PyPI - mcp-security-framework - Versions diffs - 1.1.0__py3-none-any.whl → 1.1.2__py3-none-any.whl - Mend

mcp-security-framework 1.1.0py3-none-any.whl → 1.1.2py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (58) hide show

mcp_security_framework/__init__.py +26 -15
mcp_security_framework/cli/__init__.py +1 -1
mcp_security_framework/cli/cert_cli.py +233 -197
mcp_security_framework/cli/security_cli.py +324 -234
mcp_security_framework/constants.py +21 -27
mcp_security_framework/core/auth_manager.py +41 -22
mcp_security_framework/core/cert_manager.py +210 -147
mcp_security_framework/core/permission_manager.py +9 -9
mcp_security_framework/core/rate_limiter.py +2 -2
mcp_security_framework/core/security_manager.py +284 -229
mcp_security_framework/examples/__init__.py +6 -0
mcp_security_framework/examples/comprehensive_example.py +349 -279
mcp_security_framework/examples/django_example.py +247 -206
mcp_security_framework/examples/fastapi_example.py +315 -283
mcp_security_framework/examples/flask_example.py +274 -203
mcp_security_framework/examples/gateway_example.py +304 -237
mcp_security_framework/examples/microservice_example.py +258 -189
mcp_security_framework/examples/standalone_example.py +255 -230
mcp_security_framework/examples/test_all_examples.py +151 -135
mcp_security_framework/middleware/__init__.py +46 -55
mcp_security_framework/middleware/auth_middleware.py +62 -63
mcp_security_framework/middleware/fastapi_auth_middleware.py +119 -118
mcp_security_framework/middleware/fastapi_middleware.py +156 -148
mcp_security_framework/middleware/flask_auth_middleware.py +160 -147
mcp_security_framework/middleware/flask_middleware.py +183 -157
mcp_security_framework/middleware/mtls_middleware.py +106 -117
mcp_security_framework/middleware/rate_limit_middleware.py +105 -101
mcp_security_framework/middleware/security_middleware.py +109 -124
mcp_security_framework/schemas/config.py +2 -1
mcp_security_framework/schemas/models.py +18 -6
mcp_security_framework/utils/cert_utils.py +14 -8
mcp_security_framework/utils/datetime_compat.py +116 -0
{mcp_security_framework-1.1.0.dist-info → mcp_security_framework-1.1.2.dist-info}/METADATA +4 -3
mcp_security_framework-1.1.2.dist-info/RECORD +84 -0
tests/conftest.py +63 -66
tests/test_cli/test_cert_cli.py +184 -146
tests/test_cli/test_security_cli.py +274 -247
tests/test_core/test_cert_manager.py +24 -10
tests/test_core/test_security_manager.py +2 -2
tests/test_examples/test_comprehensive_example.py +190 -137
tests/test_examples/test_fastapi_example.py +124 -101
tests/test_examples/test_flask_example.py +124 -101
tests/test_examples/test_standalone_example.py +73 -80
tests/test_integration/test_auth_flow.py +213 -197
tests/test_integration/test_certificate_flow.py +180 -149
tests/test_integration/test_fastapi_integration.py +108 -111
tests/test_integration/test_flask_integration.py +141 -140
tests/test_integration/test_standalone_integration.py +290 -259
tests/test_middleware/test_fastapi_auth_middleware.py +195 -174
tests/test_middleware/test_fastapi_middleware.py +147 -132
tests/test_middleware/test_flask_auth_middleware.py +260 -202
tests/test_middleware/test_flask_middleware.py +201 -179
tests/test_middleware/test_security_middleware.py +145 -130
tests/test_utils/test_datetime_compat.py +147 -0
mcp_security_framework-1.1.0.dist-info/RECORD +0 -82
{mcp_security_framework-1.1.0.dist-info → mcp_security_framework-1.1.2.dist-info}/WHEEL +0 -0
{mcp_security_framework-1.1.0.dist-info → mcp_security_framework-1.1.2.dist-info}/entry_points.txt +0 -0
{mcp_security_framework-1.1.0.dist-info → mcp_security_framework-1.1.2.dist-info}/top_level.txt +0 -0

mcp_security_framework/examples/standalone_example.py CHANGED Viewed

@@ -21,82 +21,98 @@ Version: 1.0.0
 License: MIT
 """
-import os
 import json
 import logging
-import tempfile
+import os
 import shutil
-from typing import Dict, List, Any, Optional
+import tempfile
 from datetime import datetime, timedelta, timezone
+from typing import Any, Dict, List, Optional
+from mcp_security_framework.constants import (
+    AUTH_METHODS,
+    DEFAULT_SECURITY_HEADERS,
+    ErrorCodes,
+)
 from mcp_security_framework.core.security_manager import SecurityManager
 from mcp_security_framework.schemas.config import (
-    SecurityConfig, AuthConfig, PermissionConfig, SSLConfig,
-    CertificateConfig, RateLimitConfig, LoggingConfig
+    AuthConfig,
+    CertificateConfig,
+    LoggingConfig,
+    PermissionConfig,
+    RateLimitConfig,
+    SecurityConfig,
+    SSLConfig,
 )
 from mcp_security_framework.schemas.models import (
-    AuthResult, ValidationResult, CertificatePair, CertificateInfo,
-    AuthStatus, ValidationStatus, AuthMethod
-)
-from mcp_security_framework.constants import (
-    DEFAULT_SECURITY_HEADERS, AUTH_METHODS, ErrorCodes
+    AuthMethod,
+    AuthResult,
+    AuthStatus,
+    CertificateInfo,
+    CertificatePair,
+    ValidationResult,
+    ValidationStatus,
 )
 class StandaloneSecurityExample:
     """
     Comprehensive Standalone Security Example
     This class demonstrates ALL capabilities of the MCP Security Framework
     in a standalone environment, serving as a complete integration test.
     """
     def __init__(self, config_path: Optional[str] = None):
         """
         Initialize the standalone security example.
         Args:
             config_path: Optional path to configuration file
         """
         self.config = self._load_config(config_path)
         self.security_manager = SecurityManager(self.config)
         self.logger = logging.getLogger(__name__)
         # Test data
         self.test_api_key = "admin_key_123"
         self.test_jwt_token = self._create_test_jwt_token()
         self.test_certificate = self._create_test_certificate()
         self.logger.info("Standalone Security Example initialized successfully")
     def _load_config(self, config_path: Optional[str] = None) -> SecurityConfig:
         """Load security configuration."""
         if config_path and os.path.exists(config_path):
-            with open(config_path, 'r') as f:
+            with open(config_path, "r") as f:
                 config_data = json.load(f)
             return SecurityConfig(**config_data)
         # Create comprehensive configuration
         return SecurityConfig(
             auth=AuthConfig(
                 enabled=True,
-                methods=[AUTH_METHODS["API_KEY"], AUTH_METHODS["JWT"], AUTH_METHODS["CERTIFICATE"]],
+                methods=[
+                    AUTH_METHODS["API_KEY"],
+                    AUTH_METHODS["JWT"],
+                    AUTH_METHODS["CERTIFICATE"],
+                ],
                 api_keys={
                     "admin_key_123": {"username": "admin", "roles": ["admin", "user"]},
                     "user_key_456": {"username": "user", "roles": ["user"]},
-                    "readonly_key_789": {"username": "readonly", "roles": ["readonly"]}
+                    "readonly_key_789": {"username": "readonly", "roles": ["readonly"]},
                 },
                 jwt_secret="your-super-secret-jwt-key-change-in-production-12345",
                 jwt_algorithm="HS256",
                 jwt_expiry_hours=24,
                 public_paths=["/health/", "/metrics/"],
-                security_headers=DEFAULT_SECURITY_HEADERS
+                security_headers=DEFAULT_SECURITY_HEADERS,
             ),
             permissions=PermissionConfig(
                 enabled=True,
                 roles_file="config/roles.json",
                 default_role="user",
-                hierarchy_enabled=True
+                hierarchy_enabled=True,
             ),
             ssl=SSLConfig(
                 enabled=False,  # Disable for standalone example
@@ -104,14 +120,14 @@ class StandaloneSecurityExample:
                 key_file=None,
                 ca_cert_file=None,
                 verify_mode="CERT_REQUIRED",
-                min_version="TLSv1.2"
+                min_version="TLSv1.2",
             ),
             certificates=CertificateConfig(
                 enabled=False,  # Disable for standalone example
                 ca_cert_path=None,
                 ca_key_path=None,
                 cert_validity_days=365,
-                key_size=2048
+                key_size=2048,
             ),
             rate_limit=RateLimitConfig(
                 enabled=True,
@@ -120,7 +136,7 @@ class StandaloneSecurityExample:
                 burst_limit=2,
                 window_size_seconds=60,
                 storage_backend="memory",
-                cleanup_interval=300
+                cleanup_interval=300,
             ),
             logging=LoggingConfig(
                 enabled=True,
@@ -130,24 +146,29 @@ class StandaloneSecurityExample:
                 max_file_size=10,
                 backup_count=5,
                 console_output=True,
-                json_format=False
+                json_format=False,
             ),
             debug=True,
             environment="test",
-            version="1.0.0"
+            version="1.0.0",
         )
     def _create_test_jwt_token(self) -> str:
         """Create a test JWT token."""
         import jwt
         payload = {
             "username": "test_user",
             "roles": ["user"],
-            "exp": datetime.now(timezone.utc) + timedelta(hours=1)
+            "exp": datetime.now(timezone.utc) + timedelta(hours=1),
         }
-        jwt_secret = self.config.auth.jwt_secret.get_secret_value() if self.config.auth.jwt_secret else "default-jwt-secret-for-testing"
+        jwt_secret = (
+            self.config.auth.jwt_secret.get_secret_value()
+            if self.config.auth.jwt_secret
+            else "default-jwt-secret-for-testing"
+        )
         return jwt.encode(payload, jwt_secret, algorithm="HS256")
     def _create_test_certificate(self) -> str:
         """Create a test certificate."""
         return """-----BEGIN CERTIFICATE-----
@@ -162,104 +183,104 @@ eSBMdGQwHhcNMTkwMzI2MTIzMzQ5WhcNMjAwMzI1MTIzMzQ5WjBFMQswCQYDVQQG
 EwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lk
 Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
 -----END CERTIFICATE-----"""
     def demonstrate_authentication(self) -> Dict[str, Any]:
         """
         Demonstrate ALL authentication methods.
         Returns:
             Dict with authentication test results
         """
         self.logger.info("Demonstrating authentication capabilities...")
         results = {
             "api_key_auth": {},
             "jwt_auth": {},
             "certificate_auth": {},
-            "failed_auth": {}
+            "failed_auth": {},
         }
         # 1. API Key Authentication
         try:
-            auth_result = self.security_manager.authenticate_user({
-                "method": "api_key",
-                "api_key": self.test_api_key
-            })
+            auth_result = self.security_manager.authenticate_user(
+                {"method": "api_key", "api_key": self.test_api_key}
+            )
             results["api_key_auth"] = {
                 "success": auth_result.is_valid,
                 "username": auth_result.username,
                 "roles": auth_result.roles,
-                "auth_method": auth_result.auth_method.value
+                "auth_method": auth_result.auth_method.value,
             }
-            self.logger.info(f"API Key auth: {auth_result.username} - {auth_result.roles}")
+            self.logger.info(
+                f"API Key auth: {auth_result.username} - {auth_result.roles}"
+            )
         except Exception as e:
             results["api_key_auth"] = {"error": str(e)}
         # 2. JWT Authentication
         try:
-            auth_result = self.security_manager.authenticate_user({
-                "method": "jwt",
-                "token": self.test_jwt_token
-            })
+            auth_result = self.security_manager.authenticate_user(
+                {"method": "jwt", "token": self.test_jwt_token}
+            )
             results["jwt_auth"] = {
                 "success": auth_result.is_valid,
                 "username": auth_result.username,
                 "roles": auth_result.roles,
-                "auth_method": auth_result.auth_method.value
+                "auth_method": auth_result.auth_method.value,
             }
             self.logger.info(f"JWT auth: {auth_result.username} - {auth_result.roles}")
         except Exception as e:
             results["jwt_auth"] = {"error": str(e)}
         # 3. Certificate Authentication
         try:
-            auth_result = self.security_manager.authenticate_user({
-                "method": "certificate",
-                "certificate": self.test_certificate
-            })
+            auth_result = self.security_manager.authenticate_user(
+                {"method": "certificate", "certificate": self.test_certificate}
+            )
             results["certificate_auth"] = {
                 "success": auth_result.is_valid,
                 "username": auth_result.username,
                 "roles": auth_result.roles,
-                "auth_method": auth_result.auth_method.value
+                "auth_method": auth_result.auth_method.value,
             }
-            self.logger.info(f"Certificate auth: {auth_result.username} - {auth_result.roles}")
+            self.logger.info(
+                f"Certificate auth: {auth_result.username} - {auth_result.roles}"
+            )
         except Exception as e:
             results["certificate_auth"] = {"error": str(e)}
         # 4. Failed Authentication
         try:
-            auth_result = self.security_manager.authenticate_user({
-                "method": "api_key",
-                "api_key": "invalid_key"
-            })
+            auth_result = self.security_manager.authenticate_user(
+                {"method": "api_key", "api_key": "invalid_key"}
+            )
             results["failed_auth"] = {
                 "success": auth_result.is_valid,
                 "error_message": auth_result.error_message,
-                "error_code": auth_result.error_code
+                "error_code": auth_result.error_code,
             }
             self.logger.info(f"Failed auth test: {auth_result.error_message}")
         except Exception as e:
             results["failed_auth"] = {"error": str(e)}
         return results
     def demonstrate_authorization(self) -> Dict[str, Any]:
         """
         Demonstrate authorization capabilities.
         Returns:
             Dict with authorization test results
         """
         self.logger.info("Demonstrating authorization capabilities...")
         results = {
             "admin_permissions": {},
             "user_permissions": {},
             "readonly_permissions": {},
-            "denied_permissions": {}
+            "denied_permissions": {},
         }
         # 1. Admin permissions
         try:
             result = self.security_manager.check_permissions(
@@ -267,12 +288,12 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             )
             results["admin_permissions"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"Admin permissions: {result.is_valid}")
         except Exception as e:
             results["admin_permissions"] = {"error": str(e)}
         # 2. User permissions
         try:
             result = self.security_manager.check_permissions(
@@ -280,94 +301,85 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             )
             results["user_permissions"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"User permissions: {result.is_valid}")
         except Exception as e:
             results["user_permissions"] = {"error": str(e)}
         # 3. Readonly permissions
         try:
-            result = self.security_manager.check_permissions(
-                ["readonly"], ["read"]
-            )
+            result = self.security_manager.check_permissions(["readonly"], ["read"])
             results["readonly_permissions"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"Readonly permissions: {result.is_valid}")
         except Exception as e:
             results["readonly_permissions"] = {"error": str(e)}
         # 4. Denied permissions
         try:
-            result = self.security_manager.check_permissions(
-                ["readonly"], ["delete"]
-            )
+            result = self.security_manager.check_permissions(["readonly"], ["delete"])
             results["denied_permissions"] = {
                 "success": result.is_valid,
                 "status": result.status.value,
-                "error_message": result.error_message
+                "error_message": result.error_message,
             }
             self.logger.info(f"Denied permissions: {result.is_valid}")
         except Exception as e:
             results["denied_permissions"] = {"error": str(e)}
         return results
     def demonstrate_rate_limiting(self) -> Dict[str, Any]:
         """
         Demonstrate rate limiting capabilities.
         Returns:
             Dict with rate limiting test results
         """
         self.logger.info("Demonstrating rate limiting capabilities...")
-        results = {
-            "rate_limit_checks": [],
-            "rate_limit_exceeded": False
-        }
+        results = {"rate_limit_checks": [], "rate_limit_exceeded": False}
         identifier = "test_user_123"
         # Test rate limiting
         for i in range(5):
             try:
                 allowed = self.security_manager.check_rate_limit(identifier)
-                results["rate_limit_checks"].append({
-                    "request": i + 1,
-                    "allowed": allowed
-                })
-                self.logger.info(f"Rate limit check {i+1}: {'Allowed' if allowed else 'Blocked'}")
+                results["rate_limit_checks"].append(
+                    {"request": i + 1, "allowed": allowed}
+                )
+                self.logger.info(
+                    f"Rate limit check {i+1}: {'Allowed' if allowed else 'Blocked'}"
+                )
                 if not allowed:
                     results["rate_limit_exceeded"] = True
                     break
             except Exception as e:
-                results["rate_limit_checks"].append({
-                    "request": i + 1,
-                    "error": str(e)
-                })
+                results["rate_limit_checks"].append({"request": i + 1, "error": str(e)})
         return results
     def demonstrate_certificate_management(self) -> Dict[str, Any]:
         """
         Demonstrate certificate management capabilities.
         Returns:
             Dict with certificate management test results
         """
         self.logger.info("Demonstrating certificate management capabilities...")
         results = {
             "certificate_creation": {},
             "certificate_validation": {},
-            "certificate_info": {}
+            "certificate_info": {},
         }
         # 1. Certificate creation (if enabled)
         if self.config.certificates.enabled:
             try:
@@ -376,19 +388,19 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                     "common_name": "test-client.example.com",
                     "organization": "Test Organization",
                     "country": "US",
-                    "validity_days": 365
+                    "validity_days": 365,
                 }
                 # Note: This would require actual CA files
                 # cert_pair = self.security_manager.create_certificate(cert_config)
                 results["certificate_creation"] = {
                     "success": True,
-                    "message": "Certificate creation capability demonstrated"
+                    "message": "Certificate creation capability demonstrated",
                 }
                 self.logger.info("Certificate creation capability demonstrated")
             except Exception as e:
                 results["certificate_creation"] = {"error": str(e)}
         # 2. Certificate validation
         try:
             # Test with dummy certificate
@@ -398,81 +410,74 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                 serial_number="123456789",
                 valid_from=datetime.now(timezone.utc),
                 valid_until=datetime.now(timezone.utc) + timedelta(days=365),
-                is_valid=True
+                is_valid=True,
             )
             results["certificate_validation"] = {
                 "success": True,
                 "certificate_info": {
                     "subject": cert_info.subject,
                     "issuer": cert_info.issuer,
-                    "is_valid": cert_info.is_valid
-                }
+                    "is_valid": cert_info.is_valid,
+                },
             }
             self.logger.info("Certificate validation capability demonstrated")
         except Exception as e:
             results["certificate_validation"] = {"error": str(e)}
         return results
     def demonstrate_security_validation(self) -> Dict[str, Any]:
         """
         Demonstrate security validation capabilities.
         Returns:
             Dict with validation test results
         """
         self.logger.info("Demonstrating security validation capabilities...")
-        results = {
-            "request_validation": {},
-            "configuration_validation": {}
-        }
+        results = {"request_validation": {}, "configuration_validation": {}}
         # 1. Request validation
         try:
             request_data = {
                 "api_key": self.test_api_key,
                 "required_permissions": ["read", "write"],
-                "client_ip": "192.168.1.100"
+                "client_ip": "192.168.1.100",
             }
             result = self.security_manager.validate_request(request_data)
             results["request_validation"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"Request validation: {result.is_valid}")
         except Exception as e:
             results["request_validation"] = {"error": str(e)}
         # 2. Configuration validation
         try:
             result = self.security_manager.validate_configuration()
             results["configuration_validation"] = {
                 "success": result.is_valid,
-                "status": result.status.value
+                "status": result.status.value,
             }
             self.logger.info(f"Configuration validation: {result.is_valid}")
         except Exception as e:
             results["configuration_validation"] = {"error": str(e)}
         return results
     def demonstrate_security_monitoring(self) -> Dict[str, Any]:
         """
         Demonstrate security monitoring capabilities.
         Returns:
             Dict with monitoring test results
         """
         self.logger.info("Demonstrating security monitoring capabilities...")
-        results = {
-            "security_status": {},
-            "security_metrics": {},
-            "security_audit": {}
-        }
+        results = {"security_status": {}, "security_metrics": {}, "security_audit": {}}
         # 1. Security status
         try:
             status = self.security_manager.get_security_status()
@@ -480,26 +485,26 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                 "status": status.status.value,
                 "message": status.message,
                 "version": status.version,
-                "metadata": status.metadata
+                "metadata": status.metadata,
             }
             print(f"Security status: {results['security_status']}")
             self.logger.info("Security status retrieved successfully")
         except Exception as e:
             results["security_status"] = {"error": str(e)}
             print(f"Security status error: {str(e)}")
         # 2. Security metrics
         try:
             metrics = self.security_manager.get_security_metrics()
             results["security_metrics"] = {
                 "authentication_attempts": metrics.get("authentication_attempts", 0),
                 "security_events": metrics.get("security_events", 0),
-                "uptime_seconds": metrics.get("uptime_seconds", 0)
+                "uptime_seconds": metrics.get("uptime_seconds", 0),
             }
             self.logger.info("Security metrics retrieved successfully")
         except Exception as e:
             results["security_metrics"] = {"error": str(e)}
         # 3. Security audit
         try:
             audit = self.security_manager.perform_security_audit()
@@ -507,23 +512,23 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                 "authentication": audit.get("authentication", {}),
                 "authorization": audit.get("authorization", {}),
                 "rate_limiting": audit.get("rate_limiting", {}),
-                "ssl": audit.get("ssl", {})
+                "ssl": audit.get("ssl", {}),
             }
             self.logger.info("Security audit completed successfully")
         except Exception as e:
             results["security_audit"] = {"error": str(e)}
         return results
     def run_comprehensive_demo(self) -> Dict[str, Any]:
         """
         Run comprehensive demonstration of ALL framework capabilities.
         Returns:
             Dict with all demonstration results
         """
         self.logger.info("Starting comprehensive security framework demonstration...")
         demo_results = {
             "timestamp": datetime.now(timezone.utc).isoformat(),
             "framework": "MCP Security Framework",
@@ -533,16 +538,16 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             "rate_limiting": self.demonstrate_rate_limiting(),
             "certificate_management": self.demonstrate_certificate_management(),
             "security_validation": self.demonstrate_security_validation(),
-            "security_monitoring": self.demonstrate_security_monitoring()
+            "security_monitoring": self.demonstrate_security_monitoring(),
         }
         self.logger.info("Comprehensive demonstration completed successfully")
         return demo_results
     def process_request(self, request_data: Dict[str, Any]) -> Dict[str, Any]:
         """
         Process a security request.
         Args:
             request_data: Dictionary containing request information
                 - credentials: Authentication credentials
@@ -550,7 +555,7 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                 - resource: Resource being accessed
                 - identifier: Client identifier for rate limiting
                 - data: Optional data for write operations
         Returns:
             Dictionary with processing results
         """
@@ -561,7 +566,7 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
             resource = request_data.get("resource", "/")
             identifier = request_data.get("identifier", "unknown")
             data = request_data.get("data")
             # Check rate limiting
             rate_limit_result = self.security_manager.check_rate_limit(identifier)
             if not rate_limit_result:
@@ -569,52 +574,48 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                     "success": False,
                     "status_code": 429,
                     "error": "Rate limit exceeded",
-                    "retry_after": 60
+                    "retry_after": 60,
                 }
             # Authenticate request
             auth_result = None
             if "api_key" in credentials:
-                auth_result = self.security_manager.authenticate_user({
-                    "method": "api_key",
-                    "api_key": credentials["api_key"]
-                })
+                auth_result = self.security_manager.authenticate_user(
+                    {"method": "api_key", "api_key": credentials["api_key"]}
+                )
             elif "jwt_token" in credentials:
-                auth_result = self.security_manager.authenticate_user({
-                    "method": "jwt",
-                    "token": credentials["jwt_token"]
-                })
+                auth_result = self.security_manager.authenticate_user(
+                    {"method": "jwt", "token": credentials["jwt_token"]}
+                )
             elif "certificate" in credentials:
-                auth_result = self.security_manager.authenticate_user({
-                    "method": "certificate",
-                    "certificate": credentials["certificate"]
-                })
+                auth_result = self.security_manager.authenticate_user(
+                    {"method": "certificate", "certificate": credentials["certificate"]}
+                )
             # Check authentication
             if not auth_result or not auth_result.is_valid:
                 return {
                     "success": False,
                     "status_code": 401,
                     "error": "Authentication failed",
-                    "auth_result": auth_result.model_dump() if auth_result else None
+                    "auth_result": auth_result.model_dump() if auth_result else None,
                 }
             # Check authorization
             required_permissions = self._get_required_permissions(action, resource)
             authz_result = self.security_manager.check_permissions(
-                auth_result.roles,
-                required_permissions
+                auth_result.roles, required_permissions
             )
             if not authz_result.is_valid:
                 return {
                     "success": False,
                     "status_code": 403,
                     "error": "Authorization failed",
                     "auth_result": auth_result.model_dump(),
-                    "authz_result": authz_result.model_dump()
+                    "authz_result": authz_result.model_dump(),
                 }
             # Process the request
             result = {
                 "success": True,
@@ -623,113 +624,113 @@ Z2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
                 "authz_result": authz_result.model_dump(),
                 "data": data if action == "write" else None,
                 "resource": resource,
-                "action": action
+                "action": action,
             }
             # Log the successful request
             self.logger.info(f"Request processed successfully: {action} {resource}")
             return result
         except Exception as e:
             self.logger.error(f"Error processing request: {str(e)}")
             return {
                 "success": False,
                 "status_code": 500,
-                "error": f"Internal server error: {str(e)}"
+                "error": f"Internal server error: {str(e)}",
             }
     def _get_required_permissions(self, action: str, resource: str) -> List[str]:
         """Get required permissions for action and resource."""
         if action == "read":
-            return ["read:own"]  # Use read:own instead of read
+            return ["read"]
         elif action == "write":
-            return ["write:own"]  # Use write:own instead of write
+            return ["write"]
         elif action == "delete":
-            return ["delete:own"]  # Use delete:own instead of delete
-        elif "admin" in resource:
+            return ["delete"]
+        elif action == "admin":
             return ["admin"]
         else:
-            return ["read:own"]  # Use read:own instead of read
+            return ["read"]
 class StandaloneExampleTest:
     """Test class for standalone example."""
     def test_authentication(self):
         """Test authentication capabilities."""
         example = StandaloneSecurityExample()
         results = example.demonstrate_authentication()
         # Verify API key authentication works
         assert results["api_key_auth"]["success"] == True
         assert results["api_key_auth"]["username"] == "admin"
         assert "admin" in results["api_key_auth"]["roles"]
         # Verify JWT authentication works
         assert results["jwt_auth"]["success"] == True
         assert results["jwt_auth"]["username"] == "test_user"
         # Verify failed authentication is handled
         assert results["failed_auth"]["success"] == False
         print("✅ Authentication tests passed")
     def test_authorization(self):
         """Test authorization capabilities."""
         example = StandaloneSecurityExample()
         results = example.demonstrate_authorization()
         # Verify admin permissions work
         assert results["admin_permissions"]["success"] == True
         # Verify user permissions work
         assert results["user_permissions"]["success"] == True
         # Verify readonly permissions work
         assert results["readonly_permissions"]["success"] == True
         print("✅ Authorization tests passed")
     def test_rate_limiting(self):
         """Test rate limiting capabilities."""
         example = StandaloneSecurityExample()
         results = example.demonstrate_rate_limiting()
         # Verify rate limiting checks work
         assert len(results["rate_limit_checks"]) > 0
         assert results["rate_limit_checks"][0]["allowed"] == True
         print("✅ Rate limiting tests passed")
     def test_security_validation(self):
         """Test security validation capabilities."""
         example = StandaloneSecurityExample()
         results = example.demonstrate_security_validation()
         # Verify request validation works
         assert results["request_validation"]["success"] == True
         # Verify configuration validation works
         assert results["configuration_validation"]["success"] == True
         print("✅ Security validation tests passed")
     def test_security_monitoring(self):
         """Test security monitoring capabilities."""
         example = StandaloneSecurityExample()
         results = example.demonstrate_security_monitoring()
         # Verify security status works
         assert "status" in results["security_status"]
         assert "message" in results["security_status"]
         # Verify security metrics work
         assert "authentication_attempts" in results["security_metrics"]
         # Verify security audit works
         assert "authentication" in results["security_audit"]
         print("✅ Security monitoring tests passed")
@@ -737,43 +738,67 @@ def main():
     """Main function to run the standalone example."""
     print("\n🚀 MCP Security Framework - Standalone Example")
     print("=" * 60)
     # Create example instance
     example = StandaloneSecurityExample()
     # Run comprehensive demonstration
     results = example.run_comprehensive_demo()
     # Print results
     print("\n📊 COMPREHENSIVE DEMONSTRATION RESULTS")
     print("=" * 60)
     print(f"Framework: {results['framework']}")
     print(f"Version: {results['version']}")
     print(f"Timestamp: {results['timestamp']}")
     print("\n🔐 AUTHENTICATION RESULTS:")
-    print(f"  API Key: {'✅' if results['authentication']['api_key_auth']['success'] else '❌'}")
-    print(f"  JWT: {'✅' if results['authentication']['jwt_auth']['success'] else '❌'}")
-    print(f"  Certificate: {'✅' if results['authentication']['certificate_auth']['success'] else '❌'}")
+    print(
+        f"  API Key: {'✅' if results['authentication']['api_key_auth']['success'] else '❌'}"
+    )
+    print(
+        f"  JWT: {'✅' if results['authentication']['jwt_auth']['success'] else '❌'}"
+    )
+    print(
+        f"  Certificate: {'✅' if results['authentication']['certificate_auth']['success'] else '❌'}"
+    )
     print("\n🔑 AUTHORIZATION RESULTS:")
-    print(f"  Admin Permissions: {'✅' if results['authorization']['admin_permissions']['success'] else '❌'}")
-    print(f"  User Permissions: {'✅' if results['authorization']['user_permissions']['success'] else '❌'}")
-    print(f"  Readonly Permissions: {'✅' if results['authorization']['readonly_permissions']['success'] else '❌'}")
+    print(
+        f"  Admin Permissions: {'✅' if results['authorization']['admin_permissions']['success'] else '❌'}"
+    )
+    print(
+        f"  User Permissions: {'✅' if results['authorization']['user_permissions']['success'] else '❌'}"
+    )
+    print(
+        f"  Readonly Permissions: {'✅' if results['authorization']['readonly_permissions']['success'] else '❌'}"
+    )
     print("\n⚡ RATE LIMITING RESULTS:")
     print(f"  Rate Limit Checks: {len(results['rate_limiting']['rate_limit_checks'])}")
-    print(f"  Rate Limit Exceeded: {'❌' if results['rate_limiting']['rate_limit_exceeded'] else '✅'}")
+    print(
+        f"  Rate Limit Exceeded: {'❌' if results['rate_limiting']['rate_limit_exceeded'] else '✅'}"
+    )
     print("\n🔒 SECURITY VALIDATION RESULTS:")
-    print(f"  Request Validation: {'✅' if results['security_validation']['request_validation']['success'] else '❌'}")
-    print(f"  Configuration Validation: {'✅' if results['security_validation']['configuration_validation']['success'] else '❌'}")
+    print(
+        f"  Request Validation: {'✅' if results['security_validation']['request_validation']['success'] else '❌'}"
+    )
+    print(
+        f"  Configuration Validation: {'✅' if results['security_validation']['configuration_validation']['success'] else '❌'}"
+    )
     print("\n📊 SECURITY MONITORING RESULTS:")
-    print(f"  Security Status: {'✅' if 'ssl_enabled' in results['security_monitoring']['security_status'] else '❌'}")
-    print(f"  Security Metrics: {'✅' if 'authentication_attempts' in results['security_monitoring']['security_metrics'] else '❌'}")
-    print(f"  Security Audit: {'✅' if 'authentication' in results['security_monitoring']['security_audit'] else '❌'}")
+    print(
+        f"  Security Status: {'✅' if 'ssl_enabled' in results['security_monitoring']['security_status'] else '❌'}"
+    )
+    print(
+        f"  Security Metrics: {'✅' if 'authentication_attempts' in results['security_monitoring']['security_metrics'] else '❌'}"
+    )
+    print(
+        f"  Security Audit: {'✅' if 'authentication' in results['security_monitoring']['security_audit'] else '❌'}"
+    )
     print("\n🎉 ALL FRAMEWORK CAPABILITIES DEMONSTRATED SUCCESSFULLY!")
     print("=" * 60)
@@ -787,6 +812,6 @@ if __name__ == "__main__":
     test.test_rate_limiting()
     test.test_security_validation()
     test.test_security_monitoring()
     print("\nExample Usage:")
     main()

mcp-security-framework 1.1.0__py3-none-any.whl → 1.1.2__py3-none-any.whl

mcp-security-framework 1.1.0py3-none-any.whl → 1.1.2py3-none-any.whl