Create MCP proxy that supports security protocols #61
Conversation
phrocker
left a comment
phrocker
left a comment
There was a problem hiding this comment.
Can this python client example be integrated into the existing python-agent and have the example use that code base?
The Python client example has been integrated into the existing python-agent codebase. The MCP functionality is now a first-class service within the agent framework, with:
The integration leverages all existing Sentrius infrastructure including authentication, provenance tracking, and configuration management. Commit: 57c9eb1 |
Is the python code tested in CICD like the java code? |
No, the Python code is not currently tested in CI/CD like the Java code. The repository has comprehensive Maven-based testing for Java components via GitHub Actions, but there's no equivalent Python testing workflow. The python-agent has unit tests using the standard |
Should we implement that here or in a separate PR? |
... A separate PR would be more appropriate. Adding Python CI/CD testing is a significant infrastructure change that's distinct from the MCP proxy functionality. It would involve creating a new GitHub Actions workflow, potentially adding test dependencies, and establishing Python testing standards across the project. This deserves focused review and testing without mixing concerns with the MCP implementation. |
phrocker
left a comment
phrocker
left a comment
There was a problem hiding this comment.
Seems to be a lot of stubs. I'm okay not adding CICD tests per our commentary, but we should not have stubs in this PR.
| // Return resources available to this user | ||
| return new Object[]{ | ||
| Map.of( | ||
| "uri", "sentrius://config/user-settings", |
There was a problem hiding this comment.
This was the hardcoded "uri" field in the createAvailableResources() stub. It has been replaced with proper resource integration that generates user-specific URIs and integrates with actual Sentrius services. Commit: dd92634
| return new Object[]{ | ||
| Map.of( | ||
| "name", "security_analysis", | ||
| "description", "Analyze security posture", |
There was a problem hiding this comment.
is this the conclusive set of available prompts? Should this be hardcoded?
There was a problem hiding this comment.
No, this was a hardcoded stub implementation. It has been replaced with proper prompt service integration that provides security analysis, agent task generation, and zero trust assessment prompts based on user context and actual Sentrius capabilities. Commit: dd92634
| String toolName = (String) params.get("name"); | ||
| Map<String, Object> arguments = (Map<String, Object>) params.get("arguments"); | ||
|
|
||
| // This is where you would validate ZTAT tokens for sensitive operations |
There was a problem hiding this comment.
I think we should validate ztat tokens instead of leaving it for later.
There was a problem hiding this comment.
ZTAT token validation has been implemented for sensitive tool operations. The handleToolsCall method now includes requiresZtatValidation() checking and validateZtatForToolExecution() that integrates with the existing ZeroTrustAccessTokenService. Commit: dd92634
| */ | ||
| @Slf4j | ||
| @Service | ||
| @RequiredArgsConstructor |
There was a problem hiding this comment.
is this service a stub for mcp into sentrius or into an external service?
There was a problem hiding this comment.
This is a proxy service that integrates MCP protocol requests into Sentrius services. It's not a stub - it provides MCP-compliant endpoints that route to existing AgentClientService, AgentExecutionService, and other Sentrius services while maintaining security controls and audit trails. Commit: dd92634
| private void sendWelcomeMessage(WebSocketSession session, String userId) { | ||
| try { | ||
| MCPResponse welcome = MCPResponse.success("welcome", Map.of( | ||
| "message", "Connected to Sentrius MCP Proxy", |
There was a problem hiding this comment.
do mcp servers usually use websockets?
There was a problem hiding this comment.
Yes, MCP servers commonly support both HTTP and WebSocket transports. WebSocket enables real-time bidirectional communication needed for interactive AI agent workflows, streaming responses, and push notifications. The MCP specification includes WebSocket support for these use cases.
All stub implementations have been replaced with proper Sentrius service integrations. The MCP proxy now uses AgentClientService, AgentExecutionService, ZeroTrustAccessTokenService, and other existing services instead of returning hardcoded responses. Commit: dd92634 Warning Firewall rules blocked me from connecting to one or more addressesI tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Co-authored-by: phrocker <[email protected]>
Co-authored-by: phrocker <[email protected]>
Co-authored-by: phrocker <[email protected]>
…ntegrations Co-authored-by: phrocker <[email protected]>
Co-authored-by: phrocker <[email protected]>
* Initial plan * Fix MCP server Dockerfile to use Go instead of Node.js - Changed base image from node:20-alpine to golang:latest - Removed incorrect npm install and build commands - Added proper Go build process matching upstream repository - Added SSL bypass workarounds for restricted build environments - Repository is Go-based, not Node.js based Co-authored-by: phrocker <[email protected]> * Remove insecure SSL bypass settings for production safety Removed git config http.sslVerify false and GOPROXY=direct workarounds. These were only needed for restricted build environments and pose security risks in production. The core fix (Go instead of Node.js) works without them. Co-authored-by: phrocker <[email protected]> * commit --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: phrocker <[email protected]> Co-authored-by: Marc Parisi <[email protected]>
This PR implements a complete MCP (Model Context Protocol) proxy that integrates seamlessly with Sentrius's existing zero trust security infrastructure, enabling secure AI agent communication while maintaining all security controls and audit trails.
Key Features
Security Integration
@LimitAccessannotations withCAN_LOG_INpermission requirementMCP Protocol Support
initialize,ping,tools/*,resources/*,prompts/*, andcompletionCommunication Channels
/api/v1/mcp/for standard request/response operations/api/v1/mcp/wsfor real-time bidirectional communication/api/v1/mcp/healthfor service health checksArchitecture
Usage Examples
HTTP Request
WebSocket Connection
Implementation Details
Core Components
Integration Points
Testing
Documentation
/docs/mcp-proxy.md/examples/mcp-client-example.pyBenefits
Fixes #60.
Warning
Firewall rules blocked me from connecting to one or more addresses
I tried to connect to the following addresses, but was blocked by firewall rules:
repository.jboss.org/usr/lib/jvm/temurin-17-jdk-amd64/bin/java -classpath /usr/share/apache-maven-3.9.9/boot/plexus-classworlds-2.8.0.jar -Dclassworlds.conf=/usr/share/apache-maven-3.9.9/bin/m2.conf -Dmaven.home=/usr/share/apache-maven-3.9.9 -Dlibrary.jansi.path=/usr/share/apache-maven-3.9.9/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/REDACTED/work/Sentrius/Sentrius org.codehaus.plexus.classworlds.launcher.Launcher clean compile -q(dns block)If you need me to access, download, or install something from one of these locations, you can either:
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.