mrok 0.6.0__py3-none-any.whl → 0.7.0__py3-none-any.whl

mrok/agent/devtools/inspector/utils.py

@@ -0,0 +1,149 @@
+from collections.abc import Generator
+from dataclasses import dataclass
+from io import BytesIO
+
+from multipart import MultipartParser
+
+TEXTUAL_CONTENT_TYPES = {
+    "application/json",
+    "application/xml",
+    "application/javascript",
+    "application/x-www-form-urlencoded",
+}
+
+TEXTUAL_PREFIXES = ("text/",)
+
+CONTENT_TYPE_TO_LANGUAGE = {
+    "application/json": "json",
+    "application/ld+json": "json",
+    "application/problem+json": "json",
+    "application/schema+json": "json",
+    "application/xml": "xml",
+    "text/xml": "xml",
+    "application/xhtml+xml": "html",
+    "text/html": "html",
+    "text/css": "css",
+    "application/javascript": "javascript",
+    "application/x-javascript": "javascript",
+    "text/javascript": "javascript",
+    "application/ecmascript": "javascript",
+    "text/markdown": "markdown",
+    "text/x-markdown": "markdown",
+    "application/yaml": "yaml",
+    "application/x-yaml": "yaml",
+    "text/yaml": "yaml",
+    "application/toml": "toml",
+    "application/x-toml": "toml",
+    "application/sql": "sql",
+    "text/x-sql": "sql",
+    "application/java": "java",
+    "text/x-java-source": "java",
+    "application/python": "python",
+    "text/x-python": "python",
+    "application/x-python-code": "python",
+    "application/rust": "rust",
+    "text/x-rust": "rust",
+    "application/go": "go",
+    "text/x-go": "go",
+    "application/bash": "bash",
+    "application/x-sh": "bash",
+    "text/x-shellscript": "bash",
+    "application/regex": "regex",
+    "text/x-regex": "regex",
+}
+
+
+@dataclass
+class ContentTypeInfo:
+    content_type: str
+    binary: bool
+    charset: str | None = None
+    boundary: str | None = None
+
+
+def parse_content_type(content_type_header: str) -> ContentTypeInfo:
+    parts = content_type_header.split(";")
+    content_type = parts[0].strip().lower()
+
+    charset = None
+    boundary = None
+
+    for part in parts[1:]:
+        part = part.strip()
+        if "=" in part:
+            key, value = part.split("=", 1)
+            key = key.strip().lower()
+            value = value.strip().strip('"')
+            if key == "charset":
+                charset = value
+            elif key == "boundary":
+                boundary = value
+
+    binary = not is_textual(content_type)
+
+    if charset is None and not binary:
+        charset = "utf-8"
+
+    return ContentTypeInfo(
+        content_type=content_type, binary=binary, charset=charset, boundary=boundary
+    )
+
+
+def parse_form_data(data: bytes, boundary: str) -> Generator[tuple[str, str]]:
+    parser = MultipartParser(BytesIO(data), boundary)
+    for part in parser:
+        if is_textual(part.content_type):
+            yield part.name, part.value
+            continue
+        yield part.name, "<binary>"
+
+
+def is_textual(content_type: str) -> bool:
+    ct = content_type.lower()
+    if ct in TEXTUAL_CONTENT_TYPES:
+        return True
+    if any(ct.startswith(p) for p in TEXTUAL_PREFIXES):
+        return True
+    return False
+
+
+def build_tree(node, data):
+    if isinstance(data, dict):
+        for key, value in data.items():
+            child = node.add(str(key))
+            build_tree(child, value)
+    elif isinstance(data, list):
+        for index, value in enumerate(data):
+            child = node.add(f"[{index}]")
+            build_tree(child, value)
+    else:
+        node.add(repr(data))
+
+
+def hexdump(data, width=16):
+    lines = []
+    for i in range(0, len(data), width):
+        chunk = data[i : i + width]
+        hex_part = " ".join(f"{b:02x}" for b in chunk)
+        ascii_part = "".join(chr(b) if 32 <= b <= 126 else "." for b in chunk)
+        lines.append(f"{hex_part:<{width * 3}} {ascii_part}")
+    return "\n".join(lines)
+
+
+def humanize_bytes(num_bytes: int) -> tuple[float, str]:  # type: ignore[return-value]
+    if num_bytes < 0:
+        raise ValueError("num_bytes must be non-negative")
+
+    units = ["B", "KiB", "MiB", "GiB", "TiB", "PiB"]
+    value = float(num_bytes)
+
+    for unit in units:
+        if value < 1024 or unit == units[-1]:
+            return round(value, 2), unit
+        value /= 1024
+
+
+def get_highlighter_language_by_content_type(content_type: str) -> str | None:
+    if content_type in CONTENT_TYPE_TO_LANGUAGE:
+        return CONTENT_TYPE_TO_LANGUAGE[content_type]
+    return None

mrok/cli/main.py

@@ -1,5 +1,6 @@
 import inspect
 import sys
+from typing import Annotated
 
 import typer
 from pyfiglet import Figlet
@@ -79,11 +80,23 @@ for name, module in inspect.getmembers(commands):
     elif hasattr(module, "app"):  # pragma: no branch
         app.add_typer(module.app, name=name.replace("_", "-"))
 
+_debug_mode = False
+
 
 @app.callback()
 def main(
     ctx: typer.Context,
+    debug: Annotated[
+        bool,
+        typer.Option(
+            "--debug",
+            help="Run the CLI in debug mode",
+            show_default=True,
+        ),
+    ] = False,
 ):
+    global _debug_mode
+    _debug_mode = debug
     settings = get_settings()
     setup_logging(settings, cli_mode=True)
     ctx.obj = settings
@@ -93,5 +106,8 @@ def run():
     try:
         app()
     except Exception as e:
-        err_console.print(f"[bold red]Error:[/bold red] {e}")
+        if _debug_mode:
+            raise
+        message = str(e) or "Unexpected error. Debug it with --debug"
+        err_console.print(f"[bold red]Error:[/bold red] {message}")
         sys.exit(-1)

mrok/constants.py

@@ -2,3 +2,24 @@ import re
 
 RE_EXTENSION_ID = re.compile(r"(?i)EXT-\d{4}-\d{4}")
 RE_INSTANCE_ID = re.compile(r"(?i)INS-\d{4}-\d{4}-\d{4}")
+
+
+BINARY_CONTENT_TYPES = {
+    "application/octet-stream",
+    "application/pdf",
+}
+
+BINARY_PREFIXES = (
+    "image/",
+    "video/",
+    "audio/",
+)
+
+TEXTUAL_CONTENT_TYPES = {
+    "application/json",
+    "application/xml",
+    "application/javascript",
+    "application/x-www-form-urlencoded",
+}
+
+TEXTUAL_PREFIXES = ("text/",)

mrok/logging.py

@@ -1,9 +1,5 @@
 import logging.config
 
-from rich.console import Console
-from rich.logging import RichHandler
-from textual_serve.server import LogHighlighter
-
 from mrok.conf import Settings
 
 
@@ -78,21 +74,3 @@ def get_logging_config(settings: Settings, cli_mode: bool = False) -> dict:
 def setup_logging(settings: Settings, cli_mode: bool = False) -> None:
     logging_config = get_logging_config(settings, cli_mode)
     logging.config.dictConfig(logging_config)
-
-
-def setup_inspector_logging(console: Console) -> None:
-    logging.basicConfig(
-        level="WARNING",
-        format="%(message)s",
-        datefmt="%Y-%m-%d %H:%M:%S",
-        handlers=[
-            RichHandler(
-                show_path=False,
-                show_time=True,
-                rich_tracebacks=True,
-                tracebacks_show_locals=True,
-                highlighter=LogHighlighter(),
-                console=console,
-            )
-        ],
-    )

mrok/proxy/middleware.py

@@ -2,10 +2,8 @@ import asyncio
 import logging
 import time
 
-from mrok.proxy.constants import MAX_REQUEST_BODY_BYTES, MAX_RESPONSE_BODY_BYTES
 from mrok.proxy.metrics import MetricsCollector
 from mrok.proxy.models import FixedSizeByteBuffer, HTTPHeaders, HTTPRequest, HTTPResponse
-from mrok.proxy.utils import must_capture_request, must_capture_response
 from mrok.types.proxy import (
     ASGIApp,
     ASGIReceive,
@@ -15,6 +13,9 @@ from mrok.types.proxy import (
     Scope,
 )
 
+MAX_REQUEST_BODY_BYTES = 2 * 1024 * 1024
+MAX_RESPONSE_BODY_BYTES = 5 * 1024 * 1024
+
 logger = logging.getLogger("mrok.proxy")
 
 
@@ -42,7 +43,7 @@ class CaptureMiddleware:
         state = {}
 
         req_buf = FixedSizeByteBuffer(MAX_REQUEST_BODY_BYTES)
-        capture_req_body = must_capture_request(method, req_headers)
+        capture_req_body = method.upper() not in ("GET", "HEAD", "OPTIONS", "TRACE")
 
         request = HTTPRequest(
             method=method,
@@ -68,9 +69,7 @@ class CaptureMiddleware:
                 resp_headers = HTTPHeaders.from_asgi(msg.get("headers", []))
                 state["resp_headers_raw"] = resp_headers
 
-                state["capture_resp_body"] = must_capture_response(resp_headers)
-
-            if state["capture_resp_body"] and msg["type"] == "http.response.body":
+            if msg["type"] == "http.response.body":
                 body = msg.get("body", b"")
                 resp_buf.write(body)
 
@@ -91,8 +90,8 @@ class CaptureMiddleware:
             status=state["status"] or 0,
             headers=state["resp_headers_raw"],
             duration=duration,
-            body=resp_buf.getvalue() if state["capture_resp_body"] else None,
-            body_truncated=resp_buf.overflow if state["capture_resp_body"] else None,
+            body=resp_buf.getvalue(),
+            body_truncated=resp_buf.overflow,
         )
         asyncio.create_task(self._on_response_complete(response))
 

mrok/proxy/models.py

@@ -1,13 +1,40 @@
 from __future__ import annotations
 
+import base64
+import binascii
 import json
+from collections.abc import Mapping
 from pathlib import Path
-from typing import Literal
+from typing import Annotated, Any, Literal
 
 from pydantic import BaseModel, ConfigDict, Field, field_validator
+from pydantic.functional_serializers import PlainSerializer
+from pydantic.functional_validators import PlainValidator
 from pydantic_core import core_schema
 
 
+def serialize_b64(v: bytes) -> str:
+    return base64.b64encode(v).decode("ascii")
+
+
+def deserialize_b64(v):
+    if isinstance(v, bytes):
+        return v
+    if isinstance(v, str):
+        try:
+            return base64.b64decode(v, validate=True)
+        except binascii.Error as e:  # pragma: no branch
+            raise ValueError("Invalid base64 data") from e
+    raise TypeError("Expected bytes or base64 string")  # pragma: no cover
+
+
+Base64Bytes = Annotated[
+    bytes,
+    PlainValidator(deserialize_b64),
+    PlainSerializer(serialize_b64, return_type=str),
+]
+
+
 class X509Credentials(BaseModel):
     key: str
     cert: str
@@ -16,14 +43,13 @@ class X509Credentials(BaseModel):
     @field_validator("key", "cert", "ca", mode="before")
     @classmethod
     def strip_pem_prefix(cls, value: str) -> str:
-        if isinstance(value, str) and value.startswith("pem:"):
+        if isinstance(value, str) and value.startswith("pem:"):  # pragma: no branch
             return value[4:]
-        return value
+        return value  # pragma: no cover
 
 
 class ServiceMetadata(BaseModel):
     model_config = ConfigDict(extra="ignore")
-    identity: str
     extension: str
     instance: str
     domain: str | None = None
@@ -34,10 +60,10 @@ class Identity(BaseModel):
     model_config = ConfigDict(extra="ignore")
     zt_api: str = Field(validation_alias="ztAPI")
     id: X509Credentials
+    mrok: ServiceMetadata
+    enable_ha: bool = Field(default=False, validation_alias="enableHa")
     zt_apis: str | None = Field(default=None, validation_alias="ztAPIs")
     config_types: str | None = Field(default=None, validation_alias="configTypes")
-    enable_ha: bool = Field(default=False, validation_alias="enableHa")
-    mrok: ServiceMetadata | None = None
 
     @staticmethod
     def load_from_file(path: str | Path) -> Identity:
@@ -77,7 +103,7 @@ class FixedSizeByteBuffer:
 
 
 class HTTPHeaders(dict):
-    def __init__(self, initial=None):
+    def __init__(self, initial: Mapping[Any, Any] | None = None):
         super().__init__()
         if initial:
             for k, v in initial.items():
@@ -131,9 +157,9 @@ class HTTPRequest(BaseModel):
     method: str
     url: str
     headers: HTTPHeaders
-    query_string: bytes
+    query_string: Base64Bytes | None = None
     start_time: float
-    body: bytes | None = None
+    body: Base64Bytes | None = None
     body_truncated: bool | None = None
 
 
@@ -143,7 +169,7 @@ class HTTPResponse(BaseModel):
     status: int
     headers: HTTPHeaders
     duration: float
-    body: bytes | None = None
+    body: Base64Bytes | None = None
     body_truncated: bool | None = None
 
 

mrok/proxy/ziticorn.py

@@ -1,4 +1,3 @@
-import json
 import logging
 import socket
 from collections.abc import Callable
@@ -10,6 +9,7 @@ from uvicorn import config, server
 from uvicorn.lifespan.on import LifespanOn
 from uvicorn.protocols.http.httptools_impl import HttpToolsProtocol as UvHttpToolsProtocol
 
+from mrok.proxy.models import Identity
 from mrok.types.proxy import ASGIApp
 
 logger = logging.getLogger("mrok.proxy")
@@ -48,10 +48,8 @@ class BackendConfig(config.Config):
         backlog: int = 2048,
     ):
         self.identity_file = identity_file
+        self.identity = Identity.load_from_file(self.identity_file)
         self.ziti_load_timeout_ms = ziti_load_timeout_ms
-        self.service_name, self.identity_name, self.instance_id = self.get_identity_info(
-            identity_file
-        )
         super().__init__(
             app,
             loop="asyncio",
@@ -59,26 +57,19 @@ class BackendConfig(config.Config):
             backlog=backlog,
         )
 
-    def get_identity_info(self, identity_file: str | Path):
-        with open(identity_file) as f:
-            identity_data = json.load(f)
-            try:
-                identity_name = identity_data["mrok"]["identity"]
-                instance_id, service_name = identity_name.split(".", 1)
-                return service_name, identity_name, instance_id
-            except KeyError:
-                raise ValueError("Invalid identity file: identity file is not mrok compatible.")
-
     def bind_socket(self) -> socket.socket:
-        logger.info(f"Connect to Ziti service '{self.service_name} ({self.instance_id})'")
+        logger.info(
+            "Connect to Ziti service "
+            f"'{self.identity.mrok.extension} ({self.identity.mrok.instance})'"
+        )
 
         ctx, err = openziti.load(str(self.identity_file), timeout=self.ziti_load_timeout_ms)
         if err != 0:
             raise RuntimeError(f"Failed to load Ziti identity from {self.identity_file}: {err}")
 
-        sock = ctx.bind(self.service_name)
+        sock = ctx.bind(self.identity.mrok.extension)
         sock.listen(self.backlog)
-        logger.info(f"listening on ziti service {self.service_name} for connections")
+        logger.info(f"listening on ziti service {self.identity.mrok.extension} for connections")
         return sock
 
     def configure_logging(self) -> None:

mrok/ziti/api.py

@@ -62,7 +62,7 @@ class BaseZitiAPI(ABC):
             auth=self.auth,
             verify=self.settings.ziti.ssl_verify,
             timeout=httpx.Timeout(
-                connect=0.25,
+                connect=self.settings.ziti.connect_timeout,
                 read=self.settings.ziti.read_timeout,
                 write=2.0,
                 pool=5.0,

mrok/ziti/bootstrap.py

@@ -36,11 +36,6 @@ async def bootstrap_identity(
         logger.info("Deleted existing identity")
         existing_identity = None
 
-    if forced and config_type:
-        await mgmt_api.delete_config_type(config_type["id"])
-        logger.info(f"Deleted existing config type '{config_type_name}' ({config_type['id']})")
-        config_type = None
-
     if existing_identity:
         frontend_id = existing_identity["id"]
         logger.info(f"Identity '{identity_name}' ({frontend_id}) is already enrolled")

mrok/ziti/identities.py

@@ -41,7 +41,8 @@ async def register_identity(
         raise ServiceNotFoundError(f"A service with name `{service_external_id}` does not exists.")
 
     identity_name = identity_external_id.lower()
-    service_policy_name = f"{identity_name}:bind"
+    router_policy_name = f"{identity_external_id.lower()}.{service_name}"
+    service_policy_name = f"{identity_external_id.lower()}.{service_name}:bind"
     self_service_policy_name = f"self.{service_policy_name}"
 
     identity = await mgmt_api.search_identity(identity_name)
@@ -52,7 +53,7 @@ async def register_identity(
         service_policy = await mgmt_api.search_service_policy(self_service_policy_name)
         if service_policy:
             await mgmt_api.delete_service_policy(service_policy["id"])
-        router_policy = await mgmt_api.search_router_policy(identity_name)
+        router_policy = await mgmt_api.search_router_policy(router_policy_name)
         if router_policy:
             await mgmt_api.delete_router_policy(router_policy["id"])
         await mgmt_api.delete_identity(identity["id"])
@@ -66,9 +67,8 @@ async def register_identity(
         identity_id,
         identity,
         mrok={
-            "identity": identity_name,
-            "extension": service_external_id,
-            "instance": identity_external_id,
+            "extension": service_name,
+            "instance": identity_name,
             "domain": settings.proxy.domain,
             "tags": identity_tags,
         },
@@ -84,7 +84,7 @@ async def register_identity(
         self_service["id"],
         identity_id,
     )
-    await mgmt_api.create_router_policy(identity_name, identity_id)
+    await mgmt_api.create_router_policy(router_policy_name, identity_id)
 
     return identity, identity_json
 
@@ -100,8 +100,9 @@ async def unregister_identity(
     if not service:
         raise ServiceNotFoundError(f"A service with name `{service_external_id}` does not exists.")
 
-    identity_name = f"{identity_external_id.lower()}.{service_name}"
-    service_policy_name = f"{identity_name}:bind"
+    identity_name = identity_external_id.lower()
+    router_policy_name = f"{identity_external_id.lower()}.{service_name}"
+    service_policy_name = f"{identity_external_id.lower()}.{service_name}:bind"
 
     identity = await mgmt_api.search_identity(identity_name)
     if not identity:
@@ -120,7 +121,7 @@ async def unregister_identity(
     service_policy = await mgmt_api.search_service_policy(service_policy_name)
     if service_policy:
         await mgmt_api.delete_service_policy(service_policy["id"])
-    router_policy = await mgmt_api.search_router_policy(identity_name)
+    router_policy = await mgmt_api.search_router_policy(router_policy_name)
     if router_policy:
         await mgmt_api.delete_router_policy(router_policy["id"])
     await mgmt_api.delete_identity(identity["id"])

{mrok-0.6.0.dist-info → mrok-0.7.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mrok
-Version: 0.6.0
+Version: 0.7.0
 Summary: MPT Extensions OpenZiti Orchestrator
 Author: SoftwareOne AG
 License:                                  Apache License
@@ -214,6 +214,7 @@ Requires-Dist: fastapi[standard]<0.120.0,>=0.119.0
 Requires-Dist: gunicorn<24.0.0,>=23.0.0
 Requires-Dist: hdrhistogram<0.11.0,>=0.10.3
 Requires-Dist: httpcore<2.0.0,>=1.0.9
+Requires-Dist: multipart<2.0.0,>=1.3.0
 Requires-Dist: openziti<2.0.0,>=1.3.1
 Requires-Dist: psutil<8.0.0,>=7.1.3
 Requires-Dist: pydantic<3.0.0,>=2.11.7
@@ -223,7 +224,7 @@ Requires-Dist: pyyaml<7.0.0,>=6.0.2
 Requires-Dist: pyzmq<28.0.0,>=27.1.0
 Requires-Dist: rich<15.0.0,>=14.1.0
 Requires-Dist: textual-serve<2.0.0,>=1.1.3
-Requires-Dist: textual<7.0.0,>=6.5.0
+Requires-Dist: textual[syntax]<8.0.0,>=7.2.0
 Requires-Dist: typer<0.20.0,>=0.19.2
 Requires-Dist: uvicorn-worker<0.5.0,>=0.4.0
 Description-Content-Type: text/markdown
@@ -240,6 +241,7 @@ It uses the [OpenZiti](https://openziti.io) zero-trust network overlay to create
 - **Agent** – Runs alongside an extension in two modes:
   - *Sidecar mode*: proxies traffic between the Ziti network and a local TCP or Unix socket.
   - *Embeddable mode*: integrates with ASGI servers (e.g. Uvicorn) to serve a Python application directly.
+- **Frontend** - Proxies internet request to a specific extension through the OpenZiti network.
 - **CLI** – A command-line tool for administrative tasks and for running the agent in either mode.
 
 ## Key Features
@@ -247,5 +249,9 @@ It uses the [OpenZiti](https://openziti.io) zero-trust network overlay to create
 - Zero-trust networking with automatic balancing across Extension instances.
 - Simple API and CLI for managing services and identities.
 
+## Development
+The included docker compose starts a local Ziti Network (controller + router) and mrok (controller and frontend).
+
+
 ## License
 [Apache 2.0](LICENSE)

{mrok-0.6.0.dist-info → mrok-0.7.0.dist-info}/RECORD

@@ -1,21 +1,21 @@
 mrok/__init__.py,sha256=D1PUs3KtMCqG4bFLceVNG62L3RN53NS95uSCNXpgvzs,181
 mrok/conf.py,sha256=_5Z-A5LyojQeY8J7W8C0QidsmrPl99r9qKYEoMf4kcI,840
-mrok/constants.py,sha256=UTGYqs3DgEd_SN-k0JK10ekmHVWQaaARtdh1Y-0JG_s,122
+mrok/constants.py,sha256=QXaMw4LuHijj_TUTCsM5uUjpgT04HBvd0wRbjvn1z9A,449
 mrok/errors.py,sha256=ruNMDFr2_0ezCGXuCG1OswCEv-bHOIzMMd02J_0ABcs,37
-mrok/logging.py,sha256=ZMWn0w4fJ-F_g-L37H_GM14BSXAIF2mFF_ougX5S7mg,2856
+mrok/logging.py,sha256=4F5rviPK1-MWWMZuHfzNNQmGxg-emAPRdKz0PsWDSww,2261
 mrok/agent/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 mrok/agent/ziticorn.py,sha256=eHUYs9QaSp35rBzYHRV-SrYxF5ySyECaQg7U-XbdINE,1025
 mrok/agent/devtools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-mrok/agent/devtools/__main__.py,sha256=R8ezbW7hCik5r45U3w2TgiTubg9SlbVsWA-bapILJXU,781
 mrok/agent/devtools/inspector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-mrok/agent/devtools/inspector/__main__.py,sha256=HeYcRf1bjXPji2LKMPCcTU61afrRH2P1RqnFmHClRTc,524
-mrok/agent/devtools/inspector/app.py,sha256=rmfm0GVz_iZ_tqne6E966D2He5QVprO2g7PHFrnjG0U,16484
+mrok/agent/devtools/inspector/__main__.py,sha256=MyaIi81D-ubdxuvLV1mCpA8cSVwtq07zc5xuArPU2Dw,73
+mrok/agent/devtools/inspector/app.py,sha256=TxBBIy8lXHj6h8KmQHCeLiIM2QqMzMsCpSWFjH8cGu4,25636
 mrok/agent/devtools/inspector/server.py,sha256=C4uD6_1psSHMjJLUDCMPGvKdQYKaEwYTw27NAbwuuA0,636
+mrok/agent/devtools/inspector/utils.py,sha256=K-_4rTyB54Y0faEIGgutMEHGyP1W7eOhbcuUKxNnsYA,4261
 mrok/agent/sidecar/__init__.py,sha256=DrjJGhqFyxsVODW06KI20Wpr6HsD2lD6qFCKUXc7GIE,59
 mrok/agent/sidecar/app.py,sha256=sPQqjnwETRQk0cj8hAxSVUDCkYqsVZCS6ixEqkcGY5A,2534
 mrok/agent/sidecar/main.py,sha256=jeJzrCbltfXOYsKSCjcw8h5lxh4_bGT87kCC5dV4kYU,2190
 mrok/cli/__init__.py,sha256=mtFEa8IeS1x6Gm4dUYoSnAxyEzNqbUVSmWxtuZUMR84,61
-mrok/cli/main.py,sha256=DFcYPwDskXi8SKAgEsuP4GMFzaniIf_6bZaSDWvYKDk,2724
+mrok/cli/main.py,sha256=T029FYxK_jDrwiA14oX-Onoqp_X14XHRAA_4bbaOgV8,3123
 mrok/cli/rich.py,sha256=P3Dyu8EArUR9_0j7DPK7LRx85TWdYdZ1SaJzD_S1ZCE,511
 mrok/cli/utils.py,sha256=m_olScdIUGks5IoC6p2F9D6CQIucWZ7LHyrvwm2bkJw,106
 mrok/cli/commands/__init__.py,sha256=-UOGzh38oWX7fPeI2nc5I9z8LylRdQAt868q4G6rNGk,140
@@ -32,7 +32,6 @@ mrok/cli/commands/admin/unregister/__init__.py,sha256=-GjjCPX1pISbWmJK6GpKO3ijGs
 mrok/cli/commands/admin/unregister/extensions.py,sha256=GR3Iwzeksk_R0GkgmCSG7iHRcUrI7ABqDi25Gbes64Y,1016
 mrok/cli/commands/admin/unregister/instances.py,sha256=-28wL8pTXTWHVHtw93y8-dqi-Dlf0OZOnlBCKOyGo80,1138
 mrok/cli/commands/agent/__init__.py,sha256=ZAi7eTkKQtfwwV1c1mv3uvEEsyMMrhCQ_-id_0wksAQ,218
-mrok/cli/commands/agent/utils.py,sha256=m_olScdIUGks5IoC6p2F9D6CQIucWZ7LHyrvwm2bkJw,106
 mrok/cli/commands/agent/dev/__init__.py,sha256=ZfreyRuaLqO0AwPS8Ll1DIpsKacsu7_dTmbxV5QecOM,172
 mrok/cli/commands/agent/dev/console.py,sha256=rrKAGoKXVQQBOC75H0JSuX1sYyvc2QSrV-dfMPK49p4,673
 mrok/cli/commands/agent/dev/web.py,sha256=O9dYk-o1FV2E_sKLOezdEmLsnexwbJNDdsYL5pATZRQ,1028
@@ -65,30 +64,28 @@ mrok/proxy/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 mrok/proxy/app.py,sha256=flnVPoUO3pSF3b0nYFBhKjZ9jp5ljijo2a-5e37gACs,6016
 mrok/proxy/asgi.py,sha256=2uw5bLquyUsiYlNwq8RhJd8OqVvSJDvYjzOVGLLB3Cs,3528
 mrok/proxy/backend.py,sha256=dRmIUJin2DM3PUxrVX0j4t1oB6DOX7N9JV2lIcopE38,1649
-mrok/proxy/constants.py,sha256=ao5gI2HFBWmrdd2Yc6XFK_RGaHk-omxI4AqvfIiGes8,409
 mrok/proxy/event_publisher.py,sha256=TAuwEqIhRYxgazJFgC3DekwUAXlJ2UFjbdx_A9vwA1g,2511
 mrok/proxy/exceptions.py,sha256=61OhdihQNdnBUqAI9mbBkXD1yWg-6Eftk7EhWCU1VF0,642
 mrok/proxy/master.py,sha256=HB2q_nPLim23z0mGDGKs_RshhGVAO8VgOYP4hA__zC4,6891
 mrok/proxy/metrics.py,sha256=Sg2aIiaj9fzkyu190YCsJvNn5P-XLun3BcvuVBsdWbA,3640
-mrok/proxy/middleware.py,sha256=St8r2hY5vfn4q5FtuqeI85tVmSZmC6Vkbecpx_iX6SM,4455
-mrok/proxy/models.py,sha256=CA520bqexPwYUHDrkg58OXAyzBIKQSU9i-SlymU_vt0,5188
+mrok/proxy/middleware.py,sha256=So024RvtNgMliClKz4pzau2Wb6tlfZGspmHBzzEeF4U,4208
+mrok/proxy/models.py,sha256=VDou3LGDi9zCpzpOwihP4Og1oRvXl7gb2mgczf6_Z14,6029
 mrok/proxy/stream.py,sha256=7V-bSAF9uNV1yVHKaEhHo95WxafSGWkyHPVABZX0djY,2134
-mrok/proxy/utils.py,sha256=OxX6pJv_Wh_KgWx95YeJ3YeuSgwm2tsd00897P3fxys,2126
 mrok/proxy/worker.py,sha256=uEUC2Hbx0YQiDMFNZfwkHMDnijN96b6iRoIErfI21Tg,1921
-mrok/proxy/ziticorn.py,sha256=YwbyNUK-TL3dANntM6gtlP9Su39QvDCC0dSbuZisXIo,2873
+mrok/proxy/ziticorn.py,sha256=qiHKIB7ZRR9S9f-zXTxkzBWW3qlP9CqPOc0QQr-lgvc,2437
 mrok/types/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 mrok/types/proxy.py,sha256=40Yds4tUykMpzsoQbMtHG85r8xtm5Q3fQZ17bp7cDiM,818
 mrok/types/ziti.py,sha256=EeQnTbDEJ-Y-KMS6zu1Xjxb58Up2VxUwqzUwy3H28JY,36
 mrok/ziti/__init__.py,sha256=20OWMiexRhOovZOX19zlX87-V78QyWnEnSZfyAftUdE,263
-mrok/ziti/api.py,sha256=ikl3l446Gu-YZuJJFRHFSBpKhh5KJxmk-Jr4YbSrqbk,16072
-mrok/ziti/bootstrap.py,sha256=PRZlYDtcGbix-1bQDuJ4wX4dy845VAx9SFPotc4BCeg,2715
+mrok/ziti/api.py,sha256=CRblQUyfX_421cppA9D-LRnjh4N9P7aYVK4fG7UzQE4,16102
+mrok/ziti/bootstrap.py,sha256=RSL8nZfI-MZ_z6h0F-rNevQoE6g9oGKLr6HlZF696_c,2499
 mrok/ziti/constants.py,sha256=Urq1X3bCBQZfw8NbnEa1pqmY4oq1wmzkwPfzam3kbTw,339
 mrok/ziti/errors.py,sha256=yYCbVDwktnR0AYduqtynIjo73K3HOhIrwA_vQimvEd4,368
-mrok/ziti/identities.py,sha256=9BIBQOirvcdAkRFNqZPTOkC8kvDQbq6EgaQMq22NQsQ,6730
+mrok/ziti/identities.py,sha256=5-7Iof5a8SfkAYsy-SPirDEJKE68ZSn1Kw1wXYQbK9Q,6880
 mrok/ziti/pki.py,sha256=o2tySqHC8-7bvFuI2Tqxg9vX6H6ZSxWxfP_9x29e19M,1954
 mrok/ziti/services.py,sha256=TukG0vAZxgjbS8OLiyg7u1GwuVeGTco-rb9ne6a4PUA,3213
-mrok-0.6.0.dist-info/METADATA,sha256=0z3llP3xsGv5I-CZANA3tA9rhqNQ9sgH2j2sdLX5z7A,15705
-mrok-0.6.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
-mrok-0.6.0.dist-info/entry_points.txt,sha256=tloXwvU1uJicBJR2h-8HoVclPgwJWDwuREMHN8Zq-nU,38
-mrok-0.6.0.dist-info/licenses/LICENSE.txt,sha256=6PaICaoA3yNsZKLv5G6OKqSfLSoX7MakYqTDgJoTCBs,11346
-mrok-0.6.0.dist-info/RECORD,,
+mrok-0.7.0.dist-info/METADATA,sha256=bswj6K1HG4vnUbkCpqQfuH6BoAgcyrMKY3U6XIotlnI,15979
+mrok-0.7.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+mrok-0.7.0.dist-info/entry_points.txt,sha256=tloXwvU1uJicBJR2h-8HoVclPgwJWDwuREMHN8Zq-nU,38
+mrok-0.7.0.dist-info/licenses/LICENSE.txt,sha256=6PaICaoA3yNsZKLv5G6OKqSfLSoX7MakYqTDgJoTCBs,11346
+mrok-0.7.0.dist-info/RECORD,,