PyPI - mcp-proxy-adapter - Versions diffs - 6.1.1__py3-none-any.whl → 6.2.0__py3-none-any.whl - Mend

mcp-proxy-adapter 6.1.1py3-none-any.whl → 6.2.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (145) hide show

mcp_proxy_adapter/commands/ssl_setup_command.py CHANGED Viewed

@@ -1,453 +1,284 @@
 """
 SSL Setup Command
-This module provides commands for SSL configuration and management including
-setup, status checking, testing, and configuration management.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
-Author: MCP Proxy Adapter Team
-Version: 1.0.0
+Command for SSL/TLS configuration and certificate management.
 """
 import logging
-import os
 import ssl
-from typing import Dict, List, Optional, Any
-from pathlib import Path
+from typing import Dict, Any, Optional
+# Import mcp_security_framework
+try:
+    from mcp_security_framework.core.ssl_manager import SSLManager
+    from mcp_security_framework.schemas.config import SSLConfig
+    from mcp_security_framework.utils.cert_utils import validate_certificate_chain
+    SECURITY_FRAMEWORK_AVAILABLE = True
+except ImportError:
+    SECURITY_FRAMEWORK_AVAILABLE = False
 from .base import Command
-from .result import CommandResult, SuccessResult, ErrorResult
-from ..core.certificate_utils import CertificateUtils
-from ..core.auth_validator import AuthValidator
+from .result import SuccessResult, ErrorResult
+from ..config import Config
 logger = logging.getLogger(__name__)
-class SSLSetupResult:
-    """
-    Result class for SSL setup operations.
-    Contains SSL configuration status and details.
-    """
-    def __init__(self, ssl_enabled: bool, cert_path: Optional[str] = None,
-                 key_path: Optional[str] = None, config: Optional[Dict] = None,
-                 status: str = "unknown", error: Optional[str] = None):
-        """
-        Initialize SSL setup result.
-        Args:
-            ssl_enabled: Whether SSL is enabled
-            cert_path: Path to certificate file
-            key_path: Path to private key file
-            config: SSL configuration
-            status: SSL status (enabled, disabled, error)
-            error: Error message if any
-        """
-        self.ssl_enabled = ssl_enabled
-        self.cert_path = cert_path
-        self.key_path = key_path
-        self.config = config or {}
-        self.status = status
-        self.error = error
-    def to_dict(self) -> Dict[str, Any]:
-        """
-        Convert to dictionary format.
-        Returns:
-            Dictionary representation
-        """
-        return {
-            "ssl_enabled": self.ssl_enabled,
-            "cert_path": self.cert_path,
-            "key_path": self.key_path,
-            "config": self.config,
-            "status": self.status,
-            "error": self.error
-        }
-    def get_schema(self) -> Dict[str, Any]:
-        """
-        Get JSON schema for this result.
-        Returns:
-            JSON schema dictionary
-        """
-        return {
-            "type": "object",
-            "properties": {
-                "ssl_enabled": {"type": "boolean", "description": "Whether SSL is enabled"},
-                "cert_path": {"type": "string", "description": "Path to certificate file"},
-                "key_path": {"type": "string", "description": "Path to private key file"},
-                "config": {"type": "object", "description": "SSL configuration"},
-                "status": {"type": "string", "enum": ["enabled", "disabled", "error"],
-                          "description": "SSL status"},
-                "error": {"type": "string", "description": "Error message if any"}
-            },
-            "required": ["ssl_enabled", "status"]
-        }
 class SSLSetupCommand(Command):
     """
-    Command for SSL setup and configuration.
+    SSL Setup Command
-    Provides methods for SSL setup, status checking, testing, and configuration.
+    Handles SSL/TLS configuration and certificate management.
     """
     # Command metadata
     name = "ssl_setup"
     version = "1.0.0"
-    descr = "SSL setup and configuration management"
+    descr = "Configure SSL/TLS settings and manage certificates"
     category = "security"
     author = "MCP Proxy Adapter Team"
     email = "team@mcp-proxy-adapter.com"
     source_url = "https://github.com/mcp-proxy-adapter"
-    result_class = SSLSetupResult
+    result_class = SuccessResult
     def __init__(self):
-        """Initialize SSL setup command."""
+        """Initialize SSL Setup Command."""
         super().__init__()
-        self.certificate_utils = CertificateUtils()
-        self.auth_validator = AuthValidator()
-    async def execute(self, **kwargs) -> CommandResult:
+    async def execute(self, **kwargs) -> SuccessResult | ErrorResult:
         """
         Execute SSL setup command.
         Args:
-            **kwargs: Command parameters including:
-                - action: Action to perform (ssl_setup, ssl_status, ssl_test, ssl_config)
-                - ssl_config: SSL configuration for ssl_setup action
-                - cert_file: Certificate file path for ssl_test action
-                - key_file: Key file path for ssl_test action
-                - action: Action for ssl_config (get, set, update, reset)
-                - config_data: Configuration data for ssl_config action
+            params: Command parameters including:
+                - action: Operation to perform (get, set, update, reset, test)
+                - config_data: Configuration data for set/update actions
+                - cert_file: Certificate file path for testing
+                - key_file: Private key file path for testing
         Returns:
-            CommandResult with SSL operation status
-        """
-        action = kwargs.get("action", "ssl_status")
-        if action == "ssl_setup":
-            ssl_config = kwargs.get("ssl_config", {})
-            return await self.ssl_setup(ssl_config)
-        elif action == "ssl_status":
-            return await self.ssl_status()
-        elif action == "ssl_test":
-            cert_file = kwargs.get("cert_file")
-            key_file = kwargs.get("key_file")
-            return await self.ssl_test(cert_file, key_file)
-        elif action == "ssl_config":
-            config_action = kwargs.get("config_action", "get")
-            config_data = kwargs.get("config_data", {})
-            return await self.ssl_config(config_action, config_data)
-        else:
-            return ErrorResult(
-                message=f"Unknown action: {action}. Supported actions: ssl_setup, ssl_status, ssl_test, ssl_config"
-            )
-    async def ssl_setup(self, ssl_config: Dict[str, Any]) -> CommandResult:
-        """
-        Setup SSL configuration.
-        Args:
-            ssl_config: SSL configuration dictionary containing:
-                - enabled: Whether to enable SSL
-                - cert_file: Path to certificate file
-                - key_file: Path to private key file
-                - ca_file: Path to CA certificate file (optional)
-                - verify_mode: SSL verification mode (optional)
-                - cipher_suites: List of allowed cipher suites (optional)
-        Returns:
-            CommandResult with SSL setup status
+            SuccessResult or ErrorResult
         """
         try:
-            logger.info("Setting up SSL configuration")
+            action = kwargs.get("action", "get")
-            # Validate SSL configuration
-            if not isinstance(ssl_config, dict):
-                return ErrorResult(
-                    message="SSL configuration must be a dictionary"
+            if action == "get":
+                return await self._get_ssl_config()
+            elif action == "set":
+                return await self._set_ssl_config(kwargs.get("config_data", {}))
+            elif action == "update":
+                return await self._update_ssl_config(kwargs.get("config_data", {}))
+            elif action == "reset":
+                return await self._reset_ssl_config()
+            elif action == "test":
+                return await self._test_ssl_config(
+                    kwargs.get("cert_file"),
+                    kwargs.get("key_file")
                 )
-            enabled = ssl_config.get("enabled", False)
-            if not enabled:
-                result = SSLSetupResult(
-                    ssl_enabled=False,
-                    status="disabled",
-                    config=ssl_config
+            else:
+                return ErrorResult(
+                    message=f"Unknown action: {action}. Supported actions: get, set, update, reset, test"
                 )
-                return SuccessResult(data=result.to_dict())
+        except Exception as e:
+            logger.error(f"SSL setup command failed: {e}")
+            return ErrorResult(
+                message=f"SSL setup command failed: {str(e)}"
+            )
+    async def _get_ssl_config(self) -> SuccessResult | ErrorResult:
+        """Get current SSL configuration."""
+        try:
+            config = Config()
+            ssl_config = config.get("ssl", {})
-            # Validate required files
-            cert_file = ssl_config.get("cert_file")
-            key_file = ssl_config.get("key_file")
+            # Add framework information
+            ssl_config["framework_available"] = SECURITY_FRAMEWORK_AVAILABLE
-            if not cert_file or not key_file:
-                return ErrorResult(
-                    message="Certificate and key files are required when SSL is enabled"
-                )
+            return SuccessResult(
+                data={"ssl_config": ssl_config}
+            )
-            # Check if files exist
-            if not os.path.exists(cert_file):
-                return ErrorResult(
-                    message=f"Certificate file not found: {cert_file}"
-                )
+        except Exception as e:
+            logger.error(f"Failed to get SSL config: {e}")
+            return ErrorResult(
+                message=f"Failed to get SSL config: {str(e)}"
+            )
-            if not os.path.exists(key_file):
+    async def _set_ssl_config(self, config_data: Dict[str, Any]) -> SuccessResult | ErrorResult:
+        """Set SSL configuration."""
+        try:
+            if not isinstance(config_data, dict):
                 return ErrorResult(
-                    message=f"Private key file not found: {key_file}"
+                    message="Configuration data must be a dictionary"
                 )
-            # Validate certificate and key
-            cert_validation = self.auth_validator.validate_certificate(cert_file)
-            if not cert_validation.is_valid:
-                return ErrorResult(
-                    message=f"Certificate validation failed: {cert_validation.error_message}"
-                )
+            # Validate configuration if mcp_security_framework is available
+            if SECURITY_FRAMEWORK_AVAILABLE:
+                try:
+                    ssl_config = SSLConfig(**config_data)
+                    config_data = ssl_config.dict()
+                except Exception as e:
+                    return ErrorResult(
+                        message=f"Invalid SSL configuration: {str(e)}"
+                    )
-            # Test SSL configuration
-            test_result = await self._test_ssl_config(cert_file, key_file)
-            if not test_result["success"]:
-                return ErrorResult(
-                    message=f"SSL configuration test failed: {test_result['error']}"
-                )
+            # Update configuration
+            config = Config()
+            config.update_config({"ssl": config_data})
-            result = SSLSetupResult(
-                ssl_enabled=True,
-                cert_path=cert_file,
-                key_path=key_file,
-                config=ssl_config,
-                status="enabled"
+            return SuccessResult(
+                data={"message": "SSL configuration updated", "ssl_config": config_data}
             )
-            logger.info("SSL configuration setup completed successfully")
-            return SuccessResult(data=result.to_dict())
         except Exception as e:
-            logger.error(f"SSL setup failed: {e}")
+            logger.error(f"Failed to set SSL config: {e}")
             return ErrorResult(
-                message=f"SSL setup failed: {str(e)}"
+                message=f"Failed to set SSL config: {str(e)}"
             )
-    async def ssl_status(self) -> CommandResult:
-        """
-        Get current SSL status.
-        Returns:
-            CommandResult with SSL status information
-        """
+    async def _update_ssl_config(self, config_data: Dict[str, Any]) -> SuccessResult | ErrorResult:
+        """Update SSL configuration."""
         try:
-            logger.info("Checking SSL status")
+            if not isinstance(config_data, dict):
+                return ErrorResult(
+                    message="Configuration data must be a dictionary"
+                )
-            # Check if SSL is configured in the application
-            from ...config import Config
             config = Config()
+            current_config = config.get("ssl", {})
-            ssl_config = config.get("ssl", {})
-            enabled = ssl_config.get("enabled", False)
+            # Update with new data
+            current_config.update(config_data)
-            if not enabled:
-                result = SSLSetupResult(
-                    ssl_enabled=False,
-                    status="disabled",
-                    config=ssl_config
-                )
-                return SuccessResult(data=result.to_dict())
+            # Validate configuration if mcp_security_framework is available
+            if SECURITY_FRAMEWORK_AVAILABLE:
+                try:
+                    ssl_config = SSLConfig(**current_config)
+                    current_config = ssl_config.dict()
+                except Exception as e:
+                    return ErrorResult(
+                        message=f"Invalid SSL configuration: {str(e)}"
+                    )
-            cert_file = ssl_config.get("cert_file")
-            key_file = ssl_config.get("key_file")
+            # Update configuration
+            config.update_config({"ssl": current_config})
-            # Check file existence
-            cert_exists = os.path.exists(cert_file) if cert_file else False
-            key_exists = os.path.exists(key_file) if key_file else False
+            return SuccessResult(
+                data={"message": "SSL configuration updated", "ssl_config": current_config}
+            )
-            if not cert_exists or not key_exists:
-                result = SSLSetupResult(
-                    ssl_enabled=False,
-                    status="error",
-                    cert_path=cert_file,
-                    key_path=key_file,
-                    config=ssl_config,
-                    error="Certificate or key file not found"
-                )
-                return SuccessResult(data=result.to_dict())
+        except Exception as e:
+            logger.error(f"Failed to update SSL config: {e}")
+            return ErrorResult(
+                message=f"Failed to update SSL config: {str(e)}"
+            )
+    async def _reset_ssl_config(self) -> SuccessResult | ErrorResult:
+        """Reset SSL configuration to defaults."""
+        try:
+            default_config = {
+                "enabled": False,
+                "cert_file": None,
+                "key_file": None,
+                "ca_file": None,
+                "verify_mode": "CERT_REQUIRED",
+                "cipher_suites": [],
+                "framework_available": SECURITY_FRAMEWORK_AVAILABLE
+            }
-            # Validate certificate
-            cert_validation = self.auth_validator.validate_certificate(cert_file)
-            if not cert_validation.is_valid:
-                result = SSLSetupResult(
-                    ssl_enabled=False,
-                    status="error",
-                    cert_path=cert_file,
-                    key_path=key_file,
-                    config=ssl_config,
-                    error=f"Certificate validation failed: {cert_validation.error_message}"
-                )
-                return SuccessResult(data=result.to_dict())
+            config = Config()
+            config.update_config({"ssl": default_config})
-            result = SSLSetupResult(
-                ssl_enabled=True,
-                cert_path=cert_file,
-                key_path=key_file,
-                config=ssl_config,
-                status="enabled"
+            return SuccessResult(
+                data={"message": "SSL configuration reset to defaults", "ssl_config": default_config}
             )
-            logger.info("SSL status check completed")
-            return SuccessResult(data=result.to_dict())
         except Exception as e:
-            logger.error(f"SSL status check failed: {e}")
+            logger.error(f"Failed to reset SSL config: {e}")
             return ErrorResult(
-                message=f"SSL status check failed: {str(e)}"
+                message=f"Failed to reset SSL config: {str(e)}"
             )
-    async def ssl_test(self, cert_file: str, key_file: str) -> CommandResult:
+    async def _test_ssl_config(self, cert_file: Optional[str], key_file: Optional[str]) -> SuccessResult | ErrorResult:
         """
-        Test SSL configuration with certificate and key files.
+        Test SSL configuration.
         Args:
             cert_file: Path to certificate file
             key_file: Path to private key file
         Returns:
-            CommandResult with test results
+            SuccessResult or ErrorResult with test results
         """
         try:
-            logger.info(f"Testing SSL configuration with cert: {cert_file}, key: {key_file}")
-            # Validate parameters
             if not cert_file or not key_file:
                 return ErrorResult(
-                    message="Certificate and key file paths are required"
-                )
-            # Check file existence
-            if not os.path.exists(cert_file):
-                return ErrorResult(
-                    message=f"Certificate file not found: {cert_file}"
+                    message="Both cert_file and key_file are required for testing"
                 )
-            if not os.path.exists(key_file):
-                return ErrorResult(
-                    message=f"Private key file not found: {key_file}"
-                )
-            # Test SSL configuration
-            test_result = await self._test_ssl_config(cert_file, key_file)
-            if test_result["success"]:
-                logger.info("SSL configuration test passed")
-                return SuccessResult(
-                    data={
-                        "test_passed": True,
-                        "cert_file": cert_file,
-                        "key_file": key_file,
-                        "details": test_result["details"]
-                    }
-                )
+            if SECURITY_FRAMEWORK_AVAILABLE:
+                return await self._test_ssl_config_with_framework(cert_file, key_file)
             else:
-                logger.error(f"SSL configuration test failed: {test_result['error']}")
-                return ErrorResult(
-                    message=test_result["error"]
-                )
+                return await self._test_ssl_config_fallback(cert_file, key_file)
         except Exception as e:
-            logger.error(f"SSL test failed: {e}")
+            logger.error(f"Failed to test SSL config: {e}")
             return ErrorResult(
-                message=f"SSL test failed: {str(e)}"
+                message=f"Failed to test SSL config: {str(e)}"
             )
-    async def ssl_config(self, action: str, config_data: Dict[str, Any]) -> CommandResult:
-        """
-        Manage SSL configuration.
-        Args:
-            action: Action to perform (get, set, update, reset)
-            config_data: Configuration data for the action
-        Returns:
-            CommandResult with configuration operation result
-        """
+    async def _test_ssl_config_with_framework(self, cert_file: str, key_file: str) -> SuccessResult | ErrorResult:
+        """Test SSL configuration using mcp_security_framework."""
         try:
-            logger.info(f"Performing SSL config action: {action}")
-            from ...config import Config
-            config = Config()
+            # Create SSL manager
+            ssl_config = SSLConfig(
+                cert_file=cert_file,
+                key_file=key_file,
+                enabled=True
+            )
-            if action == "get":
-                ssl_config = config.get("ssl", {})
-                return SuccessResult(
-                    data={"ssl_config": ssl_config}
-                )
+            ssl_manager = SSLManager(ssl_config)
-            elif action == "set":
-                # Validate configuration
-                if not isinstance(config_data, dict):
-                    return ErrorResult(
-                        message="Configuration data must be a dictionary"
-                    )
-                # Update configuration
-                config.update_config({"ssl": config_data})
-                return SuccessResult(
-                    data={"message": "SSL configuration updated", "ssl_config": config_data}
-                )
+            # Test SSL context creation
+            context = ssl_manager.create_server_ssl_context()
-            elif action == "update":
-                # Get current configuration
-                current_config = config.get("ssl", {})
-                # Update with new data
-                current_config.update(config_data)
-                # Update configuration
-                config.update_config({"ssl": current_config})
-                return SuccessResult(
-                    data={"message": "SSL configuration updated", "ssl_config": current_config}
-                )
+            details = {
+                "framework": "mcp_security_framework",
+                "certificate_loaded": True,
+                "private_key_loaded": True,
+                "context_created": True,
+                "cert_file": cert_file,
+                "key_file": key_file
+            }
-            elif action == "reset":
-                # Reset to default configuration
-                default_config = {
-                    "enabled": False,
-                    "cert_file": None,
-                    "key_file": None,
-                    "ca_file": None,
-                    "verify_mode": "CERT_REQUIRED",
-                    "cipher_suites": []
+            return SuccessResult(
+                data={
+                    "success": True,
+                    "details": details
                 }
-                config.update_config({"ssl": default_config})
-                return SuccessResult(
-                    data={"message": "SSL configuration reset to defaults", "ssl_config": default_config}
-                )
-            else:
-                return ErrorResult(
-                    message=f"Unknown action: {action}. Supported actions: get, set, update, reset"
-                )
+            )
         except Exception as e:
-            logger.error(f"SSL config action failed: {e}")
             return ErrorResult(
-                message=f"SSL config action failed: {str(e)}"
+                message=f"SSL test failed: {str(e)}",
+                data={
+                    "success": False,
+                    "error": str(e),
+                    "details": {
+                        "framework": "mcp_security_framework",
+                        "certificate_loaded": False,
+                        "private_key_loaded": False,
+                        "context_created": False
+                    }
+                }
             )
-    async def _test_ssl_config(self, cert_file: str, key_file: str) -> Dict[str, Any]:
-        """
-        Test SSL configuration internally.
-        Args:
-            cert_file: Path to certificate file
-            key_file: Path to private key file
-        Returns:
-            Dictionary with test results
-        """
+    async def _test_ssl_config_fallback(self, cert_file: str, key_file: str) -> SuccessResult | ErrorResult:
+        """Test SSL configuration using fallback method."""
         try:
             # Create SSL context
             context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
@@ -459,25 +290,77 @@ class SSLSetupCommand(Command):
             # Test basic SSL functionality
             details = {
+                "framework": "fallback (ssl module)",
                 "ssl_version": ssl.OPENSSL_VERSION,
                 "certificate_loaded": True,
                 "private_key_loaded": True,
-                "context_created": True
+                "context_created": True,
+                "cert_file": cert_file,
+                "key_file": key_file
             }
-            return {
+            return SuccessResult(
+                data={
                 "success": True,
                 "details": details
             }
+            )
         except Exception as e:
-            return {
+            return ErrorResult(
+                message=f"SSL test failed: {str(e)}",
+                data={
                 "success": False,
                 "error": str(e),
                 "details": {
+                        "framework": "fallback (ssl module)",
                     "ssl_version": ssl.OPENSSL_VERSION,
                     "certificate_loaded": False,
                     "private_key_loaded": False,
                     "context_created": False
                 }
+                }
+            )
+    def to_dict(self) -> Dict[str, Any]:
+        """Convert command to dictionary."""
+        return {
+            "name": self.name,
+            "description": self.description,
+            "version": self.version,
+            "framework_available": SECURITY_FRAMEWORK_AVAILABLE
+        }
+    def get_schema(self) -> Dict[str, Any]:
+        """Get command schema."""
+        return {
+            "type": "object",
+            "properties": {
+                "action": {
+                    "type": "string",
+                    "enum": ["get", "set", "update", "reset", "test"],
+                    "description": "Action to perform"
+                },
+                "config_data": {
+                    "type": "object",
+                    "description": "SSL configuration data",
+                    "properties": {
+                        "enabled": {"type": "boolean"},
+                        "cert_file": {"type": "string"},
+                        "key_file": {"type": "string"},
+                        "ca_file": {"type": "string"},
+                        "verify_mode": {"type": "string"},
+                        "cipher_suites": {"type": "array", "items": {"type": "string"}}
+                    }
+                },
+                "cert_file": {
+                    "type": "string",
+                    "description": "Certificate file path for testing"
+                },
+                "key_file": {
+                    "type": "string",
+                    "description": "Private key file path for testing"
+                }
+            },
+            "required": ["action"]
             }

mcp-proxy-adapter 6.1.1__py3-none-any.whl → 6.2.0__py3-none-any.whl

mcp-proxy-adapter 6.1.1py3-none-any.whl → 6.2.0py3-none-any.whl