feat(transport): complete direct_proxy gateway mode for streamable HTTP#3041
Closed
feat(transport): complete direct_proxy gateway mode for streamable HTTP#3041
Conversation
* docs: sync env defaults and references Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * docs: sync env templates and performance tuning Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* chore: stabilize coverage target Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore: reduce test warnings Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore: reduce test startup costs Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore: resolve bandit warning Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* test(playwright): handle admin password change Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * test(playwright): stabilize admin UI flows Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…2534) The MCP specification does not mandate that tool names must start with a letter - tool names are simply strings without pattern restrictions. This fix updates the validation pattern to align with SEP-986. Changes: - Update VALIDATION_TOOL_NAME_PATTERN from ^[a-zA-Z][a-zA-Z0-9._-]*$ to ^[a-zA-Z0-9_][a-zA-Z0-9._/-]*$ per SEP-986 - Allow leading underscore/number and slashes in tool names - Remove / from HTML special characters regex (not XSS-relevant) - Update all error messages, docstrings, and documentation - Update tests to verify new valid cases Tool names like `_5gpt_query_by_market_id` and `namespace/tool` are now accepted. Closes #2528 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…figuration (#2515) - Add passphrase-protected key support for Granian via --ssl-keyfile-password - Add KEY_FILE_PASSWORD and CERT_PASSPHRASE compatibility in run-granian.sh - Export KEY_FILE in run-gunicorn.sh for Python SSL manager access - Improve Makefile cert targets with proper permissions (640) and group 0 - Split certs-passphrase into two-step generation (genrsa + req) for AES-256 - Add SSL configuration templates to nginx.conf for client and backend TLS - Expose port 443 in NGINX Dockerfile for HTTPS support - Update docker-compose.yml with TLS-related comments and correct cert paths - Add comprehensive TLS configuration documentation Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
…2537) During gateway activation with OAuth Authorization Code flow, `_initialize_gateway` returns empty lists because the user hasn't completed authorization yet. Health checks then treat these empty responses as legitimate and delete all existing tools/resources/prompts. This change adds an `oauth_auto_fetch_tool_flag` parameter to `_initialize_gateway` that: - When False (default): Returns empty lists for auth_code gateways during health checks, preserving existing tools - When True (activation): Skips the early return for auth_code gateways, allowing activation to proceed The existing check in `_refresh_gateway_tools_resources_prompts` at lines 4724-4729 prevents stale deletion for auth_code gateways with empty responses. Fixed issues from original PR: - Corrected typo: oath -> oauth in parameter name - Removed duplicate docstring entry - Fixed logic bug that incorrectly skipped token fetch for client_credentials flow when flag was True Closes #2272 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
* feat(auth): add token revocation and proxy auth to admin middleware - Support token revocation checks in AdminAuthMiddleware - Enable proxy authentication for admin routes - Filter session listings by user ownership - Validate team membership for OAuth operations - Add configurable public registration setting Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(config): change token validation defaults to secure-by-default - Set require_token_expiration default to true (was false) - Set require_jti default to true (was false) - Update .env.example to reflect new secure defaults Tokens without expiration or JTI claims will now be rejected by default. Set REQUIRE_TOKEN_EXPIRATION=false or REQUIRE_JTI=false to restore previous behavior if needed for backward compatibility. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * docs(security): expand securing guide with token lifecycle and access controls Add documentation for: - Token lifecycle management (revocation, validation settings) - Admin route authentication requirements - Session management access controls - User registration configuration - Updated production checklist with new settings Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(auth): address SSO redirect validation and admin middleware gaps - SSO redirect_uri validation now uses server-side allowlist only (allowed_origins, app_domain) instead of trusting Host header - Full origin comparison including scheme and port to prevent cross-port or HTTP downgrade redirects - AdminAuthMiddleware now supports API token authentication - AdminAuthMiddleware now honors platform admin bootstrap when REQUIRE_USER_IN_DB=false for fresh deployments Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(auth): add basic auth support to AdminAuthMiddleware Align AdminAuthMiddleware with require_admin_auth by supporting: - HTTP Basic authentication for legacy deployments - Basic auth users are treated as admin (consistent with existing behavior) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(auth): finalize secure defaults and update changelog for RC1 - Move hashlib/base64 imports to top-level in main.py (pylint C0415) - Add CHANGELOG entry for 1.0.0-RC1 secure defaults release - Add Security Defaults section to .env.example - Update test helpers to include JTI by default for REQUIRE_JTI=true Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * refactor(auth): streamline authentication model and update documentation - Simplify Admin UI to use session-based email/password authentication - Add API_ALLOW_BASIC_AUTH setting for granular API auth control - Scope gateway credentials to prevent unintended forwarding - Update 25+ documentation files for auth model clarity - Add comprehensive test coverage for auth settings - Fix REQUIRE_TOKEN_EXPIRATION and REQUIRE_JTI defaults in docs - Remove BASIC_AUTH_* from Docker examples (not needed by default) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * docs: update changelog with neutral language and ignore coverage.svg - Reword RC1 changelog entries to use neutral language - Add coverage.svg to .gitignore (generated by make coverage) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
#2514) Refactors GatewayService, ExportService, ImportService, and A2AService to use globally-initialized service singletons (ToolService, PromptService, ResourceService, ServerService, RootService, GatewayService) instead of creating private, uninitialized instances. Uses lazy singleton pattern with __getattr__ to avoid import-time instantiation when only exception classes are imported. This ensures services are created after logging/plugin setup is complete. By importing the module-level services, all gateway operations now share the same EventService/Redis client. This ensures events such as activate/deactivate propagate correctly across workers and reach Redis subscribers. Changes: - Add lazy singleton pattern using __getattr__ to service modules - Update main.py to import singletons instead of instantiating services - Update GatewayService.__init__ to use lazy imports of singletons - Update ExportService.__init__ to use lazy imports of singletons - Update ImportService.__init__ to use lazy imports of singletons - Update A2AService methods to use tool_service singleton - Update tests to patch singleton methods instead of class instantiation - Add pylint disables for no-name-in-module (due to __getattr__) The fix resolves silent event drops caused by missing initialize() calls on locally constructed services. Cross-worker UI updates and subscriber notifications now behave as intended. Closes #2256 Signed-off-by: NAYANAR <nayana.r7813@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
* feat: support external plugin stdio launch options Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * feat: add streamable http uds support Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: tidy streamable http shutdown Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * style: fix docstring line length in client.py Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(security): harden UDS and cwd path validation - Add canonical path resolution (.resolve()) to cwd validation to prevent path traversal via symlinks or relative path escapes - Add UDS security validation: - Require absolute paths for Unix domain sockets - Verify parent directory exists - Warn if parent directory is world-writable (potential socket hijacking) - Return canonical resolved paths instead of raw input - Update tests to use tmp_path fixture for secure temp directories Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * style: fix pylint warnings in models.py Move logging import to top level and fix implicit string concatenation. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
) * feat(infra): add zero-config TLS for nginx via Docker Compose profile Add a new `--profile tls` Docker Compose profile that enables HTTPS with zero configuration. Certificates are auto-generated on first run or users can provide their own CA-signed certificates. Features: - One command TLS: `make compose-tls` starts with HTTPS on port 8443 - Auto-generates self-signed certs if ./certs/ is empty - Custom certs: place cert.pem/key.pem in ./certs/ before starting - Optional HTTP->HTTPS redirect via `make compose-tls-https` - Environment variable NGINX_FORCE_HTTPS=true for redirect mode - Works alongside other profiles (monitoring, benchmark) New files: - infra/nginx/nginx-tls.conf: TLS-enabled nginx configuration - infra/nginx/docker-entrypoint.sh: Handles NGINX_FORCE_HTTPS env var New Makefile targets: - compose-tls: Start with HTTP:8080 + HTTPS:8443 - compose-tls-https: Force HTTPS redirect (HTTP->HTTPS) - compose-tls-down: Stop TLS stack - compose-tls-logs: Tail TLS service logs - compose-tls-ps: Show TLS stack status Docker Compose additions: - cert_init service: Auto-generates certs using alpine/openssl - nginx_tls service: TLS-enabled nginx reverse proxy Documentation: - Updated tls-configuration.md with Quick Start section - Updated compose.md with TLS section - Added to deployment navigation - Updated README.md quick start Closes #2571 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(nginx): use smart port detection for HTTPS redirect Fix hard-coded :8443 port in HTTPS redirect that broke internal container-to-container calls. Problem: - External access via port 8080 correctly redirected to :8443 - Internal container calls (no port) also redirected to :8443 - But nginx_tls only listens on 443 internally, so internal redirects failed Solution: Add a map directive that detects request origin based on Host header: - Requests with :8080 in Host → redirect to :8443 (external) - Requests without port → redirect without port, defaults to 443 (internal) Tested: - External: curl http://localhost:8080/health → https://localhost:8443/health ✓ - Internal: curl http://nginx_tls/health → https://nginx_tls/health (443) ✓ Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
) * fix: resolve LLM admin router db session and add favicon redirect - Fix LLM admin router endpoints that failed with 500 errors due to db session being None from RBAC middleware (intentionally closed to prevent idle-in-transaction). Added explicit db: Session = Depends(get_db) to all 11 affected endpoints. - Add /favicon.ico redirect to /static/favicon.ico for browser compatibility (browsers request favicon at root path). - Update README.md Running section with clear table documenting the three running modes (make dev, make serve, docker-compose) with their respective ports, servers, and databases. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(llm-admin): pass kwargs to fetch_provider_models for permission check The require_permission decorator only searches kwargs for user context. sync_provider_models was calling fetch_provider_models with positional args, causing the decorator to raise 401 Unauthorized. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* feat(testing): add JMeter performance testing baseline Add comprehensive JMeter test plans for industry-standard performance baseline measurements and CI/CD integration. Test Plans (10 .jmx files): - rest_api_baseline: REST API endpoints (1,000 RPS, 10min) - mcp_jsonrpc_baseline: MCP JSON-RPC protocol (1,000 RPS, 15min) - mcp_test_servers_baseline: Direct MCP server testing (2,000 RPS) - load_test: Production load simulation (4,000 RPS, 30min) - stress_test: Progressive stress to breaking point (10,000 RPS) - spike_test: Traffic spike recovery (1K→10K→1K) - soak_test: 24-hour memory leak detection (2,000 RPS) - sse_streaming_baseline: SSE connection stability (1,000 conn) - websocket_baseline: WebSocket performance (500 conn) - admin_ui_baseline: Admin UI user simulation (50 users) Infrastructure: - 12 Makefile targets for running tests and generating reports - Properties files for production and CI environments - CSV test data for parameterized testing - Performance SLAs documentation (P50/P95/P99 latencies) Closes #2541 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(testing): improve JMeter testing setup and fix test issues - Add jmeter-install target to download JMeter 5.6.3 locally - Add jmeter-ui target to launch JMeter GUI - Add jmeter-check to verify JMeter 5.x+ (required for -e -o flags) - Add jmeter-clean target to clean results directory - Fix jmeter-report to handle empty results gracefully - Fix load_test.jmx JEXL3 thread count expressions - Fix admin_ui_baseline.jmx HTMX endpoint paths - Add HTTPS/TLS testing documentation and configuration - Add .jmeter/ to .gitignore for local installation Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(testing): fix JMeter JWT auth and add linter fixes - Fix JMETER_TOKEN generation: use python3 instead of python - Add JMETER_JWT_SECRET with default value (my-test-key) - Add encoding headers and fix import formatting from linter Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * feat(testing): add jmeter-quick target for fast test verification Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
- Add .envrc for direnv support - Remove 14+ duplicate/redundant patterns - Reorganize with clear section comments - Add missing patterns (.ica.env, pip-log.txt, pip-delete-this-directory.txt) Signed-off-by: Adnan Vahora <adnanvahora114@gmail.com>
* feat(plugins): add TOON encoder plugin for token-efficient responses Add a tool_post_invoke plugin that converts JSON tool results to TOON (Token-Oriented Object Notation) format, achieving 30-70% token reduction. Features: - Pure Python TOON encoder/decoder per spec v3.0 - Configurable size thresholds and tool filtering - Format markers for downstream parsing - Graceful error handling with skip_on_error fallback - Columnar format for homogeneous object arrays Closes #2574 Signed-off-by: Joe Stein <joe.stein@sscinc.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * lint Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * docs(toon): document alternative delimiter limitation Add documentation about tab/pipe delimiter limitation in columnar array headers. The TOON spec v3.0 allows alternative delimiters, which our regex matches but decoder doesn't parse correctly (always splits on commas). Document this as a known decoder limitation. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * feat(toon): support tab/pipe delimiters in columnar arrays Add support for alternative delimiters (tab, pipe) in columnar array headers per TOON spec v3.0. The decoder now detects the delimiter from the header and uses it consistently for parsing row values. - Add _detect_delimiter() function to identify delimiter from header - Update _decode_columnar_array() to accept and use delimiter parameter - Update _split_row_values() to split on configurable delimiter - Add tests for pipe and tab delimiter decoding - Remove limitation from README (now fully supported) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(toon): remove unused import and variable - Remove unused Union import (F401) - Remove unused ind variable in _encode_array (F841) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(toon): prefix unused parameters with underscore Silence vulture warnings by prefixing intentionally unused parameters: - _as_root in _encode_array and _encode_object (for API consistency) - _expected_count in _split_row_values (for potential validation) - _context in tool_post_invoke (required by plugin interface) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(admin): return disabled plugin details in View Details get_plugin_by_name() only checked the registry for enabled plugins, causing "Not Found" errors when clicking View Details on disabled plugins. Now falls back to checking config.plugins for disabled plugins, matching the behavior of get_all_plugins(). Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Joe Stein <joe.stein@sscinc.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
- allow overriding the python runtime for external plugins - reset plugin registry before re-init to avoid stale entries - normalize resource/service tag lists to strings Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…2605) Add 409 to allowed response codes for state change endpoints in the Locust load test. Under high concurrency, 409 Conflict is expected behavior due to optimistic locking when multiple users try to toggle the same entity's state simultaneously. Updated endpoints: - set_server_state() - /servers/[id]/state - set_tool_state() - /tools/[id]/state - set_resource_state() - /resources/[id]/state - set_prompt_state() - /prompts/[id]/state - set_gateway_state() - /gateways/[id]/state Closes #2566 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* test: expand coverage unit tests and plan Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore: remove local test plan from repo Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* docs: rationalize README and move detailed content to docs - Reduce README from 2,502 to 960 lines (-62%) - Add Quick Links section linking to pinned issues (#2502, #2503, #2504) - Move environment variables to docs/docs/manage/configuration.md - Create docs/docs/manage/troubleshooting.md with detailed guides - Add VS Code Dev Container section to developer-onboarding.md - Use <details> collapsibles for advanced Docker/Podman/PostgreSQL content - Streamline Configuration section to essential variables only - Update version reference from v0.9.0 to 1.0.0-BETA-2 - Verify all 15 ToC anchors and 17 external doc links Closes #2365 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore(docs): bump documentation dependency versions - mkdocs-git-revision-date-localized-plugin: 1.5.0 → 1.5.1 - mkdocs-include-markdown-plugin: 7.2.0 → 7.2.1 - pathspec: 1.0.3 → 1.0.4 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix(docs): add missing blank lines before tables in index.md MkDocs requires blank lines between bold headers and tables for proper rendering. Fixed SSO configuration sections. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * docs: streamline docs landing page and fix broken links - Replace verbose docs/docs/index.md with streamlined content matching README - Convert GitHub-flavored <details> to MkDocs ??? admonitions - Use relative links for internal navigation - Fix broken #configuration-env-or-env-vars anchors in: - docs/docs/development/index.md - docs/docs/manage/securing.md - Reduce docs landing page from 2,603 to 678 lines (-74%) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
Add is_active field support through the complete request pipeline: - Schemas: Added is_active to TokenCreateRequest (bool, default=True) and TokenUpdateRequest (Optional[bool], default=None) - Service: Modified create_token() and update_token() methods to accept and use is_active parameter instead of hardcoding - Router: Updated all 3 token endpoints (create, update, create_team) to pass is_active=request.is_active - Tests: Added explicit coverage for is_active=False on create and update, including toggle and reactivation scenarios Backward compatible: default values maintain existing behavior for clients not sending the field. Closes #2573 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* feat(testing): add Batch 1 & 2 load test user classes for extended API coverage Add new Locust user classes to improve API endpoint coverage: Batch 1 - High Priority: - VersionMetaUser: /version, /health/security - ExportImportUser: /export, /import/status, /import/cleanup - A2AFullCRUDUser: A2A agent CRUD operations Batch 2 - Extended APIs: - ResourcesExtendedUser: /resources/templates/list, /resources/[id]/info - ServerExtendedUser: /servers/[id]/prompts Removed (caused instability): - GatewayFullCRUDUser: Gateway CRUD triggers slow MCP network calls - TagsExtendedUser: App bug with json_extract on PostgreSQL (#2607) - AdvancedProtocolUser: Complex payload validation issues Disabled (app bug): - /export/selective: Server object missing is_active attribute (#2606) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * feat(testing): add Batch 3 load test user classes (TokensUser, RBACUser) Add TokensUser and RBACUser classes for improved API coverage: - TokensUser: GET /tokens endpoint for token listing - RBACUser: GET /rbac/roles, /rbac/my/roles, /rbac/my/permissions, /rbac/permissions/available endpoints TeamsUser was removed due to app bug #2608 (current_user_ctx["db"] returns None causing 500 errors on /teams endpoint). Closes #2608 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * feat(testing): add Batch 4 load test user classes (AuthUser, OAuthUser) Add authentication and OAuth user classes for improved API coverage: - AuthUser: GET /auth/email/events, /auth/email/admin/events, /auth/email/admin/users endpoints - OAuthUser: GET /oauth/registered-clients endpoint SSO endpoints were not added as they return 404 (not available). Write operations (login, register) were skipped intentionally. Total unique endpoints now tested: 99 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * feat(testing): add Batch 5 load test user classes (LogSearchUser, MetricsUser, ObservabilityUser) Add logging, metrics, and observability user classes for improved API coverage: - LogSearchUser: GET /api/logs/security-events, /api/logs/audit-trails, /api/logs/performance-metrics endpoints - MetricsUser: GET /metrics, /api/metrics/stats, /api/metrics/config, /metrics/prometheus endpoints - ObservabilityUser: GET /admin/observability/tools/usage, /admin/observability/tools/performance, /admin/observability/metrics/top-volume endpoints Total unique endpoints now tested: 108 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * feat(testing): add Batch 6 load test user classes (LLMUser, ReverseProxyUser) Add LLM and reverse proxy user classes for final API coverage: - LLMUser: GET /llm/gateway/models, /llmchat/gateway/models, /admin/llm/provider-configs, /admin/llm/provider-defaults endpoints - ReverseProxyUser: GET /reverse-proxy/sessions endpoint Toolops and well-known endpoints were not added (404 - not available). Cancellation endpoints skipped (require valid request IDs). Total unique endpoints now tested: 113 All 6 batches complete. Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…in (#2587) - New main entry point: scripts/contextforge-setup.sh - Modular library structure: scripts/lib/common.sh, debian.sh, rhel.sh - Removes old scripts/rocky-contextforge-setup-script.sh - Renames scripts/ubuntu-contextforge-setup-script.sh to lib/common.sh - Adds --skip-docker-login flag and DOCKER_* env var support - Adds Docker Compose deployment documentation Signed-off-by: Jonathan Springer <jps@s390x.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* test: expand rpc and admin coverage Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore: drop ignored todo from repo Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
Add onkeydown handlers to HTML elements (div and span) that have onclick handlers to support keyboard users. This enables Tab navigation to interactive elements on Overview, MCP Registry and Plugins pages. The implementation: - Adds a handleKeydown() utility function in admin.js that triggers callbacks on Enter or Space key presses - Adds role="button", tabindex="0", and onkeydown attributes to interactive elements - Includes event.preventDefault() to stop default browser behavior Closes #2167 Signed-off-by: Marek Dano <mk.dano@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
Fixes #2329 Updates tag filtering in TagService.get_entities_by_tag() to use the cross-database compatible json_contains_tag_expr helper instead of the raw json_extract LIKE query that only worked with string arrays. Changes: - Replace func.json_extract(tags, "$").LIKE query with json_contains_tag_expr which supports both legacy string tags and new dict-format tags - Update PostgreSQL implementation to use table_valued() pattern for idiomatic SQLAlchemy handling of jsonb_array_elements (elem.c.value) - Update unit tests to mock database dialect for json_contains_tag_expr - Improve test mocking to use patch.object context manager - Fix docstring to reflect new implementation (was "JSON LIKE queries") - Add comprehensive tests for dict-format tags [{id, label}] - Add rigorous PostgreSQL SQL compilation tests with regex validation - Document design decision: DB filters by 'id' only (TagValidator ensures id is always present; label is for display only) The json_contains_tag_expr helper handles both formats: - Legacy: ["tag1", "tag2"] - Dict format: [{"id": "tag1", "label": "Tag 1"}, ...] PostgreSQL implementation uses table_valued() for explicit column reference: - func.jsonb_array_elements(...).table_valued("value").alias("elem") - elem.c.value.op("->>")("id") for proper column access Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> Co-authored-by: Mihai Criveti <crivetimihai@gmail.com>
#2620) - Add tests for RegistryCache (cache entry expiry, stats, invalidation) - Add tests for SecurityHeadersMiddleware (HSTS, CORS, CSP, X-Frame-Options) - Add tests for ValidationMiddleware (path traversal, parameter validation) - Add tests for auth router (login, get_db, LoginRequest model) - Expand metrics_maintenance router tests (cleanup, rollup, stats endpoints) - Add tests for admin error handlers (server add/edit error paths) - Add tests for main.py gateway error handlers (connection, conflict, validation) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…rvices (#2585) * namespace prompt names and resource URIs by gateway ID, ensuring uniqueness Signed-off-by: Keval Mahajan mahajankeval23@gmail.com * linting Signed-off-by: Keval Mahajan <mahajankeval23@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Keval Mahajan mahajankeval23@gmail.com Signed-off-by: Keval Mahajan <mahajankeval23@gmail.com> Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
Remove unused import of PromptNotFoundError from test_authorization_access.py. The import was flagged by ruff linter (F401) as it was never used in the file. Fixes #2382 Signed-off-by: Jonathan Fulton <jonathan@jonathanfulton.com>
* fix: access control hardening and behavior consistency
- C-05: require tools.execute for both tools/call and legacy JSON-RPC tool invocation paths
- C-18: enforce scoped access on GET /resources/{resource_id}/info and maintain fail-closed ID ownership checks
- C-19: align root management endpoints with admin.system_config authorization requirements
- C-20: harden OAuth fetch-tools scope resolution and ownership checks with normalized token-team semantics
- C-35: validate server existence and scoped access before SSE setup, preserving deterministic 404/403 behavior
- C-39: sanitize imported scoped fields (team_id, owner_email, visibility, team) before persistence
- C-18: harden JWT rich-token teams semantics by distinguishing omitted teams from explicit teams=null
- add/update regression tests for allow/deny coverage across RPC, OAuth, resource info, import sanitization, and token helpers
- update CHANGELOG and local issue evidence/index entries for the hardening follow-up
Refs: C-05 C-18 C-19 C-20 C-35 C-39
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
* Update tests
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
---------
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…3111) * fix: visibility and admin scope hardening and behavior consistency (C-22 C-24 C-27 C-32 C-23) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore: docstring completeness hardening and behavior consistency Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * test: scope regression coverage hardening and behavior consistency Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: streamable completion scope hardening and behavior consistency (C-24) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * test: completion scope branch coverage hardening in rpc and protocol paths Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
) * fix: oauth grant handling hardening and behavior consistency (O-11) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: sso flow validation hardening and behavior consistency (O-03 O-04 O-06 O-14) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: oauth access enforcement hardening and behavior consistency (O-02 O-15 O-16) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore: auth lint compliance hardening and behavior consistency Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * docs: rc2 changelog and sso approval flow consistency Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: oauth status request-context hardening (O-16) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * test: expand oauth and sso hardening regression coverage Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: github sso email-claim handling and regression coverage Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: oauth fetch-tools access hardening (O-15) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * Update tests Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…utbound URL validation (h-batch-6) (#3115) * fix: oauth config hardening and behavior consistency Refs: A-02, A-05, O-10, O-17 - centralize oauth secret protection for service-layer CRUD - add server oauth masking parity for read/list responses - keep oauth secret decrypt to runtime token exchange paths - expand regression coverage for encryption and masking behavior Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: email auth timing hardening and behavior consistency Refs: A-06 - add dummy password verification on early login failures - enforce configurable minimum failed-login response duration - add focused regression tests for timing guard paths Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: outbound url validation hardening and behavior consistency Refs: S-02, S-03 - validate admin gateway test base URL before outbound requests - validate llmchat connect server URL before session setup - add regression tests for strict local/private URL rejection Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * test: regression coverage hardening and behavior consistency Refs: A-02, A-05, A-06, O-10, O-17 - add branch-focused regression tests for oauth secret handling and runtime decrypt guards - add legacy update-object coverage for server oauth update path - align helper docstrings with linting policy requirements Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * Update tests Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: hardening consistency for oauth storage, auth timing, and SSRF validation (A-02 A-05 A-06 O-10 O-17 S-02 S-03) Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: harden admin endpoints and align load-test payloads Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
) * fix: llm proxy hardening and behavior consistency Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * Update AGENTS.md Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore: lint docstring hardening and behavior consistency Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: harden alembic sqlite migration compatibility Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: tighten llm token scoping and update rbac docs Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
6d2180c to
3c2b2cb
Compare
Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…rets, and admin UI defaults (m-batch-1) (#3129) * fix: request logging hardening and behavior consistency Refs: A-04 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: token scoping hardening and behavior consistency Refs: C-06, C-26 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: llm chat config hardening and behavior consistency Refs: C-31 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: permission model hardening and behavior consistency Refs: C-34, L-13 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: server team assignment hardening and behavior consistency Refs: C-36 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: import visibility defaults hardening and behavior consistency Refs: C-37 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: llm provider config hardening and behavior consistency Refs: C-40 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: tool header protection hardening and behavior consistency Refs: C-41 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: sso identity checks hardening and behavior consistency Refs: O-08, O-13 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: oauth state handling hardening and behavior consistency Refs: O-12 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: admin ui hardening and behavior consistency Refs: U-02, U-03, U-04 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * docs: rc2 hardening release notes and behavior consistency Refs: A-04, C-06, C-26, C-31, C-34, C-36, C-37, C-40, C-41, L-13, O-08, O-12, O-13, U-02, U-03, U-04 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * lint Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: harden medium security defaults and UI regression paths A-04 C-34 L-13 O-12 U-02 U-04 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: escape pagination query params inside Alpine attributes U-03 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * chore: resolve migration and oauth lint warnings C-34 O-12 Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix tests Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix cdn Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * test: harden playwright admin auth and entity timing stability Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * test: stabilize localhost admin auth flow in playwright Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * fix: align admin auth-form csrf token issuance and submission Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> * test: close remaining diff coverage gaps to 100 percent Signed-off-by: Mihai Criveti <crivetimihai@gmail.com> --------- Signed-off-by: Mihai Criveti <crivetimihai@gmail.com>
…ding Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
…warding Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
…_request Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
…equest Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
This reverts commit 7ee8f14.
Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
…complete paths Signed-off-by: Madhav Kandukuri <madhav165@gmail.com>
3c2b2cb to
8b5de13
Compare
2 tasks
Member
|
Reopened as #3165. CI/CD will re-run on the new PR. You are still credited as the author. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
✨ Feature / Enhancement PR
🔗 Epic / Issue
Closes #2332
🚀 Summary (1-2 sentences)
Completes
direct_proxygateway mode support forprompts/list,prompts/get, andcompletion/completein the streamable HTTP transport, closing the feature gap that existed relative to tools and resources._meta(carryingprogressToken) is forwarded to upstream MCP servers viaPaginatedRequestParamswhere the SDK exposes aparamsarg, and via rawsession.send_request()where it does not.🧪 Checks
make lintpassesmake testpasses📓 Notes (optional)
What changed
Three new proxy helpers added to
mcpgateway/transports/streamablehttp_transport.py, each following the same pattern already established for tools and resources:_metaforwarding_proxy_list_prompts_to_gatewayprompts/listPaginatedRequestParams(_meta=meta)_proxy_get_prompt_to_gatewayprompts/getsession.send_request(GetPromptRequest(...))_proxy_complete_to_gatewaycompletion/completesession.send_request(CompleteRequest(...))The
list_prompts,get_prompt, andcompletehandlers each received a direct_proxy path that: extractsX-Context-Forge-Gateway-Idfrom request headers → looks up the gateway → checksgateway_mode == "direct_proxy"→ enforces RBAC viacheck_gateway_access→ delegates to the proxy helper. Falls through to cache mode when no matching direct_proxy gateway is found.ClientSession.get_prompt()andClientSession.complete()have noparamsargument in the MCP Python SDK, so_metais injected viasend_request()— the same pattern already used by_proxy_read_resource_to_gateway.Out of scope: SSE, WebSocket, and stdio transports have no direct_proxy infrastructure at all — that is a separate effort.
flowchart TD C[MCP Client] -->|prompts/list, prompts/get, completion/complete| G(MCPGateway\nStreamable HTTP) G -->|gateway_mode == cache| DB[(Database)] G -->|gateway_mode == direct_proxy| U[Upstream MCP Server] U -->|_meta forwarded| U