mcp-proxy-adapter 6.4.43__py3-none-any.whl → 6.4.44__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. mcp_proxy_adapter/examples/run_security_tests_fixed.py +1 -1
  2. mcp_proxy_adapter/examples/security_test_client.py +2 -2
  3. mcp_proxy_adapter/version.py +1 -1
  4. {mcp_proxy_adapter-6.4.43.dist-info → mcp_proxy_adapter-6.4.44.dist-info}/METADATA +1 -1
  5. {mcp_proxy_adapter-6.4.43.dist-info → mcp_proxy_adapter-6.4.44.dist-info}/RECORD +8 -17
  6. mcp_proxy_adapter/examples/create_certificates_simple.py +0 -661
  7. mcp_proxy_adapter/examples/generate_certificates.py +0 -192
  8. mcp_proxy_adapter/examples/generate_certificates_and_tokens.py +0 -515
  9. mcp_proxy_adapter/examples/generate_test_configs.py +0 -393
  10. mcp_proxy_adapter/examples/run_security_tests.py +0 -677
  11. mcp_proxy_adapter/examples/scripts/config_generator.py +0 -842
  12. mcp_proxy_adapter/examples/scripts/create_certificates_simple.py +0 -673
  13. mcp_proxy_adapter/examples/scripts/generate_certificates_and_tokens.py +0 -515
  14. mcp_proxy_adapter/examples/test_config_generator.py +0 -102
  15. {mcp_proxy_adapter-6.4.43.dist-info → mcp_proxy_adapter-6.4.44.dist-info}/WHEEL +0 -0
  16. {mcp_proxy_adapter-6.4.43.dist-info → mcp_proxy_adapter-6.4.44.dist-info}/entry_points.txt +0 -0
  17. {mcp_proxy_adapter-6.4.43.dist-info → mcp_proxy_adapter-6.4.44.dist-info}/top_level.txt +0 -0
mcp_proxy_adapter/examples/scripts/config_generator.py DELETED
@@ -1,842 +0,0 @@
1
- """
2
- Configuration Generator Utility
3
-
4
- This module provides utilities for generating comprehensive configuration files
5
- that combine mcp_proxy_adapter and mcp_security_framework configurations.
6
-
7
- Author: Vasiliy Zdanovskiy
8
- email: vasilyvz@gmail.com
9
- """
10
-
11
- import json
12
- import logging
13
- from pathlib import Path
14
- from typing import Dict, Any, Optional
15
-
16
- # Use standard logging instead of project logger to avoid circular imports
17
- logger = logging.getLogger(__name__)
18
-
19
-
20
- class ConfigGenerator:
21
- """
22
- Configuration generator for unified mcp_proxy_adapter and mcp_security_framework configs.
23
-
24
- Generates comprehensive configuration files with detailed comments and examples
25
- for both the proxy adapter and security framework components.
26
- """
27
-
28
- def __init__(self):
29
- """Initialize configuration generator."""
30
- self.template_config = self._get_template_config()
31
-
32
- def _get_template_config(self) -> Dict[str, Any]:
33
- """Get template configuration with all available options."""
34
- return {
35
- "server": {
36
- "host": "0.0.0.0",
37
- "port": 8000,
38
- "debug": False,
39
- "log_level": "INFO",
40
- "workers": 1,
41
- "reload": False,
42
- },
43
- "ssl": {
44
- "enabled": False,
45
- "cert_file": None,
46
- "key_file": None,
47
- "ca_cert": None,
48
- "verify_client": False,
49
- "client_cert_required": False,
50
- "cipher_suites": [
51
- "TLS_AES_256_GCM_SHA384",
52
- "TLS_CHACHA20_POLY1305_SHA256",
53
- ],
54
- "min_tls_version": "TLSv1.2",
55
- "max_tls_version": "1.3",
56
- },
57
- "security": {
58
- "framework": "mcp_security_framework",
59
- "enabled": True,
60
- "debug": False,
61
- "environment": "dev",
62
- "version": "1.0.0",
63
- "ssl": {
64
- "enabled": False,
65
- "cert_file": None,
66
- "key_file": None,
67
- "ca_cert_file": None,
68
- "client_cert_file": None,
69
- "client_key_file": None,
70
- "verify_mode": "CERT_REQUIRED",
71
- "min_tls_version": "TLSv1.2",
72
- "max_tls_version": None,
73
- "cipher_suite": None,
74
- "check_hostname": True,
75
- "check_expiry": True,
76
- "expiry_warning_days": 30,
77
- },
78
- "auth": {
79
- "enabled": False,
80
- "methods": [],
81
- "api_keys": {},
82
- "user_roles": {},
83
- "jwt_secret": None,
84
- "jwt_algorithm": "HS256",
85
- "jwt_expiry_hours": 24,
86
- "certificate_auth": False,
87
- "certificate_roles_oid": "1.3.6.1.4.1.99999.1.1",
88
- "certificate_permissions_oid": "1.3.6.1.4.1.99999.1.2",
89
- "basic_auth": False,
90
- "oauth2_config": None,
91
- "public_paths": ["/health", "/docs", "/openapi.json"],
92
- "security_headers": {
93
- "X-Content-Type-Options": "nosniff",
94
- "X-Frame-Options": "DENY",
95
- "X-XSS-Protection": "1; mode=block",
96
- "Strict-Transport-Security": "max-age=31536000; includeSubDomains",
97
- },
98
- },
99
- "certificates": {
100
- "enabled": False,
101
- "ca_cert_path": None,
102
- "ca_key_path": None,
103
- "cert_storage_path": "mcp_proxy_adapter/examples/certs",
104
- "key_storage_path": "mcp_proxy_adapter/examples/keys",
105
- "default_validity_days": 365,
106
- "key_size": 2048,
107
- "hash_algorithm": "sha256",
108
- "crl_enabled": False,
109
- "crl_path": None,
110
- "crl_url": None,
111
- "crl_validity_days": 30,
112
- "auto_renewal": False,
113
- "renewal_threshold_days": 30,
114
- },
115
- "permissions": {
116
- "enabled": False,
117
- "roles_file": None,
118
- "default_role": "guest",
119
- "admin_role": "admin",
120
- "role_hierarchy": {},
121
- "permission_cache_enabled": False,
122
- "permission_cache_ttl": 300,
123
- "wildcard_permissions": False,
124
- "strict_mode": False,
125
- "roles": {},
126
- },
127
- "rate_limit": {
128
- "enabled": False,
129
- "default_requests_per_minute": 60,
130
- "default_requests_per_hour": 1000,
131
- "burst_limit": 2,
132
- "window_size_seconds": 60,
133
- "storage_backend": "memory",
134
- "redis_config": None,
135
- "cleanup_interval": 300,
136
- "exempt_paths": ["/health", "/docs", "/openapi.json"],
137
- "exempt_roles": ["admin"],
138
- },
139
- "logging": {
140
- "enabled": True,
141
- "level": "INFO",
142
- "format": "%(asctime)s - %(name)s - %(levelname)s - %(message)s",
143
- "date_format": "%Y-%m-%d %H:%M:%S",
144
- "file_path": "./logs/security.log",
145
- "max_file_size": 10,
146
- "backup_count": 5,
147
- "console_output": True,
148
- "json_format": False,
149
- "include_timestamp": True,
150
- "include_level": True,
151
- "include_module": True,
152
- },
153
- },
154
- "registration": {
155
- "enabled": False,
156
- "server_url": "https://proxy-registry.example.com",
157
- "auth_method": "certificate",
158
- "certificate": {
159
- "enabled": False,
160
- "cert_file": "mcp_proxy_adapter/examples/certs/proxy_client.crt",
161
- "key_file": "mcp_proxy_adapter/examples/keys/proxy_client.key",
162
- "ca_cert_file": "mcp_proxy_adapter/examples/certs/ca.crt",
163
- "verify_server": True,
164
- },
165
- "token": {
166
- "enabled": False,
167
- "token": "proxy_registration_token_123",
168
- "token_type": "bearer",
169
- "refresh_interval": 3600,
170
- },
171
- "api_key": {
172
- "enabled": False,
173
- "key": "proxy_api_key_456",
174
- "key_header": "X-Proxy-API-Key",
175
- },
176
- "proxy_info": {
177
- "name": "mcp_proxy_adapter",
178
- "version": "1.0.0",
179
- "description": "MCP Proxy Adapter with security framework",
180
- "capabilities": ["jsonrpc", "rest", "security", "certificates"],
181
- "endpoints": {
182
- "jsonrpc": "/api/jsonrpc",
183
- "rest": "/cmd",
184
- "health": "/health",
185
- },
186
- },
187
- "heartbeat": {
188
- "enabled": True,
189
- "interval": 300,
190
- "timeout": 30,
191
- "retry_attempts": 3,
192
- "retry_delay": 60,
193
- },
194
- "auto_discovery": {
195
- "enabled": False,
196
- "discovery_urls": [],
197
- "discovery_interval": 3600,
198
- "register_on_discovery": True,
199
- },
200
- },
201
- "logging": {
202
- "level": "INFO",
203
- "console_output": True,
204
- "file_output": False,
205
- "file_path": None,
206
- "max_file_size": 10,
207
- "backup_count": 5,
208
- "format": "%(asctime)s - %(name)s - %(levelname)s - %(message)s",
209
- },
210
- "commands": {
211
- "auto_discovery": True,
212
- "commands_directory": "./commands",
213
- "builtin_commands": ["echo", "health", "config"],
214
- "custom_commands": [],
215
- "command_timeout": 30,
216
- },
217
- "hooks": {
218
- "enabled": True,
219
- "application_hooks": {
220
- "on_startup": [],
221
- "on_shutdown": [],
222
- "before_request": [],
223
- "after_request": [],
224
- "on_error": [],
225
- },
226
- "command_hooks": {
227
- "before_echo_command": [],
228
- "after_echo_command": [],
229
- "before_health_command": [],
230
- "after_health_command": [],
231
- "before_config_command": [],
232
- "after_config_command": [],
233
- },
234
- },
235
- "protocols": {
236
- "enabled": True,
237
- "allowed_protocols": ["http", "https"],
238
- "default_protocol": "http",
239
- "strict_mode": False,
240
- },
241
- }
242
-
243
- def generate_config_with_comments(self, config_type: str = "full") -> str:
244
- """
245
- Generate configuration with detailed comments.
246
-
247
- Args:
248
- config_type: Type of configuration to generate
249
- - "full": Complete configuration with all options
250
- - "minimal": Minimal working configuration
251
- - "secure": Secure configuration with all security features
252
- - "development": Development configuration with debug enabled
253
- - "basic_http": Basic HTTP configuration
254
- - "http_token": HTTP with token authentication
255
- - "https": HTTPS configuration
256
- - "https_token": HTTPS with token authentication
257
- - "mtls": mTLS configuration
258
-
259
- Returns:
260
- JSON configuration string with comments
261
- """
262
- config = self._get_config_by_type(config_type)
263
-
264
- # Convert to JSON with comments
265
- json_str = json.dumps(config, indent=2, ensure_ascii=False)
266
-
267
- # Add comments
268
- commented_config = self._add_comments(json_str, config_type)
269
-
270
- return commented_config
271
-
272
- def _get_config_by_type(self, config_type: str) -> Dict[str, Any]:
273
- """Get configuration based on type."""
274
- base_config = self.template_config.copy()
275
-
276
- if config_type == "minimal":
277
- return self._get_minimal_config(base_config)
278
- elif config_type == "secure":
279
- return self._get_secure_config(base_config)
280
- elif config_type == "development":
281
- return self._get_development_config(base_config)
282
- elif config_type == "basic_http":
283
- return self._get_basic_http_config(base_config)
284
- elif config_type == "http_token":
285
- return self._get_http_token_config(base_config)
286
- elif config_type == "https":
287
- return self._get_https_config(base_config)
288
- elif config_type == "https_token":
289
- return self._get_https_token_config(base_config)
290
- elif config_type == "https_no_protocol_middleware":
291
- return self._get_https_no_protocol_middleware_config(base_config)
292
- elif config_type == "mtls":
293
- return self._get_mtls_config(base_config)
294
- elif config_type == "mtls_no_protocol_middleware":
295
- return self._get_mtls_no_protocol_middleware_config(base_config)
296
- else: # full
297
- return base_config
298
-
299
- def _get_minimal_config(self, base_config: Dict[str, Any]) -> Dict[str, Any]:
300
- """Get minimal working configuration."""
301
- config = base_config.copy()
302
-
303
- # Disable security for minimal config
304
- config["security"]["enabled"] = False
305
- config["security"]["auth"]["enabled"] = False
306
- config["security"]["permissions"]["enabled"] = False
307
- config["security"]["rate_limit"]["enabled"] = False
308
-
309
- # Disable registration for minimal config
310
- config["registration"]["enabled"] = False
311
-
312
- # Keep only essential settings
313
- config["server"]["port"] = 8000
314
- config["server"]["debug"] = False
315
-
316
- return config
317
-
318
- def _get_basic_http_config(self, base_config: Dict[str, Any]) -> Dict[str, Any]:
319
- """Get basic HTTP configuration."""
320
- config = base_config.copy()
321
-
322
- # Basic HTTP settings
323
- config["server"]["port"] = 8000
324
- config["ssl"]["enabled"] = False
325
- config["security"]["ssl"]["enabled"] = False
326
- config["security"]["auth"]["enabled"] = False
327
- config["security"]["permissions"]["enabled"] = False
328
- config["security"]["permissions"]["roles_file"] = None
329
- config["protocols"]["enabled"] = True
330
- config["protocols"]["allowed_protocols"] = ["http"]
331
- config["protocols"]["default_protocol"] = "http"
332
-
333
- # Enable local proxy registration by default for examples
334
- config["registration"]["enabled"] = True
335
- config["registration"]["auth_method"] = "token"
336
- config["registration"]["token"]["enabled"] = True
337
- config["registration"]["token"]["token"] = "proxy_registration_token_123"
338
- config["registration"]["server_url"] = "http://127.0.0.1:3004/proxy"
339
- config["registration"]["proxy_info"]["name"] = "mcp_example_server"
340
- config["registration"]["proxy_info"]["capabilities"] = [
341
- "jsonrpc",
342
- "rest",
343
- "security",
344
- "proxy_registration",
345
- ]
346
- config["registration"]["heartbeat"]["enabled"] = True
347
- config["registration"]["heartbeat"]["interval"] = 30
348
-
349
- return config
350
-
351
- def _get_http_token_config(self, base_config: Dict[str, Any]) -> Dict[str, Any]:
352
- """Get HTTP with token authentication configuration."""
353
- config = base_config.copy()
354
-
355
- # HTTP with token auth
356
- config["server"]["port"] = 8001
357
- config["ssl"]["enabled"] = False
358
- config["security"]["ssl"]["enabled"] = False
359
- config["security"]["auth"]["enabled"] = True
360
- config["security"]["auth"]["methods"] = ["api_key"]
361
- config["security"]["auth"]["api_keys"] = {
362
- "test-token-123": {
363
- "roles": ["admin"],
364
- "permissions": ["*"],
365
- "expires": None,
366
- },
367
- "user-token-456": {
368
- "roles": ["user"],
369
- "permissions": ["read", "execute"],
370
- "expires": None,
371
- },
372
- }
373
- config["security"]["permissions"]["enabled"] = True
374
- config["security"]["permissions"][
375
- "roles_file"
376
- ] = "mcp_proxy_adapter/examples/server_configs/roles.json"
377
- config["protocols"]["enabled"] = True
378
- config["protocols"]["allowed_protocols"] = ["http"]
379
- config["protocols"]["default_protocol"] = "http"
380
-
381
- return config
382
-
383
- def _get_https_config(self, base_config: Dict[str, Any]) -> Dict[str, Any]:
384
- """Get HTTPS configuration."""
385
- config = base_config.copy()
386
-
387
- # HTTPS settings
388
- config["server"]["port"] = 8443
389
- config["ssl"]["enabled"] = True
390
- config["ssl"]["cert_file"] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
391
- config["ssl"]["key_file"] = "mcp_proxy_adapter/examples/certs/server_key.pem"
392
- config["ssl"]["ca_cert"] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
393
-
394
- config["security"]["ssl"]["enabled"] = True
395
- config["security"]["ssl"][
396
- "cert_file"
397
- ] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
398
- config["security"]["ssl"][
399
- "key_file"
400
- ] = "mcp_proxy_adapter/examples/certs/server_key.pem"
401
- config["security"]["ssl"][
402
- "ca_cert_file"
403
- ] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
404
-
405
- config["security"]["auth"]["enabled"] = False
406
- config["security"]["permissions"]["enabled"] = False
407
- config["security"]["permissions"]["roles_file"] = None
408
- config["protocols"]["enabled"] = True
409
- config["protocols"]["allowed_protocols"] = ["http", "https"]
410
- config["protocols"]["default_protocol"] = "https"
411
-
412
- return config
413
-
414
- def _get_https_token_config(self, base_config: Dict[str, Any]) -> Dict[str, Any]:
415
- """Get HTTPS with token authentication configuration."""
416
- config = base_config.copy()
417
-
418
- # HTTPS with token auth
419
- config["server"]["port"] = 8444
420
- config["ssl"]["enabled"] = True
421
- config["ssl"]["cert_file"] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
422
- config["ssl"]["key_file"] = "mcp_proxy_adapter/examples/certs/server_key.pem"
423
- config["ssl"]["ca_cert"] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
424
-
425
- config["security"]["ssl"]["enabled"] = True
426
- config["security"]["ssl"][
427
- "cert_file"
428
- ] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
429
- config["security"]["ssl"][
430
- "key_file"
431
- ] = "mcp_proxy_adapter/examples/certs/server_key.pem"
432
- config["security"]["ssl"][
433
- "ca_cert_file"
434
- ] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
435
-
436
- config["security"]["auth"]["enabled"] = True
437
- config["security"]["auth"]["methods"] = ["api_key"]
438
- config["security"]["auth"]["api_keys"] = {
439
- "test-token-123": {
440
- "roles": ["admin"],
441
- "permissions": ["*"],
442
- "expires": None,
443
- },
444
- "user-token-456": {
445
- "roles": ["user"],
446
- "permissions": ["read", "execute"],
447
- "expires": None,
448
- },
449
- }
450
- config["security"]["permissions"]["enabled"] = True
451
- config["security"]["permissions"][
452
- "roles_file"
453
- ] = "mcp_proxy_adapter/examples/server_configs/roles.json"
454
- config["protocols"]["enabled"] = True
455
- config["protocols"]["allowed_protocols"] = ["http", "https"]
456
- config["protocols"]["default_protocol"] = "https"
457
-
458
- return config
459
-
460
- def _get_mtls_config(self, base_config: Dict[str, Any]) -> Dict[str, Any]:
461
- """Get mTLS configuration."""
462
- config = base_config.copy()
463
-
464
- # mTLS settings
465
- config["server"]["port"] = 8445
466
- config["ssl"]["enabled"] = True
467
- config["ssl"]["cert_file"] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
468
- config["ssl"]["key_file"] = "mcp_proxy_adapter/examples/certs/server_key.pem"
469
- config["ssl"]["ca_cert"] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
470
- config["ssl"]["verify_client"] = True
471
- config["ssl"]["client_cert_required"] = True
472
-
473
- config["security"]["ssl"]["enabled"] = True
474
- config["security"]["ssl"][
475
- "cert_file"
476
- ] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
477
- config["security"]["ssl"][
478
- "key_file"
479
- ] = "mcp_proxy_adapter/examples/certs/server_key.pem"
480
- config["security"]["ssl"][
481
- "ca_cert_file"
482
- ] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
483
- config["security"]["ssl"][
484
- "client_cert_file"
485
- ] = "mcp_proxy_adapter/examples/certs/client_cert.pem"
486
- config["security"]["ssl"][
487
- "client_key_file"
488
- ] = "mcp_proxy_adapter/examples/certs/client_key.pem"
489
- config["security"]["ssl"]["verify_mode"] = "CERT_REQUIRED"
490
-
491
- config["security"]["auth"]["enabled"] = True
492
- config["security"]["auth"]["methods"] = ["certificate"]
493
- config["security"]["auth"]["certificate_auth"] = True
494
- config["security"]["permissions"]["enabled"] = True
495
- config["security"]["permissions"][
496
- "roles_file"
497
- ] = "mcp_proxy_adapter/examples/server_configs/roles.json"
498
- config["protocols"]["enabled"] = True
499
- config["protocols"]["allowed_protocols"] = ["https", "mtls"]
500
- config["protocols"]["default_protocol"] = "https"
501
-
502
- return config
503
-
504
- def _get_https_no_protocol_middleware_config(
505
- self, base_config: Dict[str, Any]
506
- ) -> Dict[str, Any]:
507
- """Get HTTPS configuration without ProtocolMiddleware."""
508
- config = base_config.copy()
509
-
510
- # HTTPS settings
511
- config["server"]["port"] = 8445
512
- config["ssl"]["enabled"] = True
513
- config["ssl"]["cert_file"] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
514
- config["ssl"]["key_file"] = "mcp_proxy_adapter/examples/certs/server_key.pem"
515
- config["ssl"]["ca_cert"] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
516
-
517
- config["security"]["ssl"]["enabled"] = True
518
- config["security"]["ssl"][
519
- "cert_file"
520
- ] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
521
- config["security"]["ssl"][
522
- "key_file"
523
- ] = "mcp_proxy_adapter/examples/certs/server_key.pem"
524
- config["security"]["ssl"][
525
- "ca_cert_file"
526
- ] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
527
-
528
- config["security"]["auth"]["enabled"] = True
529
- config["security"]["auth"]["methods"] = ["api_key"]
530
- config["security"]["auth"]["api_keys"] = {
531
- "test-token-123": {
532
- "roles": ["admin"],
533
- "permissions": ["*"],
534
- "expires": None,
535
- },
536
- "user-token-456": {
537
- "roles": ["user"],
538
- "permissions": ["read", "execute"],
539
- "expires": None,
540
- },
541
- }
542
- config["security"]["permissions"]["enabled"] = True
543
- config["security"]["permissions"][
544
- "roles_file"
545
- ] = "mcp_proxy_adapter/examples/server_configs/roles.json"
546
- config["protocols"]["enabled"] = False # Disable ProtocolMiddleware
547
-
548
- return config
549
-
550
- def _get_mtls_no_protocol_middleware_config(
551
- self, base_config: Dict[str, Any]
552
- ) -> Dict[str, Any]:
553
- """Get mTLS configuration without ProtocolMiddleware."""
554
- config = base_config.copy()
555
-
556
- # mTLS settings
557
- config["server"]["port"] = 8447
558
- config["ssl"]["enabled"] = True
559
- config["ssl"]["cert_file"] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
560
- config["ssl"]["key_file"] = "mcp_proxy_adapter/examples/certs/server_key.pem"
561
- config["ssl"]["ca_cert"] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
562
- config["ssl"]["verify_client"] = True
563
- config["ssl"]["client_cert_required"] = True
564
-
565
- config["security"]["ssl"]["enabled"] = True
566
- config["security"]["ssl"][
567
- "cert_file"
568
- ] = "mcp_proxy_adapter/examples/certs/server_cert.pem"
569
- config["security"]["ssl"][
570
- "key_file"
571
- ] = "mcp_proxy_adapter/examples/certs/server_key.pem"
572
- config["security"]["ssl"][
573
- "ca_cert_file"
574
- ] = "mcp_proxy_adapter/examples/certs/ca_cert.pem"
575
- config["security"]["ssl"][
576
- "client_cert_file"
577
- ] = "mcp_proxy_adapter/examples/certs/client_cert.pem"
578
- config["security"]["ssl"][
579
- "client_key_file"
580
- ] = "mcp_proxy_adapter/examples/certs/client_key.pem"
581
- config["security"]["ssl"]["verify_mode"] = "CERT_REQUIRED"
582
-
583
- config["security"]["auth"]["enabled"] = True
584
- config["security"]["auth"]["methods"] = ["certificate"]
585
- config["security"]["auth"]["certificate_auth"] = True
586
- config["security"]["permissions"]["enabled"] = True
587
- config["security"]["permissions"][
588
- "roles_file"
589
- ] = "mcp_proxy_adapter/examples/server_configs/roles.json"
590
- config["protocols"]["enabled"] = False # Disable ProtocolMiddleware
591
-
592
- return config
593
-
594
- def _get_secure_config(self, base_config: Dict[str, Any]) -> Dict[str, Any]:
595
- """Get secure configuration with all security features enabled."""
596
- config = base_config.copy()
597
-
598
- # Enable all security features
599
- config["security"]["enabled"] = True
600
- config["security"]["ssl"]["enabled"] = True
601
- config["security"]["auth"]["enabled"] = True
602
- config["security"]["permissions"]["enabled"] = True
603
- config["security"]["rate_limit"]["enabled"] = True
604
-
605
- # Enable registration with certificate auth
606
- config["registration"]["enabled"] = True
607
- config["registration"]["auth_method"] = "certificate"
608
- config["registration"]["certificate"]["enabled"] = True
609
-
610
- # Set secure defaults
611
- config["security"]["ssl"]["min_tls_version"] = "TLSv1.2"
612
- config["security"]["auth"]["methods"] = ["api_key", "jwt"]
613
- config["security"]["permissions"]["strict_mode"] = True
614
- config["security"]["rate_limit"]["burst_limit"] = 1
615
-
616
- return config
617
-
618
- def _get_development_config(self, base_config: Dict[str, Any]) -> Dict[str, Any]:
619
- """Get development configuration with debug enabled."""
620
- config = base_config.copy()
621
-
622
- # Enable debug features
623
- config["server"]["debug"] = True
624
- config["security"]["debug"] = True
625
- config["logging"]["level"] = "DEBUG"
626
-
627
- # Enable registration with token auth for development
628
- config["registration"]["enabled"] = True
629
- config["registration"]["auth_method"] = "token"
630
- config["registration"]["token"]["enabled"] = True
631
-
632
- # Relax security for development
633
- config["security"]["rate_limit"]["default_requests_per_minute"] = 1000
634
- config["security"]["permissions"]["strict_mode"] = False
635
-
636
- return config
637
-
638
- def _add_comments(self, json_str: str, config_type: str) -> str:
639
- """Add comments to JSON configuration."""
640
- comments = self._get_comments_for_type(config_type)
641
-
642
- # Add header comment
643
- commented_config = f"""/**
644
- * MCP Proxy Adapter Configuration
645
- *
646
- * This configuration file combines settings for both mcp_proxy_adapter
647
- * and mcp_security_framework in a unified format.
648
- *
649
- * Configuration Type: {config_type.title()}
650
- * Generated by: ConfigGenerator
651
- *
652
- * IMPORTANT: This is a template configuration. Please customize it
653
- * according to your specific requirements and security needs.
654
- */
655
-
656
- """
657
-
658
- # Add section comments
659
- for section, comment in comments.items():
660
- if section in json_str:
661
- # Find the section and add comment before it
662
- section_start = json_str.find(f'"{section}":')
663
- if section_start != -1:
664
- # Find the line start
665
- line_start = json_str.rfind("\n", 0, section_start) + 1
666
- json_str = (
667
- json_str[:line_start]
668
- + f" // {comment}\n"
669
- + json_str[line_start:]
670
- )
671
-
672
- return commented_config + json_str
673
-
674
- def _get_comments_for_type(self, config_type: str) -> Dict[str, str]:
675
- """Get comments for configuration sections."""
676
- base_comments = {
677
- "server": "Server configuration for FastAPI application",
678
- "ssl": "SSL/TLS configuration for secure connections",
679
- "security": "Security framework configuration (mcp_security_framework)",
680
- "registration": "Proxy registration configuration for secure proxy discovery",
681
- "logging": "Logging configuration for the application",
682
- "commands": "Command management and discovery settings",
683
- "hooks": "Application and command hooks configuration",
684
- "protocols": "Protocol endpoints and settings",
685
- }
686
-
687
- if config_type == "minimal":
688
- base_comments["security"] = (
689
- "Security framework configuration (disabled for minimal setup)"
690
- )
691
- base_comments["registration"] = (
692
- "Proxy registration configuration (disabled for minimal setup)"
693
- )
694
- elif config_type == "secure":
695
- base_comments["security"] = (
696
- "Security framework configuration (all features enabled)"
697
- )
698
- base_comments["registration"] = (
699
- "Proxy registration configuration (certificate authentication enabled)"
700
- )
701
- elif config_type == "development":
702
- base_comments["security"] = (
703
- "Security framework configuration (development mode with relaxed settings)"
704
- )
705
- base_comments["registration"] = (
706
- "Proxy registration configuration (token authentication for development)"
707
- )
708
- elif config_type in ["basic_http", "http_token"]:
709
- base_comments["ssl"] = "SSL/TLS configuration (disabled for HTTP)"
710
- base_comments["security"] = (
711
- f"Security framework configuration ({config_type} mode)"
712
- )
713
- elif config_type in ["https", "https_token"]:
714
- base_comments["ssl"] = "SSL/TLS configuration (enabled for HTTPS)"
715
- base_comments["security"] = (
716
- f"Security framework configuration ({config_type} mode)"
717
- )
718
- elif config_type == "mtls":
719
- base_comments["ssl"] = (
720
- "SSL/TLS configuration (enabled for mTLS with client certificate verification)"
721
- )
722
- base_comments["security"] = (
723
- "Security framework configuration (mTLS mode with certificate authentication)"
724
- )
725
- elif config_type == "https_no_protocol_middleware":
726
- base_comments["ssl"] = (
727
- "SSL/TLS configuration (enabled for HTTPS without ProtocolMiddleware)"
728
- )
729
- base_comments["security"] = (
730
- "Security framework configuration (HTTPS mode without ProtocolMiddleware)"
731
- )
732
- elif config_type == "mtls_no_protocol_middleware":
733
- base_comments["ssl"] = (
734
- "SSL/TLS configuration (enabled for mTLS without ProtocolMiddleware)"
735
- )
736
- base_comments["security"] = (
737
- "Security framework configuration (mTLS mode without ProtocolMiddleware)"
738
- )
739
-
740
- return base_comments
741
-
742
- def generate_config_file(self, output_path: str, config_type: str = "full") -> None:
743
- """
744
- Generate configuration file and save to disk.
745
-
746
- Args:
747
- output_path: Path to save the configuration file
748
- config_type: Type of configuration to generate
749
- """
750
- try:
751
- config_content = self.generate_config_with_comments(config_type)
752
-
753
- # Create directory if it doesn't exist
754
- output_file = Path(output_path)
755
- output_file.parent.mkdir(parents=True, exist_ok=True)
756
-
757
- # Write configuration file
758
- with open(output_file, "w", encoding="utf-8") as f:
759
- f.write(config_content)
760
-
761
- logger.info(f"Configuration file generated: {output_path}")
762
- logger.info(f"Configuration type: {config_type}")
763
-
764
- except Exception as e:
765
- logger.error(f"Failed to generate configuration file: {e}")
766
- raise
767
-
768
- def generate_all_configs(self, output_dir: str) -> None:
769
- """
770
- Generate all configuration types.
771
-
772
- Args:
773
- output_dir: Directory to save configuration files
774
- """
775
- config_types = [
776
- "minimal",
777
- "development",
778
- "secure",
779
- "full",
780
- "basic_http",
781
- "http_token",
782
- "https",
783
- "https_token",
784
- "mtls",
785
- "https_no_protocol_middleware",
786
- "mtls_no_protocol_middleware",
787
- ]
788
-
789
- for config_type in config_types:
790
- output_path = Path(output_dir) / f"config_{config_type}.json"
791
- self.generate_config_file(str(output_path), config_type)
792
-
793
- logger.info(
794
- f"Generated {len(config_types)} configuration files in {output_dir}"
795
- )
796
-
797
-
798
- def main():
799
- """Main function for command-line usage."""
800
- import argparse
801
-
802
- parser = argparse.ArgumentParser(
803
- description="Generate MCP Proxy Adapter configuration files"
804
- )
805
- parser.add_argument(
806
- "--type",
807
- choices=[
808
- "minimal",
809
- "development",
810
- "secure",
811
- "full",
812
- "basic_http",
813
- "http_token",
814
- "https",
815
- "https_token",
816
- "mtls",
817
- "https_no_protocol_middleware",
818
- "mtls_no_protocol_middleware",
819
- ],
820
- default="full",
821
- help="Configuration type to generate",
822
- )
823
- parser.add_argument("--output", default="./config.json", help="Output file path")
824
- parser.add_argument(
825
- "--all", action="store_true", help="Generate all configuration types"
826
- )
827
- parser.add_argument(
828
- "--output-dir", default="./configs", help="Output directory for all configs"
829
- )
830
-
831
- args = parser.parse_args()
832
-
833
- generator = ConfigGenerator()
834
-
835
- if args.all:
836
- generator.generate_all_configs(args.output_dir)
837
- else:
838
- generator.generate_config_file(args.output, args.type)
839
-
840
-
841
- if __name__ == "__main__":
842
- main()