mcp-proxy-adapter 6.9.27__py3-none-any.whl → 6.9.29__py3-none-any.whl

mcp_proxy_adapter/core/validation/config_validator.py

@@ -0,0 +1,211 @@
+"""
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+
+Main configuration validator for MCP Proxy Adapter.
+"""
+
+import json
+import logging
+from pathlib import Path
+from typing import Dict, List, Any, Optional
+
+from .file_validator import FileValidator
+from .security_validator import SecurityValidator
+from .protocol_validator import ProtocolValidator
+
+logger = logging.getLogger(__name__)
+
+
+class ConfigValidator:
+    """
+    Comprehensive configuration validator for MCP Proxy Adapter.
+    
+    Validates:
+    - Required sections and keys
+    - File existence for referenced files
+    - Feature flag dependencies
+    - Protocol-specific requirements
+    - Security configuration consistency
+    """
+    
+    def __init__(self, config_path: Optional[str] = None):
+        """
+        Initialize configuration validator.
+
+        Args:
+            config_path: Path to configuration file (optional)
+        """
+        self.config_path = config_path
+        self.config_data: Dict[str, Any] = {}
+        self.validation_results: List[ValidationResult] = []
+
+    def load_config(self, config_path: Optional[str] = None) -> None:
+        """
+        Load configuration from file.
+
+        Args:
+            config_path: Path to configuration file
+        """
+        if config_path:
+            self.config_path = config_path
+        
+        if not self.config_path:
+            raise ValueError("No configuration path provided")
+        
+        try:
+            with open(self.config_path, 'r', encoding='utf-8') as f:
+                self.config_data = json.load(f)
+            logger.info(f"Configuration loaded from {self.config_path}")
+        except FileNotFoundError:
+            raise FileNotFoundError(f"Configuration file not found: {self.config_path}")
+        except json.JSONDecodeError as e:
+            raise ValueError(f"Invalid JSON in configuration file: {e}")
+        except Exception as e:
+            raise RuntimeError(f"Error loading configuration: {e}")
+
+    def validate_config(self, config_data: Optional[Dict[str, Any]] = None) -> List[ValidationResult]:
+        """
+        Validate configuration data.
+
+        Args:
+            config_data: Configuration data to validate (optional)
+
+        Returns:
+            List of validation results
+        """
+        if config_data is not None:
+            self.config_data = config_data
+        
+        if not self.config_data:
+            raise ValueError("No configuration data to validate")
+        
+        self.validation_results = []
+        
+        # Initialize validators
+        file_validator = FileValidator(self.config_data)
+        security_validator = SecurityValidator(self.config_data)
+        protocol_validator = ProtocolValidator(self.config_data)
+        
+        # Run all validations
+        self.validation_results.extend(protocol_validator.validate_required_sections())
+        self.validation_results.extend(protocol_validator.validate_protocol_requirements())
+        self.validation_results.extend(file_validator.validate_file_existence())
+        self.validation_results.extend(security_validator.validate_security_consistency())
+        self.validation_results.extend(security_validator.validate_ssl_configuration())
+        self.validation_results.extend(security_validator.validate_roles_configuration())
+        self.validation_results.extend(security_validator.validate_proxy_registration())
+        
+        # Additional validations
+        self._validate_unknown_fields()
+        self._validate_uuid_format()
+        
+        return self.validation_results
+
+    def validate_all(self, config_data: Optional[Dict[str, Any]] = None) -> List[ValidationResult]:
+        """
+        Validate all aspects of the configuration.
+
+        Args:
+            config_data: Configuration data to validate (optional)
+
+        Returns:
+            List of validation results
+        """
+        return self.validate_config(config_data)
+
+    def _validate_unknown_fields(self) -> None:
+        """Validate for unknown configuration fields."""
+        known_sections = {
+            "server", "protocols", "security", "ssl", "auth", "roles", 
+            "logging", "commands", "proxy_registration", "transport"
+        }
+        
+        for section in self.config_data.keys():
+            if section not in known_sections:
+                self.validation_results.append(ValidationResult(
+                    level="warning",
+                    message=f"Unknown configuration section: {section}",
+                    section=section,
+                    suggestion="Check if this section is needed or if it's a typo"
+                ))
+
+    def _validate_uuid_format(self) -> None:
+        """Validate UUID format in configuration."""
+        uuid_fields = ["server.server_id", "proxy_registration.server_id"]
+        
+        for field in uuid_fields:
+            value = self._get_nested_value_safe(field)
+            if value and not self._is_valid_uuid4(str(value)):
+                self.validation_results.append(ValidationResult(
+                    level="warning",
+                    message=f"Invalid UUID format in {field}: {value}",
+                    section=field.split(".")[0],
+                    key=field.split(".")[1],
+                    suggestion="Use a valid UUID4 format"
+                ))
+
+    def _is_valid_uuid4(self, uuid_str: str) -> bool:
+        """Check if string is a valid UUID4."""
+        import re
+        uuid_pattern = r'^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$'
+        return bool(re.match(uuid_pattern, uuid_str, re.IGNORECASE))
+
+    def _get_nested_value_safe(self, key: str, default: Any = None) -> Any:
+        """Safely get a nested value from configuration."""
+        keys = key.split('.')
+        value = self.config_data
+        
+        for k in keys:
+            if isinstance(value, dict) and k in value:
+                value = value[k]
+            else:
+                return default
+        
+        return value
+
+    def get_validation_summary(self) -> Dict[str, Any]:
+        """
+        Get a summary of validation results.
+
+        Returns:
+            Dictionary with validation summary
+        """
+        error_count = sum(1 for r in self.validation_results if r.level == "error")
+        warning_count = sum(1 for r in self.validation_results if r.level == "warning")
+        info_count = sum(1 for r in self.validation_results if r.level == "info")
+        
+        return {
+            "total_issues": len(self.validation_results),
+            "errors": error_count,
+            "warnings": warning_count,
+            "info": info_count,
+            "is_valid": error_count == 0
+        }
+
+    def print_validation_report(self) -> None:
+        """Print a formatted validation report."""
+        summary = self.get_validation_summary()
+        
+        print(f"\\n📋 Configuration Validation Report")
+        print(f"{'=' * 40}")
+        print(f"Total issues: {summary['total_issues']}")
+        print(f"Errors: {summary['errors']}")
+        print(f"Warnings: {summary['warnings']}")
+        print(f"Info: {summary['info']}")
+        print(f"Valid: {'✅ Yes' if summary['is_valid'] else '❌ No'}")
+        
+        if self.validation_results:
+            print(f"\\n📝 Issues:")
+            for i, result in enumerate(self.validation_results, 1):
+                level_icon = {"error": "❌", "warning": "⚠️", "info": "ℹ️"}[result.level]
+                print(f"{i:2d}. {level_icon} {result.message}")
+                if result.section:
+                    print(f"    Section: {result.section}")
+                if result.key:
+                    print(f"    Key: {result.key}")
+                if result.suggestion:
+                    print(f"    Suggestion: {result.suggestion}")
+                print()
+
+

mcp_proxy_adapter/core/validation/file_validator.py

@@ -0,0 +1,73 @@
+"""
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+
+File validation utilities for MCP Proxy Adapter configuration validation.
+"""
+
+import os
+import ssl
+
+from .validation_result import ValidationResult
+
+
+class FileValidator:
+    """Validator for file-related configuration settings."""
+
+    def __init__(self, config_data: Dict[str, Any]):
+        self.config_data = config_data
+        self.validation_results: List[ValidationResult] = []
+
+
+
+
+
+    def _get_nested_value_safe(self, key: str, default: Any = None) -> Any:
+        """Safely get a nested value from configuration."""
+        keys = key.split('.')
+        value = self.config_data
+        
+        for k in keys:
+            if isinstance(value, dict) and k in value:
+                value = value[k]
+            else:
+                return default
+        
+        return value
+
+    def _has_nested_key(self, key: str) -> bool:
+        """Check if a nested key exists in configuration."""
+        keys = key.split('.')
+        value = self.config_data
+        
+        for k in keys:
+            if isinstance(value, dict) and k in value:
+                value = value[k]
+            else:
+                return False
+        
+        return True
+
+    def _is_file_required_for_enabled_features(self, file_key: str) -> bool:
+        """Check if a file is required based on enabled features."""
+        # SSL files are required if SSL is enabled
+        if file_key.startswith("ssl.") or file_key.startswith("transport.ssl."):
+            return self._get_nested_value_safe("ssl.enabled", False)
+        
+        # Proxy registration files are required if proxy registration is enabled
+        if file_key.startswith("proxy_registration."):
+            return self._get_nested_value_safe("proxy_registration.enabled", False)
+        
+        # Log directory is required if logging is enabled
+        if file_key == "logging.log_dir":
+            return self._get_nested_value_safe("logging.enabled", True)
+        
+        # Command directories are required if commands are enabled
+        if file_key.startswith("commands."):
+            return self._get_nested_value_safe("commands.enabled", True)
+        
+        # Security files are required if security is enabled
+        if file_key.startswith("security."):
+            return self._get_nested_value_safe("security.enabled", False)
+        
+        return False

mcp_proxy_adapter/core/validation/protocol_validator.py

@@ -0,0 +1,191 @@
+"""
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+
+Protocol validation utilities for MCP Proxy Adapter configuration validation.
+"""
+
+import re
+from typing import Dict, List, Any
+
+from .validation_result import ValidationResult
+
+
+class ProtocolValidator:
+    """Validator for protocol-related configuration settings."""
+
+    def __init__(self, config_data: Dict[str, Any]):
+        self.config_data = config_data
+        self.validation_results: List[ValidationResult] = []
+
+
+
+    def _validate_https_requirements(self) -> None:
+        """Validate HTTPS-specific requirements."""
+        ssl_config = self._get_nested_value_safe("ssl", {})
+        
+        if not ssl_config.get("enabled", False):
+            self.validation_results.append(ValidationResult(
+                level="error",
+                message="HTTPS protocol requires SSL to be enabled",
+                section="ssl",
+                suggestion="Set ssl.enabled to true"
+            ))
+        
+        # Check for required SSL files
+        if not ssl_config.get("cert_file"):
+            self.validation_results.append(ValidationResult(
+                level="error",
+                message="HTTPS protocol requires SSL certificate file",
+                section="ssl",
+                key="cert_file",
+                suggestion="Specify ssl.cert_file"
+            ))
+        
+        if not ssl_config.get("key_file"):
+            self.validation_results.append(ValidationResult(
+                level="error",
+                message="HTTPS protocol requires SSL key file",
+                section="ssl",
+                key="key_file",
+                suggestion="Specify ssl.key_file"
+            ))
+
+    def _validate_mtls_requirements(self) -> None:
+        """Validate mTLS-specific requirements."""
+        # mTLS requires HTTPS
+        self._validate_https_requirements()
+        
+        ssl_config = self._get_nested_value_safe("ssl", {})
+        
+        # Check for client certificate requirements
+        if not ssl_config.get("client_cert"):
+            self.validation_results.append(ValidationResult(
+                level="error",
+                message="mTLS protocol requires client certificate file",
+                section="ssl",
+                key="client_cert",
+                suggestion="Specify ssl.client_cert"
+            ))
+        
+        if not ssl_config.get("client_key"):
+            self.validation_results.append(ValidationResult(
+                level="error",
+                message="mTLS protocol requires client key file",
+                section="ssl",
+                key="client_key",
+                suggestion="Specify ssl.client_key"
+            ))
+        
+        # Check for client verification
+        if not ssl_config.get("verify_client", False):
+            self.validation_results.append(ValidationResult(
+                level="warning",
+                message="mTLS protocol should have client verification enabled",
+                section="ssl",
+                key="verify_client",
+                suggestion="Set ssl.verify_client to true"
+            ))
+
+    def _validate_feature_flags(self) -> None:
+        """Validate feature flags based on protocol."""
+        protocol = self._get_nested_value_safe("server.protocol", "http")
+        
+        # Check if features are compatible with protocol
+        if protocol == "http":
+            # HTTP doesn't support SSL features
+            if self._get_nested_value_safe("ssl.enabled", False):
+                self.validation_results.append(ValidationResult(
+                    level="warning",
+                    message="SSL is enabled but protocol is HTTP. Consider using HTTPS",
+                    section="ssl",
+                    suggestion="Change protocol to https or disable SSL"
+                ))
+        
+        # Check transport configuration
+        transport_config = self._get_nested_value_safe("transport", {})
+        if transport_config:
+            transport_ssl = transport_config.get("ssl", {})
+            if transport_ssl.get("enabled", False) and protocol == "http":
+                self.validation_results.append(ValidationResult(
+                    level="warning",
+                    message="Transport SSL is enabled but protocol is HTTP",
+                    section="transport.ssl",
+                    suggestion="Change protocol to https or disable transport SSL"
+                ))
+
+    def _validate_server_section(self) -> None:
+        """Validate server section requirements."""
+        server_config = self.config_data.get("server", {})
+        
+        # Check required fields
+        if "host" not in server_config:
+            self.validation_results.append(ValidationResult(
+                level="error",
+                message="Server host is required",
+                section="server",
+                key="host",
+                suggestion="Add host field to server section"
+            ))
+        
+        if "port" not in server_config:
+            self.validation_results.append(ValidationResult(
+                level="error",
+                message="Server port is required",
+                section="server",
+                key="port",
+                suggestion="Add port field to server section"
+            ))
+        
+        # Validate port number
+        port = server_config.get("port")
+        if port is not None:
+            if not isinstance(port, int) or not (1 <= port <= 65535):
+                self.validation_results.append(ValidationResult(
+                    level="error",
+                    message=f"Invalid port number: {port}. Must be between 1 and 65535",
+                    section="server",
+                    key="port"
+                ))
+        
+        # Validate host format
+        host = server_config.get("host")
+        if host is not None:
+            if not self._is_valid_host(host):
+                self.validation_results.append(ValidationResult(
+                    level="error",
+                    message=f"Invalid host format: {host}",
+                    section="server",
+                    key="host",
+                    suggestion="Use a valid hostname or IP address"
+                ))
+
+    def _is_valid_host(self, host: str) -> bool:
+        """Check if host has valid format."""
+        # Check for localhost
+        if host in ["localhost", "127.0.0.1", "::1", "0.0.0.0"]:
+            return True
+        
+        # Check for IP address
+        ip_pattern = r'^(\d{1,3}\.){3}\d{1,3}$'
+        if re.match(ip_pattern, host):
+            # Validate IP address ranges
+            parts = host.split('.')
+            return all(0 <= int(part) <= 255 for part in parts)
+        
+        # Check for hostname (basic validation)
+        hostname_pattern = r'^[a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?)*$'
+        return bool(re.match(hostname_pattern, host))
+
+    def _get_nested_value_safe(self, key: str, default: Any = None) -> Any:
+        """Safely get a nested value from configuration."""
+        keys = key.split('.')
+        value = self.config_data
+        
+        for k in keys:
+            if isinstance(value, dict) and k in value:
+                value = value[k]
+            else:
+                return default
+        
+        return value

mcp_proxy_adapter/core/validation/security_validator.py

@@ -0,0 +1,58 @@
+"""
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+
+Security validation utilities for MCP Proxy Adapter configuration validation.
+"""
+
+import os
+from typing import Dict, List, Any
+
+from .validation_result import ValidationResult
+
+
+class SecurityValidator:
+    """Validator for security-related configuration settings."""
+
+    def __init__(self, config_data: Dict[str, Any]):
+        self.config_data = config_data
+        self.validation_results: List[ValidationResult] = []
+
+
+
+
+
+    def _get_nested_value_safe(self, key: str, default: Any = None) -> Any:
+        """Safely get a nested value from configuration."""
+        keys = key.split('.')
+        value = self.config_data
+        
+        for k in keys:
+            if isinstance(value, dict) and k in value:
+                value = value[k]
+            else:
+                return default
+        
+        return value
+
+    def _has_nested_key(self, key: str) -> bool:
+        """Check if a nested key exists in configuration."""
+        keys = key.split('.')
+        value = self.config_data
+        
+        for k in keys:
+            if isinstance(value, dict) and k in value:
+                value = value[k]
+            else:
+                return False
+        
+        return True
+
+    def _is_valid_url(self, url: str) -> bool:
+        """Check if URL has valid format."""
+        try:
+            from urllib.parse import urlparse
+            parsed = urlparse(url)
+            return bool(parsed.scheme and parsed.netloc)
+        except Exception:
+            return False

mcp_proxy_adapter/core/validation/validation_result.py

@@ -0,0 +1,27 @@
+"""
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+
+Validation result classes for MCP Proxy Adapter configuration validation.
+"""
+
+from enum import Enum
+from dataclasses import dataclass
+from typing import Optional
+
+
+class ValidationLevel(Enum):
+    """Validation severity levels."""
+    ERROR = "error"
+    WARNING = "warning"
+    INFO = "info"
+
+
+@dataclass
+class ValidationResult:
+    """Result of configuration validation."""
+    level: str  # "error", "warning", "info"
+    message: str
+    section: Optional[str] = None
+    key: Optional[str] = None
+    suggestion: Optional[str] = None