Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CachingEnvironmentValidator ¶
type CachingEnvironmentValidator struct {
// contains filtered or unexported fields
}
CachingEnvironmentValidator validates environments with caching to reduce API calls. Only PRODUCTION environments are cached after successful validation, as PRODUCTION environments cannot be downgraded to SANDBOX (ensuring cache consistency). SANDBOX environments are not cached since they can be upgraded to PRODUCTION. For write operations, it enforces that the environment type is not PRODUCTION.
func NewCachingEnvironmentValidator ¶
func NewCachingEnvironmentValidator(clientFactory environments.EnvironmentsClientFactory, initializeAuthContext initialize.ContextInitializer) *CachingEnvironmentValidator
NewCachingEnvironmentValidator creates a new caching environment validator. The validator uses the provided client factory to fetch environment information and caches successful validations to improve performance. The initializeAuthContext function is called to establish authentication before making API calls, ensuring the context has a valid auth session.
func (*CachingEnvironmentValidator) ClearCache ¶
func (v *CachingEnvironmentValidator) ClearCache()
ClearCache removes all cached environment validations. This can be useful in testing or when you want to force revalidation.
func (*CachingEnvironmentValidator) RemoveFromCache ¶
func (v *CachingEnvironmentValidator) RemoveFromCache(environmentId uuid.UUID)
RemoveFromCache removes a specific environment from the cache. This can be useful when an environment is deleted or becomes inaccessible.
func (*CachingEnvironmentValidator) ValidateEnvironment ¶
func (v *CachingEnvironmentValidator) ValidateEnvironment(ctx context.Context, environmentId uuid.UUID, operationType OperationType) error
ValidateEnvironment checks if the given environment exists and is accessible. It first checks the cache, and if not found, makes an API call to verify the environment. Only PRODUCTION environments are cached after successful validation, as they cannot be downgraded to SANDBOX (ensuring cache consistency). By default, both READ and WRITE operations on PRODUCTION environments are restricted to prevent unintended access or changes. Tools can opt-in to PRODUCTION access via their validation policy (AllowProductionEnvironmentRead or AllowProductionEnvironmentWrite). Returns an error if:
- The environment does not exist or is not accessible
- The operation type is not allowed on the PRODUCTION environment
type DefaultToolRegistry ¶
type DefaultToolRegistry struct {
// contains filtered or unexported fields
}
DefaultToolRegistry implements ToolRegistry using a map for fast lookups.
func NewToolRegistry ¶
func NewToolRegistry(tools []types.ToolDefinition) *DefaultToolRegistry
NewToolRegistry creates a new tool registry from a slice of tool definitions. The registry builds an index for fast lookups by tool name.
func (*DefaultToolRegistry) GetTool ¶
func (r *DefaultToolRegistry) GetTool(name string) *types.ToolDefinition
GetTool returns the tool definition for the given tool name. Returns nil if the tool is not found in the registry.
type EnvironmentValidationMiddleware ¶
type EnvironmentValidationMiddleware struct {
// contains filtered or unexported fields
}
EnvironmentValidationMiddleware validates environment access for all tool calls. It intercepts tool call requests, extracts the environmentId parameter, and validates: 1. Environment exists and is accessible 2. For write operations, environment is not PRODUCTION type
This middleware should be added to the MCP server via AddReceivingMiddleware. Tools without an environmentId parameter are not validated (e.g., list_environments).
func NewEnvironmentValidationMiddleware ¶
func NewEnvironmentValidationMiddleware( validator EnvironmentValidator, toolRegistry ToolRegistry, ) *EnvironmentValidationMiddleware
NewEnvironmentValidationMiddleware creates middleware with validator and tool registry. The validator is used to check environment access and type. The toolRegistry is used to determine if a tool is read-only or performs write operations.
func (*EnvironmentValidationMiddleware) Handler ¶
func (m *EnvironmentValidationMiddleware) Handler(next mcp.MethodHandler) mcp.MethodHandler
Handler implements the middleware pattern by returning a MethodHandler that wraps the next handler. This handler intercepts all MCP method calls and validates tool calls that operate on environments.
type EnvironmentValidator ¶
type EnvironmentValidator interface {
ValidateEnvironment(ctx context.Context, environmentId uuid.UUID, operationType OperationType) error
}
EnvironmentValidator validates that an environment exists and is accessible. For write operations, it also enforces that the environment is not a PRODUCTION environment.
type OperationType ¶
type OperationType string
OperationType represents the type of operation being performed on an environment.
const ( // OperationTypeRead represents read-only operations (GET requests). OperationTypeRead OperationType = "READ" // OperationTypeWrite represents write operations (POST, PUT, PATCH, DELETE requests). OperationTypeWrite OperationType = "WRITE" )
type ToolRegistry ¶
type ToolRegistry interface {
// GetTool returns the tool definition for the given tool name.
// Returns nil if the tool is not found.
GetTool(name string) *types.ToolDefinition
}
ToolRegistry provides access to tool definitions for middleware. This allows the middleware to determine tool characteristics like read-only status.
Source Files