mcp-proxy-adapter 6.2.36__py3-none-any.whl → 6.3.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- mcp_proxy_adapter/core/app_factory.py +127 -86
- mcp_proxy_adapter/core/config_validator.py +92 -55
- mcp_proxy_adapter/core/crl_utils.py +89 -76
- mcp_proxy_adapter/core/security_integration.py +110 -77
- mcp_proxy_adapter/main.py +19 -10
- mcp_proxy_adapter/utils/config_generator.py +3 -0
- mcp_proxy_adapter/version.py +1 -1
- {mcp_proxy_adapter-6.2.36.dist-info → mcp_proxy_adapter-6.3.1.dist-info}/METADATA +1 -1
- {mcp_proxy_adapter-6.2.36.dist-info → mcp_proxy_adapter-6.3.1.dist-info}/RECORD +13 -13
- {mcp_proxy_adapter-6.2.36.dist-info → mcp_proxy_adapter-6.3.1.dist-info}/WHEEL +0 -0
- {mcp_proxy_adapter-6.2.36.dist-info → mcp_proxy_adapter-6.3.1.dist-info}/entry_points.txt +0 -0
- {mcp_proxy_adapter-6.2.36.dist-info → mcp_proxy_adapter-6.3.1.dist-info}/licenses/LICENSE +0 -0
- {mcp_proxy_adapter-6.2.36.dist-info → mcp_proxy_adapter-6.3.1.dist-info}/top_level.txt +0 -0
|
@@ -8,24 +8,33 @@ Author: Vasiliy Zdanovskiy
|
|
|
8
8
|
email: vasilyvz@gmail.com
|
|
9
9
|
"""
|
|
10
10
|
|
|
11
|
-
import
|
|
12
|
-
from typing import Dict, Any, Optional, List
|
|
13
|
-
from pathlib import Path
|
|
11
|
+
from typing import Dict, Any, List
|
|
14
12
|
|
|
15
13
|
# Direct imports from framework
|
|
16
14
|
try:
|
|
17
15
|
from mcp_security_framework import (
|
|
18
|
-
SecurityManager,
|
|
19
|
-
|
|
16
|
+
SecurityManager,
|
|
17
|
+
AuthManager,
|
|
18
|
+
CertificateManager,
|
|
19
|
+
PermissionManager,
|
|
20
|
+
RateLimiter,
|
|
20
21
|
)
|
|
21
22
|
from mcp_security_framework.schemas.config import (
|
|
22
|
-
SecurityConfig,
|
|
23
|
-
|
|
23
|
+
SecurityConfig,
|
|
24
|
+
AuthConfig,
|
|
25
|
+
SSLConfig,
|
|
26
|
+
PermissionConfig,
|
|
27
|
+
RateLimitConfig,
|
|
28
|
+
CertificateConfig,
|
|
29
|
+
LoggingConfig,
|
|
24
30
|
)
|
|
25
31
|
from mcp_security_framework.schemas.models import (
|
|
26
|
-
AuthResult,
|
|
32
|
+
AuthResult,
|
|
33
|
+
ValidationResult,
|
|
34
|
+
CertificatePair,
|
|
27
35
|
)
|
|
28
36
|
from mcp_security_framework.middleware.fastapi_middleware import FastAPISecurityMiddleware
|
|
37
|
+
|
|
29
38
|
SECURITY_FRAMEWORK_AVAILABLE = True
|
|
30
39
|
except ImportError:
|
|
31
40
|
SECURITY_FRAMEWORK_AVAILABLE = False
|
|
@@ -43,38 +52,38 @@ from mcp_proxy_adapter.core.logging import logger
|
|
|
43
52
|
class SecurityIntegration:
|
|
44
53
|
"""
|
|
45
54
|
Direct integration with mcp_security_framework.
|
|
46
|
-
|
|
55
|
+
|
|
47
56
|
This class replaces all project security methods with direct calls
|
|
48
57
|
to the security framework components.
|
|
49
58
|
"""
|
|
50
|
-
|
|
59
|
+
|
|
51
60
|
def __init__(self, config: Dict[str, Any]):
|
|
52
61
|
"""
|
|
53
62
|
Initialize security integration.
|
|
54
|
-
|
|
63
|
+
|
|
55
64
|
Args:
|
|
56
65
|
config: Configuration dictionary
|
|
57
66
|
"""
|
|
58
67
|
if not SECURITY_FRAMEWORK_AVAILABLE:
|
|
59
68
|
raise ImportError("mcp_security_framework is not available")
|
|
60
|
-
|
|
69
|
+
|
|
61
70
|
self.config = config
|
|
62
71
|
self.security_config = self._create_security_config()
|
|
63
|
-
|
|
72
|
+
|
|
64
73
|
# Initialize framework components
|
|
65
74
|
self.security_manager = SecurityManager(self.security_config)
|
|
66
75
|
self.permission_manager = PermissionManager(self.security_config.permissions)
|
|
67
76
|
self.auth_manager = AuthManager(self.security_config.auth, self.permission_manager)
|
|
68
77
|
self.certificate_manager = CertificateManager(self.security_config.certificates)
|
|
69
78
|
self.rate_limiter = RateLimiter(self.security_config.rate_limit)
|
|
70
|
-
|
|
79
|
+
|
|
71
80
|
logger.info("Security integration initialized with mcp_security_framework")
|
|
72
|
-
|
|
81
|
+
|
|
73
82
|
def _create_security_config(self) -> SecurityConfig:
|
|
74
83
|
"""Create SecurityConfig from project configuration."""
|
|
75
84
|
# self.config is already the security section passed from unified_security.py
|
|
76
85
|
security_section = self.config
|
|
77
|
-
|
|
86
|
+
|
|
78
87
|
# Create SSL config
|
|
79
88
|
ssl_config = SSLConfig(
|
|
80
89
|
enabled=security_section.get("ssl", {}).get("enabled", False),
|
|
@@ -87,9 +96,9 @@ class SecurityIntegration:
|
|
|
87
96
|
min_tls_version=security_section.get("ssl", {}).get("min_tls_version", "TLSv1.2"),
|
|
88
97
|
check_hostname=security_section.get("ssl", {}).get("check_hostname", True),
|
|
89
98
|
check_expiry=security_section.get("ssl", {}).get("check_expiry", True),
|
|
90
|
-
expiry_warning_days=security_section.get("ssl", {}).get("expiry_warning_days", 30)
|
|
99
|
+
expiry_warning_days=security_section.get("ssl", {}).get("expiry_warning_days", 30),
|
|
91
100
|
)
|
|
92
|
-
|
|
101
|
+
|
|
93
102
|
# Create auth config
|
|
94
103
|
auth_config = AuthConfig(
|
|
95
104
|
enabled=security_section.get("auth", {}).get("enabled", True),
|
|
@@ -100,21 +109,23 @@ class SecurityIntegration:
|
|
|
100
109
|
jwt_algorithm=security_section.get("auth", {}).get("jwt_algorithm", "HS256"),
|
|
101
110
|
jwt_expiry_hours=security_section.get("auth", {}).get("jwt_expiry_hours", 24),
|
|
102
111
|
certificate_auth=security_section.get("auth", {}).get("certificate_auth", False),
|
|
103
|
-
public_paths=security_section.get("auth", {}).get("public_paths", [])
|
|
112
|
+
public_paths=security_section.get("auth", {}).get("public_paths", []),
|
|
104
113
|
)
|
|
105
|
-
|
|
114
|
+
|
|
106
115
|
# Create permission config - handle null values properly
|
|
107
116
|
permissions_section = security_section.get("permissions", {})
|
|
108
117
|
permissions_enabled = permissions_section.get("enabled", True)
|
|
109
|
-
|
|
118
|
+
|
|
110
119
|
if permissions_enabled:
|
|
111
120
|
roles_file = permissions_section.get("roles_file")
|
|
112
121
|
|
|
113
122
|
# If roles_file is None or empty string, don't pass it to avoid framework errors
|
|
114
123
|
if roles_file is None or roles_file == "":
|
|
115
|
-
logger.warning(
|
|
124
|
+
logger.warning(
|
|
125
|
+
"roles_file is None or empty, permissions will use default configuration"
|
|
126
|
+
)
|
|
116
127
|
roles_file = None
|
|
117
|
-
|
|
128
|
+
|
|
118
129
|
permission_config = PermissionConfig(
|
|
119
130
|
enabled=True,
|
|
120
131
|
roles_file=roles_file,
|
|
@@ -125,7 +136,7 @@ class SecurityIntegration:
|
|
|
125
136
|
permission_cache_ttl=permissions_section.get("permission_cache_ttl", 300),
|
|
126
137
|
wildcard_permissions=permissions_section.get("wildcard_permissions", False),
|
|
127
138
|
strict_mode=permissions_section.get("strict_mode", True),
|
|
128
|
-
roles=permissions_section.get("roles")
|
|
139
|
+
roles=permissions_section.get("roles"),
|
|
129
140
|
)
|
|
130
141
|
else:
|
|
131
142
|
# Create minimal permission config when permissions are disabled
|
|
@@ -139,42 +150,56 @@ class SecurityIntegration:
|
|
|
139
150
|
permission_cache_ttl=300,
|
|
140
151
|
wildcard_permissions=False,
|
|
141
152
|
strict_mode=False,
|
|
142
|
-
roles={}
|
|
153
|
+
roles={},
|
|
143
154
|
)
|
|
144
|
-
|
|
155
|
+
|
|
145
156
|
# Create rate limit config
|
|
146
157
|
rate_limit_config = RateLimitConfig(
|
|
147
158
|
enabled=security_section.get("rate_limit", {}).get("enabled", True),
|
|
148
|
-
default_requests_per_minute=security_section.get("rate_limit", {}).get(
|
|
149
|
-
|
|
159
|
+
default_requests_per_minute=security_section.get("rate_limit", {}).get(
|
|
160
|
+
"default_requests_per_minute", 60
|
|
161
|
+
),
|
|
162
|
+
default_requests_per_hour=security_section.get("rate_limit", {}).get(
|
|
163
|
+
"default_requests_per_hour", 1000
|
|
164
|
+
),
|
|
150
165
|
burst_limit=security_section.get("rate_limit", {}).get("burst_limit", 2),
|
|
151
|
-
window_size_seconds=security_section.get("rate_limit", {}).get(
|
|
166
|
+
window_size_seconds=security_section.get("rate_limit", {}).get(
|
|
167
|
+
"window_size_seconds", 60
|
|
168
|
+
),
|
|
152
169
|
storage_backend=security_section.get("rate_limit", {}).get("storage_backend", "memory"),
|
|
153
170
|
exempt_paths=security_section.get("rate_limit", {}).get("exempt_paths", []),
|
|
154
|
-
exempt_roles=security_section.get("rate_limit", {}).get("exempt_roles", [])
|
|
171
|
+
exempt_roles=security_section.get("rate_limit", {}).get("exempt_roles", []),
|
|
155
172
|
)
|
|
156
|
-
|
|
173
|
+
|
|
157
174
|
# Create certificate config
|
|
158
175
|
certificate_config = CertificateConfig(
|
|
159
176
|
enabled=security_section.get("certificates", {}).get("enabled", False),
|
|
160
177
|
ca_cert_path=security_section.get("certificates", {}).get("ca_cert_path"),
|
|
161
178
|
ca_key_path=security_section.get("certificates", {}).get("ca_key_path"),
|
|
162
|
-
cert_storage_path=security_section.get("certificates", {}).get(
|
|
163
|
-
|
|
164
|
-
|
|
179
|
+
cert_storage_path=security_section.get("certificates", {}).get(
|
|
180
|
+
"cert_storage_path", "./certs"
|
|
181
|
+
),
|
|
182
|
+
key_storage_path=security_section.get("certificates", {}).get(
|
|
183
|
+
"key_storage_path", "./keys"
|
|
184
|
+
),
|
|
185
|
+
default_validity_days=security_section.get("certificates", {}).get(
|
|
186
|
+
"default_validity_days", 365
|
|
187
|
+
),
|
|
165
188
|
key_size=security_section.get("certificates", {}).get("key_size", 2048),
|
|
166
|
-
hash_algorithm=security_section.get("certificates", {}).get("hash_algorithm", "sha256")
|
|
189
|
+
hash_algorithm=security_section.get("certificates", {}).get("hash_algorithm", "sha256"),
|
|
167
190
|
)
|
|
168
|
-
|
|
191
|
+
|
|
169
192
|
# Create logging config
|
|
170
193
|
logging_config = LoggingConfig(
|
|
171
194
|
enabled=security_section.get("logging", {}).get("enabled", True),
|
|
172
195
|
level=security_section.get("logging", {}).get("level", "INFO"),
|
|
173
|
-
format=security_section.get("logging", {}).get(
|
|
196
|
+
format=security_section.get("logging", {}).get(
|
|
197
|
+
"format", "%(asctime)s - %(name)s - %(levelname)s - %(message)s"
|
|
198
|
+
),
|
|
174
199
|
console_output=security_section.get("logging", {}).get("console_output", True),
|
|
175
|
-
file_path=security_section.get("logging", {}).get("file_path")
|
|
200
|
+
file_path=security_section.get("logging", {}).get("file_path"),
|
|
176
201
|
)
|
|
177
|
-
|
|
202
|
+
|
|
178
203
|
# Create main security config
|
|
179
204
|
return SecurityConfig(
|
|
180
205
|
ssl=ssl_config,
|
|
@@ -185,126 +210,134 @@ class SecurityIntegration:
|
|
|
185
210
|
logging=logging_config,
|
|
186
211
|
debug=security_section.get("debug", False),
|
|
187
212
|
environment=security_section.get("environment", "dev"),
|
|
188
|
-
version=security_section.get("version", "1.0.0")
|
|
213
|
+
version=security_section.get("version", "1.0.0"),
|
|
189
214
|
)
|
|
190
|
-
|
|
215
|
+
|
|
191
216
|
# Authentication methods - direct calls to AuthManager
|
|
192
217
|
async def authenticate_api_key(self, api_key: str) -> AuthResult:
|
|
193
218
|
"""Authenticate using API key."""
|
|
194
219
|
return await self.auth_manager.authenticate_api_key(api_key)
|
|
195
|
-
|
|
220
|
+
|
|
196
221
|
async def authenticate_jwt(self, token: str) -> AuthResult:
|
|
197
222
|
"""Authenticate using JWT token."""
|
|
198
223
|
return await self.auth_manager.authenticate_jwt(token)
|
|
199
|
-
|
|
224
|
+
|
|
200
225
|
async def authenticate_certificate(self, cert_data: bytes) -> AuthResult:
|
|
201
226
|
"""Authenticate using certificate."""
|
|
202
227
|
return await self.auth_manager.authenticate_certificate(cert_data)
|
|
203
|
-
|
|
228
|
+
|
|
204
229
|
async def validate_request(self, request_data: Dict[str, Any]) -> ValidationResult:
|
|
205
230
|
"""Validate request using security manager."""
|
|
206
231
|
return await self.security_manager.validate_request(request_data)
|
|
207
|
-
|
|
232
|
+
|
|
208
233
|
# Certificate methods - direct calls to CertificateManager
|
|
209
234
|
async def create_ca_certificate(self, common_name: str, **kwargs) -> CertificatePair:
|
|
210
235
|
"""Create CA certificate."""
|
|
211
236
|
return await self.certificate_manager.create_ca_certificate(common_name, **kwargs)
|
|
212
|
-
|
|
237
|
+
|
|
213
238
|
async def create_client_certificate(self, common_name: str, **kwargs) -> CertificatePair:
|
|
214
239
|
"""Create client certificate."""
|
|
215
240
|
return await self.certificate_manager.create_client_certificate(common_name, **kwargs)
|
|
216
|
-
|
|
241
|
+
|
|
217
242
|
async def create_server_certificate(self, common_name: str, **kwargs) -> CertificatePair:
|
|
218
243
|
"""Create server certificate."""
|
|
219
244
|
return await self.certificate_manager.create_server_certificate(common_name, **kwargs)
|
|
220
|
-
|
|
245
|
+
|
|
221
246
|
async def validate_certificate(self, cert_path: str) -> bool:
|
|
222
247
|
"""Validate certificate with CRL check if enabled."""
|
|
223
248
|
try:
|
|
224
249
|
# Get CRL configuration from security config
|
|
225
250
|
crl_config = None
|
|
226
|
-
if hasattr(self.security_config,
|
|
251
|
+
if hasattr(self.security_config, "certificates"):
|
|
227
252
|
cert_config = self.security_config.certificates
|
|
228
|
-
if
|
|
253
|
+
# Only analyze CRL paths if certificates are enabled
|
|
254
|
+
if (
|
|
255
|
+
hasattr(cert_config, "enabled")
|
|
256
|
+
and cert_config.enabled
|
|
257
|
+
and hasattr(cert_config, "crl_enabled")
|
|
258
|
+
and cert_config.crl_enabled
|
|
259
|
+
):
|
|
229
260
|
crl_config = {
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
261
|
+
"crl_enabled": cert_config.crl_enabled,
|
|
262
|
+
"crl_path": getattr(cert_config, "crl_path", None),
|
|
263
|
+
"crl_url": getattr(cert_config, "crl_url", None),
|
|
264
|
+
"crl_validity_days": getattr(cert_config, "crl_validity_days", 30),
|
|
234
265
|
}
|
|
235
|
-
|
|
266
|
+
|
|
236
267
|
# Use mcp_security_framework's validate_certificate_chain with CRL
|
|
237
|
-
if crl_config and crl_config.get(
|
|
268
|
+
if crl_config and crl_config.get("crl_enabled"):
|
|
238
269
|
from mcp_security_framework.utils.cert_utils import validate_certificate_chain
|
|
239
270
|
from .crl_utils import CRLManager
|
|
240
|
-
|
|
271
|
+
|
|
241
272
|
# Get CRL data
|
|
242
273
|
crl_manager = CRLManager(crl_config)
|
|
243
274
|
crl_data = crl_manager.get_crl_data()
|
|
244
|
-
|
|
275
|
+
|
|
245
276
|
# Validate with CRL
|
|
246
277
|
if crl_data:
|
|
247
|
-
return validate_certificate_chain(
|
|
248
|
-
|
|
278
|
+
return validate_certificate_chain(
|
|
279
|
+
cert_path, self.security_config.certificates.ca_cert_path, crl_data
|
|
280
|
+
)
|
|
281
|
+
|
|
249
282
|
# Fallback to standard validation
|
|
250
283
|
return await self.certificate_manager.validate_certificate(cert_path)
|
|
251
|
-
|
|
284
|
+
|
|
252
285
|
except Exception as e:
|
|
253
286
|
logger.error(f"Certificate validation failed: {e}")
|
|
254
287
|
return False
|
|
255
|
-
|
|
288
|
+
|
|
256
289
|
async def extract_roles_from_certificate(self, cert_path: str) -> List[str]:
|
|
257
290
|
"""Extract roles from certificate."""
|
|
258
291
|
return await self.certificate_manager.extract_roles_from_certificate(cert_path)
|
|
259
|
-
|
|
292
|
+
|
|
260
293
|
async def revoke_certificate(self, cert_path: str) -> bool:
|
|
261
294
|
"""Revoke certificate."""
|
|
262
295
|
return await self.certificate_manager.revoke_certificate(cert_path)
|
|
263
|
-
|
|
296
|
+
|
|
264
297
|
# Permission methods - direct calls to PermissionManager
|
|
265
298
|
async def check_permission(self, user_id: str, permission: str) -> bool:
|
|
266
299
|
"""Check user permission."""
|
|
267
300
|
return await self.permission_manager.check_permission(user_id, permission)
|
|
268
|
-
|
|
301
|
+
|
|
269
302
|
async def get_user_roles(self, user_id: str) -> List[str]:
|
|
270
303
|
"""Get user roles."""
|
|
271
304
|
return await self.permission_manager.get_user_roles(user_id)
|
|
272
|
-
|
|
305
|
+
|
|
273
306
|
async def add_user_role(self, user_id: str, role: str) -> bool:
|
|
274
307
|
"""Add role to user."""
|
|
275
308
|
return await self.permission_manager.add_user_role(user_id, role)
|
|
276
|
-
|
|
309
|
+
|
|
277
310
|
async def remove_user_role(self, user_id: str, role: str) -> bool:
|
|
278
311
|
"""Remove role from user."""
|
|
279
312
|
return await self.permission_manager.remove_user_role(user_id, role)
|
|
280
|
-
|
|
313
|
+
|
|
281
314
|
# Rate limiting methods - direct calls to RateLimiter
|
|
282
315
|
async def check_rate_limit(self, identifier: str, limit_type: str = "per_minute") -> bool:
|
|
283
316
|
"""Check rate limit."""
|
|
284
317
|
return await self.rate_limiter.check_rate_limit(identifier, limit_type)
|
|
285
|
-
|
|
318
|
+
|
|
286
319
|
async def increment_rate_limit(self, identifier: str) -> None:
|
|
287
320
|
"""Increment rate limit counter."""
|
|
288
321
|
await self.rate_limiter.increment_rate_limit(identifier)
|
|
289
|
-
|
|
322
|
+
|
|
290
323
|
async def get_rate_limit_info(self, identifier: str) -> Dict[str, Any]:
|
|
291
324
|
"""Get rate limit information."""
|
|
292
325
|
return await self.rate_limiter.get_rate_limit_info(identifier)
|
|
293
|
-
|
|
326
|
+
|
|
294
327
|
# Middleware creation - direct use of framework middleware
|
|
295
328
|
def create_fastapi_middleware(self, app) -> FastAPISecurityMiddleware:
|
|
296
329
|
"""Create FastAPI security middleware."""
|
|
297
330
|
return FastAPISecurityMiddleware(app, self.security_config)
|
|
298
|
-
|
|
331
|
+
|
|
299
332
|
# Utility methods
|
|
300
333
|
def is_security_enabled(self) -> bool:
|
|
301
334
|
"""Check if security is enabled."""
|
|
302
335
|
return self.security_config.auth.enabled or self.security_config.ssl.enabled
|
|
303
|
-
|
|
336
|
+
|
|
304
337
|
def get_public_paths(self) -> List[str]:
|
|
305
338
|
"""Get public paths that bypass authentication."""
|
|
306
339
|
return self.security_config.auth.public_paths
|
|
307
|
-
|
|
340
|
+
|
|
308
341
|
def get_security_config(self) -> SecurityConfig:
|
|
309
342
|
"""Get security configuration."""
|
|
310
343
|
return self.security_config
|
|
@@ -314,13 +347,13 @@ class SecurityIntegration:
|
|
|
314
347
|
def create_security_integration(config: Dict[str, Any]) -> SecurityIntegration:
|
|
315
348
|
"""
|
|
316
349
|
Create security integration instance.
|
|
317
|
-
|
|
350
|
+
|
|
318
351
|
Args:
|
|
319
352
|
config: Configuration dictionary
|
|
320
|
-
|
|
353
|
+
|
|
321
354
|
Returns:
|
|
322
355
|
SecurityIntegration instance
|
|
323
|
-
|
|
356
|
+
|
|
324
357
|
Raises:
|
|
325
358
|
RuntimeError: If security integration cannot be created
|
|
326
359
|
"""
|
mcp_proxy_adapter/main.py
CHANGED
|
@@ -19,6 +19,7 @@ sys.path.insert(0, str(Path(__file__).parent.parent))
|
|
|
19
19
|
|
|
20
20
|
from mcp_proxy_adapter.api.app import create_app
|
|
21
21
|
from mcp_proxy_adapter.config import Config
|
|
22
|
+
from mcp_proxy_adapter.core.config_validator import ConfigValidator
|
|
22
23
|
|
|
23
24
|
|
|
24
25
|
def main():
|
|
@@ -27,28 +28,36 @@ def main():
|
|
|
27
28
|
parser = argparse.ArgumentParser(description="MCP Proxy Adapter Server")
|
|
28
29
|
parser.add_argument("--config", "-c", type=str, help="Path to configuration file")
|
|
29
30
|
args = parser.parse_args()
|
|
30
|
-
|
|
31
|
+
|
|
31
32
|
# Load configuration
|
|
32
33
|
if args.config:
|
|
33
34
|
config = Config(config_path=args.config)
|
|
34
35
|
else:
|
|
35
36
|
config = Config()
|
|
36
37
|
|
|
38
|
+
# Validate UUID configuration (mandatory)
|
|
39
|
+
validator = ConfigValidator(config.get_all())
|
|
40
|
+
if not validator.validate_all():
|
|
41
|
+
print("❌ Configuration validation failed:")
|
|
42
|
+
for error in validator.get_errors():
|
|
43
|
+
print(f" - {error}")
|
|
44
|
+
sys.exit(1)
|
|
45
|
+
print("✅ Configuration validation passed")
|
|
37
46
|
|
|
38
47
|
# Create application
|
|
39
48
|
app = create_app(app_config=config)
|
|
40
|
-
|
|
49
|
+
|
|
41
50
|
# Get server configuration
|
|
42
51
|
host = config.get("server.host", "0.0.0.0")
|
|
43
52
|
port = config.get("server.port", 8000)
|
|
44
|
-
|
|
53
|
+
|
|
45
54
|
# Get SSL configuration
|
|
46
55
|
ssl_enabled = config.get("ssl.enabled", False)
|
|
47
56
|
ssl_cert_file = config.get("ssl.cert_file")
|
|
48
57
|
ssl_key_file = config.get("ssl.key_file")
|
|
49
58
|
ssl_ca_cert = config.get("ssl.ca_cert")
|
|
50
59
|
verify_client = config.get("ssl.verify_client", False)
|
|
51
|
-
|
|
60
|
+
|
|
52
61
|
print(f"🚀 Starting MCP Proxy Adapter")
|
|
53
62
|
print(f"🌐 Server: {host}:{port}")
|
|
54
63
|
if ssl_enabled:
|
|
@@ -59,18 +68,18 @@ def main():
|
|
|
59
68
|
print(f" CA: {ssl_ca_cert}")
|
|
60
69
|
print(f" Client verification: {verify_client}")
|
|
61
70
|
print("=" * 50)
|
|
62
|
-
|
|
71
|
+
|
|
63
72
|
# Configure hypercorn
|
|
64
73
|
config_hypercorn = hypercorn.config.Config()
|
|
65
74
|
config_hypercorn.bind = [f"{host}:{port}"]
|
|
66
|
-
|
|
75
|
+
|
|
67
76
|
if ssl_enabled and ssl_cert_file and ssl_key_file:
|
|
68
77
|
config_hypercorn.certfile = ssl_cert_file
|
|
69
78
|
config_hypercorn.keyfile = ssl_key_file
|
|
70
|
-
|
|
79
|
+
|
|
71
80
|
if ssl_ca_cert:
|
|
72
81
|
config_hypercorn.ca_certs = ssl_ca_cert
|
|
73
|
-
|
|
82
|
+
|
|
74
83
|
if verify_client:
|
|
75
84
|
# For mTLS, require client certificates
|
|
76
85
|
config_hypercorn.set_cert_reqs(ssl.CERT_REQUIRED)
|
|
@@ -80,11 +89,11 @@ def main():
|
|
|
80
89
|
# For regular HTTPS without client verification
|
|
81
90
|
config_hypercorn.set_cert_reqs(ssl.CERT_NONE)
|
|
82
91
|
config_hypercorn.verify_mode = ssl.CERT_NONE
|
|
83
|
-
|
|
92
|
+
|
|
84
93
|
print(f"🔐 Starting HTTPS server with hypercorn...")
|
|
85
94
|
else:
|
|
86
95
|
print(f"🌐 Starting HTTP server with hypercorn...")
|
|
87
|
-
|
|
96
|
+
|
|
88
97
|
# Run the server
|
|
89
98
|
asyncio.run(hypercorn.asyncio.serve(app, config_hypercorn))
|
|
90
99
|
|
|
@@ -10,6 +10,7 @@ email: vasilyvz@gmail.com
|
|
|
10
10
|
|
|
11
11
|
import json
|
|
12
12
|
import logging
|
|
13
|
+
import uuid
|
|
13
14
|
from pathlib import Path
|
|
14
15
|
from typing import Dict, Any, Optional
|
|
15
16
|
|
|
@@ -32,6 +33,7 @@ class ConfigGenerator:
|
|
|
32
33
|
def _get_template_config(self) -> Dict[str, Any]:
|
|
33
34
|
"""Get template configuration with all available options."""
|
|
34
35
|
return {
|
|
36
|
+
"uuid": str(uuid.uuid4()),
|
|
35
37
|
"server": {
|
|
36
38
|
"host": "0.0.0.0",
|
|
37
39
|
"port": 8000,
|
|
@@ -878,6 +880,7 @@ class ConfigGenerator:
|
|
|
878
880
|
def _get_comments_for_type(self, config_type: str) -> Dict[str, str]:
|
|
879
881
|
"""Get comments for configuration sections."""
|
|
880
882
|
base_comments = {
|
|
883
|
+
"uuid": "Unique service identifier (UUID4) - REQUIRED for service identification",
|
|
881
884
|
"server": "Server configuration for FastAPI application",
|
|
882
885
|
"ssl": "SSL/TLS configuration for secure connections",
|
|
883
886
|
"security": "Security framework configuration (mcp_security_framework)",
|
mcp_proxy_adapter/version.py
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: mcp-proxy-adapter
|
|
3
|
-
Version: 6.
|
|
3
|
+
Version: 6.3.1
|
|
4
4
|
Summary: Powerful JSON-RPC microservices framework with built-in security, authentication, and proxy registration
|
|
5
5
|
Home-page: https://github.com/maverikod/mcp-proxy-adapter
|
|
6
6
|
Author: Vasiliy Zdanovskiy
|
|
@@ -2,9 +2,9 @@ mcp_proxy_adapter/__init__.py,sha256=B7m1YWyv_Wb87-Q-JqVpHQgwajnfIgDyZ_iIxzdTbBY
|
|
|
2
2
|
mcp_proxy_adapter/__main__.py,sha256=-Wp1myP9DzJNB9j97mj62C8kFk5YUbCmd0e7Rnwte0A,769
|
|
3
3
|
mcp_proxy_adapter/config.py,sha256=_VpJrmdK6NS27ABgoEABvMcgUHxCjd1D1H-HUzx3-hY,21637
|
|
4
4
|
mcp_proxy_adapter/custom_openapi.py,sha256=jYUrCy8C1mShh3sjKj-JkzSMLAvxDLTvtzSJFj5HUNg,15023
|
|
5
|
-
mcp_proxy_adapter/main.py,sha256=
|
|
5
|
+
mcp_proxy_adapter/main.py,sha256=Q5WxLVbQ5y9cdpcriFvIuILaxFyPyyxyxQ4OeU3xaYY,3193
|
|
6
6
|
mcp_proxy_adapter/openapi.py,sha256=36vOEbJjGnVZR6hUhl6mHCD29HYOEFKo2bL0JdGSm-4,13952
|
|
7
|
-
mcp_proxy_adapter/version.py,sha256=
|
|
7
|
+
mcp_proxy_adapter/version.py,sha256=Yc177jRt-BpAGwvr34fCZ3fFoA73PfmSwOAV7VNJ5lo,75
|
|
8
8
|
mcp_proxy_adapter/api/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
9
9
|
mcp_proxy_adapter/api/app.py,sha256=khl4kaI4mJ6dNbfAK7hR97Ek-eWC9NBeuXHr6GVbLoU,28911
|
|
10
10
|
mcp_proxy_adapter/api/handlers.py,sha256=DcZT7MVBV33q-0EJ0iFqxE0VgBkFt6d_SqoRkntwyvc,8477
|
|
@@ -53,7 +53,7 @@ mcp_proxy_adapter/commands/token_management_command.py,sha256=7sl_fRUjWMRuP7NXoL
|
|
|
53
53
|
mcp_proxy_adapter/commands/transport_management_command.py,sha256=yv2lqUqJliYGIbYW7t0HQTrt5Cu2Y02rUjVzdznLtPk,4692
|
|
54
54
|
mcp_proxy_adapter/commands/unload_command.py,sha256=mhRZ23sJtTwUfWkjZzH8KDRpwxUX0kdu8LbAXAURRJc,5079
|
|
55
55
|
mcp_proxy_adapter/core/__init__.py,sha256=Ch50cV5Nd8m-HO9rMnVModajjwDK-OdUy7hxISDFkAM,800
|
|
56
|
-
mcp_proxy_adapter/core/app_factory.py,sha256=
|
|
56
|
+
mcp_proxy_adapter/core/app_factory.py,sha256=gihORWzWQKoXV_t3OUd4TQgnXwtQ1OW-CJMAZzdH77E,18454
|
|
57
57
|
mcp_proxy_adapter/core/app_runner.py,sha256=JPpx9rKmaHAVdFnHRl2rXycptQkTSQ13Er7Qf1KZIA4,10614
|
|
58
58
|
mcp_proxy_adapter/core/auth_validator.py,sha256=lJxBVkoQWSk5CNtnPYMEJSsz4FhcXK-gB5QJ_OP9jEE,20937
|
|
59
59
|
mcp_proxy_adapter/core/certificate_utils.py,sha256=7VOhjRcygCToYgPTUt_MgcNILdpRBRBNZSFpeS_QrfA,39541
|
|
@@ -61,8 +61,8 @@ mcp_proxy_adapter/core/client.py,sha256=AeNjMyaTnnR0g6Sw_c28X_le8o5SbEi-_PaRtVtt
|
|
|
61
61
|
mcp_proxy_adapter/core/client_manager.py,sha256=sKEhapMpogqb54WIWEpz2bMjrX3wvYooX-a844IfCTU,9164
|
|
62
62
|
mcp_proxy_adapter/core/client_security.py,sha256=8isHpvv-7H85QzI8K3Pfyr_KdvpE2xYyIT4wqWrttNU,13575
|
|
63
63
|
mcp_proxy_adapter/core/config_converter.py,sha256=FAA2zx-yRgqMgzg73o9Aq5CEEfodNCeaA8Yluto4wAs,16985
|
|
64
|
-
mcp_proxy_adapter/core/config_validator.py,sha256=
|
|
65
|
-
mcp_proxy_adapter/core/crl_utils.py,sha256
|
|
64
|
+
mcp_proxy_adapter/core/config_validator.py,sha256=Sck7DqDDCub96QGAsqlXecfOnyZSRm_kAr7gWQoHnPw,9484
|
|
65
|
+
mcp_proxy_adapter/core/crl_utils.py,sha256=-KMzpnQBjB2HUTU-g8WQF1hjg_nerDaKZfpr6yVAhQo,11464
|
|
66
66
|
mcp_proxy_adapter/core/errors.py,sha256=s34OxiIR4NCJu_pYSigKXqrIvRjUUK2OWw0X4dpDjIA,5151
|
|
67
67
|
mcp_proxy_adapter/core/logging.py,sha256=jQlFz52Xwapef6UD4p0acmaGFumD9XuexwW4frDN_ZM,9626
|
|
68
68
|
mcp_proxy_adapter/core/mtls_asgi.py,sha256=X2lAj3wk3L85amRCp_-10sqvZa5wJf_diXhwrrQReSo,5311
|
|
@@ -73,7 +73,7 @@ mcp_proxy_adapter/core/proxy_registration.py,sha256=Mmh-hWVJKkADLP8361Nx_SGFp9JR
|
|
|
73
73
|
mcp_proxy_adapter/core/role_utils.py,sha256=wMoTVz3gF5fM7jozNMwsEwPkp1tui26M-t_KH1Oz8gs,12880
|
|
74
74
|
mcp_proxy_adapter/core/security_adapter.py,sha256=wZ3OH1WzhUdpN8N8CrGJSFFVNi474DqdazIqQ1T8PN4,13343
|
|
75
75
|
mcp_proxy_adapter/core/security_factory.py,sha256=4r7qvBq30XfosGD_b1ZHyNVLN8rOQ3NAKuaCOCEK8jA,8262
|
|
76
|
-
mcp_proxy_adapter/core/security_integration.py,sha256=
|
|
76
|
+
mcp_proxy_adapter/core/security_integration.py,sha256=ESh0dUDNAnM7VZGyqOzm14P733a8ovLqKAMiOq6QiXA,16192
|
|
77
77
|
mcp_proxy_adapter/core/server_adapter.py,sha256=8dhUlLxuYjaoNgMHieFCFgDRjxskP--Y5uoAhbN6RLw,9823
|
|
78
78
|
mcp_proxy_adapter/core/server_engine.py,sha256=SFENSDrVMlBD--HgKSRVklhrtLKSRSZhs_3UHxFCGbg,9540
|
|
79
79
|
mcp_proxy_adapter/core/settings.py,sha256=ZfUnmqD1tjAuaQo2VAF8evC1oHUit7gTu4WkTF0IMYI,10628
|
|
@@ -134,10 +134,10 @@ mcp_proxy_adapter/examples/scripts/create_certificates_simple.py,sha256=xkIvUYl6
|
|
|
134
134
|
mcp_proxy_adapter/examples/scripts/generate_certificates_and_tokens.py,sha256=J0qHm_BMY8RYqfuwf7V7xKsHcsRJx8E7x-8JxmW5sPw,15988
|
|
135
135
|
mcp_proxy_adapter/schemas/base_schema.json,sha256=v9G9cGMd4dRhCZsOQ_FMqOi5VFyVbI6Cf3fyIvOT9dc,2881
|
|
136
136
|
mcp_proxy_adapter/schemas/openapi_schema.json,sha256=C3yLkwmDsvnLW9B5gnKKdBGl4zxkeU-rEmjTrNVsQU0,8405
|
|
137
|
-
mcp_proxy_adapter/utils/config_generator.py,sha256=
|
|
138
|
-
mcp_proxy_adapter-6.
|
|
139
|
-
mcp_proxy_adapter-6.
|
|
140
|
-
mcp_proxy_adapter-6.
|
|
141
|
-
mcp_proxy_adapter-6.
|
|
142
|
-
mcp_proxy_adapter-6.
|
|
143
|
-
mcp_proxy_adapter-6.
|
|
137
|
+
mcp_proxy_adapter/utils/config_generator.py,sha256=HuNqUgV-aoJ6A1LfX_EGJAVsj-tbaOcV2H6jw6TjfmY,46648
|
|
138
|
+
mcp_proxy_adapter-6.3.1.dist-info/licenses/LICENSE,sha256=6KdtUcTwmTRbJrAmYjVn7e6S-V42ubeDJ-AiVEzZ510,1075
|
|
139
|
+
mcp_proxy_adapter-6.3.1.dist-info/METADATA,sha256=Lc6pPuQ45zRuEvnlLxe-QN2HWT2bfWkfi5vT2_CJJd0,22347
|
|
140
|
+
mcp_proxy_adapter-6.3.1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
|
|
141
|
+
mcp_proxy_adapter-6.3.1.dist-info/entry_points.txt,sha256=J3eV6ID0lt_VSp4lIdIgBFTqLCThgObNNxRCbyfiMHw,70
|
|
142
|
+
mcp_proxy_adapter-6.3.1.dist-info/top_level.txt,sha256=JZT7vPLBYrtroX-ij68JBhJYbjDdghcV-DFySRy-Nnw,18
|
|
143
|
+
mcp_proxy_adapter-6.3.1.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|