PyPI - mcp-security-framework - Versions diffs - 0.1.0__py3-none-any.whl → 1.1.1__py3-none-any.whl - Mend

mcp-security-framework 0.1.0py3-none-any.whl → 1.1.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (58) hide show

mcp_security_framework/__init__.py +26 -15
mcp_security_framework/cli/__init__.py +1 -1
mcp_security_framework/cli/cert_cli.py +233 -197
mcp_security_framework/cli/security_cli.py +324 -234
mcp_security_framework/constants.py +21 -27
mcp_security_framework/core/auth_manager.py +49 -20
mcp_security_framework/core/cert_manager.py +398 -104
mcp_security_framework/core/permission_manager.py +13 -9
mcp_security_framework/core/rate_limiter.py +10 -0
mcp_security_framework/core/security_manager.py +286 -229
mcp_security_framework/examples/__init__.py +6 -0
mcp_security_framework/examples/comprehensive_example.py +954 -0
mcp_security_framework/examples/django_example.py +276 -202
mcp_security_framework/examples/fastapi_example.py +897 -393
mcp_security_framework/examples/flask_example.py +311 -200
mcp_security_framework/examples/gateway_example.py +373 -214
mcp_security_framework/examples/microservice_example.py +337 -172
mcp_security_framework/examples/standalone_example.py +719 -478
mcp_security_framework/examples/test_all_examples.py +572 -0
mcp_security_framework/middleware/__init__.py +46 -55
mcp_security_framework/middleware/auth_middleware.py +62 -63
mcp_security_framework/middleware/fastapi_auth_middleware.py +179 -110
mcp_security_framework/middleware/fastapi_middleware.py +156 -148
mcp_security_framework/middleware/flask_auth_middleware.py +267 -107
mcp_security_framework/middleware/flask_middleware.py +183 -157
mcp_security_framework/middleware/mtls_middleware.py +106 -117
mcp_security_framework/middleware/rate_limit_middleware.py +105 -101
mcp_security_framework/middleware/security_middleware.py +109 -124
mcp_security_framework/schemas/config.py +2 -1
mcp_security_framework/schemas/models.py +19 -6
mcp_security_framework/utils/cert_utils.py +14 -8
mcp_security_framework/utils/datetime_compat.py +116 -0
{mcp_security_framework-0.1.0.dist-info → mcp_security_framework-1.1.1.dist-info}/METADATA +2 -1
mcp_security_framework-1.1.1.dist-info/RECORD +84 -0
tests/conftest.py +303 -0
tests/test_cli/test_cert_cli.py +194 -174
tests/test_cli/test_security_cli.py +274 -247
tests/test_core/test_cert_manager.py +33 -19
tests/test_core/test_security_manager.py +2 -2
tests/test_examples/test_comprehensive_example.py +613 -0
tests/test_examples/test_fastapi_example.py +290 -169
tests/test_examples/test_flask_example.py +304 -162
tests/test_examples/test_standalone_example.py +106 -168
tests/test_integration/test_auth_flow.py +214 -198
tests/test_integration/test_certificate_flow.py +181 -150
tests/test_integration/test_fastapi_integration.py +140 -149
tests/test_integration/test_flask_integration.py +144 -141
tests/test_integration/test_standalone_integration.py +331 -300
tests/test_middleware/test_fastapi_auth_middleware.py +745 -0
tests/test_middleware/test_fastapi_middleware.py +147 -132
tests/test_middleware/test_flask_auth_middleware.py +696 -0
tests/test_middleware/test_flask_middleware.py +201 -179
tests/test_middleware/test_security_middleware.py +151 -130
tests/test_utils/test_datetime_compat.py +147 -0
mcp_security_framework-0.1.0.dist-info/RECORD +0 -76
{mcp_security_framework-0.1.0.dist-info → mcp_security_framework-1.1.1.dist-info}/WHEEL +0 -0
{mcp_security_framework-0.1.0.dist-info → mcp_security_framework-1.1.1.dist-info}/entry_points.txt +0 -0
{mcp_security_framework-0.1.0.dist-info → mcp_security_framework-1.1.1.dist-info}/top_level.txt +0 -0

mcp_security_framework/utils/cert_utils.py CHANGED Viewed

@@ -40,6 +40,11 @@ from cryptography.hazmat.primitives import hashes, serialization
 from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography.x509.oid import ExtensionOID, NameOID
+from mcp_security_framework.utils.datetime_compat import (
+    get_not_valid_after_utc,
+    get_not_valid_before_utc,
+)
 class CertificateError(Exception):
     """Raised when certificate operations fail."""
@@ -125,8 +130,8 @@ def extract_certificate_info(cert_data: Union[str, bytes, Path]) -> Dict:
             "issuer": str(cert.issuer),
             "serial_number": str(cert.serial_number),
             "version": cert.version.name,
-            "not_before": cert.not_valid_before,
-            "not_after": cert.not_valid_after,
+            "not_before": get_not_valid_before_utc(cert),
+            "not_after": get_not_valid_after_utc(cert),
             "signature_algorithm": cert.signature_algorithm_oid._name,
             "public_key_algorithm": cert.public_key_algorithm_oid._name,
             "key_size": _get_key_size(cert.public_key()),
@@ -266,7 +271,8 @@ def extract_permissions_from_certificate(
 def validate_certificate_chain(
-    cert_data: Union[str, bytes, Path], ca_cert_data: Union[str, bytes, Path, List[Union[str, bytes, Path]]]
+    cert_data: Union[str, bytes, Path],
+    ca_cert_data: Union[str, bytes, Path, List[Union[str, bytes, Path]]],
 ) -> bool:
     """
     Validate certificate chain against CA certificate(s).
@@ -283,7 +289,7 @@ def validate_certificate_chain(
     """
     try:
         cert = parse_certificate(cert_data)
         # Handle single CA certificate or list of CA certificates
         if isinstance(ca_cert_data, list):
             ca_certs = [parse_certificate(ca_cert) for ca_cert in ca_cert_data]
@@ -295,7 +301,7 @@ def validate_certificate_chain(
         for ca_cert in ca_certs:
             if cert.issuer == ca_cert.subject:
                 return True
         return False
     except Exception as e:
         return False
@@ -319,7 +325,7 @@ def get_certificate_expiry(cert_data: Union[str, bytes, Path]) -> Dict:
         now = datetime.now(timezone.utc)
         # Calculate time until expiry
-        time_until_expiry = cert.not_valid_after.replace(tzinfo=timezone.utc) - now
+        time_until_expiry = get_not_valid_after_utc(cert) - now
         days_until_expiry = time_until_expiry.days
         # Determine expiry status
@@ -331,8 +337,8 @@ def get_certificate_expiry(cert_data: Union[str, bytes, Path]) -> Dict:
             status = "valid"
         return {
-            "not_after": cert.not_valid_after,
-            "not_before": cert.not_valid_before,
+            "not_after": get_not_valid_after_utc(cert),
+            "not_before": get_not_valid_before_utc(cert),
             "days_until_expiry": days_until_expiry,
             "is_expired": time_until_expiry.total_seconds() < 0,
             "expires_soon": days_until_expiry <= 30,

mcp_security_framework/utils/datetime_compat.py ADDED Viewed

@@ -0,0 +1,116 @@
+"""
+Datetime Compatibility Module
+This module provides compatibility functions for working with certificate
+datetime fields across different versions of the cryptography library.
+The module handles the transition from naive datetime fields to UTC-aware
+fields introduced in cryptography>=42, ensuring backward compatibility with
+older versions.
+Key Features:
+- Compatible datetime field access for certificates
+- Automatic timezone normalization
+- Backward compatibility with cryptography<42
+- Forward compatibility with cryptography>=42
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+from datetime import datetime, timezone
+from typing import Optional
+from cryptography.x509 import Certificate
+def get_not_valid_before_utc(cert: Certificate) -> datetime:
+    """
+    Get certificate not_valid_before field in UTC timezone.
+    This function provides compatibility across different cryptography
+    versions:
+    - For cryptography>=42: Returns cert.not_valid_before_utc directly
+    - For cryptography<42: Returns cert.not_valid_before normalized to UTC
+    Args:
+        cert (Certificate): Certificate object from cryptography library
+    Returns:
+        datetime: UTC timezone-aware datetime representing certificate
+        start date
+    Example:
+        >>> from cryptography import x509
+        >>> cert = x509.load_pem_x509_certificate(cert_data)
+        >>> start_date = get_not_valid_before_utc(cert)
+        >>> print(f"Certificate valid from: {start_date}")
+    """
+    # Try to access the new UTC field first (cryptography>=42)
+    if hasattr(cert, "not_valid_before_utc"):
+        val = getattr(cert, "not_valid_before_utc")
+        if val is not None:
+            return val
+    # Fall back to the old field and normalize to UTC (cryptography<42)
+    v = cert.not_valid_before
+    return v if v.tzinfo else v.replace(tzinfo=timezone.utc)
+def get_not_valid_after_utc(cert: Certificate) -> datetime:
+    """
+    Get certificate not_valid_after field in UTC timezone.
+    This function provides compatibility across different cryptography
+    versions:
+    - For cryptography>=42: Returns cert.not_valid_after_utc directly
+    - For cryptography<42: Returns cert.not_valid_after normalized to UTC
+    Args:
+        cert (Certificate): Certificate object from cryptography library
+    Returns:
+        datetime: UTC timezone-aware datetime representing certificate
+        expiry date
+    Example:
+        >>> from cryptography import x509
+        >>> cert = x509.load_pem_x509_certificate(cert_data)
+        >>> expiry_date = get_not_valid_after_utc(cert)
+        >>> print(f"Certificate expires: {expiry_date}")
+    """
+    # Try to access the new UTC field first (cryptography>=42)
+    if hasattr(cert, "not_valid_after_utc"):
+        val = getattr(cert, "not_valid_after_utc")
+        if val is not None:
+            return val
+    # Fall back to the old field and normalize to UTC (cryptography<42)
+    v = cert.not_valid_after
+    return v if v.tzinfo else v.replace(tzinfo=timezone.utc)
+def is_cryptography_42_plus() -> bool:
+    """
+    Check if cryptography version is 42 or higher.
+    This function checks if the current cryptography version supports
+    the new UTC datetime fields (not_valid_before_utc, not_valid_after_utc).
+    Returns:
+        bool: True if cryptography>=42, False otherwise
+    Example:
+        >>> if is_cryptography_42_plus():
+        ...     print("Using new UTC datetime fields")
+        ... else:
+        ...     print("Using legacy datetime fields with normalization")
+    """
+    try:
+        import cryptography
+        from packaging import version
+        return version.parse(cryptography.__version__) >= version.parse("42.0.0")
+    except (ImportError, AttributeError):
+        # If we can't determine version, assume older version for safety
+        return False

{mcp_security_framework-0.1.0.dist-info → mcp_security_framework-1.1.1.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mcp-security-framework
-Version: 0.1.0
+Version: 1.1.1
 Summary: Universal security framework for microservices with SSL/TLS, authentication, authorization, and rate limiting
 Author-email: Vasiliy Zdanovskiy <vasilyvz@gmail.com>
 Maintainer-email: Vasiliy Zdanovskiy <vasilyvz@gmail.com>
@@ -31,6 +31,7 @@ Requires-Dist: pydantic<3.0.0,>=1.8.0
 Requires-Dist: PyJWT>=2.0.0
 Requires-Dist: click>=8.0.0
 Requires-Dist: typing-extensions>=4.0.0
+Requires-Dist: packaging>=20.0
 Provides-Extra: fastapi
 Requires-Dist: fastapi>=0.68.0; extra == "fastapi"
 Requires-Dist: uvicorn[standard]>=0.15.0; extra == "fastapi"

mcp_security_framework-1.1.1.dist-info/RECORD ADDED Viewed

@@ -0,0 +1,84 @@
+mcp_security_framework/__init__.py,sha256=TM8y71Navd_6woEab2cO07MefRsL0tRBItEYfVO7DS8,3172
+mcp_security_framework/constants.py,sha256=k7NMSrgc83Cci8aoilybQxdC7jir7J-mVFE_EpqVrDk,5307
+mcp_security_framework/cli/__init__.py,sha256=plpWdiWMp2dcLvUuGwXynRg5CDjz8YKnNTBn7lcta08,369
+mcp_security_framework/cli/cert_cli.py,sha256=ME8RgTBrjNvOAMPVnXGLr3cbTpOZ2NN4Ei1SouGRPQs,18297
+mcp_security_framework/cli/security_cli.py,sha256=Thine_Zzfesz7j29y2k_XZFYUK5YSrhCc6w2FilgEiE,28486
+mcp_security_framework/core/__init__.py,sha256=LiX8_M5qWiTXccJFjSLxup9emhklp-poq57SvznsKEg,1729
+mcp_security_framework/core/auth_manager.py,sha256=vCa6YBlz7P_vmif-KGWrCCUE54bHO5F3jN-bDJF2o9Y,38909
+mcp_security_framework/core/cert_manager.py,sha256=s625nyMsmrglT7QaqRZtX4oAJVKla5zu0sptHmXJnh4,78750
+mcp_security_framework/core/permission_manager.py,sha256=SADS_oXpwp9MhXHKJMCsvjEq8KWcz7vPYL05Yr-zfio,26478
+mcp_security_framework/core/rate_limiter.py,sha256=6qjVBxK2YHouSxQuCcbr0PBpRqA5toQss_Ce178RElY,20682
+mcp_security_framework/core/security_manager.py,sha256=mAF-5znqxin-MSSgXISB7t1kTkqHltEqGzzmlLAhRGs,37766
+mcp_security_framework/core/ssl_manager.py,sha256=nCDrukaELONQs_uAfb30g69HDxRp2u4k0Bpq8eJH6Zo,27718
+mcp_security_framework/examples/__init__.py,sha256=nfYPVvIQ5wHuDkQvyCYDd1VjCsZMw9HnvjeUORqKyuQ,1915
+mcp_security_framework/examples/comprehensive_example.py,sha256=6CXkqLFjWIQ2rRMYPnDrBdBuWFKbeu2gd2GI_SFVjds,35421
+mcp_security_framework/examples/django_example.py,sha256=IHk-aHsah-cEHjvsngUx91lup1aRC8W9XHzK6jfOMdA,24628
+mcp_security_framework/examples/fastapi_example.py,sha256=8uVze78eyEZpnzW0lNLxAUi27amXY7RJtu4GcGGpFJE,35598
+mcp_security_framework/examples/flask_example.py,sha256=jrqnBxr1eu91SLt0Zcf5949DX-ZyQirqMdKVclO5RSI,21636
+mcp_security_framework/examples/gateway_example.py,sha256=u9CSdnBm3nB89n5uyTarMDys5xsZcVi0wLATBSBvSog,33390
+mcp_security_framework/examples/microservice_example.py,sha256=7xw8mOIT1ZMxH4TQNXMv9DuTquitZou1DatO2_OE7DU,30358
+mcp_security_framework/examples/standalone_example.py,sha256=jtrLJPrsgD8w3hNUv5SbCq4KLMu4z6WgF4deMPpehQM,29786
+mcp_security_framework/examples/test_all_examples.py,sha256=9tRDD6lOCx69M27ESRTr5V5h6VnRh1EPuSfFCbQrvxM,19608
+mcp_security_framework/middleware/__init__.py,sha256=Bx2DBPbhkikWNPXg1WWFoalp2omFPh7rbMYHYQZoZsk,7803
+mcp_security_framework/middleware/auth_middleware.py,sha256=wMxJtlrTrlK7KSAXJ6yZawwqSpCsxXf-U87J05ogdKg,9833
+mcp_security_framework/middleware/fastapi_auth_middleware.py,sha256=LWVEn90I1XpVkgu4q2LFqvjeVinCMAmI2-19UIcgKpw,16904
+mcp_security_framework/middleware/fastapi_middleware.py,sha256=Ye0qJsEMwgeUqVJpqXgbjJJbbf-ZU-6SysMQPmQba-s,26658
+mcp_security_framework/middleware/flask_auth_middleware.py,sha256=ubBlKO0ponOV_KuxkUK4xGcSoslXTaikrdsIZQtGeV0,20228
+mcp_security_framework/middleware/flask_middleware.py,sha256=Ag0zYDKwlvU78LBQ-7Za14IYOAlEVZaXJPD0Qc4MUvA,20666
+mcp_security_framework/middleware/mtls_middleware.py,sha256=iCOX3PVro49GMlTSUtYQFaWLrqtqoWPgI5DEa6Cnst4,13881
+mcp_security_framework/middleware/rate_limit_middleware.py,sha256=deCwwigI0Pt7pBUnk2jDurI9ZyjujWTsexEWWndXm3g,13177
+mcp_security_framework/middleware/security_middleware.py,sha256=PQ251Fr2UrYVPgGfhXq6QJyqK2tRk0WCIg9_FBvfVkg,16844
+mcp_security_framework/schemas/__init__.py,sha256=lefkbRlbj2ICfasSj51MQ04o3z1YycnbnknSJCFfXbU,2590
+mcp_security_framework/schemas/config.py,sha256=kpJJBupR4ZpQyouZyxiZqm7U7AHfLoGncuRltpo_QEM,25825
+mcp_security_framework/schemas/models.py,sha256=n-Ug8O1cpMeA0mIdOd9h1i3kkBZOJsCQMxj3IcNpBFY,26957
+mcp_security_framework/schemas/responses.py,sha256=nVXaqF5GTSprXTa_wiUEu38nvSw9WAXtKViAJNbO-Xg,23206
+mcp_security_framework/tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+mcp_security_framework/utils/__init__.py,sha256=wwwdmQYHTSz0Puvs9FD6aIKmWp3NFARe3JPWNH-b_wk,3098
+mcp_security_framework/utils/cert_utils.py,sha256=DNzCqFKbFgYvQxxUUJPgeWe1XCnM4DpUBDqQYRYtlOQ,17266
+mcp_security_framework/utils/crypto_utils.py,sha256=OH2V7_C3FjStxFTIXMUPfNXZuWG2-QjgoBrIH4Lv4p0,12392
+mcp_security_framework/utils/datetime_compat.py,sha256=ool-xs-EevhuYygdzhiAenLAacLuZwGwjPkF43i-9gg,3859
+mcp_security_framework/utils/validation_utils.py,sha256=e9BX3kw9gdXSmFsc7lmG-qnzSlK0-Ynn7Xs4uKHquF4,16279
+tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+tests/conftest.py,sha256=4DKwzXAOqikfPAUNDHRcn-C3ZoWmLRcn9Kz_3nJ9hZ8,8812
+tests/test_cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+tests/test_cli/test_cert_cli.py,sha256=Rm7z-20VAvnmYKY3sgxS-qVNks1vbniQJSpSxjsx_wo,14677
+tests/test_cli/test_security_cli.py,sha256=Bpd31IPJSUl_V1Xzy74ZCOvQpwlbj8Da83C46T8Jewg,25569
+tests/test_core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+tests/test_core/test_auth_manager.py,sha256=tyJUe3yBP95SFwbhSr_IloKhEQw0BuEdvjAC1Hnwu4s,22540
+tests/test_core/test_cert_manager.py,sha256=4YMAkRedkAZW3PEZYEbo1PyrzMntUrKfl7arPsHXDCE,36356
+tests/test_core/test_permission_manager.py,sha256=0XeghWXZqVpKyyRuhuDu1dkLUSwuZaFWkRQxQhkkFVI,14966
+tests/test_core/test_rate_limiter.py,sha256=YzzlhlxZm-A7YGMiIV8LXDA0zmb_6uRF9GRx9s21Q0U,22544
+tests/test_core/test_security_manager.py,sha256=C5uPFALAkitmHbi-L8xF1OyfOmVHQSq1g-PLkwl_LDU,35007
+tests/test_core/test_ssl_manager.py,sha256=Vm_Nw4SoVro_iwPPc_uD9CwzXpVBkGyVH7EqDtHawvU,20362
+tests/test_examples/__init__.py,sha256=VC0N1wB9d01Acnqfos-9x68o23xxHkRhAh4-1qJKUTc,157
+tests/test_examples/test_comprehensive_example.py,sha256=2Q9ZfyEt42dDuwPbxwiJbJjRfLp68l5KClALeVO9JOQ,26020
+tests/test_examples/test_fastapi_example.py,sha256=J_dpdq7ZIvi1DfcYpEAltTEfbHbLqk-Q9B5XpkrgMOk,12978
+tests/test_examples/test_flask_example.py,sha256=makDlkLEkCPU94ZIomrw-5-ff4NDP7uhWLTDuk34Jbg,12540
+tests/test_examples/test_standalone_example.py,sha256=nzSMJ4kglMcFYHWJ130_cNfHghpBcMgNoNU7PMQ7NII,8165
+tests/test_integration/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+tests/test_integration/test_auth_flow.py,sha256=lzfrI2Yl-nDDQX5Y3TYK6CrUKtkf4oXk0zYPPdoVjSs,18656
+tests/test_integration/test_certificate_flow.py,sha256=6eyMjIKEviPJtkFaRmG7v9Ua-szvlOF6gfYnHF3JUeA,19612
+tests/test_integration/test_fastapi_integration.py,sha256=HFXNRfm0x0ihzVeBZFD6L1fl19mx5Bg5wvWcXmIzjXw,12957
+tests/test_integration/test_flask_integration.py,sha256=mqb9g3H7lwwKajsG0Ee6eeWH25mNLtI6-ZmLiPKvO2g,15087
+tests/test_integration/test_standalone_integration.py,sha256=chMzo1tG4p0DNCdsWbkhFvSAWqNCEj3Tuoi8miF6C3o,19389
+tests/test_middleware/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+tests/test_middleware/test_fastapi_auth_middleware.py,sha256=6pKnVDrr-inr51bHqije6oa6m44hAqM1nJovInBJcNg,29386
+tests/test_middleware/test_fastapi_middleware.py,sha256=qX0nXM9SrBoAuPs2-LRKT-EzHiwnGCD0c89FYAYnPMw,20607
+tests/test_middleware/test_flask_auth_middleware.py,sha256=NA74wnBq7AR-YsUqlibMSs4B60q7lWTziTPKZtfq_l0,25034
+tests/test_middleware/test_flask_middleware.py,sha256=JqWr5MknE6AvnUUf2Cr0ME6l_wSbze0BqbEIQO8B5qs,22731
+tests/test_middleware/test_security_middleware.py,sha256=J69rVgsnohQp2ucUnGRyWCWZxt6RF2tQ9vQNLFlDXEg,19199
+tests/test_schemas/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+tests/test_schemas/test_config.py,sha256=Bp_yZ_HBIl7jcR7Wb1S9iCB0tCu_Ov26YKHTulDs1RU,29430
+tests/test_schemas/test_models.py,sha256=bBeZOPqveuVJuEi_BTVWdVsdj08JXJTEFwvBM4eFRVU,34311
+tests/test_schemas/test_responses.py,sha256=ZSbO7A3ThPBovTXO8PFF-2ONWAjJx2dMOoV2lQIfd8s,40774
+tests/test_schemas/test_serialization.py,sha256=jCugAyrdD6Mw1U7Kxni9oTukarZmMMl6KUcl6cq_NTk,18599
+tests/test_utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+tests/test_utils/test_cert_utils.py,sha256=2k1kUCJy0T2HPBwOcU5USGfEBQZ_rGzumAGkDdywLak,21232
+tests/test_utils/test_crypto_utils.py,sha256=yEb4hzG6-irj2DPoXY0DUboJfbeR87ussgTuBpxLGz4,20737
+tests/test_utils/test_datetime_compat.py,sha256=n8S4X5HN-_ejSNpgymDXRyZkmxhnyxwwjxFPdX23I40,5656
+tests/test_utils/test_validation_utils.py,sha256=lus_wHJ2WyVnBGQ28S7dSv78uWcCIuLhn5uflJw-uGw,18569
+mcp_security_framework-1.1.1.dist-info/METADATA,sha256=3Kh50icpzF53SGGXCU8XWt1Ov2xJAiTMoyLLkGqyuvk,11711
+mcp_security_framework-1.1.1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+mcp_security_framework-1.1.1.dist-info/entry_points.txt,sha256=qBh92fVDmd1m2f3xeW0hTu3Ksg8QfGJyV8UEkdA2itg,142
+mcp_security_framework-1.1.1.dist-info/top_level.txt,sha256=ifUiGrTDcD574MXSOoAN2rp2wpUvWlb4jD9LTUgDWCA,29
+mcp_security_framework-1.1.1.dist-info/RECORD,,

tests/conftest.py ADDED Viewed

@@ -0,0 +1,303 @@
+"""
+Test Configuration and Fixtures
+This module provides test configuration, fixtures, and mock objects
+for the MCP Security Framework test suite.
+Author: Vasiliy Zdanovskiy
+email: vasilyvz@gmail.com
+"""
+from typing import Any, Dict, Optional
+from unittest.mock import MagicMock, Mock, patch
+import pytest
+from mcp_security_framework.core.security_manager import SecurityManager
+from mcp_security_framework.schemas.models import (
+    AuthMethod,
+    AuthResult,
+    AuthStatus,
+    ValidationResult,
+    ValidationStatus,
+)
+@pytest.fixture
+def mock_security_manager():
+    """
+    Create a mock SecurityManager instance for testing.
+    This fixture provides a properly configured mock SecurityManager
+    that can be used in tests without conflicts with the real implementation.
+    Returns:
+        Mock: Mock SecurityManager instance
+    """
+    mock_manager = Mock(spec=SecurityManager)
+    # Mock authentication methods
+    def mock_authenticate_api_key(api_key: str) -> AuthResult:
+        if api_key == "admin_key_123":
+            return AuthResult(
+                is_valid=True,
+                status=AuthStatus.SUCCESS,
+                username="admin",
+                roles=["admin"],
+                auth_method=AuthMethod.API_KEY,
+            )
+        elif api_key == "user_key_456":
+            return AuthResult(
+                is_valid=True,
+                status=AuthStatus.SUCCESS,
+                username="user",
+                roles=["user"],
+                auth_method=AuthMethod.API_KEY,
+            )
+        elif api_key == "readonly_key_789":
+            return AuthResult(
+                is_valid=True,
+                status=AuthStatus.SUCCESS,
+                username="readonly",
+                roles=["readonly"],
+                auth_method=AuthMethod.API_KEY,
+            )
+        else:
+            return AuthResult(
+                is_valid=False,
+                status=AuthStatus.FAILED,
+                username=None,
+                roles=[],
+                auth_method=None,
+                error_code=-32002,
+                error_message="Invalid API key",
+            )
+    def mock_authenticate_jwt_token(token: str) -> AuthResult:
+        if token == "valid_jwt_token":
+            return AuthResult(
+                is_valid=True,
+                status=AuthStatus.SUCCESS,
+                username="jwt_user",
+                roles=["user"],
+                auth_method=AuthMethod.JWT,
+            )
+        else:
+            return AuthResult(
+                is_valid=False,
+                status=AuthStatus.FAILED,
+                username=None,
+                roles=[],
+                auth_method=None,
+                error_code=-32003,
+                error_message="Invalid JWT token",
+            )
+    def mock_check_permissions(
+        user_roles: list, required_permissions: list
+    ) -> ValidationResult:
+        if "admin" in user_roles:
+            return ValidationResult(is_valid=True, status=ValidationStatus.VALID)
+        elif "user" in user_roles and "read" in required_permissions:
+            return ValidationResult(is_valid=True, status=ValidationStatus.VALID)
+        elif "readonly" in user_roles and "read" in required_permissions:
+            return ValidationResult(is_valid=True, status=ValidationStatus.VALID)
+        else:
+            return ValidationResult(
+                is_valid=False,
+                status=ValidationStatus.INVALID,
+                error_code=-32007,
+                error_message="Insufficient permissions",
+            )
+    def mock_check_rate_limit(identifier: str) -> bool:
+        # Simple rate limiting logic for testing
+        if not hasattr(mock_manager, "_request_counts"):
+            mock_manager._request_counts = {}
+        if identifier not in mock_manager._request_counts:
+            mock_manager._request_counts[identifier] = 0
+        mock_manager._request_counts[identifier] += 1
+        # Allow up to 100 requests per identifier
+        return mock_manager._request_counts[identifier] <= 100
+    # Assign mock methods
+    mock_manager.authenticate_api_key = mock_authenticate_api_key
+    mock_manager.authenticate_jwt_token = mock_authenticate_jwt_token
+    mock_manager.check_permissions = mock_check_permissions
+    mock_manager.check_rate_limit = mock_check_rate_limit
+    # Mock other properties and methods
+    mock_manager.is_authenticated = True
+    mock_manager.user_roles = ["user"]
+    mock_manager.effective_permissions = {"read", "write"}
+    return mock_manager
+@pytest.fixture
+def mock_security_manager_class():
+    """
+    Create a mock SecurityManager class for testing.
+    This fixture provides a mock class that can be used to patch
+    SecurityManager imports in tests.
+    Returns:
+        Mock: Mock SecurityManager class
+    """
+    mock_class = Mock()
+    mock_class.return_value = Mock(spec=SecurityManager)
+    return mock_class
+@pytest.fixture
+def mock_certificate_manager():
+    """
+    Create a mock CertificateManager instance for testing.
+    Returns:
+        Mock: Mock CertificateManager instance
+    """
+    mock_manager = Mock()
+    # Mock certificate validation
+    mock_manager.validate_certificate_chain.return_value = True
+    mock_manager.get_certificate_info.return_value = Mock(
+        subject={"CN": "test.example.com"},
+        issuer={"CN": "Test CA"},
+        serial_number="123456789",
+        not_before="2023-01-01",
+        not_after="2024-01-01",
+        key_size=2048,
+        certificate_type="SERVER",
+        subject_alt_names=["test.example.com"],
+    )
+    mock_manager.revoke_certificate.return_value = True
+    return mock_manager
+@pytest.fixture
+def mock_ssl_manager():
+    """
+    Create a mock SSLManager instance for testing.
+    Returns:
+        Mock: Mock SSLManager instance
+    """
+    mock_manager = Mock()
+    mock_manager.create_server_context.return_value = Mock()
+    mock_manager.create_client_context.return_value = Mock()
+    mock_manager.validate_certificate.return_value = True
+    return mock_manager
+@pytest.fixture
+def test_config():
+    """
+    Create a test configuration for testing.
+    Returns:
+        Dict[str, Any]: Test configuration
+    """
+    return {
+        "auth": {
+            "enabled": True,
+            "methods": ["api_key", "jwt"],
+            "api_keys": {
+                "admin_key_123": {
+                    "username": "admin",
+                    "roles": ["admin"],
+                    "permissions": ["read", "write", "delete", "admin"],
+                },
+                "user_key_456": {
+                    "username": "user",
+                    "roles": ["user"],
+                    "permissions": ["read", "write"],
+                },
+                "readonly_key_789": {
+                    "username": "readonly",
+                    "roles": ["readonly"],
+                    "permissions": ["read"],
+                },
+            },
+            "jwt": {
+                "secret": "test_secret_key",
+                "algorithm": "HS256",
+                "expiry_hours": 24,
+            },
+        },
+        "ssl": {
+            "enabled": False,
+            "cert_file": None,
+            "key_file": None,
+            "ca_cert_file": None,
+            "verify_mode": "CERT_NONE",
+            "min_version": "TLSv1.2",
+        },
+        "rate_limiting": {
+            "enabled": True,
+            "requests_per_minute": 100,
+            "window_seconds": 60,
+        },
+        "logging": {
+            "level": "INFO",
+            "format": "%(asctime)s - %(name)s - %(levelname)s - %(message)s",
+        },
+    }
+@pytest.fixture
+def temp_config_file(tmp_path, test_config):
+    """
+    Create a temporary configuration file for testing.
+    Args:
+        tmp_path: Pytest temporary directory fixture
+        test_config: Test configuration fixture
+    Returns:
+        str: Path to temporary configuration file
+    """
+    import json
+    import os
+    config_file = tmp_path / "test_config.json"
+    with open(config_file, "w") as f:
+        json.dump(test_config, f)
+    return str(config_file)
+# Patch decorators for common mocks
+def patch_security_manager():
+    """
+    Create a patch decorator for SecurityManager.
+    Returns:
+        function: Patch decorator
+    """
+    return patch("mcp_security_framework.core.security_manager.SecurityManager")
+def patch_certificate_manager():
+    """
+    Create a patch decorator for CertificateManager.
+    Returns:
+        function: Patch decorator
+    """
+    return patch("mcp_security_framework.core.cert_manager.CertificateManager")
+def patch_ssl_manager():
+    """
+    Create a patch decorator for SSLManager.
+    Returns:
+        function: Patch decorator
+    """
+    return patch("mcp_security_framework.core.ssl_manager.SSLManager")

mcp-security-framework 0.1.0__py3-none-any.whl → 1.1.1__py3-none-any.whl

mcp-security-framework 0.1.0py3-none-any.whl → 1.1.1py3-none-any.whl