mcp-proxy-adapter 6.0.0__py3-none-any.whl → 6.0.1__py3-none-any.whl

mcp_proxy_adapter/examples/debug_role_chain.py

@@ -0,0 +1,158 @@
+#!/usr/bin/env python3
+"""
+Debug Role Chain - Анализ цепочки блокировки ролей
+Этот скрипт анализирует всю цепочку от аутентификации до блокировки доступа.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import asyncio
+import json
+import sys
+from pathlib import Path
+# Add project root to path
+project_root = Path(__file__).parent.parent.parent
+sys.path.insert(0, str(project_root))
+from mcp_security_framework import SecurityManager, AuthManager, PermissionManager
+from mcp_security_framework.schemas.config import SecurityConfig, AuthConfig, PermissionConfig
+async def debug_role_chain():
+    """Debug the complete role chain from authentication to blocking."""
+    print("🔍 АНАЛИЗ ЦЕПОЧКИ БЛОКИРОВКИ РОЛЕЙ")
+    print("=" * 60)
+    # Load configuration
+    config_path = project_root / "mcp_proxy_adapter" / "examples" / "server_configs" / "config_http_token.json"
+    with open(config_path) as f:
+        config = json.load(f)
+    security_config = config.get("security", {})
+    print("📋 1. КОНФИГУРАЦИЯ API КЛЮЧЕЙ")
+    print("-" * 30)
+    api_keys = security_config.get("auth", {}).get("api_keys", {})
+    for key, value in api_keys.items():
+        print(f"  {key}: {value}")
+    print("\n📋 2. КОНФИГУРАЦИЯ РОЛЕЙ")
+    print("-" * 30)
+    roles_config = security_config.get("permissions", {}).get("roles", {})
+    for role, permissions in roles_config.items():
+        print(f"  {role}: {permissions}")
+    print("\n📋 3. СОЗДАНИЕ КОМПОНЕНТОВ БЕЗОПАСНОСТИ")
+    print("-" * 30)
+    # Create permission config
+    perm_config = PermissionConfig(
+        roles_file=str(project_root / "mcp_proxy_adapter" / "examples" / "server_configs" / "roles.json"),
+        default_role="guest",
+        admin_role="admin",
+        role_hierarchy=security_config.get("permissions", {}).get("role_hierarchy", {}),
+        permission_cache_enabled=True,
+        permission_cache_ttl=300,
+        wildcard_permissions=False,
+        strict_mode=True,
+        roles=roles_config
+    )
+    # Create auth config
+    auth_config = AuthConfig(
+        enabled=security_config.get("auth", {}).get("enabled", True),
+        methods=security_config.get("auth", {}).get("methods", ["api_key"]),
+        api_keys=api_keys,
+        user_roles=security_config.get("auth", {}).get("user_roles", {}),
+        jwt_secret=security_config.get("auth", {}).get("jwt_secret"),
+        jwt_algorithm=security_config.get("auth", {}).get("jwt_algorithm", "HS256"),
+        jwt_expiry_hours=security_config.get("auth", {}).get("jwt_expiry_hours", 24),
+        certificate_auth=security_config.get("auth", {}).get("certificate_auth", False),
+        certificate_roles_oid=security_config.get("auth", {}).get("certificate_roles_oid"),
+        certificate_permissions_oid=security_config.get("auth", {}).get("certificate_permissions_oid"),
+        basic_auth=security_config.get("auth", {}).get("basic_auth", False),
+        oauth2_config=security_config.get("auth", {}).get("oauth2_config"),
+        public_paths=security_config.get("auth", {}).get("public_paths", [])
+    )
+    # Create security config
+    security_config_obj = SecurityConfig(
+        auth=auth_config,
+        permissions=perm_config
+    )
+    print("✅ Конфигурации созданы")
+    print("\n📋 4. ИНИЦИАЛИЗАЦИЯ МЕНЕДЖЕРОВ")
+    print("-" * 30)
+    # Initialize managers
+    permission_manager = PermissionManager(perm_config)
+    auth_manager = AuthManager(auth_config, permission_manager)
+    security_manager = SecurityManager(security_config_obj)
+    print("✅ Менеджеры инициализированы")
+    print("\n📋 5. ТЕСТИРОВАНИЕ АУТЕНТИФИКАЦИИ")
+    print("-" * 30)
+    # Test authentication with different tokens
+    test_tokens = {
+        "admin": "test-token-123",
+        "user": "user-token-456",
+        "readonly": "readonly-token-123",
+        "invalid": "invalid-token-999"
+    }
+    auth_results = {}
+    for role, token in test_tokens.items():
+        print(f"\n🔐 Тестирование токена для роли '{role}': {token}")
+        try:
+            result = auth_manager.authenticate_api_key(token)
+            auth_results[role] = result
+            print(f"  ✅ Аутентификация: {'УСПЕШНА' if result.is_valid else 'НЕУДАЧНА'}")
+            if result.is_valid:
+                print(f"  👤 Пользователь: {result.username}")
+                print(f"  🏷️ Роли: {result.roles}")
+                print(f"  🔑 Метод: {result.auth_method}")
+            else:
+                print(f"  ❌ Ошибка: {result.error_message}")
+        except Exception as e:
+            print(f"  ❌ Исключение: {e}")
+            auth_results[role] = None
+    print("\n📋 6. ТЕСТИРОВАНИЕ ПРАВ ДОСТУПА")
+    print("-" * 30)
+    # Test permissions for different actions
+    test_actions = ["read", "write", "manage", "delete"]
+    for role, auth_result in auth_results.items():
+        if auth_result and auth_result.is_valid:
+            print(f"\n🔒 Тестирование прав для роли '{role}' (роли: {auth_result.roles})")
+            for action in test_actions:
+                try:
+                    # Check permissions using permission manager
+                    validation_result = permission_manager.validate_access(
+                        auth_result.roles,
+                        [action]
+                    )
+                    status = "✅ РАЗРЕШЕНО" if validation_result.is_valid else "❌ ЗАБЛОКИРОВАНО"
+                    print(f"  {action}: {status}")
+                    if not validation_result.is_valid:
+                        print(f"    📝 Причина: {validation_result.error_message}")
+                        print(f"    🎯 Эффективные права: {validation_result.effective_permissions}")
+                        print(f"    ❌ Отсутствующие права: {validation_result.missing_permissions}")
+                except Exception as e:
+                    print(f"  {action}: ❌ ОШИБКА - {e}")
+    print("\n📋 7. ТЕСТИРОВАНИЕ ПОЛНОЙ ЦЕПОЧКИ")
+    print("-" * 30)
+    # Test complete request validation
+    for role, token in test_tokens.items():
+        print(f"\n🔄 Полная цепочка для роли '{role}'")
+        request_data = {
+            "api_key": token,
+            "required_permissions": ["write"],
+            "client_ip": "127.0.0.1"
+        }
+        try:
+            result = security_manager.validate_request(request_data)
+            status = "✅ УСПЕШНО" if result.is_valid else "❌ ЗАБЛОКИРОВАНО"
+            print(f"  Результат: {status}")
+            if not result.is_valid:
+                print(f"  📝 Причина: {result.error_message}")
+        except Exception as e:
+            print(f"  ❌ ОШИБКА: {e}")
+    print("\n📋 8. АНАЛИЗ ПРОБЛЕМЫ")
+    print("-" * 30)
+    print("🔍 ПРОБЛЕМА: Readonly роль получает доступ к write операциям")
+    print("\n📋 ВОЗМОЖНЫЕ ПРИЧИНЫ:")
+    print("1. Middleware не передает информацию о пользователе в request.state")
+    print("2. Framework middleware не блокирует доступ на уровне middleware")
+    print("3. Команда role_test не получает правильный контекст пользователя")
+    print("4. Интеграция между middleware и командами не работает")
+    print("\n📋 РЕКОМЕНДАЦИИ:")
+    print("1. Проверить, как framework middleware устанавливает user info")
+    print("2. Добавить проверку прав на уровне middleware")
+    print("3. Убедиться, что request.state содержит user info")
+    print("4. Проверить интеграцию между middleware и командами")
+if __name__ == "__main__":
+    asyncio.run(debug_role_chain())

mcp_proxy_adapter/examples/demo_client.py

@@ -0,0 +1,275 @@
+"""
+Demo Client Script
+This script demonstrates how to use the UniversalClient with different
+authentication methods and connection types.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import asyncio
+import json
+import sys
+from pathlib import Path
+# Add project root to path
+sys.path.insert(0, str(Path(__file__).parent.parent))
+from examples.universal_client import UniversalClient, create_client_config
+async def demo_from_config_file(config_file: str):
+    """
+    Demo client using configuration from file.
+    Args:
+        config_file: Path to configuration file
+    """
+    print(f"🚀 Demo from config file: {config_file}")
+    print("=" * 50)
+    try:
+        # Load configuration
+        with open(config_file, 'r') as f:
+            config = json.load(f)
+        print(f"Configuration loaded: {config.get('security', {}).get('auth_method', 'none')} auth")
+        # Create and use client
+        async with UniversalClient(config) as client:
+            # Test connection
+            success = await client.test_connection()
+            if success:
+                print("✅ Connection successful!")
+                # Test security features
+                security_results = await client.test_security_features()
+                print("\nSecurity Features:")
+                for feature, status in security_results.items():
+                    status_icon = "✅" if status else "❌"
+                    print(f"  {status_icon} {feature}: {status}")
+                # Make API calls
+                await demo_api_calls(client)
+            else:
+                print("❌ Connection failed")
+    except FileNotFoundError:
+        print(f"❌ Configuration file not found: {config_file}")
+    except json.JSONDecodeError:
+        print(f"❌ Invalid JSON in configuration file: {config_file}")
+    except Exception as e:
+        print(f"❌ Demo failed: {e}")
+async def demo_api_calls(client: UniversalClient):
+    """Demonstrate various API calls."""
+    print("\n📡 API Calls Demo:")
+    print("-" * 30)
+    # Test health endpoint
+    try:
+        health = await client.get("/health")
+        print(f"Health: {health}")
+    except Exception as e:
+        print(f"Health check failed: {e}")
+    # Test status endpoint
+    try:
+        status = await client.get("/api/status")
+        print(f"Status: {status}")
+    except Exception as e:
+        print(f"Status check failed: {e}")
+    # Test JSON-RPC command
+    try:
+        command_data = {
+            "jsonrpc": "2.0",
+            "method": "test_command",
+            "params": {
+                "message": "Hello from universal client!",
+                "timestamp": "2024-01-01T00:00:00Z"
+            },
+            "id": 1
+        }
+        result = await client.post("/api/jsonrpc", command_data)
+        print(f"Command Result: {result}")
+    except Exception as e:
+        print(f"Command execution failed: {e}")
+    # Test security command if available
+    try:
+        security_data = {
+            "jsonrpc": "2.0",
+            "method": "security_command",
+            "params": {
+                "action": "get_status",
+                "include_certificates": True
+            },
+            "id": 2
+        }
+        result = await client.post("/api/jsonrpc", security_data)
+        print(f"Security Status: {result}")
+    except Exception as e:
+        print(f"Security command failed: {e}")
+async def demo_all_configs():
+    """Demo all available client configurations."""
+    print("🚀 Demo All Client Configurations")
+    print("=" * 50)
+    config_dir = Path(__file__).parent / "client_configs"
+    if not config_dir.exists():
+        print(f"❌ Config directory not found: {config_dir}")
+        return
+    config_files = list(config_dir.glob("*.json"))
+    if not config_files:
+        print(f"❌ No configuration files found in {config_dir}")
+        return
+    print(f"Found {len(config_files)} configuration files:")
+    for config_file in config_files:
+        print(f"  - {config_file.name}")
+    print("\n" + "=" * 50)
+    for config_file in config_files:
+        await demo_from_config_file(str(config_file))
+        print("\n" + "-" * 50)
+async def demo_programmatic_config():
+    """Demo client with programmatically created configuration."""
+    print("🚀 Demo Programmatic Configuration")
+    print("=" * 50)
+    # Create different configurations programmatically
+    configs = [
+        {
+            "name": "API Key Client",
+            "config": create_client_config(
+                "http://localhost:8000",
+                "api_key",
+                api_key="demo_api_key_123"
+            )
+        },
+        {
+            "name": "JWT Client",
+            "config": create_client_config(
+                "http://localhost:8000",
+                "jwt",
+                username="demo_user",
+                password="demo_password",
+                secret="demo_jwt_secret"
+            )
+        },
+        {
+            "name": "Certificate Client",
+            "config": create_client_config(
+                "https://localhost:8443",
+                "certificate",
+                cert_file="./certs/client.crt",
+                key_file="./keys/client.key",
+                ca_cert_file="./certs/ca.crt"
+            )
+        },
+        {
+            "name": "Basic Auth Client",
+            "config": create_client_config(
+                "http://localhost:8000",
+                "basic",
+                username="demo_user",
+                password="demo_password"
+            )
+        }
+    ]
+    for config_info in configs:
+        print(f"\n📋 Testing: {config_info['name']}")
+        print("-" * 30)
+        try:
+            async with UniversalClient(config_info["config"]) as client:
+                success = await client.test_connection()
+                if success:
+                    print("✅ Connection successful!")
+                    await demo_api_calls(client)
+                else:
+                    print("❌ Connection failed")
+        except Exception as e:
+            print(f"❌ Test failed: {e}")
+async def interactive_demo():
+    """Interactive demo with user input."""
+    print("🚀 Interactive Client Demo")
+    print("=" * 50)
+    print("Available authentication methods:")
+    print("1. No authentication")
+    print("2. API Key")
+    print("3. JWT Token")
+    print("4. Certificate")
+    print("5. Basic Authentication")
+    try:
+        choice = input("\nSelect authentication method (1-5): ").strip()
+        auth_methods = {
+            "1": "none",
+            "2": "api_key",
+            "3": "jwt",
+            "4": "certificate",
+            "5": "basic"
+        }
+        if choice not in auth_methods:
+            print("❌ Invalid choice")
+            return
+        auth_method = auth_methods[choice]
+        # Get server URL
+        server_url = input("Enter server URL (default: http://localhost:8000): ").strip()
+        if not server_url:
+            server_url = "http://localhost:8000"
+        # Create configuration based on choice
+        config_kwargs = {}
+        if auth_method == "api_key":
+            api_key = input("Enter API key: ").strip()
+            if api_key:
+                config_kwargs["api_key"] = api_key
+        elif auth_method == "jwt":
+            username = input("Enter username: ").strip()
+            password = input("Enter password: ").strip()
+            secret = input("Enter JWT secret: ").strip()
+            if username and password and secret:
+                config_kwargs.update({
+                    "username": username,
+                    "password": password,
+                    "secret": secret
+                })
+        elif auth_method == "certificate":
+            cert_file = input("Enter certificate file path: ").strip()
+            key_file = input("Enter key file path: ").strip()
+            ca_cert_file = input("Enter CA certificate file path: ").strip()
+            if cert_file and key_file:
+                config_kwargs.update({
+                    "cert_file": cert_file,
+                    "key_file": key_file,
+                    "ca_cert_file": ca_cert_file
+                })
+        elif auth_method == "basic":
+            username = input("Enter username: ").strip()
+            password = input("Enter password: ").strip()
+            if username and password:
+                config_kwargs.update({
+                    "username": username,
+                    "password": password
+                })
+        # Create configuration
+        config = create_client_config(server_url, auth_method, **config_kwargs)
+        print(f"\nConfiguration created for {auth_method} authentication")
+        print(f"Server URL: {server_url}")
+        # Test connection
+        async with UniversalClient(config) as client:
+            success = await client.test_connection()
+            if success:
+                print("✅ Connection successful!")
+                await demo_api_calls(client)
+            else:
+                print("❌ Connection failed")
+    except KeyboardInterrupt:
+        print("\n\nDemo interrupted by user")
+    except Exception as e:
+        print(f"❌ Interactive demo failed: {e}")
+def main():
+    """Main demo function."""
+    if len(sys.argv) > 1:
+        command = sys.argv[1]
+        if command == "config":
+            if len(sys.argv) > 2:
+                config_file = sys.argv[2]
+                asyncio.run(demo_from_config_file(config_file))
+            else:
+                print("Usage: python demo_client.py config <config_file>")
+        elif command == "all":
+            asyncio.run(demo_all_configs())
+        elif command == "programmatic":
+            asyncio.run(demo_programmatic_config())
+        elif command == "interactive":
+            asyncio.run(interactive_demo())
+        else:
+            print("Unknown command. Available commands:")
+            print("  config <file>     - Demo with config file")
+            print("  all               - Demo all config files")
+            print("  programmatic      - Demo programmatic configs")
+            print("  interactive       - Interactive demo")
+    else:
+        # Default: demo all configs
+        asyncio.run(demo_all_configs())
+if __name__ == "__main__":
+    main()

mcp_proxy_adapter/examples/examples/basic_framework/__init__.py

@@ -0,0 +1,9 @@
+"""Basic Framework Example.
+
+This example demonstrates the fundamental usage of MCP Proxy Adapter
+with minimal configuration and basic command registration.
+
+Note: This package provides a basic example of MCP Proxy Adapter usage.
+The main application is created dynamically in main.py and not exported
+as a global variable for this example.
+"""

mcp_proxy_adapter/examples/examples/basic_framework/commands/__init__.py

@@ -0,0 +1,4 @@
+"""Basic Framework Commands.
+
+Commands for the basic framework example.
+"""

mcp_proxy_adapter/examples/examples/basic_framework/hooks/__init__.py

@@ -0,0 +1,4 @@
+"""Basic Framework Hooks.
+
+Hooks for the basic framework example.
+"""

mcp_proxy_adapter/examples/examples/basic_framework/main.py

@@ -0,0 +1,44 @@
+#!/usr/bin/env python3
+"""
+Basic Framework Example
+This example demonstrates the basic usage of the MCP Proxy Adapter framework
+with minimal configuration and built-in commands.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import sys
+import argparse
+from pathlib import Path
+# Add the framework to the path
+sys.path.insert(0, str(Path(__file__).parent.parent.parent))
+from mcp_proxy_adapter.core.app_factory import create_and_run_server
+def main():
+    """Main entry point for the basic framework example."""
+    parser = argparse.ArgumentParser(description="Basic Framework Example")
+    parser.add_argument("--config", "-c", required=True, help="Path to configuration file")
+    parser.add_argument("--host", help="Server host")
+    parser.add_argument("--port", type=int, help="Server port")
+    parser.add_argument("--debug", action="store_true", help="Enable debug mode")
+    args = parser.parse_args()
+    # Override configuration if specified
+    config_overrides = {}
+    if args.host:
+        config_overrides["host"] = args.host
+    if args.port:
+        config_overrides["port"] = args.port
+    if args.debug:
+        config_overrides["debug"] = True
+    print(f"🚀 Starting Basic Framework Example")
+    print(f"📋 Configuration: {args.config}")
+    print("=" * 50)
+    # Use the factory method to create and run the server
+    create_and_run_server(
+        config_path=args.config,
+        title="Basic Framework Example",
+        description="Basic MCP Proxy Adapter with minimal configuration",
+        version="1.0.0",
+        host=config_overrides.get("host", "0.0.0.0"),
+        log_level="debug" if config_overrides.get("debug", False) else "info"
+    )
+if __name__ == "__main__":
+    main()

mcp_proxy_adapter/examples/examples/full_application/__init__.py

@@ -0,0 +1,12 @@
+"""Full Application Example.
+
+This example demonstrates advanced usage of MCP Proxy Adapter including:
+- Proxy registration endpoints
+- Custom command hooks
+- Advanced security configurations
+- Role-based access control
+"""
+
+from .main import get_app
+app = get_app()
+from .proxy_endpoints import router as proxy_router

mcp_proxy_adapter/examples/examples/full_application/commands/__init__.py

@@ -0,0 +1,7 @@
+"""Full Application Commands.
+
+Custom command implementations for the full application example.
+"""
+
+from .custom_echo_command import CustomEchoCommand
+from .dynamic_calculator_command import DynamicCalculatorCommand

mcp_proxy_adapter/examples/examples/full_application/commands/custom_echo_command.py

@@ -0,0 +1,80 @@
+"""
+Custom Echo Command
+This module demonstrates a custom command implementation for the full application example.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+from typing import Dict, Any, Optional
+from mcp_proxy_adapter.commands.base import BaseCommand
+from mcp_proxy_adapter.commands.result import CommandResult
+class CustomEchoResult(CommandResult):
+    """Result class for custom echo command."""
+    def __init__(self, message: str, timestamp: str, echo_count: int):
+        self.message = message
+        self.timestamp = timestamp
+        self.echo_count = echo_count
+    def to_dict(self) -> Dict[str, Any]:
+        """Convert result to dictionary."""
+        return {
+            "message": self.message,
+            "timestamp": self.timestamp,
+            "echo_count": self.echo_count,
+            "command_type": "custom_echo"
+        }
+    def get_schema(self) -> Dict[str, Any]:
+        """Get result schema."""
+        return {
+            "type": "object",
+            "properties": {
+                "message": {"type": "string", "description": "Echoed message"},
+                "timestamp": {"type": "string", "description": "Timestamp of echo"},
+                "echo_count": {"type": "integer", "description": "Number of echoes"},
+                "command_type": {"type": "string", "description": "Command type"}
+            },
+            "required": ["message", "timestamp", "echo_count", "command_type"]
+        }
+class CustomEchoCommand(BaseCommand):
+    """Custom echo command implementation."""
+    def __init__(self):
+        super().__init__()
+        self.echo_count = 0
+    def get_name(self) -> str:
+        """Get command name."""
+        return "custom_echo"
+    def get_description(self) -> str:
+        """Get command description."""
+        return "Custom echo command with enhanced features"
+    def get_schema(self) -> Dict[str, Any]:
+        """Get command schema."""
+        return {
+            "type": "object",
+            "properties": {
+                "message": {
+                    "type": "string",
+                    "description": "Message to echo",
+                    "default": "Hello from custom echo!"
+                },
+                "repeat": {
+                    "type": "integer",
+                    "description": "Number of times to repeat",
+                    "default": 1,
+                    "minimum": 1,
+                    "maximum": 10
+                }
+            },
+            "required": ["message"]
+        }
+    async def execute(self, params: Dict[str, Any]) -> CustomEchoResult:
+        """Execute the custom echo command."""
+        message = params.get("message", "Hello from custom echo!")
+        repeat = min(max(params.get("repeat", 1), 1), 10)
+        self.echo_count += 1
+        from datetime import datetime
+        timestamp = datetime.now().isoformat()
+        # Repeat the message
+        echoed_message = " ".join([message] * repeat)
+        return CustomEchoResult(
+            message=echoed_message,
+            timestamp=timestamp,
+            echo_count=self.echo_count
+        )