PyPI - mcp-security-framework - Versions diffs - 1.1.0__py3-none-any.whl → 1.1.1__py3-none-any.whl - Mend

mcp-security-framework 1.1.0py3-none-any.whl → 1.1.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (58) hide show

mcp_security_framework/__init__.py +26 -15
mcp_security_framework/cli/__init__.py +1 -1
mcp_security_framework/cli/cert_cli.py +233 -197
mcp_security_framework/cli/security_cli.py +324 -234
mcp_security_framework/constants.py +21 -27
mcp_security_framework/core/auth_manager.py +41 -22
mcp_security_framework/core/cert_manager.py +210 -147
mcp_security_framework/core/permission_manager.py +9 -9
mcp_security_framework/core/rate_limiter.py +2 -2
mcp_security_framework/core/security_manager.py +284 -229
mcp_security_framework/examples/__init__.py +6 -0
mcp_security_framework/examples/comprehensive_example.py +349 -279
mcp_security_framework/examples/django_example.py +247 -206
mcp_security_framework/examples/fastapi_example.py +315 -283
mcp_security_framework/examples/flask_example.py +274 -203
mcp_security_framework/examples/gateway_example.py +304 -237
mcp_security_framework/examples/microservice_example.py +258 -189
mcp_security_framework/examples/standalone_example.py +255 -230
mcp_security_framework/examples/test_all_examples.py +151 -135
mcp_security_framework/middleware/__init__.py +46 -55
mcp_security_framework/middleware/auth_middleware.py +62 -63
mcp_security_framework/middleware/fastapi_auth_middleware.py +119 -118
mcp_security_framework/middleware/fastapi_middleware.py +156 -148
mcp_security_framework/middleware/flask_auth_middleware.py +160 -147
mcp_security_framework/middleware/flask_middleware.py +183 -157
mcp_security_framework/middleware/mtls_middleware.py +106 -117
mcp_security_framework/middleware/rate_limit_middleware.py +105 -101
mcp_security_framework/middleware/security_middleware.py +109 -124
mcp_security_framework/schemas/config.py +2 -1
mcp_security_framework/schemas/models.py +18 -6
mcp_security_framework/utils/cert_utils.py +14 -8
mcp_security_framework/utils/datetime_compat.py +116 -0
{mcp_security_framework-1.1.0.dist-info → mcp_security_framework-1.1.1.dist-info}/METADATA +2 -1
mcp_security_framework-1.1.1.dist-info/RECORD +84 -0
tests/conftest.py +63 -66
tests/test_cli/test_cert_cli.py +184 -146
tests/test_cli/test_security_cli.py +274 -247
tests/test_core/test_cert_manager.py +24 -10
tests/test_core/test_security_manager.py +2 -2
tests/test_examples/test_comprehensive_example.py +190 -137
tests/test_examples/test_fastapi_example.py +124 -101
tests/test_examples/test_flask_example.py +124 -101
tests/test_examples/test_standalone_example.py +73 -80
tests/test_integration/test_auth_flow.py +213 -197
tests/test_integration/test_certificate_flow.py +180 -149
tests/test_integration/test_fastapi_integration.py +108 -111
tests/test_integration/test_flask_integration.py +141 -140
tests/test_integration/test_standalone_integration.py +290 -259
tests/test_middleware/test_fastapi_auth_middleware.py +195 -174
tests/test_middleware/test_fastapi_middleware.py +147 -132
tests/test_middleware/test_flask_auth_middleware.py +260 -202
tests/test_middleware/test_flask_middleware.py +201 -179
tests/test_middleware/test_security_middleware.py +145 -130
tests/test_utils/test_datetime_compat.py +147 -0
mcp_security_framework-1.1.0.dist-info/RECORD +0 -82
{mcp_security_framework-1.1.0.dist-info → mcp_security_framework-1.1.1.dist-info}/WHEEL +0 -0
{mcp_security_framework-1.1.0.dist-info → mcp_security_framework-1.1.1.dist-info}/entry_points.txt +0 -0
{mcp_security_framework-1.1.0.dist-info → mcp_security_framework-1.1.1.dist-info}/top_level.txt +0 -0

mcp_security_framework/examples/fastapi_example.py CHANGED Viewed

@@ -23,100 +23,116 @@ Version: 1.0.0
 License: MIT
 """
-import os
 import json
 import logging
-import tempfile
+import os
 import shutil
-from typing import Dict, List, Any, Optional
+import tempfile
 from datetime import datetime, timedelta, timezone
+from typing import Any, Dict, List, Optional
-from fastapi import FastAPI, HTTPException, Depends, Request, Response, status
+from fastapi import Depends, FastAPI, HTTPException, Request, Response, status
 from fastapi.middleware.cors import CORSMiddleware
-from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 from pydantic import BaseModel
+from mcp_security_framework.constants import (
+    AUTH_METHODS,
+    DEFAULT_SECURITY_HEADERS,
+    ErrorCodes,
+)
 from mcp_security_framework.core.security_manager import SecurityManager
 from mcp_security_framework.schemas.config import (
-    SecurityConfig, AuthConfig, PermissionConfig, SSLConfig,
-    CertificateConfig, RateLimitConfig, LoggingConfig
+    AuthConfig,
+    CertificateConfig,
+    LoggingConfig,
+    PermissionConfig,
+    RateLimitConfig,
+    SecurityConfig,
+    SSLConfig,
 )
 from mcp_security_framework.schemas.models import (
-    AuthResult, ValidationResult, CertificatePair, CertificateInfo,
-    AuthStatus, ValidationStatus, AuthMethod
-)
-from mcp_security_framework.constants import (
-    DEFAULT_SECURITY_HEADERS, AUTH_METHODS, ErrorCodes
+    AuthMethod,
+    AuthResult,
+    AuthStatus,
+    CertificateInfo,
+    CertificatePair,
+    ValidationResult,
+    ValidationStatus,
 )
 class FastAPISecurityExample:
     """
     Comprehensive FastAPI Security Example
     This class demonstrates ALL capabilities of the MCP Security Framework
     with a real FastAPI application, serving as a complete integration test.
     """
     def __init__(self, config_path: Optional[str] = None):
         """
         Initialize the FastAPI security example.
         Args:
             config_path: Optional path to configuration file
         """
         self.config = self._load_config(config_path)
         self.security_manager = SecurityManager(self.config)
         self.logger = logging.getLogger(__name__)
         # Create FastAPI app
         self.app = FastAPI(
             title="MCP Security Framework - FastAPI Example",
             description="Comprehensive security framework demonstration with FastAPI",
-            version="1.0.0"
+            version="1.0.0",
         )
         # Setup security middleware
         self._setup_security_middleware()
         # Setup routes
         self._setup_routes()
         # Test data
         self.test_api_key = "admin_key_123"
         self.test_jwt_token = self._create_test_jwt_token()
         self.test_certificate = self._create_test_certificate()
         self.logger.info("FastAPI Security Example initialized successfully")
     def _load_config(self, config_path: Optional[str] = None) -> SecurityConfig:
         """Load security configuration."""
         if config_path and os.path.exists(config_path):
-            with open(config_path, 'r') as f:
+            with open(config_path, "r") as f:
                 config_data = json.load(f)
             return SecurityConfig(**config_data)
         # Create comprehensive configuration
         return SecurityConfig(
             auth=AuthConfig(
                 enabled=True,
-                methods=[AUTH_METHODS["API_KEY"], AUTH_METHODS["JWT"], AUTH_METHODS["CERTIFICATE"]],
+                methods=[
+                    AUTH_METHODS["API_KEY"],
+                    AUTH_METHODS["JWT"],
+                    AUTH_METHODS["CERTIFICATE"],
+                ],
                 api_keys={
                     "admin_key_123": {"username": "admin", "roles": ["admin", "user"]},
                     "user_key_456": {"username": "user", "roles": ["user"]},
-                    "readonly_key_789": {"username": "readonly", "roles": ["readonly"]}
+                    "readonly_key_789": {"username": "readonly", "roles": ["readonly"]},
                 },
                 jwt_secret="your-super-secret-jwt-key-change-in-production-12345",
                 jwt_algorithm="HS256",
                 jwt_expiry_hours=24,
                 public_paths=["/health", "/metrics", "/docs", "/openapi.json"],
-                security_headers=DEFAULT_SECURITY_HEADERS
+                security_headers=DEFAULT_SECURITY_HEADERS,
             ),
             permissions=PermissionConfig(
                 enabled=True,
                 roles_file="config/roles.json",
                 default_role="user",
-                hierarchy_enabled=True
+                hierarchy_enabled=True,
             ),
             ssl=SSLConfig(
                 enabled=False,  # Disable for example
@@ -124,14 +140,14 @@ class FastAPISecurityExample:
                 key_file=None,
                 ca_cert_file=None,
                 verify_mode="CERT_REQUIRED",
-                min_version="TLSv1.2"
+                min_version="TLSv1.2",
             ),
             certificates=CertificateConfig(
                 enabled=False,  # Disable for example
                 ca_cert_path=None,
                 ca_key_path=None,
                 cert_validity_days=365,
-                key_size=2048
+                key_size=2048,
             ),
             rate_limit=RateLimitConfig(
                 enabled=True,
@@ -140,7 +156,7 @@ class FastAPISecurityExample:
                 burst_limit=2,
                 window_size_seconds=60,
                 storage_backend="memory",
-                cleanup_interval=300
+                cleanup_interval=300,
             ),
             logging=LoggingConfig(
                 enabled=True,
@@ -150,24 +166,29 @@ class FastAPISecurityExample:
                 max_file_size=10,
                 backup_count=5,
                 console_output=True,
-                json_format=False
+                json_format=False,
             ),
             debug=True,
             environment="test",
-            version="1.0.0"
+            version="1.0.0",
         )
     def _create_test_jwt_token(self) -> str:
         """Create a test JWT token."""
         import jwt
         payload = {
             "username": "test_user",
             "roles": ["user"],
-            "exp": datetime.now(timezone.utc) + timedelta(hours=1)
+            "exp": datetime.now(timezone.utc) + timedelta(hours=1),
         }
-        jwt_secret = self.config.auth.jwt_secret.get_secret_value() if self.config.auth.jwt_secret else "default-jwt-secret-for-testing"
+        jwt_secret = (
+            self.config.auth.jwt_secret.get_secret_value()
+            if self.config.auth.jwt_secret
+            else "default-jwt-secret-for-testing"
+        )
         return jwt.encode(payload, jwt_secret, algorithm="HS256")
     def _create_test_certificate(self) -> str:
         """Create a test certificate."""
         return """-----BEGIN CERTIFICATE-----
@@ -182,9 +203,10 @@ eSBMdGQwHhcNMTkwMzI2MTIzMzQ5WhcNMjAwMzI1MTIzMzQ5WjBFMQswCQYDVQQG
 EwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lk
 Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
 -----END CERTIFICATE-----"""
     def _setup_security_middleware(self):
         """Setup security middleware for FastAPI."""
         @self.app.middleware("http")
         async def security_middleware(request: Request, call_next):
             """Security middleware for request processing."""
@@ -193,132 +215,134 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                 response = await call_next(request)
                 self._add_security_headers(response)
                 return response
             # Rate limiting check
             if not self._check_rate_limit(request):
                 return Response(
-                    content=json.dumps({
-                        "error": "Rate limit exceeded",
-                        "error_code": -32003
-                    }),
+                    content=json.dumps(
+                        {"error": "Rate limit exceeded", "error_code": -32003}
+                    ),
                     status_code=status.HTTP_429_TOO_MANY_REQUESTS,
-                    media_type="application/json"
+                    media_type="application/json",
                 )
             # Authentication check
             auth_result = await self._authenticate_request(request)
             if not auth_result.is_valid:
                 return Response(
-                    content=json.dumps({
-                        "error": auth_result.error_message,
-                        "error_code": auth_result.error_code
-                    }),
+                    content=json.dumps(
+                        {
+                            "error": auth_result.error_message,
+                            "error_code": auth_result.error_code,
+                        }
+                    ),
                     status_code=status.HTTP_401_UNAUTHORIZED,
-                    media_type="application/json"
+                    media_type="application/json",
                 )
             # Authorization check (for protected endpoints)
-            if request.url.path.startswith("/admin") or request.url.path.startswith("/api/v1"):
+            if request.url.path.startswith("/admin") or request.url.path.startswith(
+                "/api/v1"
+            ):
                 if not self._check_permissions(request, auth_result):
                     return Response(
-                        content=json.dumps({
-                            "error": "Insufficient permissions",
-                            "error_code": -32004
-                        }),
+                        content=json.dumps(
+                            {"error": "Insufficient permissions", "error_code": -32004}
+                        ),
                         status_code=status.HTTP_403_FORBIDDEN,
-                        media_type="application/json"
+                        media_type="application/json",
                     )
             # Add user info to request state
             request.state.user_info = {
                 "username": auth_result.username,
                 "roles": auth_result.roles,
                 "permissions": auth_result.permissions,
-                "auth_method": auth_result.auth_method.value
+                "auth_method": auth_result.auth_method.value,
             }
             # Process request
             response = await call_next(request)
             # Add security headers
             self._add_security_headers(response)
             return response
     def _is_public_path(self, path: str) -> bool:
         """Check if path is public."""
-        return any(path.startswith(public_path) for public_path in self.config.auth.public_paths)
+        return any(
+            path.startswith(public_path)
+            for public_path in self.config.auth.public_paths
+        )
     def _check_rate_limit(self, request: Request) -> bool:
         """Check rate limit for request."""
         identifier = request.client.host if request.client else "unknown"
         return self.security_manager.check_rate_limit(identifier)
     async def _authenticate_request(self, request: Request) -> AuthResult:
         """Authenticate request."""
         # Check for API key in headers
         api_key = request.headers.get("X-API-Key")
         if api_key:
-            return self.security_manager.authenticate_user({
-                "method": "api_key",
-                "api_key": api_key
-            })
+            return self.security_manager.authenticate_user(
+                {"method": "api_key", "api_key": api_key}
+            )
         # Check for JWT token in Authorization header
         auth_header = request.headers.get("Authorization")
         if auth_header and auth_header.startswith("Bearer "):
             token = auth_header[7:]
-            return self.security_manager.authenticate_user({
-                "method": "jwt",
-                "token": token
-            })
+            return self.security_manager.authenticate_user(
+                {"method": "jwt", "token": token}
+            )
         # Check for certificate in headers (for mTLS)
         cert_header = request.headers.get("X-Client-Cert")
         if cert_header:
-            return self.security_manager.authenticate_user({
-                "method": "certificate",
-                "certificate": cert_header
-            })
+            return self.security_manager.authenticate_user(
+                {"method": "certificate", "certificate": cert_header}
+            )
         # Return failed authentication
         return AuthResult(
             is_valid=False,
             status=AuthStatus.INVALID,
             auth_method=AuthMethod.UNKNOWN,
             error_code=-32001,
-            error_message="No authentication credentials provided"
+            error_message="No authentication credentials provided",
         )
     def _check_permissions(self, request: Request, auth_result: AuthResult) -> bool:
         """Check permissions for request."""
         # Determine required permissions based on endpoint
         required_permissions = []
         if request.url.path.startswith("/admin"):
             required_permissions = ["admin"]
         elif request.url.path.startswith("/api/v1/users"):
             required_permissions = ["read:own"]  # Use read:own instead of read:users
         elif request.url.path.startswith("/api/v1/data"):
             required_permissions = ["read:own"]  # Use read:own instead of read:data
         if required_permissions:
             result = self.security_manager.check_permissions(
                 auth_result.roles, required_permissions
             )
             return result.is_valid
         return True
     def _add_security_headers(self, response: Response):
         """Add security headers to response."""
         if self.config.auth.security_headers:
             for header, value in self.config.auth.security_headers.items():
                 response.headers[header] = value
     def _setup_routes(self):
         """Setup FastAPI routes."""
         # Health check endpoint
         @self.app.get("/health")
         async def health_check():
@@ -327,9 +351,9 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                 "status": "healthy",
                 "framework": "FastAPI",
                 "security_enabled": True,
-                "timestamp": datetime.now(timezone.utc).isoformat()
+                "timestamp": datetime.now(timezone.utc).isoformat(),
             }
         # Metrics endpoint
         @self.app.get("/metrics")
         async def get_metrics():
@@ -338,9 +362,9 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             return {
                 "framework": "FastAPI",
                 "metrics": metrics,
-                "timestamp": datetime.now(timezone.utc).isoformat()
+                "timestamp": datetime.now(timezone.utc).isoformat(),
             }
         # Security status endpoint
         @self.app.get("/security/status")
         async def get_security_status():
@@ -349,9 +373,9 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             return {
                 "framework": "FastAPI",
                 "status": status.dict(),
-                "timestamp": datetime.now(timezone.utc).isoformat()
+                "timestamp": datetime.now(timezone.utc).isoformat(),
             }
         # Security audit endpoint
         @self.app.get("/security/audit")
         async def get_security_audit():
@@ -360,177 +384,174 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             return {
                 "framework": "FastAPI",
                 "audit": audit,
-                "timestamp": datetime.now(timezone.utc).isoformat()
+                "timestamp": datetime.now(timezone.utc).isoformat(),
             }
         # Admin endpoints (require admin permissions)
         @self.app.get("/admin/users")
         async def get_users(request: Request):
             """Get all users (admin only)."""
-            user_info = getattr(request.state, 'user_info', {})
+            user_info = getattr(request.state, "user_info", {})
             return {
                 "message": "Users list",
                 "user": user_info,
                 "users": [
                     {"id": 1, "username": "admin", "roles": ["admin"]},
                     {"id": 2, "username": "user", "roles": ["user"]},
-                    {"id": 3, "username": "readonly", "roles": ["readonly"]}
-                ]
+                    {"id": 3, "username": "readonly", "roles": ["readonly"]},
+                ],
             }
         # API endpoints (require specific permissions)
         @self.app.get("/api/v1/users/me")
         async def get_current_user(request: Request):
             """Get current user info."""
-            user_info = getattr(request.state, 'user_info', {})
-            return {
-                "message": "Current user info",
-                "user": user_info
-            }
+            user_info = getattr(request.state, "user_info", {})
+            return {"message": "Current user info", "user": user_info}
         @self.app.get("/api/v1/data")
         async def get_data(request: Request):
             """Get data (requires read:data permission)."""
-            user_info = getattr(request.state, 'user_info', {})
+            user_info = getattr(request.state, "user_info", {})
             return {
                 "message": "Data retrieved successfully",
                 "user": user_info,
                 "data": [
                     {"id": 1, "name": "Sample Data 1"},
                     {"id": 2, "name": "Sample Data 2"},
-                    {"id": 3, "name": "Sample Data 3"}
-                ]
+                    {"id": 3, "name": "Sample Data 3"},
+                ],
             }
         # Authentication test endpoints
         @self.app.post("/auth/test-api-key")
         async def test_api_key_auth(request: Request):
             """Test API key authentication."""
-            user_info = getattr(request.state, 'user_info', {})
+            user_info = getattr(request.state, "user_info", {})
             return {
                 "message": "API key authentication successful",
                 "user": user_info,
-                "auth_method": "api_key"
+                "auth_method": "api_key",
             }
         @self.app.post("/auth/test-jwt")
         async def test_jwt_auth(request: Request):
             """Test JWT authentication."""
-            user_info = getattr(request.state, 'user_info', {})
+            user_info = getattr(request.state, "user_info", {})
             return {
                 "message": "JWT authentication successful",
                 "user": user_info,
-                "auth_method": "jwt"
+                "auth_method": "jwt",
             }
         # Rate limiting test endpoint
         @self.app.get("/rate-limit-test")
         async def rate_limit_test(request: Request):
             """Test rate limiting."""
-            user_info = getattr(request.state, 'user_info', {})
+            user_info = getattr(request.state, "user_info", {})
             return {
                 "message": "Rate limit test successful",
                 "user": user_info,
-                "timestamp": datetime.now(timezone.utc).isoformat()
+                "timestamp": datetime.now(timezone.utc).isoformat(),
             }
     def demonstrate_authentication(self) -> Dict[str, Any]:
         """
         Demonstrate ALL authentication methods.
         Returns:
             Dict with authentication test results
         """
         self.logger.info("Demonstrating authentication capabilities...")
         results = {
             "api_key_auth": {},
             "jwt_auth": {},
             "certificate_auth": {},
-            "failed_auth": {}
+            "failed_auth": {},
         }
         # 1. API Key Authentication
         try:
-            auth_result = self.security_manager.authenticate_user({
-                "method": "api_key",
-                "api_key": self.test_api_key
-            })
+            auth_result = self.security_manager.authenticate_user(
+                {"method": "api_key", "api_key": self.test_api_key}
+            )
             results["api_key_auth"] = {
                 "success": auth_result.is_valid,
                 "username": auth_result.username,
                 "roles": auth_result.roles,
-                "auth_method": auth_result.auth_method.value
+                "auth_method": auth_result.auth_method.value,
             }
-            self.logger.info(f"API Key auth: {auth_result.username} - {auth_result.roles}")
+            self.logger.info(
+                f"API Key auth: {auth_result.username} - {auth_result.roles}"
+            )
         except Exception as e:
             results["api_key_auth"] = {"error": str(e)}
         # 2. JWT Authentication
         try:
-            auth_result = self.security_manager.authenticate_user({
-                "method": "jwt",
-                "token": self.test_jwt_token
-            })
+            auth_result = self.security_manager.authenticate_user(
+                {"method": "jwt", "token": self.test_jwt_token}
+            )
             results["jwt_auth"] = {
                 "success": auth_result.is_valid,
                 "username": auth_result.username,
                 "roles": auth_result.roles,
-                "auth_method": auth_result.auth_method.value
+                "auth_method": auth_result.auth_method.value,
             }
             self.logger.info(f"JWT auth: {auth_result.username} - {auth_result.roles}")
         except Exception as e:
             results["jwt_auth"] = {"error": str(e)}
         # 3. Certificate Authentication
         try:
-            auth_result = self.security_manager.authenticate_user({
-                "method": "certificate",
-                "certificate": self.test_certificate
-            })
+            auth_result = self.security_manager.authenticate_user(
+                {"method": "certificate", "certificate": self.test_certificate}
+            )
             results["certificate_auth"] = {
                 "success": auth_result.is_valid,
                 "username": auth_result.username,
                 "roles": auth_result.roles,
-                "auth_method": auth_result.auth_method.value
+                "auth_method": auth_result.auth_method.value,
             }
-            self.logger.info(f"Certificate auth: {auth_result.username} - {auth_result.roles}")
+            self.logger.info(
+                f"Certificate auth: {auth_result.username} - {auth_result.roles}"
+            )
         except Exception as e:
             results["certificate_auth"] = {"error": str(e)}
         # 4. Failed Authentication
         try:
-            auth_result = self.security_manager.authenticate_user({
-                "method": "api_key",
-                "api_key": "invalid_key"
-            })
+            auth_result = self.security_manager.authenticate_user(
+                {"method": "api_key", "api_key": "invalid_key"}
+            )
             results["failed_auth"] = {
                 "success": auth_result.is_valid,
                 "error_message": auth_result.error_message,
-                "error_code": auth_result.error_code
+                "error_code": auth_result.error_code,
             }
             self.logger.info(f"Failed auth test: {auth_result.error_message}")
         except Exception as e:
             results["failed_auth"] = {"error": str(e)}
         return results
     def demonstrate_authorization(self) -> Dict[str, Any]:
         """
         Demonstrate authorization capabilities.
         Returns:
             Dict with authorization test results
         """
         self.logger.info("Demonstrating authorization capabilities...")
         results = {
             "admin_permissions": {},
             "user_permissions": {},
             "readonly_permissions": {},
-            "denied_permissions": {}
+            "denied_permissions": {},
         }
         # 1. Admin permissions
         try:
             result = self.security_manager.check_permissions(
@@ -538,12 +559,12 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             )
             results["admin_permissions"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"Admin permissions: {result.is_valid}")
         except Exception as e:
             results["admin_permissions"] = {"error": str(e)}
         # 2. User permissions
         try:
             result = self.security_manager.check_permissions(
@@ -551,138 +572,122 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             )
             results["user_permissions"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"User permissions: {result.is_valid}")
         except Exception as e:
             results["user_permissions"] = {"error": str(e)}
         # 3. Readonly permissions
         try:
-            result = self.security_manager.check_permissions(
-                ["readonly"], ["read"]
-            )
+            result = self.security_manager.check_permissions(["readonly"], ["read"])
             results["readonly_permissions"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"Readonly permissions: {result.is_valid}")
         except Exception as e:
             results["readonly_permissions"] = {"error": str(e)}
         # 4. Denied permissions
         try:
-            result = self.security_manager.check_permissions(
-                ["readonly"], ["delete"]
-            )
+            result = self.security_manager.check_permissions(["readonly"], ["delete"])
             results["denied_permissions"] = {
                 "success": result.is_valid,
                 "status": result.status.value,
-                "error_message": result.error_message
+                "error_message": result.error_message,
             }
             self.logger.info(f"Denied permissions: {result.is_valid}")
         except Exception as e:
             results["denied_permissions"] = {"error": str(e)}
         return results
     def demonstrate_rate_limiting(self) -> Dict[str, Any]:
         """
         Demonstrate rate limiting capabilities.
         Returns:
             Dict with rate limiting test results
         """
         self.logger.info("Demonstrating rate limiting capabilities...")
-        results = {
-            "rate_limit_checks": [],
-            "rate_limit_exceeded": False
-        }
+        results = {"rate_limit_checks": [], "rate_limit_exceeded": False}
         identifier = "test_user_123"
         # Test rate limiting
         for i in range(5):
             try:
                 allowed = self.security_manager.check_rate_limit(identifier)
-                results["rate_limit_checks"].append({
-                    "request": i + 1,
-                    "allowed": allowed
-                })
-                self.logger.info(f"Rate limit check {i+1}: {'Allowed' if allowed else 'Blocked'}")
+                results["rate_limit_checks"].append(
+                    {"request": i + 1, "allowed": allowed}
+                )
+                self.logger.info(
+                    f"Rate limit check {i+1}: {'Allowed' if allowed else 'Blocked'}"
+                )
                 if not allowed:
                     results["rate_limit_exceeded"] = True
                     break
             except Exception as e:
-                results["rate_limit_checks"].append({
-                    "request": i + 1,
-                    "error": str(e)
-                })
+                results["rate_limit_checks"].append({"request": i + 1, "error": str(e)})
         return results
     def demonstrate_security_validation(self) -> Dict[str, Any]:
         """
         Demonstrate security validation capabilities.
         Returns:
             Dict with validation test results
         """
         self.logger.info("Demonstrating security validation capabilities...")
-        results = {
-            "request_validation": {},
-            "configuration_validation": {}
-        }
+        results = {"request_validation": {}, "configuration_validation": {}}
         # 1. Request validation
         try:
             request_data = {
                 "api_key": self.test_api_key,
                 "required_permissions": ["read", "write"],
-                "client_ip": "192.168.1.100"
+                "client_ip": "192.168.1.100",
             }
             result = self.security_manager.validate_request(request_data)
             results["request_validation"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"Request validation: {result.is_valid}")
         except Exception as e:
             results["request_validation"] = {"error": str(e)}
         # 2. Configuration validation
         try:
             result = self.security_manager.validate_configuration()
             results["configuration_validation"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"Configuration validation: {result.is_valid}")
         except Exception as e:
             results["configuration_validation"] = {"error": str(e)}
         return results
     def demonstrate_security_monitoring(self) -> Dict[str, Any]:
         """
         Demonstrate security monitoring capabilities.
         Returns:
             Dict with monitoring test results
         """
         self.logger.info("Demonstrating security monitoring capabilities...")
-        results = {
-            "security_status": {},
-            "security_metrics": {},
-            "security_audit": {}
-        }
+        results = {"security_status": {}, "security_metrics": {}, "security_audit": {}}
         # 1. Security status
         try:
             status = self.security_manager.get_security_status()
@@ -690,24 +695,24 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                 "status": status.status.value,
                 "message": status.message,
                 "version": status.version,
-                "metadata": status.metadata
+                "metadata": status.metadata,
             }
             self.logger.info("Security status retrieved successfully")
         except Exception as e:
             results["security_status"] = {"error": str(e)}
         # 2. Security metrics
         try:
             metrics = self.security_manager.get_security_metrics()
             results["security_metrics"] = {
                 "authentication_attempts": metrics.get("authentication_attempts", 0),
                 "security_events": metrics.get("security_events", 0),
-                "uptime_seconds": metrics.get("uptime_seconds", 0)
+                "uptime_seconds": metrics.get("uptime_seconds", 0),
             }
             self.logger.info("Security metrics retrieved successfully")
         except Exception as e:
             results["security_metrics"] = {"error": str(e)}
         # 3. Security audit
         try:
             audit = self.security_manager.perform_security_audit()
@@ -715,23 +720,23 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                 "authentication": audit.get("authentication", {}),
                 "authorization": audit.get("authorization", {}),
                 "rate_limiting": audit.get("rate_limiting", {}),
-                "ssl": audit.get("ssl", {})
+                "ssl": audit.get("ssl", {}),
             }
             self.logger.info("Security audit completed successfully")
         except Exception as e:
             results["security_audit"] = {"error": str(e)}
         return results
     def run_comprehensive_demo(self) -> Dict[str, Any]:
         """
         Run comprehensive demonstration of ALL framework capabilities.
         Returns:
             Dict with all demonstration results
         """
         self.logger.info("Starting comprehensive security framework demonstration...")
         demo_results = {
             "timestamp": datetime.now(timezone.utc).isoformat(),
             "framework": "FastAPI",
@@ -740,90 +745,90 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             "authorization": self.demonstrate_authorization(),
             "rate_limiting": self.demonstrate_rate_limiting(),
             "security_validation": self.demonstrate_security_validation(),
-            "security_monitoring": self.demonstrate_security_monitoring()
+            "security_monitoring": self.demonstrate_security_monitoring(),
         }
         self.logger.info("Comprehensive demonstration completed successfully")
         return demo_results
 class FastAPIExampleTest:
     """Test class for FastAPI example."""
     def test_authentication(self):
         """Test authentication capabilities."""
         example = FastAPISecurityExample()
         results = example.demonstrate_authentication()
         # Verify API key authentication works
         assert results["api_key_auth"]["success"] == True
         assert results["api_key_auth"]["username"] == "admin"
         assert "admin" in results["api_key_auth"]["roles"]
         # Verify JWT authentication works
         assert results["jwt_auth"]["success"] == True
         assert results["jwt_auth"]["username"] == "test_user"
         # Verify failed authentication is handled
         assert results["failed_auth"]["success"] == False
         print("✅ Authentication tests passed")
     def test_authorization(self):
         """Test authorization capabilities."""
         example = FastAPISecurityExample()
         results = example.demonstrate_authorization()
         # Verify admin permissions work
         assert results["admin_permissions"]["success"] == True
         # Verify user permissions work
         assert results["user_permissions"]["success"] == True
         # Verify readonly permissions work
         assert results["readonly_permissions"]["success"] == True
         print("✅ Authorization tests passed")
     def test_rate_limiting(self):
         """Test rate limiting capabilities."""
         example = FastAPISecurityExample()
         results = example.demonstrate_rate_limiting()
         # Verify rate limiting checks work
         assert len(results["rate_limit_checks"]) > 0
         assert results["rate_limit_checks"][0]["allowed"] == True
         print("✅ Rate limiting tests passed")
     def test_security_validation(self):
         """Test security validation capabilities."""
         example = FastAPISecurityExample()
         results = example.demonstrate_security_validation()
         # Verify request validation works
         assert results["request_validation"]["success"] == True
         # Verify configuration validation works
         assert results["configuration_validation"]["success"] == True
         print("✅ Security validation tests passed")
     def test_security_monitoring(self):
         """Test security monitoring capabilities."""
         example = FastAPISecurityExample()
         results = example.demonstrate_security_monitoring()
         # Verify security status works
         assert "status" in results["security_status"]
         assert "message" in results["security_status"]
         # Verify security metrics work
         assert "authentication_attempts" in results["security_metrics"]
         # Verify security audit works
         assert "authentication" in results["security_audit"]
         print("✅ Security monitoring tests passed")
@@ -831,46 +836,70 @@ def main():
     """Main function to run the FastAPI example."""
     print("\n🚀 MCP Security Framework - FastAPI Example")
     print("=" * 60)
     # Create example instance
     example = FastAPISecurityExample()
     # Run comprehensive demonstration
     results = example.run_comprehensive_demo()
     # Print results
     print("\n📊 COMPREHENSIVE DEMONSTRATION RESULTS")
     print("=" * 60)
     print(f"Framework: {results['framework']}")
     print(f"Version: {results['version']}")
     print(f"Timestamp: {results['timestamp']}")
     print("\n🔐 AUTHENTICATION RESULTS:")
-    print(f"  API Key: {'✅' if results['authentication']['api_key_auth']['success'] else '❌'}")
-    print(f"  JWT: {'✅' if results['authentication']['jwt_auth']['success'] else '❌'}")
-    print(f"  Certificate: {'✅' if results['authentication']['certificate_auth']['success'] else '❌'}")
+    print(
+        f"  API Key: {'✅' if results['authentication']['api_key_auth']['success'] else '❌'}"
+    )
+    print(
+        f"  JWT: {'✅' if results['authentication']['jwt_auth']['success'] else '❌'}"
+    )
+    print(
+        f"  Certificate: {'✅' if results['authentication']['certificate_auth']['success'] else '❌'}"
+    )
     print("\n🔑 AUTHORIZATION RESULTS:")
-    print(f"  Admin Permissions: {'✅' if results['authorization']['admin_permissions']['success'] else '❌'}")
-    print(f"  User Permissions: {'✅' if results['authorization']['user_permissions']['success'] else '❌'}")
-    print(f"  Readonly Permissions: {'✅' if results['authorization']['readonly_permissions']['success'] else '❌'}")
+    print(
+        f"  Admin Permissions: {'✅' if results['authorization']['admin_permissions']['success'] else '❌'}"
+    )
+    print(
+        f"  User Permissions: {'✅' if results['authorization']['user_permissions']['success'] else '❌'}"
+    )
+    print(
+        f"  Readonly Permissions: {'✅' if results['authorization']['readonly_permissions']['success'] else '❌'}"
+    )
     print("\n⚡ RATE LIMITING RESULTS:")
     print(f"  Rate Limit Checks: {len(results['rate_limiting']['rate_limit_checks'])}")
-    print(f"  Rate Limit Exceeded: {'❌' if results['rate_limiting']['rate_limit_exceeded'] else '✅'}")
+    print(
+        f"  Rate Limit Exceeded: {'❌' if results['rate_limiting']['rate_limit_exceeded'] else '✅'}"
+    )
     print("\n🔒 SECURITY VALIDATION RESULTS:")
-    print(f"  Request Validation: {'✅' if results['security_validation']['request_validation']['success'] else '❌'}")
-    print(f"  Configuration Validation: {'✅' if results['security_validation']['configuration_validation']['success'] else '❌'}")
+    print(
+        f"  Request Validation: {'✅' if results['security_validation']['request_validation']['success'] else '❌'}"
+    )
+    print(
+        f"  Configuration Validation: {'✅' if results['security_validation']['configuration_validation']['success'] else '❌'}"
+    )
     print("\n📊 SECURITY MONITORING RESULTS:")
-    print(f"  Security Status: {'✅' if 'status' in results['security_monitoring']['security_status'] else '❌'}")
-    print(f"  Security Metrics: {'✅' if 'authentication_attempts' in results['security_monitoring']['security_metrics'] else '❌'}")
-    print(f"  Security Audit: {'✅' if 'authentication' in results['security_monitoring']['security_audit'] else '❌'}")
+    print(
+        f"  Security Status: {'✅' if 'status' in results['security_monitoring']['security_status'] else '❌'}"
+    )
+    print(
+        f"  Security Metrics: {'✅' if 'authentication_attempts' in results['security_monitoring']['security_metrics'] else '❌'}"
+    )
+    print(
+        f"  Security Audit: {'✅' if 'authentication' in results['security_monitoring']['security_audit'] else '❌'}"
+    )
     print("\n🎉 ALL FRAMEWORK CAPABILITIES DEMONSTRATED SUCCESSFULLY!")
     print("=" * 60)
     print("\n🌐 FastAPI Application Ready!")
     print("Run with: uvicorn fastapi_example:example.app --reload")
     print("Available endpoints:")
@@ -895,50 +924,53 @@ if __name__ == "__main__":
     test.test_rate_limiting()
     test.test_security_validation()
     test.test_security_monitoring()
     print("\nExample Usage:")
     main()
     # Start server in background thread for testing
     print("\nStarting FastAPI Server in background...")
     example = FastAPISecurityExample()
+    import asyncio
     import threading
     import time
     import requests
     import uvicorn
-    import asyncio
     # Start server in background thread
     def run_server():
         uvicorn.run(example.app, host="0.0.0.0", port=8000, log_level="error")
     server_thread = threading.Thread(target=run_server, daemon=True)
     server_thread.start()
     # Wait for server to start
     time.sleep(5)
     try:
         # Test server endpoints
         print("Testing FastAPI server endpoints...")
         # Test health endpoint
         response = requests.get("http://localhost:8000/health", timeout=5)
         print(f"Health endpoint: {response.status_code}")
         # Test metrics endpoint
         response = requests.get("http://localhost:8000/metrics", timeout=5)
         print(f"Metrics endpoint: {response.status_code}")
         # Test protected endpoint with API key
         headers = {"X-API-Key": "admin_key_123"}
-        response = requests.get("http://localhost:8000/api/v1/users/me", headers=headers, timeout=5)
+        response = requests.get(
+            "http://localhost:8000/api/v1/users/me", headers=headers, timeout=5
+        )
         print(f"Protected endpoint: {response.status_code}")
         print("✅ FastAPI server testing completed successfully")
     except requests.exceptions.RequestException as e:
         print(f"⚠️  FastAPI server testing failed: {e}")
     print("FastAPI example completed")

mcp-security-framework 1.1.0__py3-none-any.whl → 1.1.1__py3-none-any.whl

mcp-security-framework 1.1.0py3-none-any.whl → 1.1.1py3-none-any.whl