PyPI - mcp-proxy-adapter - Versions diffs - 6.0.0__py3-none-any.whl → 6.1.1__py3-none-any.whl - Mend

mcp-proxy-adapter 6.0.0py3-none-any.whl → 6.1.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (264) hide show

mcp_proxy_adapter/examples/client_configs/certificate_client.json ADDED Viewed

@@ -0,0 +1,22 @@
+{
+  "server_url": "https://localhost:8443",
+  "timeout": 30,
+  "retry_attempts": 3,
+  "retry_delay": 1,
+  "security": {
+    "auth_method": "certificate",
+    "certificate": {
+      "enabled": true,
+      "cert_file": "./certs/client.crt",
+      "key_file": "./keys/client.key",
+      "ca_cert_file": "./certs/ca.crt"
+    },
+    "ssl": {
+      "enabled": true,
+      "check_hostname": true,
+      "ca_cert_file": "./certs/ca.crt",
+      "verify_mode": "CERT_REQUIRED",
+      "min_tls_version": "TLSv1.2"
+    }
+  }
+}

mcp_proxy_adapter/examples/client_configs/jwt_client.json ADDED Viewed

@@ -0,0 +1,15 @@
+{
+  "server_url": "http://localhost:8000",
+  "timeout": 30,
+  "retry_attempts": 3,
+  "retry_delay": 1,
+  "security": {
+    "auth_method": "jwt",
+    "jwt": {
+      "username": "demo_user",
+      "password": "demo_password",
+      "secret": "your_jwt_secret_here",
+      "expiry_hours": 24
+    }
+  }
+}

mcp_proxy_adapter/examples/client_configs/no_auth_client.json ADDED Viewed

@@ -0,0 +1,9 @@
+{
+  "server_url": "http://localhost:8000",
+  "timeout": 30,
+  "retry_attempts": 3,
+  "retry_delay": 1,
+  "security": {
+    "auth_method": "none"
+  }
+}

mcp_proxy_adapter/examples/commands/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ # Commands package

mcp_proxy_adapter/examples/create_certificates_simple.py ADDED Viewed

@@ -0,0 +1,307 @@
+#!/usr/bin/env python3
+"""
+Simple Certificate Creation Script
+This script creates basic certificates for testing using OpenSSL directly.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import os
+import subprocess
+import sys
+from pathlib import Path
+class SimpleCertificateCreator:
+    """Create certificates using OpenSSL directly."""
+    def __init__(self):
+        self.project_root = Path(__file__).parent.parent.parent
+        self.certs_dir = self.project_root / "mcp_proxy_adapter" / "examples" / "certs"
+        self.keys_dir = self.project_root / "mcp_proxy_adapter" / "examples" / "keys"
+        # Create directories
+        self.certs_dir.mkdir(parents=True, exist_ok=True)
+        self.keys_dir.mkdir(parents=True, exist_ok=True)
+    def run_command(self, cmd: list, description: str) -> bool:
+        """Run a command and handle errors."""
+        try:
+            print(f"🔧 {description}...")
+            result = subprocess.run(
+                cmd,
+                cwd=self.project_root,
+                capture_output=True,
+                text=True,
+                check=True
+            )
+            print(f"✅ {description} completed successfully")
+            return True
+        except subprocess.CalledProcessError as e:
+            print(f"❌ {description} failed:")
+            print(f"   Command: {' '.join(cmd)}")
+            print(f"   Error: {e.stderr}")
+            return False
+        except Exception as e:
+            print(f"❌ {description} failed: {e}")
+            return False
+    def create_ca_certificate(self) -> bool:
+        """Create CA certificate using OpenSSL."""
+        ca_cert_path = self.certs_dir / "ca_cert.pem"
+        ca_key_path = self.keys_dir / "ca_key.pem"
+        if ca_cert_path.exists() and ca_key_path.exists():
+            print(f"ℹ️ CA certificate already exists: {ca_cert_path}")
+            return True
+        # Create CA private key
+        key_cmd = [
+            "openssl", "genrsa", "-out", str(ca_key_path), "2048"
+        ]
+        if not self.run_command(key_cmd, "Creating CA private key"):
+            return False
+        # Create CA certificate
+        cert_cmd = [
+            "openssl", "req", "-new", "-x509", "-days", "3650",
+            "-key", str(ca_key_path),
+            "-out", str(ca_cert_path),
+            "-subj", "/C=US/ST=Test State/L=Test City/O=Test Organization/CN=MCP Proxy Adapter Test CA"
+        ]
+        return self.run_command(cert_cmd, "Creating CA certificate")
+    def create_server_certificate(self) -> bool:
+        """Create server certificate using OpenSSL."""
+        server_cert_path = self.certs_dir / "server_cert.pem"
+        server_key_path = self.certs_dir / "server_key.pem"
+        if server_cert_path.exists() and server_key_path.exists():
+            print(f"ℹ️ Server certificate already exists: {server_cert_path}")
+            return True
+        # Create server private key
+        key_cmd = [
+            "openssl", "genrsa", "-out", str(server_key_path), "2048"
+        ]
+        if not self.run_command(key_cmd, "Creating server private key"):
+            return False
+        # Create server certificate signing request
+        csr_path = self.certs_dir / "server.csr"
+        csr_cmd = [
+            "openssl", "req", "-new",
+            "-key", str(server_key_path),
+            "-out", str(csr_path),
+            "-subj", "/C=US/ST=Test State/L=Test City/O=Test Organization/CN=localhost"
+        ]
+        if not self.run_command(csr_cmd, "Creating server CSR"):
+            return False
+        # Create server certificate
+        cert_cmd = [
+            "openssl", "x509", "-req", "-days", "730",
+            "-in", str(csr_path),
+            "-CA", str(self.certs_dir / "ca_cert.pem"),
+            "-CAkey", str(self.keys_dir / "ca_key.pem"),
+            "-CAcreateserial",
+            "-out", str(server_cert_path)
+        ]
+        success = self.run_command(cert_cmd, "Creating server certificate")
+        # Clean up CSR
+        if csr_path.exists():
+            csr_path.unlink()
+        return success
+    def create_client_certificate(self, name: str, common_name: str) -> bool:
+        """Create client certificate using OpenSSL."""
+        cert_path = self.certs_dir / f"{name}_cert.pem"
+        key_path = self.certs_dir / f"{name}_key.pem"
+        if cert_path.exists() and key_path.exists():
+            print(f"ℹ️ Client certificate {name} already exists: {cert_path}")
+            return True
+        # Create client private key
+        key_cmd = [
+            "openssl", "genrsa", "-out", str(key_path), "2048"
+        ]
+        if not self.run_command(key_cmd, f"Creating {name} private key"):
+            return False
+        # Create client certificate signing request
+        csr_path = self.certs_dir / f"{name}.csr"
+        csr_cmd = [
+            "openssl", "req", "-new",
+            "-key", str(key_path),
+            "-out", str(csr_path),
+            "-subj", f"/C=US/ST=Test State/L=Test City/O=Test Organization/CN={common_name}"
+        ]
+        if not self.run_command(csr_cmd, f"Creating {name} CSR"):
+            return False
+        # Create client certificate
+        cert_cmd = [
+            "openssl", "x509", "-req", "-days", "730",
+            "-in", str(csr_path),
+            "-CA", str(self.certs_dir / "ca_cert.pem"),
+            "-CAkey", str(self.keys_dir / "ca_key.pem"),
+            "-CAcreateserial",
+            "-out", str(cert_path)
+        ]
+        success = self.run_command(cert_cmd, f"Creating {name} certificate")
+        # Clean up CSR
+        if csr_path.exists():
+            csr_path.unlink()
+        return success
+    def create_legacy_certificates(self) -> bool:
+        """Create legacy certificate files for compatibility."""
+        legacy_files = [
+            ("client.crt", "client.key", "client"),
+            ("client_admin.crt", "client_admin.key", "admin"),
+            ("admin.crt", "admin.key", "admin"),
+            ("user.crt", "user.key", "user"),
+            ("readonly.crt", "readonly.key", "readonly")
+        ]
+        success = True
+        for cert_file, key_file, source_name in legacy_files:
+            cert_path = self.certs_dir / cert_file
+            key_path = self.certs_dir / key_file
+            if not cert_path.exists() or not key_path.exists():
+                source_cert = self.certs_dir / f"{source_name}_cert.pem"
+                source_key = self.certs_dir / f"{source_name}_key.pem"
+                if source_cert.exists() and source_key.exists():
+                    self.run_command(["cp", str(source_cert), str(cert_path)], f"Creating {cert_file}")
+                    self.run_command(["cp", str(source_key), str(key_path)], f"Creating {key_file}")
+                else:
+                    print(f"⚠️ Source certificate {source_name} not found for {cert_file}")
+                    success = False
+        return success
+    def validate_certificates(self) -> bool:
+        """Validate all created certificates."""
+        print("\n🔍 Validating certificates...")
+        cert_files = [
+            "ca_cert.pem",
+            "server_cert.pem",
+            "admin_cert.pem",
+            "user_cert.pem",
+            "readonly_cert.pem",
+            "guest_cert.pem",
+            "proxy_cert.pem"
+        ]
+        success = True
+        for cert_file in cert_files:
+            cert_path = self.certs_dir / cert_file
+            if cert_path.exists():
+                try:
+                    result = subprocess.run(
+                        ["openssl", "x509", "-in", str(cert_path), "-text", "-noout"],
+                        capture_output=True,
+                        text=True,
+                        check=True
+                    )
+                    print(f"✅ {cert_file}: Valid")
+                except subprocess.CalledProcessError:
+                    print(f"❌ {cert_file}: Invalid")
+                    success = False
+            else:
+                print(f"⚠️ {cert_file}: Not found")
+        return success
+    def create_all(self) -> bool:
+        """Create all certificates."""
+        print("🔐 Creating All Certificates for Security Testing")
+        print("=" * 60)
+        success = True
+        # 1. Create CA certificate
+        if not self.create_ca_certificate():
+            success = False
+            print("❌ Cannot continue without CA certificate")
+            return False
+        # 2. Create server certificate
+        if not self.create_server_certificate():
+            success = False
+        # 3. Create client certificates
+        print("\n👥 Creating client certificates...")
+        client_certs = [
+            ("admin", "admin-client"),
+            ("user", "user-client"),
+            ("readonly", "readonly-client"),
+            ("guest", "guest-client"),
+            ("proxy", "proxy-client")
+        ]
+        for name, common_name in client_certs:
+            if not self.create_client_certificate(name, common_name):
+                success = False
+        # 4. Create legacy certificates
+        print("\n🔄 Creating legacy certificates...")
+        if not self.create_legacy_certificates():
+            success = False
+        # 5. Validate certificates
+        if not self.validate_certificates():
+            success = False
+        # Print summary
+        print("\n" + "=" * 60)
+        print("📊 CERTIFICATE CREATION SUMMARY")
+        print("=" * 60)
+        if success:
+            print("✅ All certificates created successfully!")
+            print(f"📁 Certificates directory: {self.certs_dir}")
+            print(f"🔑 Keys directory: {self.keys_dir}")
+            print("\n📋 Created certificates:")
+            cert_files = list(self.certs_dir.glob("*.pem")) + list(self.certs_dir.glob("*.crt"))
+            for cert_file in sorted(cert_files):
+                print(f"   - {cert_file.name}")
+            key_files = list(self.keys_dir.glob("*.pem")) + list(self.keys_dir.glob("*.key"))
+            for key_file in sorted(key_files):
+                print(f"   - {key_file.name}")
+        else:
+            print("❌ Some certificates failed to create")
+            print("Check the error messages above")
+        return success
+def main():
+    """Main function."""
+    creator = SimpleCertificateCreator()
+    try:
+        success = creator.create_all()
+        sys.exit(0 if success else 1)
+    except KeyboardInterrupt:
+        print("\n⚠️ Certificate creation interrupted by user")
+        sys.exit(1)
+    except Exception as e:
+        print(f"\n❌ Certificate creation failed: {e}")
+        sys.exit(1)
+if __name__ == "__main__":
+    main()

mcp_proxy_adapter/examples/debug_request_state.py ADDED Viewed

@@ -0,0 +1,144 @@
+#!/usr/bin/env python3
+"""
+Debug Request State - Проверка request.state
+Этот скрипт проверяет, как middleware устанавливает информацию о пользователе в request.state.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import asyncio
+import json
+import sys
+from pathlib import Path
+# Add project root to path
+project_root = Path(__file__).parent.parent.parent
+sys.path.insert(0, str(project_root))
+from fastapi import FastAPI, Request
+from fastapi.testclient import TestClient
+from mcp_proxy_adapter.api.app import create_app
+async def debug_request_state():
+    """Debug request state handling."""
+    print("🔍 ОТЛАДКА REQUEST.STATE")
+    print("=" * 50)
+    # Create test app with proper configuration
+    config_path = project_root / "mcp_proxy_adapter" / "examples" / "server_configs" / "config_http_token.json"
+    with open(config_path) as f:
+        config = json.load(f)
+    # Override global config for testing
+    import mcp_proxy_adapter.config
+    mcp_proxy_adapter.config.config = config
+    app = create_app(config)
+    client = TestClient(app)
+    print("📋 1. ТЕСТИРОВАНИЕ БЕЗ АУТЕНТИФИКАЦИИ")
+    print("-" * 30)
+    # Test without authentication
+    response = client.post("/cmd", json={
+        "jsonrpc": "2.0",
+        "method": "echo",
+        "params": {"message": "test"},
+        "id": 1
+    })
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 2. ТЕСТИРОВАНИЕ С ADMIN ТОКЕНОМ")
+    print("-" * 30)
+    # Test with admin token
+    response = client.post("/cmd",
+        json={
+            "jsonrpc": "2.0",
+            "method": "echo",
+            "params": {"message": "test"},
+            "id": 1
+        },
+        headers={"X-API-Key": "test-token-123"}
+    )
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 3. ТЕСТИРОВАНИЕ С USER ТОКЕНОМ")
+    print("-" * 30)
+    # Test with user token
+    response = client.post("/cmd",
+        json={
+            "jsonrpc": "2.0",
+            "method": "echo",
+            "params": {"message": "test"},
+            "id": 1
+        },
+        headers={"X-API-Key": "user-token-456"}
+    )
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 4. ТЕСТИРОВАНИЕ С READONLY ТОКЕНОМ")
+    print("-" * 30)
+    # Test with readonly token
+    response = client.post("/cmd",
+        json={
+            "jsonrpc": "2.0",
+            "method": "echo",
+            "params": {"message": "test"},
+            "id": 1
+        },
+        headers={"X-API-Key": "readonly-token-123"}
+    )
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 5. ТЕСТИРОВАНИЕ ROLE_TEST КОМАНДЫ")
+    print("-" * 30)
+    # Test role_test command with readonly token
+    response = client.post("/cmd",
+        json={
+            "jsonrpc": "2.0",
+            "method": "role_test",
+            "params": {"action": "write"},
+            "id": 1
+        },
+        headers={"X-API-Key": "readonly-token-123"}
+    )
+    print(f"Status: {response.status_code}")
+    print(f"Response: {response.json()}")
+    print("\n📋 6. АНАЛИЗ ПРОБЛЕМЫ")
+    print("-" * 30)
+    print("🔍 ПРОБЛЕМА: Readonly роль получает доступ к командам")
+    print("\n📋 ВОЗМОЖНЫЕ ПРИЧИНЫ:")
+    print("1. Framework middleware не устанавливает user info в request.state")
+    print("2. Нет проверки прав на уровне middleware")
+    print("3. Команды не проверяют права доступа")
+    print("4. Интеграция между middleware и командами не работает")
+    print("\n📋 РЕКОМЕНДАЦИИ:")
+    print("1. Добавить CommandPermissionMiddleware")
+    print("2. Убедиться, что framework middleware устанавливает user info")
+    print("3. Добавить проверку прав в команды")
+    print("4. Проверить интеграцию middleware")
+if __name__ == "__main__":
+    asyncio.run(debug_request_state())

mcp-proxy-adapter 6.0.0__py3-none-any.whl → 6.1.1__py3-none-any.whl

mcp-proxy-adapter 6.0.0py3-none-any.whl → 6.1.1py3-none-any.whl