mcpower-proxy 0.0.72__tar.gz → 0.0.81__tar.gz

{mcpower_proxy-0.0.72 → mcpower_proxy-0.0.81}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mcpower-proxy
-Version: 0.0.72
+Version: 0.0.81
 Summary: MCPower Security proxy
 Author-email: MCPower Security <support@mcpower.tech>
 License:                                  Apache License
@@ -216,7 +216,8 @@ Requires-Dist: watchdog>=3.0.0
 Requires-Dist: jsonc-parser>=1.1.5
 Requires-Dist: jsonpath-ng>=1.7.0
 Requires-Dist: pydantic>=2.8.0
-Requires-Dist: mcpower-shared==0.1.3
+Requires-Dist: mcpower-shared==0.1.5
+Requires-Dist: bashlex>=0.18
 Dynamic: license-file
 
 # MCPower Proxy

{mcpower_proxy-0.0.72 → mcpower_proxy-0.0.81}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "mcpower-proxy"
-version = "0.0.72"
+version = "0.0.81"
 description = "MCPower Security proxy"
 readme = "README.md"
 requires-python = "~=3.11.0"
@@ -16,7 +16,8 @@ dependencies = [
   "jsonc-parser>=1.1.5",
   "jsonpath-ng>=1.7.0",
   "pydantic>=2.8.0",
-  "mcpower-shared==0.1.3",
+  "mcpower-shared==0.1.5",
+  "bashlex>=0.18",
 ]
 
 [project.license]
@@ -31,9 +32,28 @@ build-backend = "setuptools.build_meta"
 
 [tool.setuptools]
 package-dir = {"" = "src"}
-packages = ["modules", "modules.apis", "modules.logs", "modules.redaction", "modules.ui", "modules.ui.xdialog", "modules.utils", "wrapper", "ide_tools", "ide_tools.cursor"]
+packages = [
+    "modules",
+    "modules.apis",
+    "modules.logs",
+    "modules.redaction",
+    "modules.ui",
+    "modules.ui.xdialog",
+    "modules.utils",
+    "wrapper",
+    "ide_tools",
+    "ide_tools.common",
+    "ide_tools.common.hooks",
+    "ide_tools.cursor"
+]
 py-modules = ["main"]
 
+[dependency-groups]
+dev = [
+  "pytest>=8.0.0",
+  "pytest-anyio>=0.0.0",
+]
+
 [tool.uv]
 
 [tool.pytest.ini_options]

mcpower_proxy-0.0.81/src/ide_tools/common/__init__.py

@@ -0,0 +1,5 @@
+"""
+Common IDE Tools
+
+Shared logic for all IDE integrations.
+"""

mcpower_proxy-0.0.81/src/ide_tools/common/hooks/__init__.py

@@ -0,0 +1,5 @@
+"""
+Common Hook Handlers
+
+Shared hook logic for all IDEs
+"""

mcpower_proxy-0.0.81/src/ide_tools/common/hooks/init.py

@@ -0,0 +1,130 @@
+"""
+Shared initialization logic for IDE tools
+
+Registers IDE hooks with the security API.
+"""
+
+import sys
+from typing import Dict, Optional
+
+from mcpower_shared.mcp_types import InitRequest, EnvironmentContext, ServerRef, ToolRef
+from modules.apis.security_policy import SecurityPolicyClient
+from modules.logs.audit_trail import AuditTrailLogger
+from modules.logs.logger import MCPLogger
+from modules.utils.ids import get_session_id, read_app_uid, get_project_mcpower_dir
+from modules.utils.json import safe_json_dumps
+from wrapper.__version__ import __version__
+
+
+def output_init_result(success: bool, message: str):
+    """
+    Output init result to stdout
+    
+    Args:
+        success: True if initialization succeeded
+        message: Status message
+    """
+    result = {
+        "success": success,
+        "message": message
+    }
+
+    print(safe_json_dumps(result), flush=True)
+
+
+async def handle_init(
+        logger: MCPLogger,
+        audit_logger: AuditTrailLogger,
+        event_id: str,
+        prompt_id: str,
+        cwd: Optional[str],
+        server_name: str,
+        client_name: str,
+        hooks: Dict[str, Dict[str, str]]
+) -> None:
+    """
+    Generic init handler - registers hooks with security API
+    
+    Args:
+        logger: Logger instance
+        audit_logger: Audit logger instance
+        event_id: Event identifier
+        prompt_id: Prompt identifier
+        cwd: Current working directory
+        server_name: IDE-specific server name (e.g. "cursor_tools_mcp")
+        client_name: IDE-specific client name (e.g. "cursor", "claude-code")
+        hooks: Dict of hook definitions with {name, description, version}
+        
+    Outputs result and exits with appropriate code.
+    """
+    session_id = get_session_id()
+
+    logger.info(f"Init handler started (client={client_name}, event_id={event_id}, prompt_id={prompt_id}, cwd={cwd})")
+
+    try:
+        app_uid = read_app_uid(logger, get_project_mcpower_dir(cwd))
+        audit_logger.set_app_uid(app_uid)
+
+        audit_logger.log_event(
+            "mcpower_start",
+            {
+                "wrapper_version": __version__,
+                "wrapped_server_name": server_name,
+                "client": client_name
+            }
+        )
+
+        try:
+            tools = [
+                ToolRef(
+                    name=hook_info["name"],
+                    description=f"Description:\n{hook_info['description']}\n\n"
+                                f"inputSchema:\n{hook_info['parameters']}",
+                    version=hook_info["version"]
+                )
+                for hook_info in hooks.values()
+            ]
+
+            init_request = InitRequest(
+                environment=EnvironmentContext(
+                    session_id=session_id,
+                    workspace={
+                        "roots": [cwd] if cwd else [],
+                        "current_files": []
+                    },
+                    client=client_name,
+                    client_version=__version__,
+                    selection_hash=""
+                ),
+                server=ServerRef(
+                    name=server_name,
+                    transport="stdio",
+                    version="1.0.0",
+                    context="ide"
+                ),
+                tools=tools
+            )
+
+            async with SecurityPolicyClient(
+                    session_id=session_id,
+                    logger=logger,
+                    audit_logger=audit_logger,
+                    app_id=app_uid
+            ) as client:
+                await client.init_tools(init_request, event_id=event_id)
+
+            logger.info(f"Hooks registered successfully for {client_name}")
+
+            # Success - output result and exit
+            output_init_result(True, f"{client_name.title()} hooks registered successfully")
+            sys.exit(0)
+
+        except Exception as e:
+            logger.error(f"API initialization failed: {e}")
+            output_init_result(False, f"Error: {str(e)}")
+            sys.exit(1)
+
+    except Exception as e:
+        logger.error(f"Unexpected error in init handler: {e}", exc_info=True)
+        output_init_result(False, f"Initialization failed: {str(e)}")
+        sys.exit(1)

mcpower_proxy-0.0.81/src/ide_tools/common/hooks/output.py

@@ -0,0 +1,63 @@
+"""
+IDE-agnostic output handling
+"""
+
+import sys
+from typing import Optional
+
+from modules.logs.logger import MCPLogger
+from .types import OutputFormat
+
+
+def output_result(
+        logger: MCPLogger,
+        output_format: OutputFormat,
+        hook_type: str,
+        allowed: bool,
+        user_message: Optional[str] = None,
+        agent_message: Optional[str] = None
+) -> None:
+    """
+    Output hook result in IDE-specific format and exit with appropriate code
+    
+    Args:
+        logger: Logger instance
+        output_format: IDE-specific output configuration
+        hook_type: "permission" or "continue"
+        allowed: True for allow/continue, False for deny/block
+        user_message: Optional message for user
+        agent_message: Optional message for agent/logs
+    """
+    # Format output using IDE-specific formatter
+    formatted_output = output_format.formatter(hook_type, allowed, user_message, agent_message)
+
+    logger.info(f"Hook output ({hook_type}, allowed={allowed}): {formatted_output}")
+    print(formatted_output, flush=True)
+
+    # Exit with appropriate code
+    exit_code = output_format.allow_exit_code if allowed else output_format.deny_exit_code
+    sys.exit(exit_code)
+
+
+def output_error(
+        logger: MCPLogger,
+        output_format: OutputFormat,
+        hook_type: str,
+        error_message: str
+) -> None:
+    """
+    Output error and exit with error code
+    
+    Args:
+        logger: Logger instance
+        output_format: IDE-specific output configuration
+        hook_type: "permission" or "continue"
+        error_message: Error message
+    """
+    logger.error(f"Hook error: {error_message}")
+
+    # Output as deny/block with error message
+    formatted_output = output_format.formatter(hook_type, False, error_message, error_message)
+    print(formatted_output, flush=True)
+
+    sys.exit(output_format.error_exit_code)

mcpower_proxy-0.0.81/src/ide_tools/common/hooks/prompt_submit.py

@@ -0,0 +1,136 @@
+"""
+Shared logic for UserPromptSubmit hook
+"""
+
+from typing import Dict, Any, Optional
+
+from modules.logs.audit_trail import AuditTrailLogger
+from modules.logs.logger import MCPLogger
+from modules.redaction import redact
+from modules.utils.ids import get_session_id, read_app_uid, get_project_mcpower_dir
+from modules.utils.string import truncate_at
+from .output import output_result, output_error
+from .types import HookConfig
+from .utils import create_validator, extract_redaction_patterns, process_attachments_for_redaction, inspect_and_enforce
+
+
+async def handle_prompt_submit(
+        logger: MCPLogger,
+        audit_logger: AuditTrailLogger,
+        stdin_input: str,
+        prompt_id: str,
+        event_id: str,
+        cwd: Optional[str],
+        config: HookConfig,
+        tool_name: str
+) -> None:
+    """
+    Shared handler for prompt submission hooks
+    
+    Args:
+        logger: Logger instance
+        audit_logger: Audit logger instance
+        stdin_input: Raw JSON input
+        prompt_id: Prompt/conversation ID
+        event_id: Event/generation ID
+        cwd: Current working directory
+        config: IDE-specific hook configuration
+        tool_name: IDE-specific tool name (e.g., "beforeSubmitPrompt", "UserPromptSubmit")
+    """
+    session_id = get_session_id()
+    logger.info(
+        f"Prompt submit handler started (client={config.client_name}, prompt_id={prompt_id}, "
+        f"event_id={event_id}, cwd={cwd})")
+
+    app_uid = read_app_uid(logger, get_project_mcpower_dir(cwd))
+    audit_logger.set_app_uid(app_uid)
+
+    try:
+        try:
+            validator = create_validator(
+                required_fields={"prompt": str},
+                optional_fields={"attachments": list}
+            )
+            input_data = validator(stdin_input)
+            prompt = input_data["prompt"]
+            attachments = input_data.get("attachments", [])
+        except ValueError as e:
+            logger.error(f"Input validation error: {e}")
+            output_error(logger, config.output_format, "continue", str(e))
+            return
+
+        redacted_prompt = redact(prompt)
+
+        audit_logger.log_event(
+            "prompt_submission",
+            {
+                "server": config.server_name,
+                "tool": tool_name,
+                "params": {"prompt": truncate_at(redacted_prompt, 100), "attachments_count": len(attachments)}
+            },
+            event_id=event_id,
+            prompt_id=prompt_id
+        )
+
+        prompt_patterns = extract_redaction_patterns(redacted_prompt)
+
+        # Check for redactions in file attachments
+        files_with_redactions = process_attachments_for_redaction(
+            attachments,
+            logger
+        )
+
+        has_any_redactions = bool(prompt_patterns) or len(files_with_redactions) > 0
+
+        content_data: Dict[str, Any] = {
+            "prompt": redacted_prompt,
+            "is_redacted": has_any_redactions,
+            "redacted_files": files_with_redactions,
+        }
+
+        # Call security API and enforce decision
+        try:
+            decision = await inspect_and_enforce(
+                is_request=True,
+                session_id=session_id,
+                logger=logger,
+                audit_logger=audit_logger,
+                app_uid=app_uid,
+                event_id=event_id,
+                server_name=config.server_name,
+                tool_name=tool_name,
+                content_data=content_data,
+                prompt_id=prompt_id,
+                cwd=cwd,
+                client_name=config.client_name
+            )
+
+            audit_logger.log_event(
+                "prompt_submission_forwarded",
+                {
+                    "server": config.server_name,
+                    "tool": tool_name,
+                    "params": {"redactions_found": has_any_redactions}
+                },
+                event_id=event_id,
+                prompt_id=prompt_id
+            )
+
+            reasons = decision.get("reasons", [])
+            agent_message = "Prompt submission approved: {0}".format("; ".join(
+                reasons)) if reasons else "Prompt submission approved by security policy"
+            output_result(logger, config.output_format, "continue", True,
+                          "Prompt approved", agent_message)
+
+        except Exception as e:
+            # Decision enforcement failed - block
+            error_msg = str(e)
+            user_message = "Prompt blocked by security policy"
+            if "User blocked" in error_msg or "User denied" in error_msg:
+                user_message = "Prompt blocked by user"
+
+            output_result(logger, config.output_format, "continue", False, user_message, error_msg)
+
+    except Exception as e:
+        logger.error(f"Unexpected error in prompt submit handler: {e}", exc_info=True)
+        output_error(logger, config.output_format, "continue", f"Unexpected error: {str(e)}")

mcpower_proxy-0.0.81/src/ide_tools/common/hooks/read_file.py

@@ -0,0 +1,170 @@
+"""
+Shared logic for beforeReadFile/PreReadFile hook
+"""
+
+from typing import Optional
+
+from modules.logs.audit_trail import AuditTrailLogger
+from modules.logs.logger import MCPLogger
+from modules.redaction import redact
+from modules.utils.ids import get_session_id, read_app_uid, get_project_mcpower_dir
+from .output import output_result, output_error
+from .types import HookConfig
+from .utils import create_validator, process_attachments_for_redaction, inspect_and_enforce
+
+
+async def handle_read_file(
+        logger: MCPLogger,
+        audit_logger: AuditTrailLogger,
+        stdin_input: str,
+        prompt_id: str,
+        event_id: str,
+        cwd: Optional[str],
+        config: HookConfig,
+        tool_name: str
+) -> None:
+    """
+    Shared handler for file read hooks
+    
+    Args:
+        logger: Logger instance
+        audit_logger: Audit logger instance
+        stdin_input: Raw JSON input
+        prompt_id: Prompt/conversation ID
+        event_id: Event/generation ID
+        cwd: Current working directory
+        config: IDE-specific hook configuration
+        tool_name: IDE-specific tool name (e.g., "beforeReadFile", "PreToolUse")
+    """
+    session_id = get_session_id()
+    logger.info(
+        f"Read file handler started (client={config.client_name}, prompt_id={prompt_id}, event_id={event_id}, cwd={cwd})")
+
+    app_uid = read_app_uid(logger, get_project_mcpower_dir(cwd))
+    audit_logger.set_app_uid(app_uid)
+
+    try:
+        try:
+            validator = create_validator(
+                required_fields={"file_path": str, "content": str},
+                optional_fields={"attachments": list}
+            )
+            input_data = validator(stdin_input)
+            file_path = input_data["file_path"]
+            provided_content = input_data["content"]
+            attachments = input_data.get("attachments", [])
+        except ValueError as e:
+            logger.error(f"Input validation error: {e}")
+            output_error(logger, config.output_format, "permission", str(e))
+            return
+
+        audit_logger.log_event(
+            "agent_request",
+            {
+                "server": config.server_name,
+                "tool": tool_name,
+                "params": {"file_path": file_path, "attachments_count": len(attachments)}
+            },
+            event_id=event_id,
+            prompt_id=prompt_id
+        )
+
+        # Check content length - skip API if too large
+        if len(provided_content) > config.max_content_length:
+            logger.info(f"Content length ({len(provided_content)} chars) exceeds max ({config.max_content_length}) - "
+                        f"skipping API call")
+
+            audit_logger.log_event(
+                "agent_request_forwarded",
+                {
+                    "server": config.server_name,
+                    "tool": tool_name,
+                    "params": {
+                        "file_path": file_path,
+                        "content_length": len(provided_content),
+                        "content_too_large": True
+                    }
+                },
+                event_id=event_id,
+                prompt_id=prompt_id
+            )
+
+            output_result(logger, config.output_format, "permission", True)
+            return
+
+        # Redact the main content
+        redacted_content = redact(provided_content)
+
+        # Process attachments for redaction status
+        files_with_redactions = process_attachments_for_redaction(attachments, logger)
+        files_with_redactions_paths = {f["file_path"] for f in files_with_redactions}
+
+        # Build attachments info with redaction status
+        attachments_info = []
+        for attachment in attachments:
+            att_path = attachment.get("file_path") or attachment.get("filePath")
+            if att_path:
+                attachments_info.append({
+                    "file_path": att_path,
+                    "has_redactions": att_path in files_with_redactions_paths
+                })
+
+        logger.info(f"Processed file and {len(attachments)} attachment(s), found redactions in "
+                    f"{len(files_with_redactions)} attachment(s)")
+
+        # Build content_data with file_path, redacted content, and attachments
+        content_data = {
+            "file_path": file_path,
+            "content": redacted_content,
+            "attachments": attachments_info
+        }
+
+        # Call security API and enforce decision
+        try:
+            decision = await inspect_and_enforce(
+                is_request=True,
+                session_id=session_id,
+                logger=logger,
+                audit_logger=audit_logger,
+                app_uid=app_uid,
+                event_id=event_id,
+                server_name=config.server_name,
+                tool_name=tool_name,
+                content_data=content_data,
+                prompt_id=prompt_id,
+                cwd=cwd,
+                current_files=[file_path],
+                client_name=config.client_name
+            )
+
+            audit_logger.log_event(
+                "agent_request_forwarded",
+                {
+                    "server": config.server_name,
+                    "tool": tool_name,
+                    "params": {
+                        "file_path": file_path,
+                        "content_length": len(provided_content),
+                        "attachments_with_redactions": len(files_with_redactions)}
+                },
+                event_id=event_id,
+                prompt_id=prompt_id
+            )
+
+            reasons = decision.get("reasons", [])
+            agent_message = "File read approved: " + "; ".join(
+                reasons) if reasons else "File read approved by security policy"
+            output_result(logger, config.output_format, "permission", True, "File read approved", agent_message)
+
+        except Exception as e:
+            # Decision enforcement failed - block
+            error_msg = str(e)
+            user_message = "File read blocked by security policy"
+            if "User blocked" in error_msg or "User denied" in error_msg:
+                user_message = "File read blocked by user"
+
+            output_result(logger, config.output_format, "permission", False, user_message, error_msg)
+
+    except Exception as e:
+        logger.error(f"Unexpected error in read file handler: {e}", exc_info=True)
+        output_error(logger, config.output_format, "permission", f"Unexpected error: {str(e)}")