhost:8002",
+            "auth_token": "user-token-456"
+        },
+        {
+            "name": "Readonly Token",
+            "server_url": "http://localhost:8002",
+            "auth_token": "readonly-token-123"
+        }
+    ]
+    results = []
+    for config in test_configs:
+        logger.info(f"\n📋 Testing: {config['name']}")
+        logger.info(f"Server URL: {config['server_url']}")
+        logger.info(f"Auth Token: {config['auth_token']}")
+        async with ProxyRegistrationExample(
+            config['server_url'],
+            config['auth_token']
+        ) as client:
+            # Test registration
+            for server_data in client.test_servers:
+                result = await client.test_registration(server_data)
+                results.append({
+                    "test": f"{config['name']} - Registration",
+                    "server_id": server_data["server_id"],
+                    **result
+                })
+                # If registration successful, test heartbeat
+                if result["success"] and "result" in result:
+                    server_key = result["result"].get("result", {}).get("server_key")
+                    if server_key:
+                        heartbeat_result = await client.test_heartbeat(server_key)
+                        results.append({
+                            "test": f"{config['name']} - Heartbeat",
+                            "server_key": server_key,
+                            **heartbeat_result
+                        })
+            # Test discovery
+            discovery_result = await client.test_discovery()
+            results.append({
+                "test": f"{config['name']} - Discovery",
+                **discovery_result
+            })
+    # Test without authentication
+    logger.info(f"\n📋 Testing: No Authentication")
+    async with ProxyRegistrationExample("http://localhost:8002") as client:
+        for server_data in client.test_servers:
+            result = await client.test_registration(server_data)
+            results.append({
+                "test": "No Auth - Registration",
+                "server_id": server_data["server_id"],
+                **result
+            })
+    # Print results
+    logger.info("\n" + "="*80)
+    logger.info("📊 EXAMPLE RESULTS")
+    logger.info("="*80)
+    passed = 0
+    failed = 0
+    for result in results:
+        status = "✅ PASS" if result["success"] else "❌ FAIL"
+        logger.info(f"{status} {result['test']}")
+        if result["success"]:
+            passed += 1
+        else:
+            failed += 1
+        if "error" in result:
+            logger.error(f"   Error: {result['error']}")
+        elif "result" in result:
+            result_data = result["result"]
+            if "error" in result_data:
+                logger.error(f"   API Error: {result_data['error']}")
+            elif "result" in result_data:
+                api_result = result_data["result"]
+                if "server_key" in api_result:
+                    logger.info(f"   Server Key: {api_result['server_key']}")
+                if "message" in api_result:
+                    logger.info(f"   Message: {api_result['message']}")
+    logger.info("\n" + "="*80)
+    logger.info(f"📈 SUMMARY: {passed} passed, {failed} failed")
+    logger.info("="*80)
+    return passed, failed
+def main():
+    """Main function for the example."""
+    logger.info("🔧 MCP Proxy Adapter - Proxy Registration Example")
+    logger.info("="*60)
+    # Check if server is running
+    import socket
+    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+    result = sock.connect_ex(('localhost', 8002))
+    sock.close()
+    if result != 0:
+        logger.error("❌ Server is not running on localhost:8002")
+        logger.info("💡 Please start the server first:")
+        logger.info("   cd mcp_proxy_adapter/examples")
+        logger.info("   python -m mcp_proxy_adapter.main --config server_configs/config_proxy_registration.json")
+        sys.exit(1)
+    logger.info("✅ Server is running on localhost:8002")
+    logger.info("🚀 Starting proxy registration example...")
+    # Run example
+    passed, failed = asyncio.run(run_proxy_registration_example())
+    # Exit with appropriate code
+    sys.exit(0 if failed == 0 else 1)
+if __name__ == "__main__":
+    main()