mcp-proxy-adapter 6.9.28__py3-none-any.whl → 6.9.29__py3-none-any.whl

mcp_proxy_adapter/core/role_utils.py

@@ -9,8 +9,6 @@ Version: 1.0.0
 """
 
 import logging
-from typing import List, Optional, Set
-from cryptography import x509
 
 
 class RoleUtils:
@@ -24,130 +22,14 @@ class RoleUtils:
     ROLE_EXTENSION_OID = "1.3.6.1.4.1.99999.1"
 
     @staticmethod
-    def extract_roles_from_certificate(cert_path: str) -> List[str]:
-        """
-        Extract roles from certificate file.
-
-        Args:
-            cert_path: Path to certificate file
-
-        Returns:
-            List of roles extracted from certificate
-        """
-        try:
-            with open(cert_path, "rb") as f:
-                cert_data = f.read()
-
-            cert = x509.load_pem_x509_certificate(cert_data)
-
-            # Extract roles from custom extension
-            for extension in cert.extensions:
-                if extension.oid.dotted_string == RoleUtils.ROLE_EXTENSION_OID:
-                    roles_data = extension.value.value.decode("utf-8")
-                    return [
-                        role.strip() for role in roles_data.split(",") if role.strip()
-                    ]
-
-            return []
-
-        except Exception as e:
-            logging.getLogger(__name__).error(
-                f"Failed to extract roles from certificate {cert_path}: {e}"
-            )
-            return []
 
     @staticmethod
-    def extract_roles_from_certificate_object(cert: x509.Certificate) -> List[str]:
-        """
-        Extract roles from certificate object.
-
-        Args:
-            cert: Certificate object
-
-        Returns:
-            List of roles extracted from certificate
-        """
-        try:
-            # Extract roles from custom extension
-            for extension in cert.extensions:
-                if extension.oid.dotted_string == RoleUtils.ROLE_EXTENSION_OID:
-                    roles_data = extension.value.value.decode("utf-8")
-                    return [
-                        role.strip() for role in roles_data.split(",") if role.strip()
-                    ]
-
-            return []
-
-        except Exception as e:
-            logging.getLogger(__name__).error(
-                f"Failed to extract roles from certificate object: {e}"
-            )
-            return []
 
     @staticmethod
-    def compare_roles(role1: str, role2: str) -> bool:
-        """
-        Compare two roles (case-insensitive).
-
-        Args:
-            role1: First role to compare
-            role2: Second role to compare
-
-        Returns:
-            True if roles are equal (case-insensitive), False otherwise
-        """
-        if not role1 or not role2:
-            return False
-
-        return role1.lower().strip() == role2.lower().strip()
 
     @staticmethod
-    def compare_role_lists(roles1: List[str], roles2: List[str]) -> bool:
-        """
-        Compare two lists of roles (case-insensitive).
-
-        Args:
-            roles1: First list of roles
-            roles2: Second list of roles
-
-        Returns:
-            True if role lists are equal (case-insensitive), False otherwise
-        """
-        if not roles1 and not roles2:
-            return True
-
-        if not roles1 or not roles2:
-            return False
-
-        # Normalize and sort both lists
-        normalized_roles1 = sorted(
-            [role.lower().strip() for role in roles1 if role.strip()]
-        )
-        normalized_roles2 = sorted(
-            [role.lower().strip() for role in roles2 if role.strip()]
-        )
-
-        return normalized_roles1 == normalized_roles2
 
     @staticmethod
-    def validate_roles(roles: List[str]) -> bool:
-        """
-        Validate list of roles.
-
-        Args:
-            roles: List of roles to validate
-
-        Returns:
-            True if roles are valid, False otherwise
-        """
-        if not isinstance(roles, list):
-            return False
-
-        for role in roles:
-            if not RoleUtils.validate_single_role(role):
-                return False
-
-        return True
 
     @staticmethod
     def validate_single_role(role: str) -> bool:
@@ -230,211 +112,21 @@ class RoleUtils:
         return normalized
 
     @staticmethod
-    def has_role(user_roles: List[str], required_role: str) -> bool:
-        """
-        Check if user has required role.
-
-        Args:
-            user_roles: List of user roles
-            required_role: Required role to check
-
-        Returns:
-            True if user has required role, False otherwise
-        """
-        if not user_roles or not required_role:
-            return False
-
-        normalized_required = RoleUtils.normalize_role(required_role)
-        normalized_user_roles = RoleUtils.normalize_roles(user_roles)
-
-        return normalized_required in normalized_user_roles
 
     @staticmethod
-    def has_any_role(user_roles: List[str], required_roles: List[str]) -> bool:
-        """
-        Check if user has any of the required roles.
-
-        Args:
-            user_roles: List of user roles
-            required_roles: List of required roles to check
-
-        Returns:
-            True if user has any required role, False otherwise
-        """
-        if not user_roles or not required_roles:
-            return False
-
-        normalized_user_roles = RoleUtils.normalize_roles(user_roles)
-        normalized_required_roles = RoleUtils.normalize_roles(required_roles)
-
-        return any(role in normalized_user_roles for role in normalized_required_roles)
 
     @staticmethod
-    def has_all_roles(user_roles: List[str], required_roles: List[str]) -> bool:
-        """
-        Check if user has all required roles.
-
-        Args:
-            user_roles: List of user roles
-            required_roles: List of required roles to check
-
-        Returns:
-            True if user has all required roles, False otherwise
-        """
-        if not user_roles or not required_roles:
-            return False
-
-        normalized_user_roles = RoleUtils.normalize_roles(user_roles)
-        normalized_required_roles = RoleUtils.normalize_roles(required_roles)
-
-        return all(role in normalized_user_roles for role in normalized_required_roles)
 
     @staticmethod
-    def get_common_roles(roles1: List[str], roles2: List[str]) -> List[str]:
-        """
-        Get common roles between two role lists.
-
-        Args:
-            roles1: First list of roles
-            roles2: Second list of roles
-
-        Returns:
-            List of common roles
-        """
-        if not roles1 or not roles2:
-            return []
-
-        normalized_roles1 = set(RoleUtils.normalize_roles(roles1))
-        normalized_roles2 = set(RoleUtils.normalize_roles(roles2))
-
-        return list(normalized_roles1.intersection(normalized_roles2))
 
     @staticmethod
-    def merge_roles(roles1: List[str], roles2: List[str]) -> List[str]:
-        """
-        Merge two role lists (remove duplicates).
-
-        Args:
-            roles1: First list of roles
-            roles2: Second list of roles
-
-        Returns:
-            Merged list of roles without duplicates
-        """
-        all_roles = (roles1 or []) + (roles2 or [])
-        return RoleUtils.normalize_roles(all_roles)
 
     @staticmethod
-    def remove_roles(roles: List[str], roles_to_remove: List[str]) -> List[str]:
-        """
-        Remove specified roles from role list.
-
-        Args:
-            roles: List of roles
-            roles_to_remove: List of roles to remove
-
-        Returns:
-            List of roles with specified roles removed
-        """
-        if not roles:
-            return []
-
-        if not roles_to_remove:
-            return roles.copy()
-
-        normalized_roles = RoleUtils.normalize_roles(roles)
-        normalized_to_remove = set(RoleUtils.normalize_roles(roles_to_remove))
-
-        return [role for role in normalized_roles if role not in normalized_to_remove]
 
     @staticmethod
-    def is_admin_role(role: str) -> bool:
-        """
-        Check if role is an admin role.
-
-        Args:
-            role: Role to check
-
-        Returns:
-            True if role is admin, False otherwise
-        """
-        if not role:
-            return False
-
-        admin_roles = {"admin", "administrator", "root", "superuser", "super-admin"}
-        normalized_role = RoleUtils.normalize_role(role)
-
-        return normalized_role in admin_roles
 
     @staticmethod
-    def is_system_role(role: str) -> bool:
-        """
-        Check if role is a system role.
-
-        Args:
-            role: Role to check
-
-        Returns:
-            True if role is system role, False otherwise
-        """
-        if not role:
-            return False
-
-        system_roles = {"system", "service", "daemon", "internal", "system-user"}
-        normalized_role = RoleUtils.normalize_role(role)
-
-        return normalized_role in system_roles
 
     @staticmethod
-    def get_role_hierarchy(role: str) -> List[str]:
-        """
-        Get role hierarchy (parent roles).
-
-        Args:
-            role: Role to get hierarchy for
-
-        Returns:
-            List of parent roles in hierarchy
-        """
-        if not role:
-            return []
-
-        normalized_role = RoleUtils.normalize_role(role)
-
-        # Define role hierarchy
-        hierarchy = {
-            "super-admin": ["admin", "user"],
-            "admin": ["user"],
-            "moderator": ["user"],
-            "user": [],
-            "guest": [],
-        }
-
-        return hierarchy.get(normalized_role, [])
 
     @staticmethod
-    def get_role_permissions(role: str) -> List[str]:
-        """
-        Get permissions for a role.
-
-        Args:
-            role: Role to get permissions for
-
-        Returns:
-            List of permissions for the role
-        """
-        if not role:
-            return []
-
-        normalized_role = RoleUtils.normalize_role(role)
-
-        # Define role permissions
-        permissions = {
-            "super-admin": ["read", "write", "delete", "admin", "system"],
-            "admin": ["read", "write", "delete", "admin"],
-            "moderator": ["read", "write", "moderate"],
-            "user": ["read", "write"],
-            "guest": ["read"],
-        }
-
-        return permissions.get(normalized_role, [])

mcp_proxy_adapter/core/security_adapter.py

@@ -7,8 +7,7 @@ handling configuration conversion and request validation.
 
 import json
 import logging
-from typing import Dict, Any, List, Optional
-from pathlib import Path
+from typing import Dict, Any, Optional
 
 # Import mcp_security_framework components
 try:
@@ -341,38 +340,4 @@ class SecurityAdapter:
         get_global_logger().info(f"Total API keys loaded: {len(api_keys)}")
         return api_keys
 
-    def create_middleware(self, framework: str = "fastapi"):
-        """
-        Create framework-specific middleware.
-
-        Args:
-            framework: Framework type (fastapi, flask, etc.)
-
-        Returns:
-            Middleware instance
-        """
-        if not self.security_manager:
-            get_global_logger().warning("Cannot create middleware: security framework not available")
-            return None
 
-        try:
-            if framework == "fastapi":
-                from mcp_security_framework.middleware import (
-                    create_fastapi_security_middleware,
-                )
-
-                return create_fastapi_security_middleware(self.security_manager)
-            else:
-                raise ValueError(f"Unsupported framework: {framework}")
-        except Exception as e:
-            get_global_logger().error(f"Failed to create middleware: {e}")
-            return None
-
-    def is_available(self) -> bool:
-        """
-        Check if security framework is available.
-
-        Returns:
-            True if framework is available, False otherwise
-        """
-        return SECURITY_FRAMEWORK_AVAILABLE and self.security_manager is not None

mcp_proxy_adapter/core/security_factory.py

@@ -6,7 +6,7 @@ and middleware components with proper configuration and error handling.
 """
 
 import logging
-from typing import Dict, Any, Optional
+from typing import Dict, Any
 
 from mcp_proxy_adapter.core.logging import get_global_logger
 from .security_adapter import SecurityAdapter
@@ -40,22 +40,6 @@ class SecurityFactory:
             raise
 
     @staticmethod
-    def create_security_manager(config: Dict[str, Any]):
-        """
-        Create SecurityManager from configuration.
-
-        Args:
-            config: mcp_proxy_adapter configuration dictionary
-
-        Returns:
-            SecurityManager instance or None if not available
-        """
-        try:
-            adapter = SecurityFactory.create_security_adapter(config)
-            return adapter.security_manager
-        except Exception as e:
-            get_global_logger().error(f"Failed to create security manager: {e}")
-            return None
 
     @staticmethod
     def create_middleware(config: Dict[str, Any], framework: str = "fastapi"):
@@ -85,145 +69,12 @@ class SecurityFactory:
             return None
 
     @staticmethod
-    def create_fastapi_middleware(config: Dict[str, Any]):
-        """
-        Create FastAPI-specific security middleware.
-
-        Args:
-            config: mcp_proxy_adapter configuration dictionary
-
-        Returns:
-            FastAPI middleware instance or None if creation failed
-        """
-        return SecurityFactory.create_middleware(config, "fastapi")
 
     @staticmethod
-    def validate_config(config: Dict[str, Any]) -> bool:
-        """
-        Validate security configuration.
-
-        Args:
-            config: Configuration dictionary to validate
-
-        Returns:
-            True if configuration is valid, False otherwise
-        """
-        try:
-            # Check if security section exists
-            security_config = config.get("security", {})
-
-            # Validate required fields
-            if not isinstance(security_config, dict):
-                get_global_logger().error("Security configuration must be a dictionary")
-                return False
-
-            # Validate auth configuration
-            auth_config = security_config.get("auth", {})
-            if not isinstance(auth_config, dict):
-                get_global_logger().error("Auth configuration must be a dictionary")
-                return False
-
-            # Validate SSL configuration
-            ssl_config = security_config.get("ssl", {})
-            if not isinstance(ssl_config, dict):
-                get_global_logger().error("SSL configuration must be a dictionary")
-                return False
-
-            # Validate permissions configuration
-            permissions_config = security_config.get("permissions", {})
-            if not isinstance(permissions_config, dict):
-                get_global_logger().error("Permissions configuration must be a dictionary")
-                return False
-
-            # Validate rate limit configuration
-            rate_limit_config = security_config.get("rate_limit", {})
-            if not isinstance(rate_limit_config, dict):
-                get_global_logger().error("Rate limit configuration must be a dictionary")
-                return False
-
-            get_global_logger().info("Security configuration validation passed")
-            return True
-
-        except Exception as e:
-            get_global_logger().error(f"Configuration validation failed: {e}")
-            return False
 
     @staticmethod
-    def get_default_config() -> Dict[str, Any]:
-        """
-        Get default security configuration.
-
-        Returns:
-            Default security configuration dictionary
-        """
-        return {
-            "security": {
-                "framework": "mcp_security_framework",
-                "enabled": True,
-                "auth": {
-                    "enabled": True,
-                    "methods": ["api_key"],
-                    "api_keys": {},
-                    "jwt_secret": "",
-                    "jwt_algorithm": "HS256",
-                },
-                "ssl": {
-                    "enabled": False,
-                    "cert_file": None,
-                    "key_file": None,
-                    "ca_cert": None,
-                    "min_tls_version": "TLSv1.2",
-                    "verify_client": False,
-                    "client_cert_required": False,
-                },
-                "permissions": {
-                    "enabled": True,
-                    "roles_file": "roles.json",
-                    "default_role": "user",
-                    "deny_by_default": True,
-                },
-                "rate_limit": {
-                    "enabled": True,
-                    "requests_per_minute": 60,
-                    "requests_per_hour": 1000,
-                    "burst_limit": 10,
-                    "by_ip": True,
-                    "by_user": True,
-                },
-            }
-        }
 
     @staticmethod
-    def merge_config(
-        base_config: Dict[str, Any], security_config: Dict[str, Any]
-    ) -> Dict[str, Any]:
-        """
-        Merge security configuration into base configuration.
-
-        Args:
-            base_config: Base configuration dictionary
-            security_config: Security configuration to merge
-
-        Returns:
-            Merged configuration dictionary
-        """
-        try:
-            # Create a copy of base config
-            merged_config = base_config.copy()
-
-            # Merge security configuration
-            if "security" not in merged_config:
-                merged_config["security"] = {}
-
-            # Deep merge security configuration
-            SecurityFactory._deep_merge(merged_config["security"], security_config)
-
-            get_global_logger().info("Security configuration merged successfully")
-            return merged_config
-
-        except Exception as e:
-            get_global_logger().error(f"Failed to merge security configuration: {e}")
-            return base_config
 
     @staticmethod
     def _deep_merge(base_dict: Dict[str, Any], update_dict: Dict[str, Any]) -> None:

mcp_proxy_adapter/core/security_integration.py

@@ -333,43 +333,10 @@ class SecurityIntegration:
         return await self.rate_limiter.get_rate_limit_info(identifier)
 
     # Middleware creation - direct use of framework middleware
-    def create_fastapi_middleware(self, app) -> FastAPISecurityMiddleware:
-        """Create FastAPI security middleware."""
-        return FastAPISecurityMiddleware(app, self.security_config)
 
     # Utility methods
-    def is_security_enabled(self) -> bool:
-        """Check if security is enabled."""
-        return self.security_config.auth.enabled or self.security_config.ssl.enabled
 
-    def get_public_paths(self) -> List[str]:
-        """Get public paths that bypass authentication."""
-        return self.security_config.auth.public_paths
 
-    def get_security_config(self) -> SecurityConfig:
-        """Get security configuration."""
-        return self.security_config
 
 
 # Factory function for easy integration
-def create_security_integration(config: Dict[str, Any]) -> SecurityIntegration:
-    """
-    Create security integration instance.
-
-    Args:
-        config: Configuration dictionary
-
-    Returns:
-        SecurityIntegration instance
-
-    Raises:
-        RuntimeError: If security integration cannot be created
-    """
-    try:
-        return SecurityIntegration(config)
-    except ImportError as e:
-        get_global_logger().error(f"mcp_security_framework not available: {e}")
-        raise RuntimeError("Security framework is required but not available") from e
-    except Exception as e:
-        get_global_logger().error(f"Failed to create security integration: {e}")
-        raise RuntimeError(f"Security integration failed: {e}") from e

mcp_proxy_adapter/core/server_adapter.py

@@ -10,9 +10,9 @@ email: vasilyvz@gmail.com
 
 import logging
 from typing import Dict, Any, Optional
-from pathlib import Path
 
 from .server_engine import ServerEngineFactory, ServerEngine
+from .logging import get_global_logger
 
 logger = logging.getLogger(__name__)
 
@@ -75,20 +75,6 @@ class ServerConfigAdapter:
         return hypercorn_ssl
 
     @staticmethod
-    def get_optimal_engine_for_config(config: Dict[str, Any]) -> Optional[str]:
-        """
-        Determine the optimal server engine for a given configuration.
-
-        Currently only hypercorn is supported.
-
-        Args:
-            config: Server configuration
-
-        Returns:
-            Optimal engine name (currently always "hypercorn")
-        """
-        # Currently only hypercorn is supported
-        return "hypercorn"
 
     @staticmethod
     def validate_engine_compatibility(config: Dict[str, Any], engine_name: str) -> bool:
@@ -262,29 +248,4 @@ class UnifiedServerRunner:
 
         return engine_config
 
-    def get_engine_info(self, engine_name: str) -> Dict[str, Any]:
-        """
-        Get information about a specific engine.
-
-        Args:
-            engine_name: Name of the engine
-
-        Returns:
-            Engine information dictionary
-        """
-        return ServerConfigAdapter.get_engine_capabilities(engine_name)
 
-    def list_available_engines(self) -> Dict[str, Dict[str, Any]]:
-        """
-        List all available engines with their capabilities.
-
-        Returns:
-            Dictionary mapping engine names to their capabilities
-        """
-        engines_info = {}
-        for name, engine in self.available_engines.items():
-            engines_info[name] = {
-                "features": engine.get_supported_features(),
-                "config_schema": engine.get_config_schema(),
-            }
-        return engines_info