mcp2cli 2.4.3__tar.gz → 2.6.0__tar.gz

{mcp2cli-2.4.3 → mcp2cli-2.6.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mcp2cli
-Version: 2.4.3
+Version: 2.6.0
 Summary: Turn any MCP server or OpenAPI spec into a CLI
 Author: Stephan Fitzpatrick
 Author-email: Stephan Fitzpatrick <stephan@knowsuchagency.com>

{mcp2cli-2.4.3 → mcp2cli-2.6.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "mcp2cli"
-version = "2.4.3"
+version = "2.6.0"
 description = "Turn any MCP server or OpenAPI spec into a CLI"
 readme = "README.md"
 license = "MIT"

{mcp2cli-2.4.3 → mcp2cli-2.6.0}/src/mcp2cli/__init__.py

@@ -2,7 +2,7 @@
 
 from __future__ import annotations
 
-__version__ = "2.4.0"
+__version__ = "2.6.0"
 
 import argparse
 import copy
@@ -352,9 +352,25 @@ def _handle_http_error(resp) -> None:
 # ---------------------------------------------------------------------------
 
 
-def cache_key_for(source: str) -> str:
-    return hashlib.sha256(source.encode()).hexdigest()[:16]
+def cache_key_for(config: dict) -> str:
+    """
+    Generate cache key from tool configuration dict.
 
+    Hashes all config fields that affect MCP server behavior to ensure
+    unique caching for tools with the same URL but different configurations.
+    """
+    # Exclude fields that don't affect which tools are returned
+    cache_config = {
+        k: v for k, v in config.items()
+        if k not in ('cache_ttl', 'description', 'include', 'exclude', 'methods')
+    }
+    # Ensure auth_headers are sorted for stable hashing
+    if 'auth_headers' in cache_config and cache_config['auth_headers']:
+        cache_config['auth_headers'] = sorted(cache_config['auth_headers'])
+
+    return hashlib.sha256(
+        json.dumps(cache_config, sort_keys=True).encode()
+    ).hexdigest()[:16]
 
 def load_cached(key: str, ttl: int) -> dict | None:
     path = CACHE_DIR / f"{key}.json"
@@ -467,21 +483,34 @@ def build_oauth_provider(
     client_secret: str | None = None,
     scope: str | None = None,
     redirect_uri: str | None = None,
+    flow: str = "auto",
 ) -> "httpx.Auth":
     """Build an OAuth provider for HTTP connections.
 
-    - client_id + client_secret  → client credentials flow (machine-to-machine).
-    - client_id only             → authorization code + PKCE, pre-configured client
-                                   (no dynamic client registration).
-    - neither                    → authorization code + PKCE with dynamic client
-                                   registration.
+    The ``flow`` parameter controls which grant type is used:
+
+    - ``"auto"`` (default): client_id + client_secret → client credentials;
+      client_id only → authorization code + PKCE (public client);
+      neither → authorization code + PKCE with dynamic client registration.
+    - ``"authorization_code"``: always use authorization code + PKCE.
+      When a client_secret is also provided the token-endpoint request
+      authenticates as a confidential client (``client_secret_post``).
+      This is required by servers like Slack that issue confidential OAuth
+      clients but only support the authorization-code grant.
+    - ``"client_credentials"``: always use client credentials (requires both
+      client_id and client_secret).
 
     redirect_uri controls the full callback URL (scheme, host, port, path).
     When None, defaults to http://127.0.0.1:<random-free-port>/callback.
     """
     storage = FileTokenStorage(server_url)
 
-    if client_id and client_secret:
+    use_client_credentials = (
+        flow == "client_credentials"
+        or (flow == "auto" and client_id and client_secret)
+    )
+
+    if use_client_credentials:
         from mcp.client.auth.extensions.client_credentials import (
             ClientCredentialsOAuthProvider,
         )
@@ -540,10 +569,18 @@ def build_oauth_provider(
         # Pre-seed storage with the caller-supplied client_id so the OAuth
         # provider skips dynamic client registration entirely.  The write is
         # synchronous (plain file I/O) so no async context is needed here.
+        #
+        # When a client_secret is provided (confidential client, e.g. Slack),
+        # include it and use client_secret_post so the token-endpoint request
+        # sends the secret in the POST body.
+        if client_secret:
+            auth_method = "client_secret_post"
+        else:
+            auth_method = "none"
         pre_client_info = OAuthClientInformationFull(
             client_id=client_id,
-            client_secret=None,
-            token_endpoint_auth_method="none",
+            client_secret=client_secret,
+            token_endpoint_auth_method=auth_method,
             redirect_uris=[redirect_uri],
             grant_types=["authorization_code", "refresh_token"],
             response_types=["code"],
@@ -642,7 +679,10 @@ def load_openapi_spec(
     is_url = source.startswith("http://") or source.startswith("https://")
 
     if is_url:
-        key = cache_key or cache_key_for(source)
+        key = cache_key or cache_key_for({
+            'source': source,
+            'auth_headers': auth_headers,
+        })
         if not refresh:
             cached = load_cached(key, ttl)
             if cached is not None:
@@ -1024,7 +1064,10 @@ def load_graphql_schema(
     oauth_provider: "httpx.Auth | None" = None,
 ) -> dict:
     """POST introspection query to a GraphQL endpoint, with caching."""
-    key = cache_key or cache_key_for(f"graphql:{url}")
+    key = cache_key or cache_key_for({
+        'source': f"graphql:{url}",
+        'auth_headers': auth_headers,
+    })
     if not refresh:
         cached = load_cached(key, ttl)
         if cached is not None:
@@ -1161,8 +1204,28 @@ def extract_graphql_commands(schema: dict) -> list[CommandDef]:
     return commands
 
 
-def list_graphql_commands(commands: list[CommandDef]):
+def _truncate_description(description: str, max_len: int) -> str:
+    """Truncate at a word boundary and append '...'."""
+    if len(description) <= max_len:
+        return description
+    return description[:max_len].rsplit(" ", 1)[0].rstrip() + "..."
+
+
+def _wrap_description(description: str, indent: int, total_width: int = 110) -> str:
+    """Wrap long descriptions; indent continuation lines to align with description column."""
+    import textwrap
+    return textwrap.fill(
+        description,
+        width=total_width,
+        subsequent_indent=" " * indent,
+        break_long_words=False,
+        break_on_hyphens=False,
+    )
+
+
+def list_graphql_commands(commands: list[CommandDef], verbose: bool = False):
     """Group commands by operation type and print."""
+
     groups: dict[str, list[CommandDef]] = {}
     for cmd in commands:
         key = cmd.graphql_operation_type or "other"
@@ -1175,7 +1238,14 @@ def list_graphql_commands(commands: list[CommandDef]):
         label = "queries" if group == "query" else "mutations"
         print(f"\n{label}:")
         for cmd in cmds:
-            desc = f"  {cmd.description[:60]}" if cmd.description else ""
+            if cmd.description:
+                if verbose:
+                    wrapped = _wrap_description(cmd.description, indent=42, total_width=100)
+                    desc = f"  {wrapped}"
+                else:
+                    desc = f"  {_truncate_description(cmd.description, 60)}"
+            else:
+                desc = ""
             print(f"  {cmd.name:<40}{desc}")
 
 
@@ -1291,18 +1361,19 @@ def handle_graphql(
     oauth_provider: "httpx.Auth | None" = None,
     jq_expr: str | None = None,
     head: int | None = None,
+    verbose: bool = False,
 ):
     """Top-level handler for --graphql mode."""
     schema = load_graphql_schema(url, auth_headers, cache_key, ttl, refresh, oauth_provider=oauth_provider)
     commands = extract_graphql_commands(schema)
 
     if list_mode:
-        list_graphql_commands(commands)
+        list_graphql_commands(commands, verbose=verbose)
         return
 
     if not remaining:
         print("Available operations:")
-        list_graphql_commands(commands)
+        list_graphql_commands(commands, verbose=verbose)
         print("\nUse --list for the same output, or provide a subcommand.")
         return
 
@@ -1414,6 +1485,8 @@ def _baked_to_argv(config: dict) -> list[str]:
         argv += ["--oauth-scope", config["oauth_scope"]]
     if config.get("oauth_redirect_uri"):
         argv += ["--oauth-redirect-uri", config["oauth_redirect_uri"]]
+    if config.get("oauth_flow") and config["oauth_flow"] != "auto":
+        argv += ["--oauth-flow", config["oauth_flow"]]
     return argv
 
 
@@ -1462,6 +1535,17 @@ def _bake_create(argv: list[str]) -> None:
     p.add_argument("--oauth-client-secret", default=None)
     p.add_argument("--oauth-scope", default=None)
     p.add_argument("--oauth-redirect-uri", default=None, metavar="URI")
+    p.add_argument(
+        "--oauth-flow",
+        choices=["auto", "authorization_code", "client_credentials"],
+        default="auto",
+        help=(
+            "OAuth flow to use. 'auto' (default) picks client_credentials when both "
+            "client-id and client-secret are provided, otherwise authorization_code. "
+            "Use 'authorization_code' to force the auth code + PKCE flow even with a "
+            "client secret (required for confidential-client servers like Slack)."
+        ),
+    )
     p.add_argument("--include", default="", help="Comma-separated include globs")
     p.add_argument("--exclude", default="", help="Comma-separated exclude globs")
     p.add_argument("--methods", default="", help="Comma-separated HTTP methods")
@@ -1516,6 +1600,7 @@ def _bake_create(argv: list[str]) -> None:
         "oauth_client_secret": args.oauth_client_secret,
         "oauth_scope": args.oauth_scope,
         "oauth_redirect_uri": args.oauth_redirect_uri,
+        "oauth_flow": args.oauth_flow,
         "include": [x.strip() for x in args.include.split(",") if x.strip()],
         "exclude": [x.strip() for x in args.exclude.split(",") if x.strip()],
         "methods": [x.strip().upper() for x in args.methods.split(",") if x.strip()],
@@ -1721,7 +1806,7 @@ def build_argparse(
 # ---------------------------------------------------------------------------
 
 
-def list_openapi_commands(commands: list[CommandDef]):
+def list_openapi_commands(commands: list[CommandDef], verbose: bool = False):
     groups: dict[str, list[CommandDef]] = {}
     for cmd in commands:
         prefix = cmd.name.split("-", 1)[0] if "-" in cmd.name else "other"
@@ -1733,13 +1818,24 @@ def list_openapi_commands(commands: list[CommandDef]):
             method = (cmd.method or "").upper()
             line = f"  {cmd.name:<45} {method:<6}"
             if cmd.description:
-                line += f" {cmd.description[:60]}"
+                if verbose:
+                    wrapped = _wrap_description(cmd.description, indent=54, total_width=110)
+                    line += f" {wrapped}"
+                else:
+                    line += f" {_truncate_description(cmd.description, 60)}"
             print(line)
 
 
-def list_mcp_commands(commands: list[CommandDef]):
+def list_mcp_commands(commands: list[CommandDef], verbose: bool = False):
     for cmd in commands:
-        desc = f"  {cmd.description[:70]}" if cmd.description else ""
+        if cmd.description:
+            if verbose:
+                wrapped = _wrap_description(cmd.description, indent=42, total_width=110)
+                desc = f"  {wrapped}"
+            else:
+                desc = f"  {_truncate_description(cmd.description, 70)}"
+        else:
+            desc = ""
         print(f"  {cmd.name:<40}{desc}")
 
 
@@ -1919,6 +2015,7 @@ def run_mcp_http(
     search_pattern: str | None = None,
     jq_expr: str | None = None,
     head: int | None = None,
+    verbose: bool = False,
 ):
     extra = dict(
         resource_action=resource_action,
@@ -1929,6 +2026,7 @@ def run_mcp_http(
         search_pattern=search_pattern,
         jq_expr=jq_expr,
         head=head,
+        verbose=verbose,
     )
 
     async def _run():
@@ -2014,6 +2112,7 @@ def run_mcp_stdio(
     search_pattern: str | None = None,
     jq_expr: str | None = None,
     head: int | None = None,
+    verbose: bool = False,
 ):
     extra = dict(
         resource_action=resource_action,
@@ -2024,6 +2123,7 @@ def run_mcp_stdio(
         search_pattern=search_pattern,
         jq_expr=jq_expr,
         head=head,
+        verbose=verbose,
     )
 
     import anyio
@@ -2075,6 +2175,7 @@ async def _mcp_session(
     search_pattern: str | None = None,
     jq_expr: str | None = None,
     head: int | None = None,
+    verbose: bool = False,
 ):
     # Handle resource operations
     if resource_action:
@@ -2111,7 +2212,7 @@ async def _mcp_session(
             print(f"\nTools matching '{search_pattern}':")
         else:
             print("\nAvailable tools:")
-        list_mcp_commands(commands)
+        list_mcp_commands(commands, verbose=verbose)
         return
 
     if tool_name is None:
@@ -2729,8 +2830,18 @@ def handle_mcp(
     bake_config: BakeConfig | None = None,
     jq_expr: str | None = None,
     head: int | None = None,
+    verbose: bool = False,
 ):
-    key = cache_key_override or cache_key_for(source)
+    # Build a config dict for cache key generation (future-proof)
+    config_for_cache = {
+        'source': source,
+        'auth_headers': auth_headers,
+        'transport': transport,
+        'env_vars': env_vars,
+        'is_stdio': is_stdio,
+    }
+    
+    key = cache_key_override or cache_key_for(config_for_cache)
 
     # Resource/prompt operations skip the tool flow entirely
     if resource_action or prompt_action:
@@ -2763,7 +2874,7 @@ def handle_mcp(
                 commands, bake_config.include, bake_config.exclude, bake_config.methods,
             )
             print("\nAvailable tools:")
-            list_mcp_commands(commands)
+            list_mcp_commands(commands, verbose=verbose)
             return
         _dispatch_mcp_call(
             source, is_stdio, auth_headers, env_vars,
@@ -2771,6 +2882,7 @@ def handle_mcp(
             toon=toon, transport=transport, oauth_provider=oauth_provider,
             search_pattern=search_pattern,
             jq_expr=jq_expr, head=head,
+            verbose=verbose,
         )
         return
 
@@ -2788,7 +2900,7 @@ def handle_mcp(
 
     if not remaining:
         print("Available tools:")
-        list_mcp_commands(commands)
+        list_mcp_commands(commands, verbose=verbose)
         print("\nUse --list for the same output, or provide a subcommand.")
         return
 
@@ -2986,6 +3098,12 @@ def _build_main_parser() -> argparse.ArgumentParser:
         metavar="PATTERN",
         help="Search tools by name or description (case-insensitive substring match)",
     )
+    pre.add_argument(
+        "--verbose",
+        action="store_true",
+        dest="verbose",
+        help="Show full tool descriptions in --list output, wrapped to terminal width (default: truncated with ...)",
+    )
     pre.add_argument("--pretty", action="store_true", help="Pretty-print JSON output")
     pre.add_argument("--raw", action="store_true", help="Print raw response body")
     pre.add_argument(
@@ -3055,6 +3173,17 @@ def _build_main_parser() -> argparse.ArgumentParser:
         help="Full redirect URI for the OAuth callback (e.g. http://localhost:3334/oauth/callback). "
              "Overrides the default http://127.0.0.1:<random-port>/callback.",
     )
+    pre.add_argument(
+        "--oauth-flow",
+        choices=["auto", "authorization_code", "client_credentials"],
+        default="auto",
+        help=(
+            "OAuth flow to use. 'auto' (default) picks client_credentials when both "
+            "client-id and client-secret are provided, otherwise authorization_code. "
+            "Use 'authorization_code' to force the auth code + PKCE flow even with a "
+            "client secret (required for confidential-client servers like Slack)."
+        ),
+    )
     # Resource flags
     pre.add_argument(
         "--list-resources", action="store_true", help="List available resources"
@@ -3168,12 +3297,21 @@ def _setup_oauth(pre_args):
         if pre_args.oauth_client_secret
         else None
     )
+    flow = getattr(pre_args, "oauth_flow", "auto")
+    if flow == "client_credentials" and not (client_id and client_secret):
+        print(
+            "Error: --oauth-flow=client_credentials requires both "
+            "--oauth-client-id and --oauth-client-secret",
+            file=sys.stderr,
+        )
+        sys.exit(1)
     return build_oauth_provider(
         server_url,
         client_id=client_id,
         client_secret=client_secret,
         scope=pre_args.oauth_scope,
         redirect_uri=pre_args.oauth_redirect_uri,
+        flow=flow,
     )
 
 
@@ -3286,7 +3424,7 @@ def _handle_session_operations(
             print(f"\nTools matching '{search_pattern}':")
         else:
             print("\nAvailable tools:")
-        list_mcp_commands(commands)
+        list_mcp_commands(commands, verbose=pre_args.verbose)
         return True
 
     # Tool call via session
@@ -3294,7 +3432,7 @@ def _handle_session_operations(
         result = _session_request(sess_name, "list_tools")
         commands = extract_mcp_commands(result)
         print("Available tools:")
-        list_mcp_commands(commands)
+        list_mcp_commands(commands, verbose=pre_args.verbose)
         print("\nUse --list for the same output, or provide a subcommand.")
         return True
 
@@ -3391,7 +3529,7 @@ def _handle_openapi_mode(
                 print(f"\nNo tools matching '{search_pattern}'.")
                 return
             print(f"\nTools matching '{search_pattern}':")
-        list_openapi_commands(commands)
+        list_openapi_commands(commands, verbose=pre_args.verbose)
         return
 
     if not remaining:
@@ -3493,6 +3631,7 @@ def _main_impl(argv: list[str], bake_config: BakeConfig | None = None):
             oauth_provider=oauth_provider,
             jq_expr=pre_args.jq,
             head=pre_args.head,
+            verbose=pre_args.verbose,
         )
         return
 
@@ -3524,6 +3663,7 @@ def _main_impl(argv: list[str], bake_config: BakeConfig | None = None):
             bake_config=bake_config,
             jq_expr=pre_args.jq,
             head=pre_args.head,
+            verbose=pre_args.verbose,
         )
         return