Documentation
¶
Overview ¶
Package middleware provides the middleware chain for tool handlers.
Index ¶
- func NewToolResultError(errMsg string) *mcp.CallToolResult
- func NewToolResultText(text string) *mcp.CallToolResult
- func WithPlatformContext(ctx context.Context, pc *PlatformContext) context.Context
- type AuditEvent
- type AuditLogger
- type Authenticator
- type Authorizer
- type Chain
- type EnrichmentConfig
- type Handler
- type Middleware
- type NoopAuditLogger
- type NoopAuthenticator
- type NoopAuthorizer
- type PlatformContext
- type UserInfo
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewToolResultError ¶
func NewToolResultError(errMsg string) *mcp.CallToolResult
NewToolResultError creates an error result.
func NewToolResultText ¶
func NewToolResultText(text string) *mcp.CallToolResult
NewToolResultText creates a text result.
func WithPlatformContext ¶
func WithPlatformContext(ctx context.Context, pc *PlatformContext) context.Context
WithPlatformContext adds platform context to the context.
Types ¶
type AuditEvent ¶
type AuditEvent struct {
Timestamp time.Time `json:"timestamp"`
RequestID string `json:"request_id"`
UserID string `json:"user_id"`
UserEmail string `json:"user_email"`
Persona string `json:"persona"`
ToolName string `json:"tool_name"`
ToolkitKind string `json:"toolkit_kind"`
ToolkitName string `json:"toolkit_name"`
Connection string `json:"connection"`
Parameters map[string]any `json:"parameters"`
Success bool `json:"success"`
ErrorMessage string `json:"error_message,omitempty"`
DurationMS int64 `json:"duration_ms"`
}
AuditEvent represents an auditable event.
type AuditLogger ¶
type AuditLogger interface {
// Log records an audit event.
Log(ctx context.Context, event AuditEvent) error
}
AuditLogger logs tool calls for auditing.
type Authenticator ¶
type Authenticator interface {
// Authenticate validates credentials and returns user info.
Authenticate(ctx context.Context) (*UserInfo, error)
}
Authenticator validates authentication credentials.
type Authorizer ¶
type Authorizer interface {
// IsAuthorized checks if the user can use the tool.
IsAuthorized(ctx context.Context, userID string, roles []string, toolName string) (bool, string)
}
Authorizer checks if a user is authorized for a tool.
func AllowAllAuthorizer ¶
func AllowAllAuthorizer() Authorizer
AllowAllAuthorizer authorizes all requests.
type Chain ¶
type Chain struct {
// contains filtered or unexported fields
}
Chain holds an ordered list of middleware.
func (*Chain) UseAfter ¶
func (c *Chain) UseAfter(mw Middleware)
UseAfter adds middleware to run after the handler.
func (*Chain) UseBefore ¶
func (c *Chain) UseBefore(mw Middleware)
UseBefore adds middleware to run before the handler.
type EnrichmentConfig ¶
type EnrichmentConfig struct {
// EnrichTrinoResults adds semantic context to Trino tool results.
EnrichTrinoResults bool
// EnrichDataHubResults adds query context to DataHub tool results.
EnrichDataHubResults bool
// EnrichS3Results adds semantic context to S3 tool results.
EnrichS3Results bool
// EnrichDataHubStorageResults adds storage context to DataHub tool results.
EnrichDataHubStorageResults bool
}
EnrichmentConfig configures semantic enrichment.
type Handler ¶
type Handler func(ctx context.Context, request mcp.CallToolRequest) (*mcp.CallToolResult, error)
Handler is the type for tool handlers.
type Middleware ¶
Middleware wraps a handler with additional logic.
func AuditMiddleware ¶
func AuditMiddleware(logger AuditLogger) Middleware
AuditMiddleware creates middleware that logs tool calls.
func AuthMiddleware ¶
func AuthMiddleware(authenticator Authenticator) Middleware
AuthMiddleware creates authentication middleware.
func AuthzMiddleware ¶
func AuthzMiddleware(authorizer Authorizer) Middleware
AuthzMiddleware creates authorization middleware.
func SemanticEnrichmentMiddleware ¶
func SemanticEnrichmentMiddleware( semanticProvider semantic.Provider, queryProvider query.Provider, storageProvider storage.Provider, cfg EnrichmentConfig, ) Middleware
SemanticEnrichmentMiddleware creates middleware that enriches results with semantic context.
type NoopAuditLogger ¶
type NoopAuditLogger struct{}
NoopAuditLogger discards all audit events.
func (*NoopAuditLogger) Log ¶
func (n *NoopAuditLogger) Log(_ context.Context, _ AuditEvent) error
Log does nothing.
type NoopAuthenticator ¶
NoopAuthenticator always succeeds authentication.
func (*NoopAuthenticator) Authenticate ¶
func (n *NoopAuthenticator) Authenticate(_ context.Context) (*UserInfo, error)
Authenticate always returns a default user.
type NoopAuthorizer ¶
type NoopAuthorizer struct{}
NoopAuthorizer always authorizes.
func (*NoopAuthorizer) IsAuthorized ¶
func (n *NoopAuthorizer) IsAuthorized(_ context.Context, _ string, _ []string, _ string) (bool, string)
IsAuthorized always returns true.
type PlatformContext ¶
type PlatformContext struct {
// Request identification
RequestID string
StartTime time.Time
// User information
UserID string
UserEmail string
UserClaims map[string]any
Roles []string
PersonaName string
// Tool information
ToolName string
ToolkitKind string
ToolkitName string
Connection string
// Authorization
Authorized bool
AuthzError string
// Results (populated after handler)
Success bool
ErrorMessage string
Duration time.Duration
}
PlatformContext holds platform-specific context for a request.
func GetPlatformContext ¶
func GetPlatformContext(ctx context.Context) *PlatformContext
GetPlatformContext retrieves platform context from the context.
func MustGetPlatformContext ¶
func MustGetPlatformContext(ctx context.Context) *PlatformContext
MustGetPlatformContext retrieves platform context or panics.
func NewPlatformContext ¶
func NewPlatformContext(requestID string) *PlatformContext
NewPlatformContext creates a new platform context.