mcpower-proxy 0.0.65__py3-none-any.whl → 0.0.79__py3-none-any.whl

wrapper/middleware.py

@@ -2,6 +2,8 @@
 FastMCP middleware for security policy enforcement
 Implements pre/post interception for all MCP operations
 """
+import asyncio
+import sys
 import time
 import urllib.parse
 from datetime import datetime, timezone
@@ -11,22 +13,25 @@ from typing import Any, Dict, List, Optional
 from fastmcp.exceptions import FastMCPError
 from fastmcp.server.middleware.middleware import Middleware, MiddlewareContext, CallNext
 from fastmcp.server.proxy import ProxyClient
+from httpx import HTTPStatusError
+from mcp import ErrorData
+
+from mcpower_shared.mcp_types import (create_policy_request, create_policy_response, AgentContext, EnvironmentContext,
+                                      InitRequest,
+                                      ServerRef, ToolRef)
 from modules.apis.security_policy import SecurityPolicyClient
+from modules.decision_handler import DecisionHandler, DecisionEnforcementError
 from modules.logs.audit_trail import AuditTrailLogger
 from modules.logs.logger import MCPLogger
 from modules.redaction import redact
-from modules.ui.classes import ConfirmationRequest, DialogOptions, UserDecision
-from modules.ui.confirmation import UserConfirmationDialog, UserConfirmationError
 from modules.utils.copy import safe_copy
-from modules.utils.ids import generate_event_id, get_session_id, read_app_uid
+from modules.utils.ids import generate_event_id, get_session_id, read_app_uid, get_project_mcpower_dir
 from modules.utils.json import safe_json_dumps, to_dict
 from modules.utils.mcp_configs import extract_wrapped_server_info
+from modules.utils.platform import get_client_os
+from modules.utils.string import truncate_at
 from wrapper.schema import merge_input_schema_with_existing
 
-from mcpower_shared.mcp_types import (create_policy_request, create_policy_response, AgentContext, EnvironmentContext,
-                                      InitRequest,
-                                      ServerRef, ToolRef, UserConfirmation)
-
 
 class MockContext:
     """Mock context for internal operations"""
@@ -52,10 +57,7 @@ class MockContext:
 class SecurityMiddleware(Middleware):
     """FastMCP middleware for security policy enforcement"""
 
-    app_id: str = ""
     _TOOLS_INIT_DEBOUNCE_SECONDS = 60
-    _last_tools_init_time: Optional[float] = None
-    _last_workspace_root: Optional[str] = None
 
     def __init__(self,
                  wrapped_server_configs: dict,
@@ -71,6 +73,9 @@ class SecurityMiddleware(Middleware):
         self.audit_logger = audit_logger
         self.app_id = ""
         self._last_workspace_root = None
+        self._last_tools_init_time: Optional[float] = None
+        self._tools_list_in_progress: Optional[asyncio.Task] = None
+        self._tools_list_lock = asyncio.Lock()
 
         self.wrapped_server_name, self.wrapped_server_transport = (
             extract_wrapped_server_info(self.wrapper_server_name, self.logger, self.wrapped_server_configs)
@@ -87,17 +92,36 @@ class SecurityMiddleware(Middleware):
     async def on_message(self, context: MiddlewareContext, call_next: CallNext) -> Any:
         self.logger.info(f"on_message: {redact(safe_json_dumps(context))}")
 
-        # Check workspace roots and re-initialize app_uid if workspace changed
-        workspace_roots = await self._extract_workspace_roots(context)
-        current_workspace_root = workspace_roots[0] if workspace_roots else str(Path.home() / ".mcpower")
-        if current_workspace_root != self._last_workspace_root:
-            self.logger.debug(f"Workspace root changed from {self._last_workspace_root} to {current_workspace_root}")
-            self._last_workspace_root = current_workspace_root
-            self.app_id = read_app_uid(logger=self.logger, project_folder_path=current_workspace_root)
-            self.audit_logger.set_app_uid(self.app_id)
+        # Skip workspace check for `initialize` calls to avoid premature app_uid changes.
+        # The `initialize` request doesn't contain workspace data, so checking it would
+        # cause unnecessary audit log flushes before the actual workspace init arrives.
+        if context.method != "initialize":
+            # Check workspace roots and re-initialize app_uid if workspace changed
+            workspace_roots = await self._extract_workspace_roots(context)
+            current_workspace_root = get_project_mcpower_dir(workspace_roots[0] if workspace_roots else None)
+            if current_workspace_root != self._last_workspace_root:
+                self.logger.debug(
+                    f"Workspace root changed from {self._last_workspace_root} to {current_workspace_root}")
+                self._last_workspace_root = current_workspace_root
+                self.app_id = read_app_uid(logger=self.logger, project_folder_path=current_workspace_root)
+                self.audit_logger.set_app_uid(self.app_id)
 
         operation_type = "message"
-        call_next_callback = call_next
+
+        async def call_next_wrapper(ctx):
+            try:
+                return await call_next(ctx)
+            except HTTPStatusError as e:
+                if e.response.status_code in (401, 403):
+                    raise FastMCPError(ErrorData(
+                        code=-32000,
+                        message="Authentication required",
+                        data={
+                            "type": "unauthorized",
+                            "details": "Please provide valid authentication credentials"
+                        }
+                    ))
+                raise e
 
         match context.type:
             case "request":
@@ -114,13 +138,13 @@ class SecurityMiddleware(Middleware):
                 operation_type = "prompt"
             case "tools/list":
                 # Special handling for tools/list - call /init instead of normal inspection
-                return await self._handle_tools_list(context, call_next)
-            case "resources/list" | "resources/templates/list" | "prompts/list":
-                return await call_next_callback(context)
+                return await self._handle_tools_list(context, call_next_wrapper)
+            case "initialize" | "resources/list" | "resources/templates/list" | "prompts/list":
+                return await call_next_wrapper(context)
 
         return await self._handle_operation(
             context=context,
-            call_next=call_next_callback,
+            call_next=call_next_wrapper,
             error_class=FastMCPError,
             operation_type=operation_type
         )
@@ -151,7 +175,7 @@ class SecurityMiddleware(Middleware):
     async def secure_elicitation_handler(self, message, response_type, params, context):
         # FIXME: elicitation message, params, and context should be redacted before logging
         self.logger.info(f"secure_elicitation_handler: "
-                         f"message={str(message)[:100]}..., response_type={response_type},"
+                         f"message={truncate_at(str(message), 100)}, response_type={response_type},"
                          f"params={params}, context={context}")
 
         mock_context = MockContext(
@@ -180,15 +204,15 @@ class SecurityMiddleware(Middleware):
         return await ProxyClient.default_progress_handler(progress, total, message)
 
     async def secure_log_handler(self, log_message):
-        # FIXME: log_message should be redacted before logging, 
-        self.logger.info(f"secure_log_handler: {str(log_message)[:100]}...")
+        # FIXME: log_message should be redacted before logging,
+        self.logger.info(f"secure_log_handler: {truncate_at(str(log_message), 100)}")
         # FIXME: log_message should be reviewed with policy before forwarding
-        
+
         # Handle case where log_message.data is a string instead of dict
         # The default_log_handler expects data to be a dict with 'msg' and 'extra' keys
         if hasattr(log_message, 'data') and isinstance(log_message.data, str):
             log_message = safe_copy(log_message, {'data': {'msg': log_message.data, 'extra': None}})
-        
+
         return await ProxyClient.default_log_handler(log_message)
 
     async def _handle_operation(self, context: MiddlewareContext, call_next, error_class, operation_type: str):
@@ -221,19 +245,28 @@ class SecurityMiddleware(Middleware):
             prompt_id=prompt_id
         )
         on_inspect_request_duration = time.time() - on_inspect_request_start_time
-        self.logger.info(f"PROFILE: {operation_type} id: {event_id} inspect_request duration: {on_inspect_request_duration:.2f} seconds")
+        self.logger.debug(
+            f"PROFILE: {operation_type} id: {event_id} inspect_request duration: {on_inspect_request_duration:.2f} seconds")
 
-        await self._enforce_decision(
-            decision=request_decision,
-            error_class=error_class,
-            base_message=f"{operation_type.title()} request blocked by security policy",
-            is_request=True,
-            event_id=event_id,
-            tool_name=tool_name,
-            content_data=tool_args,
-            operation_type=operation_type,
-            prompt_id=prompt_id
-        )
+        try:
+            await DecisionHandler(
+                logger=self.logger,
+                audit_logger=self.audit_logger,
+                session_id=self.session_id,
+                app_id=self.app_id
+            ).enforce_decision(
+                decision=request_decision,
+                is_request=True,
+                event_id=event_id,
+                tool_name=tool_name,
+                content_data=tool_args,
+                operation_type=operation_type,
+                prompt_id=prompt_id,
+                server_name=self.wrapped_server_name,
+                error_message_prefix=f"{operation_type.title()} request blocked by security policy"
+            )
+        except DecisionEnforcementError as e:
+            raise error_class(str(e))
 
         self.audit_logger.log_event(
             "agent_request_forwarded",
@@ -250,7 +283,8 @@ class SecurityMiddleware(Middleware):
         # Call wrapped MCP with cleaned context (e.g., no wrapper args)
         result = await call_next(cleaned_context)
         on_call_next_duration = time.time() - on_call_next_start_time
-        self.logger.info(f"PROFILE: {operation_type} id: {event_id} call_next duration: {on_call_next_duration:.2f} seconds")
+        self.logger.debug(
+            f"PROFILE: {operation_type} id: {event_id} call_next duration: {on_call_next_duration:.2f} seconds")
 
         response_content = self._extract_response_content(result)
 
@@ -275,19 +309,28 @@ class SecurityMiddleware(Middleware):
             prompt_id=prompt_id
         )
         on_inspect_response_duration = time.time() - on_inspect_response_start_time
-        self.logger.info(f"PROFILE: {operation_type} id: {event_id} inspect_response duration: {on_inspect_response_duration:.2f} seconds")
+        self.logger.debug(
+            f"PROFILE: {operation_type} id: {event_id} inspect_response duration: {on_inspect_response_duration:.2f} seconds")
 
-        await self._enforce_decision(
-            decision=response_decision,
-            error_class=error_class,
-            base_message=f"{operation_type.title()} response blocked by security policy",
-            is_request=False,
-            event_id=event_id,
-            tool_name=tool_name,
-            content_data=response_content,
-            operation_type=operation_type,
-            prompt_id=prompt_id
-        )
+        try:
+            await DecisionHandler(
+                logger=self.logger,
+                audit_logger=self.audit_logger,
+                session_id=self.session_id,
+                app_id=self.app_id
+            ).enforce_decision(
+                decision=response_decision,
+                is_request=False,
+                event_id=event_id,
+                tool_name=tool_name,
+                content_data=response_content,
+                operation_type=operation_type,
+                prompt_id=prompt_id,
+                server_name=self.wrapped_server_name,
+                error_message_prefix=f"{operation_type.title()} response blocked by security policy"
+            )
+        except DecisionEnforcementError as e:
+            raise error_class(str(e))
 
         self.audit_logger.log_event(
             "mcp_response_forwarded",
@@ -300,15 +343,30 @@ class SecurityMiddleware(Middleware):
             prompt_id=prompt_id
         )
         on_handle_operation_duration = time.time() - on_handle_operation_start_time
-        self.logger.info(f"PROFILE: {operation_type} id: {event_id} duration: {on_handle_operation_duration:.2f} seconds")
+        self.logger.debug(
+            f"PROFILE: {operation_type} id: {event_id} duration: {on_handle_operation_duration:.2f} seconds")
         return result
 
     async def _handle_tools_list(self, context: MiddlewareContext, call_next: CallNext) -> Any:
-        """Handle tools/list by calling /init API and modifying schemas"""
+        """Handle tools/list by calling /init API and modifying schemas with deduplication"""
         event_id = generate_event_id()
         on_handle_tools_list_start_time = time.time()
-        result = await call_next(context)
-        self.logger.info(f"PROFILE: tools/list call_next duration: {time.time() - on_handle_tools_list_start_time:.2f} seconds id: {event_id}")
+
+        async with self._tools_list_lock:
+            if not self._tools_list_in_progress or self._tools_list_in_progress.done():
+                self._tools_list_in_progress = asyncio.create_task(call_next(context))
+            shared_task = self._tools_list_in_progress
+
+        try:
+            result = await shared_task
+        except Exception as e:
+            async with self._tools_list_lock:
+                if self._tools_list_in_progress is shared_task:
+                    self._tools_list_in_progress = None
+            raise
+        self.logger.debug(
+            f"PROFILE: tools/list call_next duration: {time.time() - on_handle_tools_list_start_time:.2f} seconds id: {event_id}")
+
         tools_list = None
         if isinstance(result, list):
             tools_list = result
@@ -338,11 +396,13 @@ class SecurityMiddleware(Middleware):
                 enhanced_result = result
 
             on_handle_tools_list_duration = time.time() - on_handle_tools_list_start_time
-            self.logger.info(f"PROFILE: tools/list enhanced_result duration: {on_handle_tools_list_duration:.2f} seconds id: {event_id}")
+            self.logger.debug(
+                f"PROFILE: tools/list enhanced_result duration: {on_handle_tools_list_duration:.2f} seconds id: {event_id}")
             return enhanced_result
 
         on_handle_tools_list_duration = time.time() - on_handle_tools_list_start_time
-        self.logger.info(f"PROFILE: tools/list result duration: {on_handle_tools_list_duration:.2f} seconds id: {event_id}")
+        self.logger.debug(
+            f"PROFILE: tools/list result duration: {on_handle_tools_list_duration:.2f} seconds id: {event_id}")
 
         return result
 
@@ -373,7 +433,8 @@ class SecurityMiddleware(Middleware):
             for tool in tools:
                 tool_ref = ToolRef(
                     name=getattr(tool, 'name', 'unknown'),
-                    description=getattr(tool, 'description', ''),
+                    description=f"Description:\n{getattr(tool, 'description', '')}\n\n"
+                                f"inputSchema:\n{safe_json_dumps(getattr(tool, 'parameters', {}))}",
                     version=getattr(tool, 'version', None)
                 )
                 tool_refs.append(tool_ref)
@@ -481,6 +542,12 @@ class SecurityMiddleware(Middleware):
                         file_path_prefix = 'file://'
                         if uri.startswith(file_path_prefix):
                             path = urllib.parse.unquote(uri[len(file_path_prefix):])
+
+                            # Windows fix: remove leading slash before drive letter
+                            # file:///C:/path becomes /C:/path, should be C:/path
+                            if sys.platform == 'win32' and len(path) >= 3 and path[0] == '/' and path[2] == ':':
+                                path = path[1:]
+
                             try:
                                 resolved_path = str(Path(path).resolve())
                                 workspace_roots.append(resolved_path)
@@ -504,9 +571,13 @@ class SecurityMiddleware(Middleware):
             base_dict = await self._build_baseline_policy_dict(event_id, context, wrapper_args, tool_args)
             policy_request = create_policy_request(
                 event_id=event_id,
-                server_name=base_dict["server"]["name"],
-                server_transport=base_dict["server"]["transport"],
-                tool_name=base_dict["tool"]["name"] or base_dict["tool"]["method"],
+                server=ServerRef(
+                    name=base_dict["server"]["name"],
+                    transport=base_dict["server"]["transport"]
+                ),
+                tool=ToolRef(
+                    name=base_dict["tool"]["name"] or base_dict["tool"]["method"]
+                ),
                 agent_context=base_dict["agent_context"],
                 env_context=base_dict["environment_context"],
                 arguments=tool_args,
@@ -532,9 +603,13 @@ class SecurityMiddleware(Middleware):
             base_dict = await self._build_baseline_policy_dict(event_id, context, wrapper_args, tool_args)
             policy_response = create_policy_response(
                 event_id=event_id,
-                server_name=base_dict["server"]["name"],
-                server_transport=base_dict["server"]["transport"],
-                tool_name=base_dict["tool"]["name"] or base_dict["tool"]["method"],
+                server=ServerRef(
+                    name=base_dict["server"]["name"],
+                    transport=base_dict["server"]["transport"]
+                ),
+                tool=ToolRef(
+                    name=base_dict["tool"]["name"] or base_dict["tool"]["method"]
+                ),
                 response_content=safe_json_dumps(result),
                 agent_context=base_dict["agent_context"],
                 env_context=base_dict["environment_context"],
@@ -582,32 +657,12 @@ class SecurityMiddleware(Middleware):
                     "current_files": wrapper_args.get('__wrapper_currentFiles')
                 },
                 client=self.wrapper_server_name,
-                client_version=self.wrapper_server_version
+                client_version=self.wrapper_server_version,
+                client_os=get_client_os(),
+                app_id=self.app_id,
             )
         }
 
-    async def _record_user_confirmation(self, event_id: str, is_request: bool, user_decision: UserDecision,
-                                        prompt_id: str, call_type: str = None):
-        """Record user confirmation decision with the security API"""
-        try:
-            direction = "request" if is_request else "response"
-
-            user_confirmation = UserConfirmation(
-                event_id=event_id,
-                direction=direction,
-                user_decision=user_decision,
-                call_type=call_type
-            )
-
-            async with SecurityPolicyClient(session_id=self.session_id, logger=self.logger,
-                                            audit_logger=self.audit_logger, app_id=self.app_id) as client:
-                result = await client.record_user_confirmation(user_confirmation, prompt_id=prompt_id)
-                self.logger.debug(f"User confirmation recorded: {result}")
-        except Exception as e:
-            # Don't fail the operation if API call fails - just log the error
-            self.logger.error(f"Failed to record user confirmation: {e}")
-
-
     @staticmethod
     def _create_security_api_failure_decision(error: Exception) -> Dict[str, Any]:
         """Create a standard failure decision when security API is unavailable/failing/unreachable"""
@@ -617,135 +672,3 @@ class SecurityMiddleware(Middleware):
             "reasons": [f"Security API unavailable: {error}"],
             "matched_rules": ["security_api.error"]
         }
-
-    async def _enforce_decision(self, decision: Dict[str, Any], error_class, base_message: str,
-                                is_request: bool, event_id: str, tool_name: str, content_data: Dict[str, Any],
-                                operation_type: str, prompt_id: str):
-        """Enforce security decision with user confirmation support"""
-        decision_type = decision.get("decision", "block")
-
-        if decision_type == "allow":
-            return
-
-        elif decision_type == "block":
-            policy_reasons = decision.get("reasons", ["Policy violation"])
-            severity = decision.get("severity", "unknown")
-            call_type = decision.get("call_type")
-
-            try:
-                # Show a blocking dialog and wait for user decision
-                confirmation_request = ConfirmationRequest(
-                    is_request=is_request,
-                    tool_name=tool_name,
-                    policy_reasons=policy_reasons,
-                    content_data=content_data,
-                    severity=severity,
-                    event_id=event_id,
-                    operation_type=operation_type,
-                    server_name=self.wrapped_server_name,
-                    timeout_seconds=60
-                )
-
-                response = UserConfirmationDialog(
-                    self.logger, self.audit_logger
-                ).request_blocking_confirmation(confirmation_request, prompt_id, call_type)
-
-                # If we got here, user chose "Allow Anyway"
-                self.logger.info(f"User chose to 'allow anyway' a blocked {confirmation_request.operation_type} "
-                                 f"operation for tool '{tool_name}' (event: {event_id})")
-
-                await self._record_user_confirmation(event_id, is_request, response.user_decision, prompt_id, call_type)
-                return
-
-            except UserConfirmationError as e:
-                # User chose to block or dialog failed
-                self.logger.warning(f"User blocking confirmation failed: {e}")
-                await self._record_user_confirmation(event_id, is_request, UserDecision.BLOCK, prompt_id, call_type)
-                reasons = "; ".join(policy_reasons)
-                raise error_class("Security Violation. User blocked the operation")
-
-        elif decision_type == "required_explicit_user_confirmation":
-            policy_reasons = decision.get("reasons", ["Security policy requires confirmation"])
-            severity = decision.get("severity", "unknown")
-            call_type = decision.get("call_type")
-
-            try:
-                confirmation_request = ConfirmationRequest(
-                    is_request=is_request,
-                    tool_name=tool_name,
-                    policy_reasons=policy_reasons,
-                    content_data=content_data,
-                    severity=severity,
-                    event_id=event_id,
-                    operation_type=operation_type,
-                    server_name=self.wrapped_server_name,
-                    timeout_seconds=60
-                )
-
-                # only show YES_ALWAYS if call_type exists
-                options = DialogOptions(
-                    show_always_allow=(call_type is not None),
-                    show_always_block=False
-                )
-
-                response = UserConfirmationDialog(
-                    self.logger, self.audit_logger
-                ).request_confirmation(confirmation_request, prompt_id, call_type, options)
-
-                # If we got here, user approved the operation
-                self.logger.info(f"User {response.user_decision.value} {confirmation_request.operation_type} "
-                                 f"operation for tool '{tool_name}' (event: {event_id})")
-
-                await self._record_user_confirmation(event_id, is_request, response.user_decision, prompt_id, call_type)
-                return
-
-            except UserConfirmationError as e:
-                # User denied confirmation or dialog failed
-                self.logger.warning(f"User confirmation failed: {e}")
-                await self._record_user_confirmation(event_id, is_request, UserDecision.BLOCK, prompt_id, call_type)
-                raise error_class("Security Violation. User blocked the operation")
-
-        elif decision_type == "need_more_info":
-            stage_title = 'CLIENT REQUEST' if is_request else 'TOOL RESPONSE'
-
-            # Create an actionable error message for the AI agent
-            reasons = decision.get("reasons", [])
-            need_fields = decision.get("need_fields", [])
-
-            error_parts = [
-                f"SECURITY POLICY NEEDS MORE INFORMATION FOR REVIEWING {stage_title}:",
-                '\n'.join(reasons),
-                '' # newline
-            ]
-
-            if need_fields:
-                # Convert server field names to wrapper field names for the AI agent
-                wrapper_field_mapping = {
-                    "context.agent.intent": "__wrapper_modelIntent",
-                    "context.agent.plan": "__wrapper_modelPlan",
-                    "context.agent.expectedOutputs": "__wrapper_modelExpectedOutputs",
-                    "context.agent.user_prompt": "__wrapper_userPrompt",
-                    "context.agent.user_prompt_id": "__wrapper_userPromptId",
-                    "context.agent.context_summary": "__wrapper_contextSummary",
-                    "context.workspace.current_files": "__wrapper_currentFiles",
-                }
-
-                missing_wrapper_fields = []
-                for field in need_fields:
-                    wrapper_field = wrapper_field_mapping.get(field, field)
-                    missing_wrapper_fields.append(wrapper_field)
-
-                if missing_wrapper_fields:
-                    error_parts.append("AFFECTED FIELDS:")
-                    error_parts.extend(missing_wrapper_fields)
-                else:
-                    error_parts.append("MISSING INFORMATION:")
-                    error_parts.extend(need_fields)
-
-
-            error_parts.append("\nMANDATORY ACTIONS:")
-            error_parts.append("1. Add/Edit ALL affected fields according to the required information")
-            error_parts.append("2. Retry the tool call")
-
-            actionable_message = "\n".join(error_parts)
-            raise error_class(actionable_message)

wrapper/server.py

@@ -6,10 +6,11 @@ Implements transparent 1:1 MCP proxying with security middleware
 import logging
 
 from fastmcp.server.middleware.logging import StructuredLoggingMiddleware
-from fastmcp.server.proxy import ProxyClient, default_proxy_roots_handler, FastMCPProxy
+from fastmcp.server.proxy import ProxyClient, default_proxy_roots_handler, FastMCPProxy, StatefulProxyClient
 
 from modules.logs.audit_trail import AuditTrailLogger
 from modules.logs.logger import MCPLogger
+from modules.utils.json import safe_json_dumps
 from .__version__ import __version__
 from .middleware import SecurityMiddleware
 
@@ -42,7 +43,7 @@ def create_wrapper_server(wrapper_server_name: str,
         logger=logger,
         audit_logger=audit_logger
     )
-    
+
     # Log MCPower startup to audit trail
     audit_logger.log_event("mcpower_start", {
         "wrapper_version": __version__,
@@ -51,16 +52,23 @@ def create_wrapper_server(wrapper_server_name: str,
     })
 
     # Create FastMCP server as proxy with our security-aware ProxyClient
+    # Use StatefulProxyClient for remote servers (mcp-remote or url-based transports)
+    config_str = safe_json_dumps(wrapped_server_configs)
+    is_remote = '"@mcpower/mcp-remote",' in config_str or '"url":' in config_str
+    backend_class = StatefulProxyClient if is_remote else ProxyClient
+    backend = backend_class(
+        wrapped_server_configs,
+        name=wrapper_server_name,
+        roots=default_proxy_roots_handler,  # Use default for filesystem roots
+        sampling_handler=security_middleware.secure_sampling_handler,
+        elicitation_handler=security_middleware.secure_elicitation_handler,
+        log_handler=security_middleware.secure_log_handler,
+        progress_handler=security_middleware.secure_progress_handler,
+    )
+
     def client_factory():
-        return ProxyClient(
-            wrapped_server_configs,
-            name=wrapper_server_name,
-            roots=default_proxy_roots_handler,  # Use default for filesystem roots
-            sampling_handler=security_middleware.secure_sampling_handler,
-            elicitation_handler=security_middleware.secure_elicitation_handler,
-            log_handler=security_middleware.secure_log_handler,
-            progress_handler=security_middleware.secure_progress_handler,
-        )
+        # we must return the same instance, otherwise StatefulProxyClient doesn't play nice with mcp-remote
+        return backend
 
     server = FastMCPProxy(client_factory=client_factory, name=wrapper_server_name, version=__version__)
 

mcpower_proxy-0.0.65.dist-info/RECORD

@@ -1,43 +0,0 @@
-main.py,sha256=4BnzO7q9Atpzgr-_NTc1loRnrRY0m5OxeG9biI-C0es,3707
-mcpower_proxy-0.0.65.dist-info/licenses/LICENSE,sha256=U6WUzdnBrbmVxBmY75ikW-KtinwYnowZ7yNb5hECrvY,11337
-modules/__init__.py,sha256=mJglXQwSRhU-bBv4LXgfu7NfGN9K4BeQWMPApen5rAA,30
-modules/apis/__init__.py,sha256=Y5WZpKJzHpnRJebk0F80ZRTjR2PpA2LlYLgqI3XlmRo,15
-modules/apis/security_policy.py,sha256=AZDHTuOf99WhhzNw9AwC-0KACx1-ZjtQx-Ve3gAKYPM,15000
-modules/logs/__init__.py,sha256=dpboUQjuO02z8K-liCbm2DYkCa-CB_ZDV9WSSjNm7Fs,15
-modules/logs/audit_trail.py,sha256=r8aIjaW-jBXXhSwdafzgOn0AvvdTZG8UPnkI0GmbJnA,6199
-modules/logs/logger.py,sha256=dfYRLnABZB07SBfoYV4DsD8-ZCpzEeoewFCBGHyqo9k,4171
-modules/redaction/__init__.py,sha256=e5NTmp-zonUdzzscih-w_WQ-X8Nvb8CE8b_d6SbrwWg,316
-modules/redaction/constants.py,sha256=xbDSX8n72FuJu6JJ_sbBE0f5OcWuwEwHxBZuK9Xz-TI,1213
-modules/redaction/gitleaks_rules.py,sha256=8dRb4g5OQaHAjx8vpMbxwu06CdDE39aqw9eqLiCDcqY,46411
-modules/redaction/pii_rules.py,sha256=-JhjcCjH5NFeOfQGzTFNdx_-s_0i6tZ-XFxydtkByD0,10019
-modules/redaction/redactor.py,sha256=jxb5itJ_xDo43XG28tXbAyMqhTmJXzAhStzAhlWvrOI,23905
-modules/ui/__init__.py,sha256=-fZ_Bna6XnXeC7xB9loQ-7Qv2uK0NhSr-qoyRx2f8ZU,33
-modules/ui/classes.py,sha256=ZvVRdzO_hD4WnpS3_eVa0WCyaooXiYVpHLzQkzBaH6M,1777
-modules/ui/confirmation.py,sha256=VfVPFkttO4Mstja6dA85tqulyvdXyo8DyHzl0uiPWKU,7741
-modules/ui/simple_dialog.py,sha256=PZW3WSPUVtnGXx-Kkg6hTQTr5NvpTQVhgHyro1z_3aY,3900
-modules/ui/xdialog/__init__.py,sha256=KYQKVF6pGrwc99swRBxtWVXM__j9kVX_r6KikzbCOM4,9359
-modules/ui/xdialog/constants.py,sha256=UjtqzT_O3OHUXJOyeTGroOUnaxdVyYukf7kK6vj1rog,200
-modules/ui/xdialog/mac_dialogs.py,sha256=6r3hkJzJJdHSt-aH1Hy4lZ1MEuZK4Kc5D_YiWglKHAA,6129
-modules/ui/xdialog/tk_dialogs.py,sha256=isxxN_mvZUFUQu8RD1J-GC7UMH2spqR3v_domgRbczQ,2403
-modules/ui/xdialog/windows_custom_dialog.py,sha256=tcdo35d4ZoBydAj-4yzzgW2luw97-Sdjsr3X_3-a7jM,14849
-modules/ui/xdialog/windows_dialogs.py,sha256=ohOoK4ciyv2s4BC9r7-zvGL6mECM-RCPTVOmzDnD6VQ,7626
-modules/ui/xdialog/windows_structs.py,sha256=xzG44OGT5hBFnimJgOLXZBhmpQ_9CFxjtz-QNjP-VCw,8698
-modules/ui/xdialog/yad_dialogs.py,sha256=EiajZVJg-xDwYymz1fyQwLtT5DzbJR3e8plMEnOgcpo,6933
-modules/ui/xdialog/zenity_dialogs.py,sha256=wE71I_Ovf0sjhxHVNocbrhhDd8Y8X8loLETp8TMGMPQ,4512
-modules/utils/__init__.py,sha256=Ptwu1epT_dW6EHjGkzGHAB-MbrrmYAlcPXGGcr4PvwE,20
-modules/utils/cli.py,sha256=qYgf7TsWKjwPsCItbDYzNZCih2vfGAbAl2MIem320_Y,1517
-modules/utils/config.py,sha256=YuGrIYfBsOYABWjFoZosObPz-R7Wdul16RnDed_glYI,6654
-modules/utils/copy.py,sha256=9OJIqWn8PxPZXr3DTt_01jp0YgmPimckab1969WFh0c,1075
-modules/utils/ids.py,sha256=i2MjU_sLFpowYb_5pYQKsbz_wJfjpDXkA9Svqy_wiJQ,4622
-modules/utils/json.py,sha256=8GA2akQsufXIn9HIP4SkFGFShzngexEBzejXi4B-Mfg,4031
-modules/utils/mcp_configs.py,sha256=DZaujZnF9LlPDJHzyepH7fWSt1GTr-FEmShPCqnZ5aI,1829
-wrapper/__init__.py,sha256=OJUsuWSoN1JqIHq4bSrzuL7ufcYJcwAmYCrJjLH44LM,22
-wrapper/__version__.py,sha256=NE6I0jrPNGiK6wuSA5kZ5ngl6YqctKwp8ps1nNeqtfo,82
-wrapper/middleware.py,sha256=yyeYeZLnla3mVvBWUbfaIXIPkZ2BGpF_h5E_jbt-oLA,34684
-wrapper/schema.py,sha256=O-CtKI9eJ4eEnqeUXPCrK7QJAFJrdp_cFbmMyg452Aw,7952
-wrapper/server.py,sha256=uVtxELALRrQNd-VrPWyLQPiEzxOpG-oCU7bItAeSjYU,2981
-mcpower_proxy-0.0.65.dist-info/METADATA,sha256=RprzfVhz0JCbj_vpP60cWXvlkTQyHlf29DKwsLHS930,15667
-mcpower_proxy-0.0.65.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-mcpower_proxy-0.0.65.dist-info/entry_points.txt,sha256=0smL8dxE7ERNz6XEggNaUC3QzKp8mD-v4q5nVEo0MXE,48
-mcpower_proxy-0.0.65.dist-info/top_level.txt,sha256=FLbRkTTggoMB-kq14IH4ZUbNGMGtbxtmiWw0QykRlkU,21
-mcpower_proxy-0.0.65.dist-info/RECORD,,