mcp-proxy-adapter 6.9.17__py3-none-any.whl → 6.9.19__py3-none-any.whl

mcp_proxy_adapter/core/certificate_utils.py

@@ -89,7 +89,7 @@ class CertificateUtils:
             OSError: If files cannot be created
         """
         if not SECURITY_FRAMEWORK_AVAILABLE:
-            logger.warning(
+            get_global_logger().warning(
                 "mcp_security_framework not available, using fallback method"
             )
             return CertificateUtils._create_ca_certificate_fallback(
@@ -141,7 +141,7 @@ class CertificateUtils:
             }
 
         except Exception as e:
-            logger.error(f"Failed to create CA certificate: {e}")
+            get_global_logger().error(f"Failed to create CA certificate: {e}")
             raise
 
     @staticmethod
@@ -231,7 +231,7 @@ class CertificateUtils:
             return {"cert_path": str(cert_path), "key_path": str(key_path)}
 
         except Exception as e:
-            logger.error(f"Failed to create CA certificate (fallback): {e}")
+            get_global_logger().error(f"Failed to create CA certificate (fallback): {e}")
             raise
 
     @staticmethod
@@ -379,7 +379,7 @@ class CertificateUtils:
                     )
                 )
 
-            logger.info(f"Server certificate created: {cert_path}")
+            get_global_logger().info(f"Server certificate created: {cert_path}")
 
             return {
                 "cert_path": cert_path,
@@ -390,7 +390,7 @@ class CertificateUtils:
             }
 
         except Exception as e:
-            logger.error(f"Failed to create server certificate: {e}")
+            get_global_logger().error(f"Failed to create server certificate: {e}")
             raise
 
     @staticmethod
@@ -423,7 +423,7 @@ class CertificateUtils:
             OSError: If files cannot be created
         """
         if not SECURITY_FRAMEWORK_AVAILABLE:
-            logger.warning(
+            get_global_logger().warning(
                 "mcp_security_framework not available, using fallback method"
             )
             return CertificateUtils._create_client_certificate_fallback(
@@ -489,7 +489,7 @@ class CertificateUtils:
             }
 
         except Exception as e:
-            logger.error(f"Failed to create client certificate: {e}")
+            get_global_logger().error(f"Failed to create client certificate: {e}")
             raise
 
     @staticmethod
@@ -612,7 +612,7 @@ class CertificateUtils:
             return {"cert_path": str(cert_path), "key_path": str(key_path)}
 
         except Exception as e:
-            logger.error(f"Failed to create client certificate (fallback): {e}")
+            get_global_logger().error(f"Failed to create client certificate (fallback): {e}")
             raise
 
     @staticmethod
@@ -627,7 +627,7 @@ class CertificateUtils:
             List of roles found in certificate
         """
         if not SECURITY_FRAMEWORK_AVAILABLE:
-            logger.warning(
+            get_global_logger().warning(
                 "mcp_security_framework not available, using fallback method"
             )
             return RoleUtils.extract_roles_from_certificate(cert_path)
@@ -635,7 +635,7 @@ class CertificateUtils:
         try:
             return extract_roles_from_certificate(cert_path)
         except Exception as e:
-            logger.error(f"Failed to extract roles from certificate: {e}")
+            get_global_logger().error(f"Failed to extract roles from certificate: {e}")
             return []
 
     @staticmethod
@@ -650,7 +650,7 @@ class CertificateUtils:
             List of roles found in certificate
         """
         if not SECURITY_FRAMEWORK_AVAILABLE:
-            logger.warning(
+            get_global_logger().warning(
                 "mcp_security_framework not available, using fallback method"
             )
             return RoleUtils.extract_roles_from_certificate_object(cert)
@@ -660,7 +660,7 @@ class CertificateUtils:
             cert_pem = cert.public_bytes(serialization.Encoding.PEM)
             return extract_roles_from_certificate(cert_pem)
         except Exception as e:
-            logger.error(f"Failed to extract roles from certificate object: {e}")
+            get_global_logger().error(f"Failed to extract roles from certificate object: {e}")
             return []
 
     @staticmethod
@@ -675,7 +675,7 @@ class CertificateUtils:
             List of permissions found in certificate
         """
         if not SECURITY_FRAMEWORK_AVAILABLE:
-            logger.warning(
+            get_global_logger().warning(
                 "mcp_security_framework not available, permissions extraction not supported"
             )
             return []
@@ -683,7 +683,7 @@ class CertificateUtils:
         try:
             return extract_permissions_from_certificate(cert_path)
         except Exception as e:
-            logger.error(f"Failed to extract permissions from certificate: {e}")
+            get_global_logger().error(f"Failed to extract permissions from certificate: {e}")
             return []
 
     @staticmethod
@@ -699,7 +699,7 @@ class CertificateUtils:
             True if chain is valid, False otherwise
         """
         if not SECURITY_FRAMEWORK_AVAILABLE:
-            logger.warning(
+            get_global_logger().warning(
                 "mcp_security_framework not available, using fallback validation"
             )
             return CertificateUtils._validate_certificate_chain_fallback(
@@ -709,7 +709,7 @@ class CertificateUtils:
         try:
             return validate_certificate_chain(cert_path, ca_cert_path)
         except Exception as e:
-            logger.error(f"Failed to validate certificate chain: {e}")
+            get_global_logger().error(f"Failed to validate certificate chain: {e}")
             return False
 
     @staticmethod
@@ -727,7 +727,7 @@ class CertificateUtils:
             return cert.issuer == ca_cert.subject
 
         except Exception as e:
-            logger.error(f"Failed to validate certificate chain (fallback): {e}")
+            get_global_logger().error(f"Failed to validate certificate chain (fallback): {e}")
             return False
 
     @staticmethod
@@ -742,7 +742,7 @@ class CertificateUtils:
             Certificate expiry date or None if not available
         """
         if not SECURITY_FRAMEWORK_AVAILABLE:
-            logger.warning(
+            get_global_logger().warning(
                 "mcp_security_framework not available, using fallback method"
             )
             return CertificateUtils._get_certificate_expiry_fallback(cert_path)
@@ -753,7 +753,7 @@ class CertificateUtils:
                 return expiry_info["expiry_date"]
             return None
         except Exception as e:
-            logger.error(f"Failed to get certificate expiry: {e}")
+            get_global_logger().error(f"Failed to get certificate expiry: {e}")
             return None
 
     @staticmethod
@@ -766,7 +766,7 @@ class CertificateUtils:
             return cert.not_valid_after
 
         except Exception as e:
-            logger.error(f"Failed to get certificate expiry (fallback): {e}")
+            get_global_logger().error(f"Failed to get certificate expiry (fallback): {e}")
             return None
 
     @staticmethod
@@ -785,7 +785,7 @@ class CertificateUtils:
             result = validator.validate_certificate(cert_path)
             return result.is_valid
         except Exception as e:
-            logger.error(f"Failed to validate certificate: {e}")
+            get_global_logger().error(f"Failed to validate certificate: {e}")
             return False
 
     @staticmethod
@@ -836,7 +836,7 @@ class CertificateUtils:
             }
 
         except Exception as e:
-            logger.error(f"Failed to get certificate info: {e}")
+            get_global_logger().error(f"Failed to get certificate info: {e}")
             return {}
 
     @staticmethod
@@ -912,7 +912,7 @@ class CertificateUtils:
             }
 
         except Exception as e:
-            logger.error(f"Failed to generate private key: {e}")
+            get_global_logger().error(f"Failed to generate private key: {e}")
             return {"success": False, "error": f"Key generation failed: {str(e)}"}
 
     @staticmethod
@@ -958,7 +958,7 @@ class CertificateUtils:
                 return {"success": False, "error": f"Invalid private key: {str(e)}"}
 
         except Exception as e:
-            logger.error(f"Failed to validate private key: {e}")
+            get_global_logger().error(f"Failed to validate private key: {e}")
             return {"success": False, "error": f"Key validation failed: {str(e)}"}
 
     @staticmethod
@@ -1003,7 +1003,7 @@ class CertificateUtils:
             return {"success": True, "backup_path": backup_path}
 
         except Exception as e:
-            logger.error(f"Failed to create encrypted backup: {e}")
+            get_global_logger().error(f"Failed to create encrypted backup: {e}")
             return {"success": False, "error": f"Encryption failed: {str(e)}"}
 
     @staticmethod
@@ -1047,7 +1047,7 @@ class CertificateUtils:
             return {"success": True, "key_path": key_path}
 
         except Exception as e:
-            logger.error(f"Failed to restore encrypted backup: {e}")
+            get_global_logger().error(f"Failed to restore encrypted backup: {e}")
             return {"success": False, "error": f"Decryption failed: {str(e)}"}
 
     @staticmethod
@@ -1084,5 +1084,5 @@ class CertificateUtils:
             return context
 
         except Exception as e:
-            logger.error(f"Failed to create SSL context: {e}")
+            get_global_logger().error(f"Failed to create SSL context: {e}")
             raise

mcp_proxy_adapter/core/client_manager.py

@@ -46,7 +46,7 @@ class ClientManager:
         self.retry_attempts = config.get("retry_attempts", 3)
         self.retry_delay = config.get("retry_delay", 1)
 
-        self.logger.info("Client manager initialized")
+        self.get_global_logger().info("Client manager initialized")
 
     async def create_client(self, client_id: str, config_file: str) -> UniversalClient:
         """
@@ -61,7 +61,7 @@ class ClientManager:
         """
         try:
             if client_id in self.clients:
-                self.logger.warning(
+                self.get_global_logger().warning(
                     f"Client {client_id} already exists, reusing existing connection"
                 )
                 return self.clients[client_id]
@@ -69,11 +69,11 @@ class ClientManager:
             client = create_client_from_config(config_file)
             self.clients[client_id] = client
 
-            self.logger.info(f"Client {client_id} created successfully")
+            self.get_global_logger().info(f"Client {client_id} created successfully")
             return client
 
         except Exception as e:
-            self.logger.error(f"Failed to create client {client_id}: {e}")
+            self.get_global_logger().error(f"Failed to create client {client_id}: {e}")
             raise
 
     async def get_client(self, client_id: str) -> Optional[UniversalClient]:
@@ -102,7 +102,7 @@ class ClientManager:
             client = self.clients[client_id]
             await client.disconnect()
             del self.clients[client_id]
-            self.logger.info(f"Client {client_id} removed")
+            self.get_global_logger().info(f"Client {client_id} removed")
             return True
         return False
 
@@ -118,13 +118,13 @@ class ClientManager:
         """
         client = await self.get_client(client_id)
         if not client:
-            self.logger.error(f"Client {client_id} not found")
+            self.get_global_logger().error(f"Client {client_id} not found")
             return False
 
         try:
             return await client.test_connection()
         except Exception as e:
-            self.logger.error(f"Connection test failed for client {client_id}: {e}")
+            self.get_global_logger().error(f"Connection test failed for client {client_id}: {e}")
             return False
 
     async def register_proxy(
@@ -146,10 +146,10 @@ class ClientManager:
 
         try:
             result = await client.register_proxy(proxy_config)
-            self.logger.info(f"Proxy registration completed for client {client_id}")
+            self.get_global_logger().info(f"Proxy registration completed for client {client_id}")
             return result
         except Exception as e:
-            self.logger.error(f"Proxy registration failed for client {client_id}: {e}")
+            self.get_global_logger().error(f"Proxy registration failed for client {client_id}: {e}")
             return {"error": str(e)}
 
     async def execute_command(
@@ -172,10 +172,10 @@ class ClientManager:
 
         try:
             result = await client.execute_command(command, params or {})
-            self.logger.info(f"Command {command} executed for client {client_id}")
+            self.get_global_logger().info(f"Command {command} executed for client {client_id}")
             return result
         except Exception as e:
-            self.logger.error(f"Command execution failed for client {client_id}: {e}")
+            self.get_global_logger().error(f"Command execution failed for client {client_id}: {e}")
             return {"error": str(e)}
 
     async def get_client_status(self, client_id: str) -> Dict[str, Any]:
@@ -210,7 +210,7 @@ class ClientManager:
 
             return status
         except Exception as e:
-            self.logger.error(f"Failed to get status for client {client_id}: {e}")
+            self.get_global_logger().error(f"Failed to get status for client {client_id}: {e}")
             return {"error": str(e)}
 
     async def list_clients(self) -> List[str]:
@@ -226,7 +226,7 @@ class ClientManager:
         """Clean up all client connections."""
         for client_id in list(self.clients.keys()):
             await self.remove_client(client_id)
-        self.logger.info("All client connections cleaned up")
+        self.get_global_logger().info("All client connections cleaned up")
 
     async def __aenter__(self):
         """Async context manager entry."""

mcp_proxy_adapter/core/client_security.py

@@ -39,7 +39,7 @@ except ImportError:
     AuthResult = None
     ValidationResult = None
 
-from mcp_proxy_adapter.core.logging import logger
+from mcp_proxy_adapter.core.logging import get_global_logger
 
 
 class ClientSecurityManager:
@@ -69,7 +69,7 @@ class ClientSecurityManager:
             ssl_config = self._create_ssl_config()
             self.ssl_manager = SSLManager(ssl_config)
 
-        logger.info("Client security manager initialized")
+        get_global_logger().info("Client security manager initialized")
 
     def _create_ssl_config(self) -> SSLConfig:
         """Create SSL configuration for client connections."""
@@ -114,13 +114,13 @@ class ClientSecurityManager:
             # Create client SSL context
             context = self.ssl_manager.create_client_context()
 
-            logger.info(
+            get_global_logger().info(
                 f"Client SSL context created for {server_hostname or 'unknown server'}"
             )
             return context
 
         except Exception as e:
-            logger.error(f"Failed to create client SSL context: {e}")
+            get_global_logger().error(f"Failed to create client SSL context: {e}")
             return None
 
     def generate_client_api_key(self, user_id: str, prefix: str = "mcp_proxy") -> str:
@@ -136,10 +136,10 @@ class ClientSecurityManager:
         """
         try:
             api_key = generate_api_key(prefix=prefix)
-            logger.info(f"Generated API key for user: {user_id}")
+            get_global_logger().info(f"Generated API key for user: {user_id}")
             return api_key
         except Exception as e:
-            logger.error(f"Failed to generate API key: {e}")
+            get_global_logger().error(f"Failed to generate API key: {e}")
             raise
 
     def create_client_jwt_token(
@@ -173,11 +173,11 @@ class ClientSecurityManager:
                 expiry_hours=expiry_hours,
             )
 
-            logger.info(f"Created JWT token for user: {user_id}")
+            get_global_logger().info(f"Created JWT token for user: {user_id}")
             return token
 
         except Exception as e:
-            logger.error(f"Failed to create JWT token: {e}")
+            get_global_logger().error(f"Failed to create JWT token: {e}")
             raise
 
     def validate_server_certificate(
@@ -196,26 +196,26 @@ class ClientSecurityManager:
         try:
             # Validate certificate format
             if not validate_certificate_format(cert_path):
-                logger.error(f"Invalid certificate format: {cert_path}")
+                get_global_logger().error(f"Invalid certificate format: {cert_path}")
                 return False
 
             # Validate certificate chain if CA provided
             if ca_cert_path:
                 if not validate_certificate_chain(cert_path, ca_cert_path):
-                    logger.error(f"Invalid certificate chain: {cert_path}")
+                    get_global_logger().error(f"Invalid certificate chain: {cert_path}")
                     return False
 
             # Parse certificate and check basic properties
             cert_info = parse_certificate(cert_path)
             if not cert_info:
-                logger.error(f"Failed to parse certificate: {cert_path}")
+                get_global_logger().error(f"Failed to parse certificate: {cert_path}")
                 return False
 
-            logger.info(f"Server certificate validated: {cert_path}")
+            get_global_logger().info(f"Server certificate validated: {cert_path}")
             return True
 
         except Exception as e:
-            logger.error(f"Failed to validate server certificate: {e}")
+            get_global_logger().error(f"Failed to validate server certificate: {e}")
             return False
 
     def extract_server_roles(self, cert_path: str) -> List[str]:
@@ -230,10 +230,10 @@ class ClientSecurityManager:
         """
         try:
             roles = extract_roles_from_certificate(cert_path)
-            logger.info(f"Extracted roles from server certificate: {roles}")
+            get_global_logger().info(f"Extracted roles from server certificate: {roles}")
             return roles
         except Exception as e:
-            logger.error(f"Failed to extract roles from certificate: {e}")
+            get_global_logger().error(f"Failed to extract roles from certificate: {e}")
             return []
 
     def get_client_auth_headers(
@@ -271,11 +271,11 @@ class ClientSecurityManager:
             headers["X-Proxy-Type"] = "mcp_proxy_adapter"
             headers["X-Client-Type"] = "proxy_client"
 
-            logger.debug(f"Created auth headers for method: {auth_method}")
+            get_global_logger().debug(f"Created auth headers for method: {auth_method}")
             return headers
 
         except Exception as e:
-            logger.error(f"Failed to create auth headers: {e}")
+            get_global_logger().error(f"Failed to create auth headers: {e}")
             return {}
 
     def prepare_client_connection(
@@ -307,13 +307,13 @@ class ClientSecurityManager:
                 token=server_config.get("token"),
             )
 
-            logger.info(
+            get_global_logger().info(
                 f"Prepared client connection for {server_config.get('hostname', 'unknown')}"
             )
             return ssl_context, auth_headers
 
         except Exception as e:
-            logger.error(f"Failed to prepare client connection: {e}")
+            get_global_logger().error(f"Failed to prepare client connection: {e}")
             return None, {}
 
     def validate_server_response(self, response_headers: Dict[str, str]) -> bool:
@@ -331,23 +331,23 @@ class ClientSecurityManager:
             required_headers = ["Content-Type"]
             for header in required_headers:
                 if header not in response_headers:
-                    logger.warning(f"Missing required header: {header}")
+                    get_global_logger().warning(f"Missing required header: {header}")
 
             # Check for security headers
             security_headers = ["X-Frame-Options", "X-Content-Type-Options"]
             for header in security_headers:
                 if header in response_headers:
-                    logger.debug(f"Found security header: {header}")
+                    get_global_logger().debug(f"Found security header: {header}")
 
             # Validate content type
             content_type = response_headers.get("Content-Type", "")
             if "application/json" not in content_type:
-                logger.warning(f"Unexpected content type: {content_type}")
+                get_global_logger().warning(f"Unexpected content type: {content_type}")
 
             return True
 
         except Exception as e:
-            logger.error(f"Failed to validate server response: {e}")
+            get_global_logger().error(f"Failed to validate server response: {e}")
             return False
 
     def get_client_certificate_info(self) -> Optional[Dict[str, Any]]:
@@ -373,7 +373,7 @@ class ClientSecurityManager:
             return None
 
         except Exception as e:
-            logger.error(f"Failed to get client certificate info: {e}")
+            get_global_logger().error(f"Failed to get client certificate info: {e}")
             return None
 
     def is_ssl_enabled(self) -> bool:
@@ -401,8 +401,8 @@ def create_client_security_manager(
     try:
         return ClientSecurityManager(config)
     except ImportError:
-        logger.warning("mcp_security_framework not available, client security disabled")
+        get_global_logger().warning("mcp_security_framework not available, client security disabled")
         return None
     except Exception as e:
-        logger.error(f"Failed to create client security manager: {e}")
+        get_global_logger().error(f"Failed to create client security manager: {e}")
         return None

mcp_proxy_adapter/core/config_converter.py

@@ -10,7 +10,7 @@ import logging
 from typing import Dict, Any, Optional
 from pathlib import Path
 
-from mcp_proxy_adapter.core.logging import logger
+from mcp_proxy_adapter.core.logging import get_global_logger
 
 
 class ConfigConverter:
@@ -174,13 +174,13 @@ class ConfigConverter:
                     }
                 )
 
-            logger.info(
+            get_global_logger().info(
                 "Configuration converted to security framework format successfully"
             )
             return security_config
 
         except Exception as e:
-            logger.error(
+            get_global_logger().error(
                 f"Failed to convert configuration to security framework format: {e}"
             )
             return ConfigConverter._get_default_security_config()
@@ -255,13 +255,13 @@ class ConfigConverter:
                     "by_user": rate_limit_config.get("by_user", True),
                 }
 
-            logger.info(
+            get_global_logger().info(
                 "Configuration converted from security framework format successfully"
             )
             return mcp_config
 
         except Exception as e:
-            logger.error(
+            get_global_logger().error(
                 f"Failed to convert configuration from security framework format: {e}"
             )
             return ConfigConverter._get_default_mcp_config()
@@ -299,11 +299,11 @@ class ConfigConverter:
             with open(output_path, "w", encoding="utf-8") as f:
                 json.dump(legacy_config, f, indent=2, ensure_ascii=False)
 
-            logger.info(f"Configuration migrated successfully to {output_path}")
+            get_global_logger().info(f"Configuration migrated successfully to {output_path}")
             return True
 
         except Exception as e:
-            logger.error(f"Failed to migrate configuration: {e}")
+            get_global_logger().error(f"Failed to migrate configuration: {e}")
             return False
 
     @staticmethod
@@ -320,7 +320,7 @@ class ConfigConverter:
         try:
             # Check if security section exists
             if "security" not in config:
-                logger.error("Security section not found in configuration")
+                get_global_logger().error("Security section not found in configuration")
                 return False
 
             security_section = config["security"]
@@ -329,52 +329,52 @@ class ConfigConverter:
             required_sections = ["auth", "ssl", "permissions", "rate_limit"]
             for section in required_sections:
                 if section not in security_section:
-                    logger.error(
+                    get_global_logger().error(
                         f"Required section '{section}' not found in security configuration"
                     )
                     return False
 
                 if not isinstance(security_section[section], dict):
-                    logger.error(f"Section '{section}' must be a dictionary")
+                    get_global_logger().error(f"Section '{section}' must be a dictionary")
                     return False
 
             # Validate auth configuration
             auth_config = security_section["auth"]
             if not isinstance(auth_config.get("methods", []), list):
-                logger.error("Auth methods must be a list")
+                get_global_logger().error("Auth methods must be a list")
                 return False
 
             if not isinstance(auth_config.get("api_keys", {}), dict):
-                logger.error("API keys must be a dictionary")
+                get_global_logger().error("API keys must be a dictionary")
                 return False
 
             # Validate SSL configuration
             ssl_config = security_section["ssl"]
             if not isinstance(ssl_config.get("enabled", False), bool):
-                logger.error("SSL enabled must be a boolean")
+                get_global_logger().error("SSL enabled must be a boolean")
                 return False
 
             # Validate permissions configuration
             permissions_config = security_section["permissions"]
             if not isinstance(permissions_config.get("enabled", True), bool):
-                logger.error("Permissions enabled must be a boolean")
+                get_global_logger().error("Permissions enabled must be a boolean")
                 return False
 
             # Validate rate limit configuration
             rate_limit_config = security_section["rate_limit"]
             if not isinstance(rate_limit_config.get("enabled", True), bool):
-                logger.error("Rate limit enabled must be a boolean")
+                get_global_logger().error("Rate limit enabled must be a boolean")
                 return False
 
             if not isinstance(rate_limit_config.get("requests_per_minute", 60), int):
-                logger.error("Requests per minute must be an integer")
+                get_global_logger().error("Requests per minute must be an integer")
                 return False
 
-            logger.info("Security configuration validation passed")
+            get_global_logger().info("Security configuration validation passed")
             return True
 
         except Exception as e:
-            logger.error(f"Configuration validation failed: {e}")
+            get_global_logger().error(f"Configuration validation failed: {e}")
             return False
 
     @staticmethod

mcp_proxy_adapter/core/config_validator.py

@@ -674,6 +674,11 @@ class ConfigValidator:
         ssl_enabled = self._get_nested_value_safe("ssl.enabled", False)
         
         if ssl_enabled:
+            # Initialize variables
+            cert_file = None
+            key_file = None
+            ca_cert = None
+            
             if not self._has_nested_key("ssl.cert_file"):
                 self.validation_results.append(ValidationResult(
                     level="error",
@@ -695,7 +700,6 @@ class ConfigValidator:
                 key_file = self._get_nested_value("ssl.key_file")
             
             # CA cert is optional for HTTPS but may be required for mTLS with client verification
-            ca_cert = None
             if self._has_nested_key("ssl.ca_cert"):
                 ca_cert = self._get_nested_value_safe("ssl.ca_cert")