PyPI - mcp-proxy-adapter - Versions diffs - 6.0.0__py3-none-any.whl → 6.1.1__py3-none-any.whl - Mend

mcp-proxy-adapter 6.0.0py3-none-any.whl → 6.1.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (264) hide show

mcp_proxy_adapter/examples/debug_role_chain.py ADDED Viewed

@@ -0,0 +1,205 @@
+#!/usr/bin/env python3
+"""
+Debug Role Chain - Анализ цепочки блокировки ролей
+Этот скрипт анализирует всю цепочку от аутентификации до блокировки доступа.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import asyncio
+import json
+import sys
+from pathlib import Path
+# Add project root to path
+project_root = Path(__file__).parent.parent.parent
+sys.path.insert(0, str(project_root))
+from mcp_security_framework import SecurityManager, AuthManager, PermissionManager
+from mcp_security_framework.schemas.config import SecurityConfig, AuthConfig, PermissionConfig
+async def debug_role_chain():
+    """Debug the complete role chain from authentication to blocking."""
+    print("🔍 АНАЛИЗ ЦЕПОЧКИ БЛОКИРОВКИ РОЛЕЙ")
+    print("=" * 60)
+    # Load configuration
+    config_path = project_root / "mcp_proxy_adapter" / "examples" / "server_configs" / "config_http_token.json"
+    with open(config_path) as f:
+        config = json.load(f)
+    security_config = config.get("security", {})
+    print("📋 1. КОНФИГУРАЦИЯ API КЛЮЧЕЙ")
+    print("-" * 30)
+    api_keys = security_config.get("auth", {}).get("api_keys", {})
+    for key, value in api_keys.items():
+        print(f"  {key}: {value}")
+    print("\n📋 2. КОНФИГУРАЦИЯ РОЛЕЙ")
+    print("-" * 30)
+    roles_config = security_config.get("permissions", {}).get("roles", {})
+    for role, permissions in roles_config.items():
+        print(f"  {role}: {permissions}")
+    print("\n📋 3. СОЗДАНИЕ КОМПОНЕНТОВ БЕЗОПАСНОСТИ")
+    print("-" * 30)
+    # Create permission config
+    perm_config = PermissionConfig(
+        roles_file=str(project_root / "mcp_proxy_adapter" / "examples" / "server_configs" / "roles.json"),
+        default_role="guest",
+        admin_role="admin",
+        role_hierarchy=security_config.get("permissions", {}).get("role_hierarchy", {}),
+        permission_cache_enabled=True,
+        permission_cache_ttl=300,
+        wildcard_permissions=False,
+        strict_mode=True,
+        roles=roles_config
+    )
+    # Create auth config
+    auth_config = AuthConfig(
+        enabled=security_config.get("auth", {}).get("enabled", True),
+        methods=security_config.get("auth", {}).get("methods", ["api_key"]),
+        api_keys=api_keys,
+        user_roles=security_config.get("auth", {}).get("user_roles", {}),
+        jwt_secret=security_config.get("auth", {}).get("jwt_secret"),
+        jwt_algorithm=security_config.get("auth", {}).get("jwt_algorithm", "HS256"),
+        jwt_expiry_hours=security_config.get("auth", {}).get("jwt_expiry_hours", 24),
+        certificate_auth=security_config.get("auth", {}).get("certificate_auth", False),
+        certificate_roles_oid=security_config.get("auth", {}).get("certificate_roles_oid"),
+        certificate_permissions_oid=security_config.get("auth", {}).get("certificate_permissions_oid"),
+        basic_auth=security_config.get("auth", {}).get("basic_auth", False),
+        oauth2_config=security_config.get("auth", {}).get("oauth2_config"),
+        public_paths=security_config.get("auth", {}).get("public_paths", [])
+    )
+    # Create security config
+    security_config_obj = SecurityConfig(
+        auth=auth_config,
+        permissions=perm_config
+    )
+    print("✅ Конфигурации созданы")
+    print("\n📋 4. ИНИЦИАЛИЗАЦИЯ МЕНЕДЖЕРОВ")
+    print("-" * 30)
+    # Initialize managers
+    permission_manager = PermissionManager(perm_config)
+    auth_manager = AuthManager(auth_config, permission_manager)
+    security_manager = SecurityManager(security_config_obj)
+    print("✅ Менеджеры инициализированы")
+    print("\n📋 5. ТЕСТИРОВАНИЕ АУТЕНТИФИКАЦИИ")
+    print("-" * 30)
+    # Test authentication with different tokens
+    test_tokens = {
+        "admin": "test-token-123",
+        "user": "user-token-456",
+        "readonly": "readonly-token-123",
+        "invalid": "invalid-token-999"
+    }
+    auth_results = {}
+    for role, token in test_tokens.items():
+        print(f"\n🔐 Тестирование токена для роли '{role}': {token}")
+        try:
+            result = auth_manager.authenticate_api_key(token)
+            auth_results[role] = result
+            print(f"  ✅ Аутентификация: {'УСПЕШНА' if result.is_valid else 'НЕУДАЧНА'}")
+            if result.is_valid:
+                print(f"  👤 Пользователь: {result.username}")
+                print(f"  🏷️ Роли: {result.roles}")
+                print(f"  🔑 Метод: {result.auth_method}")
+            else:
+                print(f"  ❌ Ошибка: {result.error_message}")
+        except Exception as e:
+            print(f"  ❌ Исключение: {e}")
+            auth_results[role] = None
+    print("\n📋 6. ТЕСТИРОВАНИЕ ПРАВ ДОСТУПА")
+    print("-" * 30)
+    # Test permissions for different actions
+    test_actions = ["read", "write", "manage", "delete"]
+    for role, auth_result in auth_results.items():
+        if auth_result and auth_result.is_valid:
+            print(f"\n🔒 Тестирование прав для роли '{role}' (роли: {auth_result.roles})")
+            for action in test_actions:
+                try:
+                    # Check permissions using permission manager
+                    validation_result = permission_manager.validate_access(
+                        auth_result.roles,
+                        [action]
+                    )
+                    status = "✅ РАЗРЕШЕНО" if validation_result.is_valid else "❌ ЗАБЛОКИРОВАНО"
+                    print(f"  {action}: {status}")
+                    if not validation_result.is_valid:
+                        print(f"    📝 Причина: {validation_result.error_message}")
+                        print(f"    🎯 Эффективные права: {validation_result.effective_permissions}")
+                        print(f"    ❌ Отсутствующие права: {validation_result.missing_permissions}")
+                except Exception as e:
+                    print(f"  {action}: ❌ ОШИБКА - {e}")
+    print("\n📋 7. ТЕСТИРОВАНИЕ ПОЛНОЙ ЦЕПОЧКИ")
+    print("-" * 30)
+    # Test complete request validation
+    for role, token in test_tokens.items():
+        print(f"\n🔄 Полная цепочка для роли '{role}'")
+        request_data = {
+            "api_key": token,
+            "required_permissions": ["write"],
+            "client_ip": "127.0.0.1"
+        }
+        try:
+            result = security_manager.validate_request(request_data)
+            status = "✅ УСПЕШНО" if result.is_valid else "❌ ЗАБЛОКИРОВАНО"
+            print(f"  Результат: {status}")
+            if not result.is_valid:
+                print(f"  📝 Причина: {result.error_message}")
+        except Exception as e:
+            print(f"  ❌ ОШИБКА: {e}")
+    print("\n📋 8. АНАЛИЗ ПРОБЛЕМЫ")
+    print("-" * 30)
+    print("🔍 ПРОБЛЕМА: Readonly роль получает доступ к write операциям")
+    print("\n📋 ВОЗМОЖНЫЕ ПРИЧИНЫ:")
+    print("1. Middleware не передает информацию о пользователе в request.state")
+    print("2. Framework middleware не блокирует доступ на уровне middleware")
+    print("3. Команда role_test не получает правильный контекст пользователя")
+    print("4. Интеграция между middleware и командами не работает")
+    print("\n📋 РЕКОМЕНДАЦИИ:")
+    print("1. Проверить, как framework middleware устанавливает user info")
+    print("2. Добавить проверку прав на уровне middleware")
+    print("3. Убедиться, что request.state содержит user info")
+    print("4. Проверить интеграцию между middleware и командами")
+if __name__ == "__main__":
+    asyncio.run(debug_role_chain())

mcp_proxy_adapter/examples/demo_client.py ADDED Viewed

@@ -0,0 +1,341 @@
+"""
+Demo Client Script
+This script demonstrates how to use the UniversalClient with different
+authentication methods and connection types.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+import asyncio
+import json
+import sys
+from pathlib import Path
+# Add project root to path
+sys.path.insert(0, str(Path(__file__).parent.parent))
+from examples.universal_client import UniversalClient, create_client_config
+async def demo_from_config_file(config_file: str):
+    """
+    Demo client using configuration from file.
+    Args:
+        config_file: Path to configuration file
+    """
+    print(f"🚀 Demo from config file: {config_file}")
+    print("=" * 50)
+    try:
+        # Load configuration
+        with open(config_file, 'r') as f:
+            config = json.load(f)
+        print(f"Configuration loaded: {config.get('security', {}).get('auth_method', 'none')} auth")
+        # Create and use client
+        async with UniversalClient(config) as client:
+            # Test connection
+            success = await client.test_connection()
+            if success:
+                print("✅ Connection successful!")
+                # Test security features
+                security_results = await client.test_security_features()
+                print("\nSecurity Features:")
+                for feature, status in security_results.items():
+                    status_icon = "✅" if status else "❌"
+                    print(f"  {status_icon} {feature}: {status}")
+                # Make API calls
+                await demo_api_calls(client)
+            else:
+                print("❌ Connection failed")
+    except FileNotFoundError:
+        print(f"❌ Configuration file not found: {config_file}")
+    except json.JSONDecodeError:
+        print(f"❌ Invalid JSON in configuration file: {config_file}")
+    except Exception as e:
+        print(f"❌ Demo failed: {e}")
+async def demo_api_calls(client: UniversalClient):
+    """Demonstrate various API calls."""
+    print("\n📡 API Calls Demo:")
+    print("-" * 30)
+    # Test health endpoint
+    try:
+        health = await client.get("/health")
+        print(f"Health: {health}")
+    except Exception as e:
+        print(f"Health check failed: {e}")
+    # Test status endpoint
+    try:
+        status = await client.get("/api/status")
+        print(f"Status: {status}")
+    except Exception as e:
+        print(f"Status check failed: {e}")
+    # Test JSON-RPC command
+    try:
+        command_data = {
+            "jsonrpc": "2.0",
+            "method": "test_command",
+            "params": {
+                "message": "Hello from universal client!",
+                "timestamp": "2024-01-01T00:00:00Z"
+            },
+            "id": 1
+        }
+        result = await client.post("/api/jsonrpc", command_data)
+        print(f"Command Result: {result}")
+    except Exception as e:
+        print(f"Command execution failed: {e}")
+    # Test security command if available
+    try:
+        security_data = {
+            "jsonrpc": "2.0",
+            "method": "security_command",
+            "params": {
+                "action": "get_status",
+                "include_certificates": True
+            },
+            "id": 2
+        }
+        result = await client.post("/api/jsonrpc", security_data)
+        print(f"Security Status: {result}")
+    except Exception as e:
+        print(f"Security command failed: {e}")
+async def demo_all_configs():
+    """Demo all available client configurations."""
+    print("🚀 Demo All Client Configurations")
+    print("=" * 50)
+    config_dir = Path(__file__).parent / "client_configs"
+    if not config_dir.exists():
+        print(f"❌ Config directory not found: {config_dir}")
+        return
+    config_files = list(config_dir.glob("*.json"))
+    if not config_files:
+        print(f"❌ No configuration files found in {config_dir}")
+        return
+    print(f"Found {len(config_files)} configuration files:")
+    for config_file in config_files:
+        print(f"  - {config_file.name}")
+    print("\n" + "=" * 50)
+    for config_file in config_files:
+        await demo_from_config_file(str(config_file))
+        print("\n" + "-" * 50)
+async def demo_programmatic_config():
+    """Demo client with programmatically created configuration."""
+    print("🚀 Demo Programmatic Configuration")
+    print("=" * 50)
+    # Create different configurations programmatically
+    configs = [
+        {
+            "name": "API Key Client",
+            "config": create_client_config(
+                "http://localhost:8000",
+                "api_key",
+                api_key="demo_api_key_123"
+            )
+        },
+        {
+            "name": "JWT Client",
+            "config": create_client_config(
+                "http://localhost:8000",
+                "jwt",
+                username="demo_user",
+                password="demo_password",
+                secret="demo_jwt_secret"
+            )
+        },
+        {
+            "name": "Certificate Client",
+            "config": create_client_config(
+                "https://localhost:8443",
+                "certificate",
+                cert_file="./certs/client.crt",
+                key_file="./keys/client.key",
+                ca_cert_file="./certs/ca.crt"
+            )
+        },
+        {
+            "name": "Basic Auth Client",
+            "config": create_client_config(
+                "http://localhost:8000",
+                "basic",
+                username="demo_user",
+                password="demo_password"
+            )
+        }
+    ]
+    for config_info in configs:
+        print(f"\n📋 Testing: {config_info['name']}")
+        print("-" * 30)
+        try:
+            async with UniversalClient(config_info["config"]) as client:
+                success = await client.test_connection()
+                if success:
+                    print("✅ Connection successful!")
+                    await demo_api_calls(client)
+                else:
+                    print("❌ Connection failed")
+        except Exception as e:
+            print(f"❌ Test failed: {e}")
+async def interactive_demo():
+    """Interactive demo with user input."""
+    print("🚀 Interactive Client Demo")
+    print("=" * 50)
+    print("Available authentication methods:")
+    print("1. No authentication")
+    print("2. API Key")
+    print("3. JWT Token")
+    print("4. Certificate")
+    print("5. Basic Authentication")
+    try:
+        choice = input("\nSelect authentication method (1-5): ").strip()
+        auth_methods = {
+            "1": "none",
+            "2": "api_key",
+            "3": "jwt",
+            "4": "certificate",
+            "5": "basic"
+        }
+        if choice not in auth_methods:
+            print("❌ Invalid choice")
+            return
+        auth_method = auth_methods[choice]
+        # Get server URL
+        server_url = input("Enter server URL (default: http://localhost:8000): ").strip()
+        if not server_url:
+            server_url = "http://localhost:8000"
+        # Create configuration based on choice
+        config_kwargs = {}
+        if auth_method == "api_key":
+            api_key = input("Enter API key: ").strip()
+            if api_key:
+                config_kwargs["api_key"] = api_key
+        elif auth_method == "jwt":
+            username = input("Enter username: ").strip()
+            password = input("Enter password: ").strip()
+            secret = input("Enter JWT secret: ").strip()
+            if username and password and secret:
+                config_kwargs.update({
+                    "username": username,
+                    "password": password,
+                    "secret": secret
+                })
+        elif auth_method == "certificate":
+            cert_file = input("Enter certificate file path: ").strip()
+            key_file = input("Enter key file path: ").strip()
+            ca_cert_file = input("Enter CA certificate file path: ").strip()
+            if cert_file and key_file:
+                config_kwargs.update({
+                    "cert_file": cert_file,
+                    "key_file": key_file,
+                    "ca_cert_file": ca_cert_file
+                })
+        elif auth_method == "basic":
+            username = input("Enter username: ").strip()
+            password = input("Enter password: ").strip()
+            if username and password:
+                config_kwargs.update({
+                    "username": username,
+                    "password": password
+                })
+        # Create configuration
+        config = create_client_config(server_url, auth_method, **config_kwargs)
+        print(f"\nConfiguration created for {auth_method} authentication")
+        print(f"Server URL: {server_url}")
+        # Test connection
+        async with UniversalClient(config) as client:
+            success = await client.test_connection()
+            if success:
+                print("✅ Connection successful!")
+                await demo_api_calls(client)
+            else:
+                print("❌ Connection failed")
+    except KeyboardInterrupt:
+        print("\n\nDemo interrupted by user")
+    except Exception as e:
+        print(f"❌ Interactive demo failed: {e}")
+def main():
+    """Main demo function."""
+    if len(sys.argv) > 1:
+        command = sys.argv[1]
+        if command == "config":
+            if len(sys.argv) > 2:
+                config_file = sys.argv[2]
+                asyncio.run(demo_from_config_file(config_file))
+            else:
+                print("Usage: python demo_client.py config <config_file>")
+        elif command == "all":
+            asyncio.run(demo_all_configs())
+        elif command == "programmatic":
+            asyncio.run(demo_programmatic_config())
+        elif command == "interactive":
+            asyncio.run(interactive_demo())
+        else:
+            print("Unknown command. Available commands:")
+            print("  config <file>     - Demo with config file")
+            print("  all               - Demo all config files")
+            print("  programmatic      - Demo programmatic configs")
+            print("  interactive       - Interactive demo")
+    else:
+        # Default: demo all configs
+        asyncio.run(demo_all_configs())
+if __name__ == "__main__":
+    main()

mcp_proxy_adapter/examples/full_application/commands/custom_echo_command.py ADDED Viewed

@@ -0,0 +1,99 @@
+"""
+Custom Echo Command
+This module demonstrates a custom command implementation for the full application example.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+from typing import Dict, Any, Optional
+from mcp_proxy_adapter.commands.base import BaseCommand
+from mcp_proxy_adapter.commands.result import CommandResult
+class CustomEchoResult(CommandResult):
+    """Result class for custom echo command."""
+    def __init__(self, message: str, timestamp: str, echo_count: int):
+        self.message = message
+        self.timestamp = timestamp
+        self.echo_count = echo_count
+    def to_dict(self) -> Dict[str, Any]:
+        """Convert result to dictionary."""
+        return {
+            "message": self.message,
+            "timestamp": self.timestamp,
+            "echo_count": self.echo_count,
+            "command_type": "custom_echo"
+        }
+    def get_schema(self) -> Dict[str, Any]:
+        """Get result schema."""
+        return {
+            "type": "object",
+            "properties": {
+                "message": {"type": "string", "description": "Echoed message"},
+                "timestamp": {"type": "string", "description": "Timestamp of echo"},
+                "echo_count": {"type": "integer", "description": "Number of echoes"},
+                "command_type": {"type": "string", "description": "Command type"}
+            },
+            "required": ["message", "timestamp", "echo_count", "command_type"]
+        }
+class CustomEchoCommand(BaseCommand):
+    """Custom echo command implementation."""
+    def __init__(self):
+        super().__init__()
+        self.echo_count = 0
+    def get_name(self) -> str:
+        """Get command name."""
+        return "custom_echo"
+    def get_description(self) -> str:
+        """Get command description."""
+        return "Custom echo command with enhanced features"
+    def get_schema(self) -> Dict[str, Any]:
+        """Get command schema."""
+        return {
+            "type": "object",
+            "properties": {
+                "message": {
+                    "type": "string",
+                    "description": "Message to echo",
+                    "default": "Hello from custom echo!"
+                },
+                "repeat": {
+                    "type": "integer",
+                    "description": "Number of times to repeat",
+                    "default": 1,
+                    "minimum": 1,
+                    "maximum": 10
+                }
+            },
+            "required": ["message"]
+        }
+    async def execute(self, params: Dict[str, Any]) -> CustomEchoResult:
+        """Execute the custom echo command."""
+        message = params.get("message", "Hello from custom echo!")
+        repeat = min(max(params.get("repeat", 1), 1), 10)
+        self.echo_count += 1
+        from datetime import datetime
+        timestamp = datetime.now().isoformat()
+        # Repeat the message
+        echoed_message = " ".join([message] * repeat)
+        return CustomEchoResult(
+            message=echoed_message,
+            timestamp=timestamp,
+            echo_count=self.echo_count
+        )

mcp-proxy-adapter 6.0.0__py3-none-any.whl → 6.1.1__py3-none-any.whl

mcp-proxy-adapter 6.0.0py3-none-any.whl → 6.1.1py3-none-any.whl