nvidia-nat-mcp 1.4.0a20260105__py3-none-any.whl → 1.4.0a20260117__py3-none-any.whl

nat/plugins/mcp/client/__init__.py

@@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: Copyright (c) 2024-2026, NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+"""MCP client components."""

nat/plugins/mcp/{client_config.py → client/client_config.py}

@@ -80,9 +80,9 @@ class MCPServerConfig(BaseModel):
         return self
 
 
-class MCPClientConfig(FunctionGroupBaseConfig, name="mcp_client"):
+class MCPClientBaseConfig(FunctionGroupBaseConfig):
     """
-    Configuration for connecting to an MCP server as a client and exposing selected tools.
+    Base configuration shared by MCP client variants.
     """
     server: MCPServerConfig = Field(..., description="Server connection details (transport, url/command, etc.)")
     tool_call_timeout: timedelta = Field(
@@ -114,6 +114,19 @@ class MCPClientConfig(FunctionGroupBaseConfig, name="mcp_client"):
             calculator_multiply:
               description: "Multiply two numbers"  # alias defaults to original name
         """)
+
+    @model_validator(mode="after")
+    def _validate_reconnect_backoff(self) -> "MCPClientBaseConfig":
+        """Validate reconnect backoff values."""
+        if self.reconnect_max_backoff < self.reconnect_initial_backoff:
+            raise ValueError("reconnect_max_backoff must be greater than or equal to reconnect_initial_backoff")
+        return self
+
+
+class MCPClientConfig(MCPClientBaseConfig, name="mcp_client"):
+    """
+    Configuration for connecting to an MCP server as a client and exposing selected tools.
+    """
     session_aware_tools: bool = Field(default=True,
                                       description="Session-aware tools are created if True. Defaults to True.")
     max_sessions: int = Field(default=100,
@@ -123,9 +136,11 @@ class MCPClientConfig(FunctionGroupBaseConfig, name="mcp_client"):
         default=timedelta(hours=1),
         description="Time after which inactive sessions are cleaned up. Defaults to 1 hour.")
 
-    @model_validator(mode="after")
-    def _validate_reconnect_backoff(self) -> "MCPClientConfig":
-        """Validate reconnect backoff values."""
-        if self.reconnect_max_backoff < self.reconnect_initial_backoff:
-            raise ValueError("reconnect_max_backoff must be greater than or equal to reconnect_initial_backoff")
-        return self
+
+class PerUserMCPClientConfig(MCPClientBaseConfig, name="per_user_mcp_client"):
+    """
+    MCP Client configuration for per-user workflows that are registered with @register_per_user_function,
+
+    and each user gets their own MCP client instance.
+    """
+    pass

nat/plugins/mcp/{client_impl.py → client/client_impl.py}

@@ -26,16 +26,77 @@ from pydantic import BaseModel
 
 from nat.authentication.interfaces import AuthProviderBase
 from nat.builder.builder import Builder
+from nat.builder.context import Context
 from nat.builder.function import FunctionGroup
 from nat.cli.register_workflow import register_function_group
-from nat.plugins.mcp.client_base import MCPBaseClient
-from nat.plugins.mcp.client_config import MCPClientConfig
-from nat.plugins.mcp.client_config import MCPToolOverrideConfig
+from nat.cli.register_workflow import register_per_user_function_group
+from nat.plugins.mcp.client.client_base import MCPBaseClient
+from nat.plugins.mcp.client.client_config import MCPClientConfig
+from nat.plugins.mcp.client.client_config import MCPToolOverrideConfig
+from nat.plugins.mcp.client.client_config import PerUserMCPClientConfig
 from nat.plugins.mcp.utils import truncate_session_id
 
 logger = logging.getLogger(__name__)
 
 
+class PerUserMCPFunctionGroup(FunctionGroup):
+    """
+    A specialized FunctionGroup for per-user MCP clients.
+    """
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+
+        self.mcp_client: MCPBaseClient | None = None  # Will be set to the actual MCP client instance
+        self.mcp_client_server_name: str | None = None
+        self.mcp_client_transport: str | None = None
+        self.user_id: str | None = None
+
+
+def mcp_per_user_tool_function(tool, client: MCPBaseClient):
+    """
+    Create a per-user NAT function for an MCP tool.
+
+    Args:
+        tool: The MCP tool to create a function for
+        client: The MCP client to use for the function
+
+    Returns:
+        The NAT function
+    """
+    from nat.builder.function import FunctionInfo
+
+    def _convert_from_str(input_str: str) -> tool.input_schema:
+        return tool.input_schema.model_validate_json(input_str)
+
+    async def _response_fn(tool_input: BaseModel | None = None, **kwargs) -> str:
+        try:
+            mcp_tool = await client.get_tool(tool.name)
+
+            if tool_input:
+                args = tool_input.model_dump(exclude_none=True, mode='json')
+                return await mcp_tool.acall(args)
+
+            # kwargs arrives with all optional fields set to None because NAT's framework
+            # converts the input dict to a Pydantic model (filling in all Field(default=None)),
+            # then dumps it back to a dict. We need to strip out these None values because
+            # many MCP servers (e.g., Kaggle) reject requests with excessive null fields.
+            # We re-validate here (yes, redundant) to leverage Pydantic's exclude_none with
+            # mode='json' for recursive None removal in nested models.
+            # Reference: function_info.py:_convert_input_pydantic
+            validated_input = mcp_tool.input_schema.model_validate(kwargs)
+            args = validated_input.model_dump(exclude_none=True, mode='json')
+            return await mcp_tool.acall(args)
+        except Exception as e:
+            logger.warning("Error calling tool %s", tool.name, exc_info=True)
+            return str(e)
+
+    return FunctionInfo.create(single_fn=_response_fn,
+                               description=tool.description,
+                               input_schema=tool.input_schema,
+                               converters=[_convert_from_str])
+
+
 @dataclass
 class SessionData:
     """Container for all session-related data."""
@@ -91,9 +152,9 @@ class MCPFunctionGroup(FunctionGroup):
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
         # MCP client attributes with proper typing
-        self._mcp_client = None  # Will be set to the actual MCP client instance
-        self._mcp_client_server_name: str | None = None
-        self._mcp_client_transport: str | None = None
+        self.mcp_client: MCPBaseClient | None = None  # Will be set to the actual MCP client instance
+        self.mcp_client_server_name: str | None = None
+        self.mcp_client_transport: str | None = None
 
         # Session management - consolidated data structure
         self._sessions: dict[str, SessionData] = {}
@@ -116,36 +177,6 @@ class MCPFunctionGroup(FunctionGroup):
         # Use random session id for testing only
         self._use_random_session_id_for_testing: bool = False
 
-    @property
-    def mcp_client(self):
-        """Get the MCP client instance."""
-        return self._mcp_client
-
-    @mcp_client.setter
-    def mcp_client(self, client):
-        """Set the MCP client instance."""
-        self._mcp_client = client
-
-    @property
-    def mcp_client_server_name(self) -> str | None:
-        """Get the MCP client server name."""
-        return self._mcp_client_server_name
-
-    @mcp_client_server_name.setter
-    def mcp_client_server_name(self, server_name: str | None):
-        """Set the MCP client server name."""
-        self._mcp_client_server_name = server_name
-
-    @property
-    def mcp_client_transport(self) -> str | None:
-        """Get the MCP client transport type."""
-        return self._mcp_client_transport
-
-    @mcp_client_transport.setter
-    def mcp_client_transport(self, transport: str | None):
-        """Set the MCP client transport type."""
-        self._mcp_client_transport = transport
-
     @property
     def session_count(self) -> int:
         """Current number of active sessions."""
@@ -258,7 +289,7 @@ class MCPFunctionGroup(FunctionGroup):
             except Exception as e:
                 logger.warning("Error cleaning up session client %s: %s", truncate_session_id(session_id), e)
 
-    async def _get_session_client(self, session_id: str) -> MCPBaseClient:
+    async def _get_session_client(self, session_id: str) -> MCPBaseClient | None:
         """Get the appropriate MCP client for the session."""
         # Throttled cleanup on access
         now = datetime.now()
@@ -348,7 +379,7 @@ class MCPFunctionGroup(FunctionGroup):
 
     async def _create_session_client(self, session_id: str) -> tuple[MCPBaseClient, asyncio.Event, asyncio.Task]:
         """Create a new MCP client instance for the session."""
-        from nat.plugins.mcp.client_base import MCPStreamableHTTPClient
+        from nat.plugins.mcp.client.client_base import MCPStreamableHTTPClient
 
         config = self._client_config
         if not config:
@@ -440,9 +471,13 @@ def mcp_session_tool_function(tool, function_group: MCPFunctionGroup):
             if (not function_group._shared_auth_provider or session_id == function_group._default_user_id):
                 # Use base client directly for default user
                 client = function_group.mcp_client
+                if client is None:
+                    return "Tool temporarily unavailable. Try again."
                 session_tool = await client.get_tool(tool.name)
             else:
                 # Use session usage context to prevent cleanup during tool execution
+                if session_id is None:
+                    return "Tool temporarily unavailable. Try again."
                 async with function_group._session_usage_context(session_id) as client:
                     if client is None:
                         return "Tool temporarily unavailable. Try again."
@@ -484,9 +519,9 @@ async def mcp_client_function_group(config: MCPClientConfig, _builder: Builder):
     Returns:
         The function group
     """
-    from nat.plugins.mcp.client_base import MCPSSEClient
-    from nat.plugins.mcp.client_base import MCPStdioClient
-    from nat.plugins.mcp.client_base import MCPStreamableHTTPClient
+    from nat.plugins.mcp.client.client_base import MCPSSEClient
+    from nat.plugins.mcp.client.client_base import MCPStdioClient
+    from nat.plugins.mcp.client.client_base import MCPStreamableHTTPClient
 
     # Resolve auth provider if specified
     auth_provider = None
@@ -574,23 +609,16 @@ async def mcp_client_function_group(config: MCPClientConfig, _builder: Builder):
             # Create the tool function according to configuration
             tool_fn = mcp_session_tool_function(tool, group)
 
-            # Normalize optional typing for linter/type-checker compatibility
-            single_fn = tool_fn.single_fn
-            if single_fn is None:
-                # Should not happen because FunctionInfo always sets a single_fn
-                logger.warning("Skipping tool %s because single_fn is None", function_name)
-                continue
-
             input_schema = tool_fn.input_schema
             # Convert NoneType sentinel to None for FunctionGroup.add_function signature
-            if input_schema is type(None):  # noqa: E721
+            if input_schema is type(None):
                 input_schema = None
 
             # Add to group
             logger.info("Adding tool %s to group", function_name)
             group.add_function(name=function_name,
                                description=description,
-                               fn=single_fn,
+                               fn=tool_fn.single_fn,
                                input_schema=input_schema,
                                converters=tool_fn.converters)
 
@@ -612,3 +640,143 @@ def mcp_apply_tool_alias_and_description(
         return {}
 
     return {name: override for name, override in tool_overrides.items() if name in all_tools}
+
+
+@register_per_user_function_group(config_type=PerUserMCPClientConfig)
+async def per_user_mcp_client_function_group(config: PerUserMCPClientConfig, _builder: Builder):
+    """
+    Connect to an MCP server and expose tools as a function group for per-user workflows.
+
+    Args:
+        config: The configuration for the MCP client
+        _builder: The builder
+    Returns:
+        The function group
+    """
+    from nat.plugins.mcp.client.client_base import MCPSSEClient
+    from nat.plugins.mcp.client.client_base import MCPStdioClient
+    from nat.plugins.mcp.client.client_base import MCPStreamableHTTPClient
+
+    # Resolve auth provider if specified
+    auth_provider = None
+    if config.server.auth_provider:
+        auth_provider = await _builder.get_auth_provider(config.server.auth_provider)
+
+    user_id = Context.get().user_id
+
+    # Build the appropriate client
+    if config.server.transport == "stdio":
+        if not config.server.command:
+            raise ValueError("command is required for stdio transport")
+        client = MCPStdioClient(config.server.command,
+                                config.server.args,
+                                config.server.env,
+                                tool_call_timeout=config.tool_call_timeout,
+                                auth_flow_timeout=config.auth_flow_timeout,
+                                reconnect_enabled=config.reconnect_enabled,
+                                reconnect_max_attempts=config.reconnect_max_attempts,
+                                reconnect_initial_backoff=config.reconnect_initial_backoff,
+                                reconnect_max_backoff=config.reconnect_max_backoff)
+    elif config.server.transport == "sse":
+        client = MCPSSEClient(str(config.server.url),
+                              tool_call_timeout=config.tool_call_timeout,
+                              auth_flow_timeout=config.auth_flow_timeout,
+                              reconnect_enabled=config.reconnect_enabled,
+                              reconnect_max_attempts=config.reconnect_max_attempts,
+                              reconnect_initial_backoff=config.reconnect_initial_backoff,
+                              reconnect_max_backoff=config.reconnect_max_backoff)
+    elif config.server.transport == "streamable-http":
+        client = MCPStreamableHTTPClient(str(config.server.url),
+                                         auth_provider=auth_provider,
+                                         user_id=user_id,
+                                         tool_call_timeout=config.tool_call_timeout,
+                                         auth_flow_timeout=config.auth_flow_timeout,
+                                         reconnect_enabled=config.reconnect_enabled,
+                                         reconnect_max_attempts=config.reconnect_max_attempts,
+                                         reconnect_initial_backoff=config.reconnect_initial_backoff,
+                                         reconnect_max_backoff=config.reconnect_max_backoff)
+    else:
+        raise ValueError(f"Unsupported transport: {config.server.transport}")
+
+    logger.info("Per-user MCP client configured for server: %s (user: %s)", client.server_name, user_id)
+
+    group = PerUserMCPFunctionGroup(config=config)
+
+    # Use a lifetime task to ensure the client context is entered and exited in the same task.
+    # This avoids anyio's "Attempted to exit cancel scope in a different task" error.
+    ready = asyncio.Event()
+    stop_event = asyncio.Event()
+
+    async def _lifetime():
+        """Lifetime task that owns the client's async context."""
+        try:
+            async with client:
+                ready.set()
+                await stop_event.wait()
+        except Exception:
+            ready.set()  # Ensure we don't hang the waiter
+            raise
+
+    lifetime_task = asyncio.create_task(_lifetime(), name=f"mcp-per-user-{user_id}")
+
+    # Wait for client initialization
+    timeout = config.tool_call_timeout.total_seconds()
+    try:
+        await asyncio.wait_for(ready.wait(), timeout=timeout)
+    except TimeoutError:
+        lifetime_task.cancel()
+        try:
+            await lifetime_task
+        except asyncio.CancelledError:
+            pass
+        raise RuntimeError(f"Per-user MCP client initialization timed out after {timeout}s")
+
+    # Check if initialization failed
+    if lifetime_task.done():
+        try:
+            await lifetime_task
+        except Exception as e:
+            raise RuntimeError(f"Failed to initialize per-user MCP client: {e}") from e
+
+    try:
+        # Expose the live MCP client on the function group instance so other components (e.g., HTTP endpoints)
+        # can reuse the already-established session instead of creating a new client per request.
+        group.mcp_client = client
+        group.mcp_client_server_name = client.server_name
+        group.mcp_client_transport = client.transport
+        group.user_id = user_id
+
+        all_tools = await client.get_tools()
+        tool_overrides = mcp_apply_tool_alias_and_description(all_tools, config.tool_overrides)
+
+        # Add each tool as a function to the group
+        for tool_name, tool in all_tools.items():
+            # Get override if it exists
+            override = tool_overrides.get(tool_name)
+
+            # Use override values or defaults
+            function_name = override.alias if override and override.alias else tool_name
+            description = override.description if override and override.description else tool.description
+
+            # Create the tool function according to configuration
+            tool_fn = mcp_per_user_tool_function(tool, client)
+
+            input_schema = tool_fn.input_schema
+            # Convert NoneType sentinel to None for FunctionGroup.add_function signature
+            if input_schema is type(None):
+                input_schema = None
+
+            # Add to group
+            logger.info("Adding tool %s to group", function_name)
+            group.add_function(name=function_name,
+                               description=description,
+                               fn=tool_fn.single_fn,
+                               input_schema=input_schema,
+                               converters=tool_fn.converters)
+
+        yield group
+    finally:
+        # Signal the lifetime task to exit and wait for clean shutdown
+        stop_event.set()
+        if not lifetime_task.done():
+            await lifetime_task

nat/plugins/mcp/register.py

@@ -16,7 +16,8 @@
 # flake8: noqa
 # isort:skip_file
 
-# Import any providers which need to be automatically registered here
+# Register client components
+from .client import client_impl
 
-from . import client_impl
-from . import tool
+# Register server/frontend components
+from .server import register_frontend

nat/plugins/mcp/server/__init__.py

@@ -0,0 +1,15 @@
+# SPDX-FileCopyrightText: Copyright (c) 2025-2026, NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+"""MCP server/frontend components."""

nat/plugins/mcp/server/front_end_config.py

@@ -0,0 +1,109 @@
+# SPDX-FileCopyrightText: Copyright (c) 2025-2026, NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import logging
+from typing import Literal
+
+from pydantic import Field
+from pydantic import field_validator
+from pydantic import model_validator
+
+from nat.authentication.oauth2.oauth2_resource_server_config import OAuth2ResourceServerConfig
+from nat.data_models.front_end import FrontEndBaseConfig
+
+logger = logging.getLogger(__name__)
+
+
+class MCPFrontEndConfig(FrontEndBaseConfig, name="mcp"):
+    """MCP front end configuration.
+
+    A simple MCP (Model Context Protocol) front end for NeMo Agent toolkit.
+    """
+
+    name: str = Field(default="NeMo Agent Toolkit MCP",
+                      description="Name of the MCP server (default: NeMo Agent Toolkit MCP)")
+    host: str = Field(default="localhost", description="Host to bind the server to (default: localhost)")
+    port: int = Field(default=9901, description="Port to bind the server to (default: 9901)", ge=0, le=65535)
+    debug: bool = Field(default=False, description="Enable debug mode (default: False)")
+    log_level: str = Field(default="INFO", description="Log level for the MCP server (default: INFO)")
+    tool_names: list[str] = Field(
+        default_factory=list,
+        description="The list of tools MCP server will expose (default: all tools)."
+        "Tool names can be functions or function groups",
+    )
+    transport: Literal["sse", "streamable-http"] = Field(
+        default="streamable-http",
+        description="Transport type for the MCP server (default: streamable-http, backwards compatible with sse)")
+    runner_class: str | None = Field(
+        default=None, description="Custom worker class for handling MCP routes (default: built-in worker)")
+    base_path: str | None = Field(default=None,
+                                  description="Base path to mount the MCP server at (e.g., '/api/v1'). "
+                                  "If specified, the server will be accessible at http://host:port{base_path}/mcp. "
+                                  "If None, server runs at root path /mcp.")
+
+    server_auth: OAuth2ResourceServerConfig | None = Field(
+        default=None, description=("OAuth 2.0 Resource Server configuration for token verification."))
+
+    @field_validator('base_path')
+    @classmethod
+    def validate_base_path(cls, v: str | None) -> str | None:
+        """Validate that base_path starts with '/' and doesn't end with '/'."""
+        if v is not None:
+            if not v.startswith('/'):
+                raise ValueError("base_path must start with '/'")
+            if v.endswith('/'):
+                raise ValueError("base_path must not end with '/'")
+        return v
+
+    # Memory profiling configuration
+    enable_memory_profiling: bool = Field(default=False,
+                                          description="Enable memory profiling and diagnostics (default: False)")
+    memory_profile_interval: int = Field(default=50,
+                                         description="Log memory stats every N requests (default: 50)",
+                                         ge=1)
+    memory_profile_top_n: int = Field(default=10,
+                                      description="Number of top memory allocations to log (default: 10)",
+                                      ge=1,
+                                      le=50)
+    memory_profile_log_level: str = Field(default="DEBUG",
+                                          description="Log level for memory profiling output (default: DEBUG)")
+
+    @model_validator(mode="after")
+    def validate_security_configuration(self):
+        """Validate security configuration to prevent accidental misconfigurations."""
+        # Check if server is bound to a non-localhost interface without authentication
+        localhost_hosts = {"localhost", "127.0.0.1", "::1"}
+        if self.host not in localhost_hosts and self.server_auth is None:
+            logger.warning(
+                "MCP server is configured to bind to '%s' without authentication. "
+                "This may expose your server to unauthorized access. "
+                "Consider either: (1) binding to localhost for local-only access, "
+                "or (2) configuring server_auth for production deployments on public interfaces.",
+                self.host)
+
+        # Check if SSE transport is used (which doesn't support authentication)
+        if self.transport == "sse":
+            if self.server_auth is not None:
+                logger.warning("SSE transport does not support authentication. "
+                               "The configured server_auth will be ignored. "
+                               "For production use with authentication, use 'streamable-http' transport instead.")
+            elif self.host not in localhost_hosts:
+                logger.warning(
+                    "SSE transport does not support authentication and is bound to '%s'. "
+                    "This configuration is not recommended for production use. "
+                    "For production deployments, use 'streamable-http' transport with server_auth configured.",
+                    self.host)
+
+        return self